Overview/Description
IS audit professionals should understand and ensure that an organization's security policies, standards, procedures and controls are aligned and effectively protect the confidentiality, integrity, and availability of the organization's information assets. This course covers network infrastructure security including LAN, client-server, and wireless security, and best practices for auditing overall IS management frameworks. This course also outlines best practices for environmental and physical access controls, including mitigating risk from associated threats. Finally this course covers mobile, social, and cloud asset security best practices, and preventative measures against data leakage. This course is one of a series in the Skillsoft learning path that covers the objectives for the ISACA Certified Information Systems Auditor (CISA) certification exam.
Target Audience
Individuals in IS audit, controls and security professions; individuals preparing for the CISA certification exam
identify characteristics of LAN security including virtualization
identify characteristics of client-server security
identify best practices for wireless security
distinguish between common internet threats
distinguish between different firewall technologies
compare IDS and IPS
identify cryptography and cryptanalysis
identify common cryptosystems
classify common cryptosystems
identify characteristics of malware and best practices for mitigating risk from them
identify characteristics and security issues of VoIP
recognize characteristics of PBX
identify best practices for auditing information security management frameworks
identify best practices for auditing logical access
distinguish between different security testing techniques when auditing information security management frameworks
identify investigation techniques and best practices when auditing information security management frameworks
identify characteristics and best practices for auditing remote access, auditing internet points of presence, and performing network penetration tests
identify characteristics and best practices for performing full network assessment reviews, and auditing network change development and authorization, and unauthorized changes activities
identify environmental issues and exposures
distinguish between different controls for environmental exposures
identify best practices for auditing environmental controls
identify physical access issues and exposures, and controls for mitigating threats
identify best practices for auditing physical access
identify mobile computing information security best practices
identify peer-to-peer computing information security best practices
identify instant messaging information security best practices
identify social media information security best practices
identify cloud computing information security best practices
identify characteristics and best practices for data leak prevention
identify challenges and considerations for data leak prevention techniques and practices
identify end-user security risks and controls
identify best practices for auditing information security management frameworks and mobile, social, and cloud asset protection