CISA: Protection of Information Assets – Part 2

Individuals in IS audit, controls and security professions; individuals preparing for the CISA certification exam

Prerequisite
None

Expected Duration
132 minutes

Description
IS audit professionals should understand and ensure that an organization’s security policies, standards, procedures and controls are aligned and effectively protect the confidentiality, integrity, and availability of the organization’s information assets. This course covers network infrastructure security including LAN, client-server, and wireless security, and best practices for auditing overall IS management frameworks. This course also outlines best practices for environmental and physical access controls, including mitigating risk from associated threats. Finally this course covers mobile, social, and cloud asset security best practices, and preventative measures against data leakage. This course is one of a series in the Skillsoft learning path that covers the objectives for the ISACA Certified Information Systems Auditor (CISA) certification exam.

Objective

Network Infrastructure Security

  • start the course
  • identify characteristics of LAN security including virtualization
  • identify characteristics of client-server security
  • identify best practices for wireless security
  • distinguish between common internet threats
  • distinguish between different firewall technologies
  • compare IDS and IPS
  • identify cryptography and cryptanalysis
  • identify common cryptosystems
  • classify common cryptosystems
  • identify characteristics of malware and best practices for mitigating risk from them
  • identify characteristics and security issues of VoIP
  • recognize characteristics of PBX
  • Auditing IS Management Frameworks

  • identify best practices for auditing information security management frameworks
  • identify best practices for auditing logical access
  • distinguish between different security testing techniques when auditing information security management frameworks
  • identify investigation techniques and best practices when auditing information security management frameworks
  • Auditing Network Infrastructure Security

  • identify characteristics and best practices for auditing remote access, auditing internet points of presence, and performing network penetration tests
  • identify characteristics and best practices for performing full network assessment reviews, and auditing network change development and authorization, and unauthorized changes activities
  • Environmental Exposures and Controls

  • identify environmental issues and exposures
  • distinguish between different controls for environmental exposures
  • identify best practices for auditing environmental controls
  • Physical Access Controls and Auditing

  • identify physical access issues and exposures, and controls for mitigating threats
  • identify best practices for auditing physical access
  • Mobile, Social, and Cloud Asset Security

  • identify mobile computing information security best practices
  • identify peer-to-peer computing information security best practices
  • identify instant messaging information security best practices
  • identify social media information security best practices
  • identify cloud computing information security best practices
  • Data Leakage

  • identify characteristics and best practices for data leak prevention
  • identify challenges and considerations for data leak prevention techniques and practices
  • identify end-user security risks and controls
  • Practice: Information Security Practices

  • identify best practices for auditing information security management frameworks and mobile, social, and cloud asset protection
  • MONTHLY SUBSCRIPTION

    $129/month
     

    ANNUAL SUBSCRIPTION

    $1295/year

    Multi-license discounts available for Annual and Monthly subscriptions.