 Cert Prep/thumbnail.webp?token=Y291cnNlcy8yMDI0LzA2L0NlcnRpZmllZCBJbmZvcm1hdGlvbiBTeXN0ZW1zIEF1ZGl0b3IgKENJU0EpIENlcnQgUHJlcC90aHVtYm5haWwud2VicDoxNzgzMjUxMDAyOjAzNGQwZDkxYjlhMTEyMTcxOWRlN2VmOTM4OTczODU1YjVmYWFiNDg0MGZhMWYzOGE0OTNkZmQ0YjFiM2I5OWE%3D)
ISACA Certified Information Systems Auditor (CISA) Cert Prep (2024)
9h 16mIntermediate2024-06-25
Authors
Cybrary
Course details
The Certified Information Systems Auditor (CISA) certification enables you to prove your ability to audit an organization's information systems compliance, and this course from Cybrary—a leading cybersecurity professional development platform—puts you on the path to gaining the knowledge you need to pass the exam. Deep dive into the process for auditing information systems. Learn about the government and management of IT. Explore the acquisition, development, and implementations of various information systems. Find out how you can make the best use of information systems operations and business resilience. Plus, review in depth what you’ll need to know about information asset security and control.
Skills covered
IT Service ManagementDevOpsCert PrepNetwork and System Administration
Concepts
Module 1 - Information Systems Auditing Process
- CISA welcome and intro
- Introduction to IS audit
- Information Technology Assurance Framework (ITAF)
- Audit strategy
- Laws and regulations
- Business processes
- Types of controls
- Risk-based audit, part 1
- Risk-based audit, part 2
- Audit execution
- Audit evidence collection
- Sampling
- Communication of results
- Additional types of audit
Module 2 - Governance and Management of IT
- Enterprise risk management
- Introduction to IT governance
- IT frameworks
- Frameworks continued
- Enterprise architecture
- Evaluation of controls
- Evaluation criteria
- Information security strategy
- Information security program
- Quality control and security management
- Roles and responsibilities
Module 3 - Information Systems Acquisition, Development, and Implementations
- Introduction To project management
- Project management lifecycle
- Project management documents throughout the lifecycle
- Software development methodologies
- Hardware and software acquisitions
- Control identification and design
- Testing
- System migration and changeover
Module 4 - Information Systems Operations and Business Resilience
- Introduction
- Data governance
- The data lifecycle
- Software and systems and APIs
- Cloud deployment
- Problem and incident management
- IS operations
- Database management
- Redundancy
- Business continuity, part 1
- Components of the plan
- Business continuity, part 2
Module 5 - Information Asset Security and Control
- Introduction and privacy principles
- Physical and environmental controls
- Identity and access management
- SOCs and SLAs
- Networking basics
- The OSI and TCP reference models
- OSI Layers 1 and 2
- OSI Layers 3 7 and TCP model
- Network devices
- NAT and PAT
- Firewalls
- Additional security devices, part 1
- Additional security devices, part 2
- Cryptography basics
- Symmetric cryptography
- Asymmetric cryptography
- Hybrid cryptography
- Integrity
- PKI and wrap-up
- Wireless security
- Indicators of attacks, part 1
- Indicators of attacks, part 2
- Indicators for application attacks
- Cross-site attacks
- Timing attacks
- Memory issues
- Network-based attacks
- Threat actors and vectors
Related courses
- Data Governance for the Healthcare Industry
- Putting ITIL® into Practice: Problem Management Techniques
- IT Service Management Foundations: Tools
- ServiceNow: Basic Administration
- Building a Home IT Lab
- Corporate Security Policies by Infosec
- Getting Started with ServiceNow: Navigation, Task Management, and Data Visualizations
- Putting ITIL® into Practice: Incident Management