Certified Information Security Auditor

$3,995.00

Duration Three Days

Description

Certified Information Security Auditor Boot Camp

This 5 day course addresses the full process and content components in a Certified Information Security Auditor (CISA) job function all covered in the seven content areas determined by ISACA. The course analyzes each of the seven CISA ‘domains’ and discusses the knowledge required to meet the examination’s expectations and, especially, identified particular topics which are popular CISA questions.

Course Outline:

Module 1: Certification Requirements

Module 2: Introduction to the Seven Domains

Module 3: Technical Infrastructure and Operation
General-Purpose Computers
Hardware
Architecture
Memory
Operations
Memory Addressing
Reference Monitor
Languages
Transmissions
Systems Acquisition
Systems Management
Systems Databases
Systems Operations
Telecommunications
Telecommunications Security
Data Network Types: LAN
Data Network Types: WAN
The OSI Model
Description
Protocol Definition
Layer Behavior
Layers Defined
Layer Protocols
Layer Devices and Equipment

Module 4: Management, Planning, and Organization of Information
Systems
Policies
Operations
Personnel
Documentation
Standards
Guidelines

Module 5: Protection of Information Assets
Information Security
Confidentiality
Integrity
Availability
Compliance with Local and International Law
Security Management
Classification
System Access
System Access Control
Security Awareness & Training
New Employees’ Training (NEO)
Policy Examples and Resources
CIRT
Security Incident Phases
Privacy Impact Analysis (PIA)
Access Control
Authentication
Passwords
Malicious Logic
Biometrics
Authorization Techniques
Cryptography

Module 6: Applications Development
Systems Development Life Cycle (SDLC)
Software Models
Approaches
Personnel
Tools
Rapid Application Development (RAD)
Business Process Re-Engineering
Computer Aided Software Engineering (CASE)
Capability Maturity Model (S/W) (CMM)
Extensible Markup Language (XML)

Module 7: Business Processes and Risk Management
Business Process Re-Engineering (BPR)
Risk Management
Security Risk Concept
Security Risk Concept Exercise
IT Governance
System Development
System Documentation
Project Lifestyle Phases
Project Lifestyle Models
Business Applications Systems
E-Commerce Models
EDI Components
Expert Systems Development
Data Warehouse
Data Mining
Database Security

Module 8: Disaster Recovery Planning (DRP)
Business Continuity Planning (BCP) Motivation
BCP vs. DRP
BCP
Overview
Requirements
Plan Documentation
Disaster Recovery
Strategy
Plan Development
Training & Documentation
Testing & Maintenance

Module 9: The Formal Audit Process
IS Audit Function
IS Audit Planning
ISACA
Internal Control System
IS Control Procedures
Control Objectives for Information and Related Technology (COBIT)
Performing an IS Audit

Module 10: Review of Certification Requirements

Module 11: Review of the Seven Domains

Module 12: Test-Taking Tips