Certified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) 2019
Certified Information Systems Auditor (CISA) 2019: Data Privacy & Risk
Certified Information Systems Auditor (CISA) 2019: Data Storage & Malware
Certified Information Systems Auditor (CISA) 2019: IAM & Data Classification
Certified Information Systems Auditor (CISA) 2019: Information System Auditing
Certified Information Systems Auditor (CISA) 2019: IT Management Frameworks
Certified Information Systems Auditor (CISA) 2019: Performance & Management
Certified Information Systems Auditor (CISA) 2019: PKI & Data Protection
Certified Information Systems Auditor (CISA) 2019: Scenario-Based Practice
Certified Information Systems Auditor (CISA) 2019: System Design & Analysis
Certified Information Systems Auditor (CISA) 2019: Virtualization & Cloud

Certified Information Systems Auditor (CISA) 2019: Data Privacy & Risk

Course Number:
it_spcisa19_03_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: Data Privacy & Risk

  • define how the CIA triad enhances IT security
  • recognize examples of Personally Identifiable Information
  • recognize examples of Protected Health Information
  • describe how GDPR assures data privacy
  • align data protection policies with GDPR
  • describe how PCI DSS protects cardholder information
  • identify network devices with insufficient antimalware protection using the free Spiceworks tool
  • describe how HIPAA protects sensitive medical information
  • describe how FedRAMP standards are used to secure U.S. government information systems
  • recognize the importance of identifying assets that have the most value to a specific organization
  • determine the ALE value using an online ALE calculator
  • scan a network using Nmap to determine which devices are present
  • map IT solutions to data privacy requirements

Overview/Description

Discover how assessing IT asset risks and applying appropriate data privacy standards helps keep sensitive data from unauthorized entities in preparation for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: Data Storage & Malware

Course Number:
it_spcisa19_09_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: Data Storage & Malware

  • distinguish between data and information and describe how they are secured
  • define the relationship between big data and the value of data analytics
  • list methods of securing a SAN
  • enable password authentication for iSCSI target access
  • recognize common security options available with cloud storage
  • ensure that decommissioned storage media does not contain retrievable data artifacts
  • identify common database hardening techniques
  • deploy Microsoft SQL Database in the Azure cloud
  • implement a database replication strategy
  • identify data availability strategies, including whether security controls are still in place after data recovery
  • protect data using the Windows Backup feature
  • protect data by backing it up to the cloud
  • distinguish between malware types
  • identify the various forms of social engineering and the related security risks
  • implement controls that provide data availability

Overview/Description

Explore the variety of methods through which stored data can be secured and made highly available, despite the realization of malware threats, as you prepare for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: IAM & Data Classification

Course Number:
it_spcisa19_04_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: IAM & Data Classification

  • recognize authentication categories and how authorization then follows
  • create Active Directory users and groups on-premises
  • create Microsoft Azure AD users and groups
  • recognize how multifactor authentication enhances security
  • enable MFA for an Azure AD user
  • assign built-in Microsoft Azure roles to Azure AD groups
  • assign built-in AWS policies
  • use the delegation of control wizard to enable others to manage AD objects
  • recognize the role of identity federation across organizations, including SSO
  • recognize how resource tagging aids in tracking and granting permissions
  • configure shared folder and NTFS Windows file system permissions
  • configure standard Linux file system permissions
  • classify Windows Server files with metadata
  • use resource and Active Directory attributes to conditionally grant file system permissions
  • create and manage authentication accounts and data tags

Overview/Description

Explore how multifactor authentication and role-based access control lessen the risk of system compromise and privilege abuse, and how data classification uses tags to organize data, in preparation for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: Information System Auditing

Course Number:
it_spcisa19_01_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: Information System Auditing

  • recall how IS auditing shows whether IT solutions meet business objectives efficiently and effectively
  • recognize expectations of conduct for CISA certified individuals
  • recall how auditing standards provide guidance for conducting efficient audits
  • interpret various types of documentation when preparing an IS audit
  • identify client needs that map to business objectives
  • recognize the importance of network documentation
  • list different categories of security controls including internal business process controls, IT controls, and sampling types
  • identify control objectives required to secure organizational assets along with the controls themselves
  • plan for audit funding, personnel, and related items
  • schedule audit phases
  • report serious discoveries including fraud or serious IT vulnerabilities
  • generate audit reports including which existing controls have passed or failed
  • communicate with stakeholders after audit recommendations are reported
  • identify how IS auditing identifies weak security controls

Overview/Description

Discover the keys to conducting a successful audit - the nature of a business, its driving processes, and its underlying IT solutions. Examine controls and audit reporting in preparation for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: IT Management Frameworks

Course Number:
it_spcisa19_02_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: IT Management Frameworks

  • identify how IT governance provides a structured approach to ensuring IT solutions are aligned with business goals, including outsourced tasks
  • describe how COBIT can ensure business objectives are met by aligning appropriate IT processes
  • list how ITIL practices can streamline IT service delivery
  • recognize how ISO/IEC standards can result in proper IT governance
  • describe how risk management can improve business operations
  • map various risk treatments to threats
  • recognize how the Business Model for Information Security encompasses information security planning, implementation, and management
  • describe the Information Technology Assurance Framework
  • describe the purpose of IT balanced scorecards
  • map common framework characteristics to IS audits

Overview/Description

Explore how IT management frameworks provide a structured approach to managing and auditing IT assets and how risk assessments often drive the IS audit in preparation for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: Performance & Management

Course Number:
it_spcisa19_05_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: Performance & Management

  • recognize how performance is related to SLAs, and the difference between SLAs and operational level agreements
  • establish a baseline of normal performance in Windows
  • monitor performance metrics in a Windows environment
  • monitor performance metrics in a Linux environment
  • monitor performance metrics in a cloud computing environment
  • configure cloud-based alerting
  • describe enterprise change management procedures
  • describe enterprise configuration management procedures and terms such as CMS, CMDB, and CI
  • describe enterprise vulnerability management procedures
  • configure which administrators can manage GPOs
  • configure application deployment centrally using SCCM
  • configure Windows patch deployment centrally using SCCM
  • configure Ubuntu Linux to check for updates
  • tweak IT system performance and implement controlled changes centrally

Overview/Description

Efficient delivery of IT systems includes cost reduction and optimized system performance. Discover how a structured approach for implementing changes and patches can reduce security incidents and downtime, in preparation for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: PKI & Data Protection

Course Number:
it_spcisa19_06_enus
Objectives:

Overview/Description

Explore how PKI provides a hierarchy of digital security certificates used to secure data and authenticate users and devices and how data is protected with encryption and file integrity verification, as you prepare for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: Scenario-Based Practice

Course Number:
it_spcisa19_15_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: Scenario-Based Practice

  • apply IS auditing techniques to audit planning
  • apply IS auditing techniques to security controls
  • apply IS auditing techniques to Wi-Fi configurations
  • apply IS auditing techniques to traveling users
  • apply IS auditing techniques to PKI key usage
  • apply IS auditing techniques to determine effective compensating controls
  • recommend changes based on IS auditing standards

Overview/Description

Discover how to apply the IS audit process to ensure adequate risk mitigation for audit planning, security control selection, travelling user vulnerability mitigation, Wi-Fi hardening, and proper PKI key implementation.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: System Design & Analysis

Course Number:
it_spcisa19_11_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: System Design & Analysis

  • identify the phases of the SDLC
  • recognize common project management practices
  • recognize common secure coding practices
  • recognize how structured approaches such as Agile and Six Sigma can improve IT system quality
  • isolate larger IT solutions into smaller components for focused testing
  • recognize how regression testing strives to ensure current changes do not have unintended adverse affects
  • test IT solutions to ensure they align with design requirements
  • bring together modular IT system components that result in a larger solution while ensuring system security and integrity
  • monitor IT solution performance when under stress
  • provide large amounts of unexpected data to an application to observe the behavior
  • identify how automated build and deployment processes provide IT solution development efficiencies
  • deploy an Azure cloud-based infrastructure using a template
  • plan IT system and data migration to a cloud environment
  • run an Azure on-premises cloud migration assessment
  • apply security to all SDLC phases while testing for stability

Overview/Description

Explore systems planning, testing, integration, and delivery to ensure the timely delivery of system changes or entire new solutions, as you prepare for the CISA exam.



Target

Prerequisites: none

Certified Information Systems Auditor (CISA) 2019: Virtualization & Cloud

Course Number:
it_spcisa19_07_enus
Lesson Objectives

Certified Information Systems Auditor (CISA) 2019: Virtualization & Cloud

  • describe when various virtualization technologies should be used
  • distinguish the difference between Type 1 and Type 2 hypervisors
  • install the Microsoft Hyper-V hypervisor
  • configure a Microsoft Hyper-V virtual network switch
  • create a virtual machine hosted on Microsoft Hyper-V
  • secure virtualized environments through dedicated management interfaces, patching, and changing default configurations
  • define the NIST standard characteristics of cloud computing
  • map cloud service offerings to business needs
  • describe cloud-based security solutions such as the Azure Security Center, DDoS mitigation, and Azure network security groups
  • deploy a Windows virtual machine in the Microsoft Azure cloud
  • deploy a Linux virtual machine in the Microsoft Azure cloud
  • identify cloud services that require endpoint security through the Azure Security Center
  • map security solutions to the use of virtualization and cloud computing

Overview/Description

Explore how virtualization provides efficient hardware usage and security boundaries and how cloud computing tracks pooled IT resource usage and charges fees accordingly as you prepare for the CISA exam.



Target

Prerequisites: none

Close Chat Live