ISACA CISA – Certified Information System Auditor Training

سرفصل های دوره

A CISA Complete Exam Prep Course - ISACA CISA Training - Updated 2023 - Extended Course

01 - Welcome to the Course!

001 Course Overview - Become an Information System Auditor

002 CISA Certification Overview and Certification Process

003 CISA Useful Links.html

02 - CISA Domain 1 The Process of Information System Auditing

001 Introduction to Information System Auditing

002 The Audit Process

003 Information System Auditor

004 Audit Committe, Charter, and Engagement Letter

005 A Request from Instructor

006 Types of Audit and Integrated Audit

007 Code of Professional Ethics

008 IT Assurance Framework and using service of Experts

009 Audit date - When to Audit

010 Legal and Regulatory Requirements and its impact on Audit

011 Audit Planning and Risk Based Auditing

012 Audit Planning Steps Recap

013 Auditor Role in Audit Planning Phase

014 Audit Execution and During Audit Recommendations

015 Compliance and Substantive Testing

016 Audit Evidences and Attributes of Reliable Evidences

017 The Audit Risk

018 Audit Sampling

019 Sampling Techniques

020 Practical Sampling for Audit Engagement - Sampling Example

021 Audit Reporting and Audit Documentations

022 Control Self Assessment - CSA

023 Practical Control Self Assessment Example

024 Computer Assited Auditing Tools - CAATs

025 Continues Auditing and Monitoring

026 Auditing Technologies and Auditors concerns

03 - CISA Domain 2 The Information System Governance and Enterprise Governance

001 Domain 2 Introduction and Overview

002 Information System Governance and Management

003 Corporate Structure

004 Governance Committees

005 Information Security Governance

006 Governance Frameworks

007 Enterprise Architecture Overview

008 Policies as Governance Tools

009 Policies Example

010 Standards as Governance Tools

011 Procedures and Guidelines

012 Auditor's Role in Reviewing Policies and Standards and Procedures

013 Risk Management Overview

014 Types of Risk - Inherent and Residual Risk

015 Risk Analysis and Evaluation Process

016 Risk Response

017 Risk Reporting and Monitoring, KPIs vs KRIs

018 Auditors Role in Risk Management Process

019 Security Controls Overview and Classification

020 Control Objective and Control testing

021 Defense in Depth, Layered Defenses and Strongest Control

022 Auditors Role in Control testing and assessment

023 Control Objective for IT and Related Technologies - COBIT Overview

024 IT Management and ITIL Framework services

025 Personnel Governance and Human Resource Function

026 Separation of duties and avoiding conflict of interest

027 Outsourcing and Third Party Risk Management

028 System Organization Controls - SOC Audit Report

029 Financial, Portfolio, Capacity and Suppliers Management Processes

030 CAPEX vs OPEX, ROI vs ROSI

031 Maturity Assessment Models and Continues Improvement

032 Business Process Re-Engineering

033 IT Performance Management and IT Balanced Scorecard

034 Quality Assurance vs Quality Control and overall Quality Management Process

04 - CISA Domain 3 System Acquisition, Development and Maintenance

001 Introduction to domain 3

002 The Process of Acquiring New technology

003 Feasibility Analysis and Business case

004 Request for Budget and Request for Proposal

005 Project vs Program, PMO vs PM

006 Project Planning and Objective Breakdown techniques

007 Project Scheduling and Monitoring Tools

008 Project Closure Activities

009 Project Cost and Size Estimation techniques

010 Auditors roles in reviewing Projects and Business case

011 What is Programming - Introduction to Coding for Non-Coders

012 How Program is written and understand OOSD & CBD

013 Software development methodologies

014 Use case and Abuse case

015 Software Re-Engineering and Reverse Engineering

016 Application Controls

017 DevOps overview

018 DevSecOps overview

019 Software Testing 1

020 Software Testing 2

021 Accreditation vs Certification

022 Release Management

023 Software Implementation and Changeover

024 Software Post Implementation Review

025 Software Maintenance

026 Change Management overview

027 Type of changes in Change Management

028 Configuration Management

029 Software Version Control System - VCS

030 Securing Software Source Code

031 Patch Management and Vulnerability Management

032 Auditors roles in software projects auditing

033 Virtualization

034 Cloud Computing

035 Containers

036 SDN

05 - CISA Domain 4 System Operations, Resiliency, Management and Maintenance

001 Domain 4 Introduction

002 Information System Management and Governance

003 Service Level and Operational Level Agreement

004 IT Asset Management (ITAM)

005 End User Computing and Shadow IT

006 Job Scheduling and Robotic Process Automation (RPA) overview

007 Incident Management Process

008 Forensic Investigation and dealing with Digital Evidences

009 Incident Response Training

010 Incident Response Testing

011 Problem Management

012 Security Operation Center overview

013 SOC Tools - SIEM Solution

014 SOC Tools - FIM Solution

015 SOC Tools - Vulnerability Scanners

016 Databases overview

017 Database Keys and Refrential Integrity

018 Database Management System and Normalization overview

019 What is Metadata and types of Database Metadata

020 Database Security Key Concepts

021 Database Resiliency

022 An introduction to IT Networks

023 Network Topologies Explanation

024 OSI and TCPIP Model

025 Layers 1,2,3 Overview - IP Address, MAC Address, Physical Layers

026 Layer 3,4,5,6,7 Overview - TCPUDP - Session and Application Layers

027 Understand Business Impact Assessment

028 Disaster Recovery Plan and its components

029 Business Continuity Plan

030 Considerations for BCP & DRP development and execution

031 Recovery Time Objective and Recovery Point Objective

032 Acceptable Interruption Window, Service Delivery Objective and MTO

033 Linking RPO, RTO, AIW, SDO, MTO

034 Recovery Sites

035 Reciprocal Agreement

036 Testing and evaluating the BCP and DRP

037 Data Backup Overview

038 Storage Redundancy using Redundant Array of Independent Disks

039 Data Backup types and Building your Backup Strategy

06 - CISA Domain 5 Protection of Information Assets

001 Security Objectives and CIA

002 Security vs Privacy

003 Privacy Regulations

004 Essential Security Terms

005 Cyber Threats

006 Cyber Attack Life-cycle

007 The IAAA Framework

008 MFA and Biometric

009 Single Sign on (SSO) and Reduced Sign on (RSO)

010 Authorisation and Access Control Models

011 Active Directory and LDAP Overview

012 Firewalls

013 DMZ and Bastion Host

014 Proxy and Load Balances and Email Security

015 Network Admission Control

016 VLANs and Segmentation

017 What is Physical Security

018 Physical Access Control System 1

019 Physical Access Control System 2

020 Environmental Controls - Securing Power Sources

021 Environmental Controls - Fire Threat and Controls

022 Physical Security Best Practices

023 Data Lifecylce

024 Data Security Measures

025 Data Classification

026 Data Destruction

027 Owner and Custodian and their responsibilities in Assets and data protection

028 Cryptography Overview

029 Symmetric Encryption

030 Asymmetric Encryption Overview

031 Asymmetric Encryption Benefits

032 Digital Certificate

033 Public Key Infrastructure

034 Integrity Hashing and Salting

035 Encryption vs Hashing vs Encoding

036 Digital Signature

037 Cryptography Applications in IT

038 Endpoint security Best Practices

039 Endpoint Security Software types and functions

040 Clear Desk Policy overview

041 Acceptable Use Policy

042 Personnel Security

043 Social Engineering

044 Security Awareness

07 - Exam takers advises

001 Summary of CISA Certification Process.html

002 Notes for the Exam Takers.html

003 Scheduling Your CISA Exam.html

004 Apply for CISA Certification.html

08 - Domain 5 -Self Reading

001 Hashing and Salting - Self Reading.html

002 Public Key Infrastructure - Self Reading.html

003 Digital Signature - Self Reading.html

09 - Additional Reading Materials - Optional - Not Mandatory

001 Network redundancy - Self Reading.html

002 Web Application Firewalls - Self Reading.html

003 Public vs Private IP Address - Self Reading.html

004 Control Failure Fail Safe and Fail Open - Self Reading.html

005 Example for Clear Text protocols and its alternatives - Self Reading.html

006 Network Address Translation - Self Reading.html

007 IPS and IDS - Self Reading.html

008 Network Security tips and tricks - Self Reading.html

009 Auditing Network Devices - Self Reading.html

010 Drafting Business case - Self Reading.html

10 - What is Next

001 Bonus Lecture.html

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy