Oreilly - CISA (Certified Information Systems Auditor)
by Sari Greene | Publisher: Pearson IT Certification | Release Date: February 2017 | ISBN: 9780134677453
Overview The CISA (Certified Information Systems Auditor) Complete Video Course is an engaging self-paced video training solution that provides learners with 16 hours of personal, visual instruction from an expert trainer who has more than two decades of practical auditing and assurance experience. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CISA exam as well as a deeper understanding of auditing and security.Description CISA (Certified Information Systems Auditor) Complete Video Course contains 16 hours of training with content divided into 6 modules with 22 full lessons. In addition to the live trainer discussions, demos, and screencasts, you will find live assessment walk-throughs at the end of each lesson so you can see how to approach and answer questions throughout the course. Sari Greene, best-selling author of the CISSP Complete Video Course and the CISSP Exam Prep Course, has also included 16 real-world auditing videos where she supplies practical tips and information that will help you pass the CISA exam and, just as importantly, better understand the concepts of Information Systems Auditing. The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CISA exam. Major sections are as follows: Module 1: The Process of Auditing Information Systems Lesson 1: Audit Fundamentals Lesson 2: Auditing Module 2: Governance and Management of IT Lesson 3: Governance Structure, Processes, and Models Lesson 4: Risk Management Lesson 5: Third-Party Relationships Lesson 6: Business Continuity Module 3: Information Systems Acquisition, Development, and Implementation Lesson 7: Project Management Lesson 8: Application Development Lesson 9: System Acquisition and Implementation Module 4: Information Systems Operations, Maintenance, and Service Management Lesson 10: IS Operational Management Lesson 11: Data Management Lesson 12: Network Architecture Lesson 13: Disaster Response and Recovery Module 5: Protection of Information Assets Lesson 14: Information Security Program Management Lesson 15: Authentication and Authorization Lesson 16: Infrastructure Security Lesson 17: Cryptography Lesson 18: Physical and Environmental Security Module 6: Acing Your Exam Lesson 19: Understanding the Exam Structure Lesson 20: Test Taking Strategies Lesson 21: What to Expect at the Testing Center Lesson 22: Attaining and Maintaining Your CISA CertificationAbout the InstructorSari Greeneis an information security practitioner, author, educator, and entrepreneur. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance, and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies. Sari's first text wasTools and Techniques for Securing Microsoft Networks, commissioned by Microsoft to train its partner channel, followed soon after by the first edition ofSecurity Policies and Procedures: Principles and Practices. The second edition,Security Program and Policies: Principles and Practices, is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling Pearson CISSP Complete Video Course and the CISSP Exam Prep course. Sari has published a number of articles related to cybersecurity; has been quoted in theNew York Times,Wall Street Journal, on CNN, and on CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences and workshops around the country; and is a frequent guest lecturer. Sari serves on the Bangor Savings Bank board of directors and is chair of the risk management committee. She provided expert witness testimony in the groundbreaking PATCO v. Ocean National Bank case, represents industry on the Massachusetts Bankers Association Cybersecurity Task Force, and is a member of the American Bankers Association cybersecurity faculty. Sari earned her MBA from the University of New Hampshire system. She holds multiple industry accreditations, including CISA, CISSP-ISSMP, CRISC, CISM, MCSE, and NSA/IAM. She is also certified in offshore emergency medicine. You can contact Sari at
[email protected], follow her on Twitter at @sari_greene, or visit her website http://www.sarigreene.com. Skill Level Intermediate to advanced What You Will Learn Every objective on the CISA: Certified Information Systems Auditor examTips to prepare for and pass the examReal-world information systems auditing skillsWho Should Take This Course Primary audience: Anyone preparing for the ISACA CISA certification examination. Secondary audience: Anyone interested in learning information systems auditing skills; those interested in learning about security auditing. Course Requirements Familiarity with basic auditing and information systems concepts. About LiveLessons Video Training Pearson's LiveLessons video training series publishes the industry's leading video tutorials for IT pros, developers, sys admins, devops, network engineers, and certification candidates. LiveLessons feature the highest-quality professional skills training led by recognized author instructors published by Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT certification, programming, development, networking, software skills for the home, office, and business, and more. Your purchase provides you with lifetime online access to the content. http://www.pearsonitcertification.com/livelessons
- Introduction
- CISA (Certified Information Systems Auditor): Introduction 00:04:06
- Module 1: The Process of Auditing Information Systems
- Lesson 1: Audit Fundamentals
- Learning objectives 00:01:04
- 1.1 Understanding the Audit Function 00:08:20
- 1.2 Adhering to ISACA IS Audit and Assurance Standards and Guidelines 00:06:12
- 1.3 Identifying the Risk / Audit Relationship 00:07:14
- 1.4 Surveying IS Controls 00:08:07
- Lesson 1 Review 00:07:06
- Lesson 2: Auditing
- Learning objectives 00:00:57
- 2.1 Performing an IS Audit 00:06:19
- 2.2 Gathering Audit Evidence 00:08:40
- 2.3 Understanding Sampling Techniques 00:08:45
- 2.4 Reporting and Communicating Audit Results 00:10:44
- 2.5 Audit Evolutions 00:07:09
- Lesson 2 Review 00:06:49
- Module 2: Governance and Management of IT
- Lesson 3: Governance Structure, Processes, and Models
- Learning objectives 00:01:11
- 3.1 Understanding Corporate and Information Security Governance (Defining Governance) 00:07:22
- 3.2 Designing Strategic Plans, Policies, and Procedures 00:09:53
- 3.3 Surveying IT Organizational Structures and SOD 00:07:40
- 3.4 Surveying Maturity and Process Implementation Models 00:07:31
- 3.5 Understanding Performance Optimization 00:07:41
- 3.6 Real-world Auditing IT Governance 00:03:11
- Lesson 3 Review 00:07:18
- Lesson 4: Risk Management
- Learning objectives 00:00:58
- 4.1 Evaluating a Risk Management Program 00:07:59
- 4.2 Conducting a Risk Assessment 00:09:42
- 4.3 Real-world Auditing Risk Management 00:02:56
- Lesson 4 Review 00:05:39
- Lesson 5: Third-Party Relationships
- Learning objectives 00:01:08
- 5.1 Examining Outsourcing and Third-Party Management 00:10:55
- 5.2 Deconstructing Cloud Computing 00:09:30
- 5.3 Real-world Auditing Third-Party Relationships 00:03:24
- Lesson 5 Review 00:06:18
- Lesson 6: Business Continuity
- Learning objectives 00:01:02
- 6.1 Defining Business Continuity Planning 00:08:12
- 6.2 Examining a Business Impact Analysis (BIA) 00:08:48
- 6.3 Designing Business Continuity Plans 00:07:49
- 6.4 Evaluating Business Continuity Testing and Readiness 00:09:07
- 6.5 Real-world Auditing Business Continuity 00:03:19
- Lesson 6 Review 00:06:56
- Module 3: Information Systems Acquisition, Development, and Implementation
- Lesson 7: Project Management
- Learning objectives 00:01:04
- 7.1 Developing a Business Case 00:06:11
- 7.2 Understanding Portfolio Management 00:05:31
- 7.3 Defining Project Management 00:11:55
- 7.4 Real-world Auditing Portfolio and Project Management 00:03:37
- Lesson 7 Review 00:06:31
- Lesson 8: Application Development
- Learning objectives 00:01:09
- 8.1 Exploring Business Application Development 00:07:28
- 8.2 Identifying Software Development Testing Techniques 00:09:46
- 8.3 Recognizing Source Code Vulnerabilities 00:06:29
- 8.4 Real-world Auditing the Development Process 00:03:30
- Lesson 8 Review 00:05:48
- Lesson 9: System Acquisition and Implementation
- Learning objectives 00:01:14
- 9.1 Exploring Acquisition Processes 00:06:31
- 9.2 Deconstructing System Implementation 00:08:31
- 9.3 Recognizing Application Controls 00:08:03
- 9.4 Understanding Configuration and Change Management 00:07:58
- 9.5 Real-world Auditing Acquisition and Implementation 00:04:08
- Lesson 9 Review 00:06:11
- Module 4: Information Systems Operations, Maintenance, and Service Management
- Lesson 10: IS Operational Management
- Learning objectives 00:01:11
- 10.1 Surveying Information Systems Management and Frameworks 00:07:24
- 10.2 Managing Operational Processes 00:08:05
- 10.3 Understanding Asset Management 00:03:46
- 10.4 Real-world Auditing IS Operational Management 00:03:26
- Lesson 10 Review 00:04:12
- Lesson 11: Data Management
- Learning objectives 00:01:01
- 11.1 Defining Data Management 00:07:27
- 11.2 Exploring Database Management Systems (DBMS) 00:09:28
- 11.3 Real-world Auditing Data Management 00:03:44
- Lesson 11 Review 00:05:30
- Lesson 12: Network Architecture
- Learning objectives 00:01:22
- 12.1 Examining OSI and TCP/IP Models 00:06:13
- 12.2 Exploring Transmission Media and Telecommunications 00:09:01
- 12.3 Understanding Wireless Networks 00:10:32
- 12.4 Exploring VoIP 00:06:50
- 12.5 Real-world Auditing Network Architecture 00:03:45
- Lesson 12 Review 00:05:36
- Lesson 13: Disaster Response and Recovery
- Learning objectives 00:01:39
- 13.1 Understanding Disaster Reponse and Recovery Objectives 00:05:44
- 13.2 Identifying Recovery Strategies 00:07:25
- 13.3 Assessing Backup and Replication Strategies 00:10:23
- 13.4 Evaluating Disaster Recovery Plan Maintenance 00:07:35
- 13.5 Real-world Auditing Disaster Response and Recovery 00:04:14
- Lesson 13 Review 00:06:18
- Module 5: Protection of Information Assets
- Lesson 14: Information Security Program Management
- Learning objectives 00:01:13
- 14.1 Surveying Information Security Management Systems (ISMS) 00:07:18
- 14.2 Identifying Information Security Classifications and Controls 00:04:54
- 14.3 Exploring Cyberthreats and Adversaries 00:09:58
- 14.4 Understanding Incident Management 00:06:37
- 14.5 Evaluating Investigative and Evidence Handling Capabilities 00:09:51
- 14.6 Real-world Auditing Information Security Program Management 00:03:13
- Lesson 14 Review 00:05:50
- Lesson 15: Authentication and Authorization
- Learning objectives 00:01:01
- 15.1 Examining Identification and Authentication 00:07:47
- 15.2 Exploring Access Control 00:11:31
- 15.3 Monitoring Access 00:08:25
- 15.4 Real-world Auditing User Access Controls 00:03:41
- Lesson 15 Review 00:06:10
- Lesson 16: Infrastructure Security
- Learning objectives 00:01:15
- 16.1 Surveying Perimeter Security 00:13:04
- 16.2 Managing Malware 00:08:25
- 16.3 Security Endpoint 00:07:23
- 16.4 Mobile Device Challenges 00:06:07
- 16.5 Testing Network Infrastructure Security 00:10:16
- 16.6 Real-world Auditing Infrastructure Security Controls 00:03:47
- Lesson 16 Review 00:06:39
- Lesson 17: Cryptography
- Learning objectives 00:01:14
- 17.1 Demystifying Encryption 00:09:01
- 17.2 Applying Asymmetric Encryption 00:06:50
- 17.3 Examining Hashing and Digital Signatures 00:07:52
- 17.4 Understanding Digital Certificates 00:07:57
- 17.5 Identifying Cryptographic Protocols and Attacks 00:06:48
- 17.6 Real-world Auditing Cryptographic Protocols 00:03:48
- Lesson 17 Review 00:07:21
- Lesson 18: Physical and Environmental Security
- Learning objectives 00:01:10
- 18.1 Examining Environmental Threats 00:06:26
- 18.2 Securing People and Places 00:06:18
- 18.3 Real-world Auditing Environmental and Physical Access 00:03:58
- Lesson 18 Review 00:04:33
- Module 6: Acing Your Exam
- Module Intro 00:00:23
- Lesson 19: Understanding the Exam Structure 00:03:01
- Lesson 20: Test Taking Strategies 00:03:49
- Lesson 21: What to Expect at the Testing Center 00:03:06
- Lesson 22: Attaining and Maintaining Your CISA Certification 00:01:33
- Summary
- CISA (Certified Information Systems Auditor): Summary 00:00:49
9780134677453.CISA.Certified.Information.Systems.Auditor.part1.OR.rar
9780134677453.CISA.Certified.Information.Systems.Auditor.part2.OR.rar
9780134677453.CISA.Certified.Information.Systems.Auditor.part3.OR.rar