Security

CISA

In this course, you'll cover all six domains of the Certified Information Systems Auditor (CISA) exam and gain the knowledge and technical concepts required to obtain CISA certification. Since its inception in 1978, the CISA exam has become the gold standard of excellence in IS auditing, control, and security. Our experts have created a study guide of relevant, up-to-date information, including summary charts, insightful data, and practice exams.

Certified Information Systems Auditor (CISA)

The components of the training program include:

• Instructor-led

• 5 days (40 Hours)

Overview:

In this course, you’ll cover all six domains of the Certified Information Systems Auditor (CISA) exam and gain the knowledge and technical concepts required to obtain CISA certification. Since its inception in 1978, the CISA exam has become the gold standard of excellence in IS auditing, control, and security. Our experts have created a study guide of relevant, up-to-date information, including summary charts, insightful data, and practice exams.



Session From To Duration Time Location
Bootcamp Feb 06, 2017 Feb 10, 2017 40 Hours 9:00AM – 5:00PM Northern Virginia
Bootcamp May 15, 2017 May 19, 2017 40 Hours 9:00AM – 5:00PM Northern Virginia

Check back often for updates or send us an email at training@TASCManagement.com so we can notify you of upcoming courses.

Experienced information security managers and those who have information security management responsibilities. Individuals who are currently, or will be, working in an IS security position such as Departmental/Corporate or functional Information System Security Officers, IS security advisors, System Security Certifiers, System Security Accreditors, System Security Auditors, or security practitioner, who have five years of experience with audit, IT systems, and security of information systems.

Systems administration experience, familiarity with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Essentials of Information Security course.

1. Certification Requirements

2. Introduction to the Seven Domains

3. Technical Infrastructure and Operation

• General-Purpose Computers

• Hardware

• Architecture Memory

• Operations

• Memory Addressing

• Reference Monitor

• Languages

• Transmissions

• Systems Acquisition

• Systems Management

• Systems Databases

• Systems Operations

• Telecommunications

• Telecommunications Security

• Data Network Types: LAN

• Data Network Types: WAN

• The OSI Model

• Description

• Protocol Definition

• Layer Behavior

• Layers Defined

• Layer Protocols

• Layer Devices and Equipment

4. Management, Planning, and Organization of Information Systems

• Policies

• Operations

• Personnel

• Documentation

• Standards

• Guidelines

5. Protection of Information Assets

• Information Security

• Confidentiality

• Integrity

• Availability

• Compliance with Local and International Law

• Security Management

• Classification

• System Access

• System Access Control

• Security Awareness & Training

• New Employees’ Training (NEO)

• Policy Examples and Resources

• CIRT

• Security Incident Phases

• Privacy Impact Analysis (PIA)

• Access Control

• Authentication

• Passwords

• Malicious Logic

• Biometrics

• Authorization Techniques

• Cryptography

6. Applications Development

• Systems Development Life Cycle (SDLC)

• Software Models

• Approaches

• Personnel

• Tools

• Rapid Application Development (RAD)

• Business Process Re-Engineering

• Computer Aided Software Engineering (CASE)

• Capability Maturity Model (S/W) (CMM)

• Extensible Markup Language (XML)

7. Business Processes and Risk Management

• Business Process Re-Engineering (BPR)

• Risk Management

• Security Risk Concept

• Security Risk Concept Exercise

• IT Governance

• System Development

• System Documentation

• Project Lifestyle Phases

• Project Lifestyle Models

• Business Applications Systems

• E-Commerce Models

• EDI Components

• Expert Systems Development

• Data Warehouse

• Data Mining

• Database Security

8. Disaster Recovery Planning (DRP)

• Business Continuity Planning (BCP) Motivation

• BCP vs. DRP

• BCP

• Overview

• Requirements

• Plan Documentation

• Disaster Recovery

• Strategy

• Plan Development

• Training & Documentation

• Testing & Maintenance

9. The Formal Audit Process

• IS Audit Function

• IS Audit Planning

• ISACA

• Internal Control System

• IS Control Procedures

• Control Objectives for Information and Related Technology (COBIT)

• Performing an IS Audit

10. Review of Certification Requirements

11. Review of the Seven Domains

12. Test-Taking Tips

The CISA exam is offered each year in June and December, consists of 200 multiple-choice questions, and is focused on the six domains defined by ISACA