Cybersecurity Audit School
Cybersecurity
Overview
This course covers cybersecurity risks, control design and protection measures, cybersecurity program execution, warning signs, audit, and investigative techniques.
Why you should take this course.
For users with an introductory knowledge of this topic, and are searching for additional information and its application.
Here are the topics we'll cover.
-
Cybersecurity Overview
- Cybersecurity key concepts
- Cybersecurity history and breaches
- Types of cyber-attacks - human
- Types of cyber-attacks – technical
- Cybersecurity frameworks, standards, and regulations
- NIST framework and standards
- Industry frameworks (PCI, HIPAA, CIS CSC, ISO/IEC)
- Cybersecurity oversight, governance, and compliance
- Security policies
- Security risk management overview
- Threat analysis
- Security risk management in practice
-
Asset Management
- Asset Identification and Inventory
- Third-party/service provider management
- Business impact assessment
- Configuration management and change control
-
Cybersecurity Protection Techniques
- Defending business assets overview
- Identity and access management
- Authentication and authorization
- Vulnerability and patch management
- Security awareness
- Physical security
- Personnel security
- Computer networking fundamentals
- Network defenses
- Network security access controls
- Endpoint and system security configuration
- Endpoint and system security protection
- Application security
- Cloud and virtualization security
-
Encryption, Digital Signatures, and Data Protection
- Encryption concepts
- Cryptographic algorithms
- Encryption – public key infrastructure
- Data protection techniques
- Data privacy controls
-
Event Detection, Incident Response, and Recovery
- Logging, monitoring, and alerting
- Incident response (IR) planning
- Incident response (IR) testing
- Digital forensics
- Recovering data and systems
- Business continuity and contingency planning
-
Auditing Cybersecurity
- The auditor’s role
- CISO’s role
- Establishing audit scope
- Building the audit plan
- Cybersecurity evaluation methods
- Vulnerability assessments, scanning and testing
- Penetration testing
- Security maturity models (CMMI)
- Auditing using NIST frameworks
- Auditing with other security frameworks and standards
- Auditing cybersecurity using the payment card industry (PCI)
- Cybersecurity auditing examples
-
Audit Evidence and Reporting
- Collecting and organizing cybersecurity evidence
- NIST reporting requirements
- Prioritizing risks and influencing decisions
-
Course Wrap-up
- Course summary and conclusion
Learning Style
Instructor Led
Level
Intermediate
Who this course is for
Auditors and IT professionals seeking a foundational understanding of cybersecurity.
NASBA Certified CPE
32 credits
Field of Study
Auditing
Length of course
32h
Advanced Preparation
None
Start Learning Today
Stay ahead of the curve and future-proof your business with training programs designed for you.
Contact SalesHere are the learning objectives we'll cover
- Understand security fundamentals, including core security principles, critical security controls, and best practices for securing information technologies, operations, and data.
- Assess common cybersecurity risks, threats, and vulnerabilities in the management of cybersecurity and IT audit programs. Assess common cybersecurity risks, threats, and vulnerabilities in the management of cybersecurity and IT audit programs.
- Evaluate an organization’s technical, operational, and management infrastructure against common security principles and compliance controls
Attendance policy for on-site and online instructor-led training
Students are expected to arrive on time for classes with the proper materials and attitude. An overall attendance rate of 100% is expected to fully absorb the materials and to complete labs. If you have an expected absence, please email support@acilearning.com or your instructor ahead of time. The number of CPEs awarded will be equivalent to the number of hours attended.
ACI Learning is registered with NASBA
ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: https://www.nasbaregistry.org/