Preparing for the CISA Exam

In this seminar you will focus exclusively on the essential areas covered in the CISA® exam. You will cover the CISA content areas you need to know for the exam, including IS audit process, IT governance, systems and infrastructure life-cycle management, IT service delivery and support, information asset protection, and business continuity and disaster recovery.

Following each section, you will work through a series of sample exam questions to give you a "feel" for the format and the types of questions you will encounter. You will then review the correct answers for a better understanding of what the ISACA Certification Board expects.

This intensive prep course is an ideal way to prepare for the exam. You will gain valuable experience answering sample exam questions while strengthening the skills you need to approach accreditation with confidence.

AGENDA

• Risk-Based Auditing
  
• Developing The Audit Strategy
  
• Planning And Executing The Audit

• Organization And Management Structure
  
• IT Strategy And Planning
  
• Risk Management Practices
  
• IT Governance Practices
  
• International IT Standards And Guidelines

• Centralized/Decentralized Environments
  
• Problem And Incident Management
  
• Technical Support
  
• Quality Assurance (QA)
  
• Segregation Of Duties

• Hardware Acquisition, Contracts And Inventories
  
• Equipment Maintenance/Utilization

• Operating Systems
  
• Database Management System (DBMS)
  
• System Software Controls

• Physical Security Objectives, Risks And Controls
  
• Environmental Exposures, Risks And Controls

• Logical Access Controls Objectives
  
• Authentication: Password Controls, Tokens, Biometrics, Managing User Accounts
  
• Authorization
  
• Audit Trail
  
• Managing Security Administration
  
• Single Sign-On (SSO) Authentication

• Network Terminology
  
• Centralized And Distributed Computing

• Cabling: Twisted Pair, Coaxial, Fiber-Optics
  
• LAN Network Topologies
  
• Wireless Communications And Associated Risks

• Network Communication Standards
  
• Common Network Protocols
  
• TCP/IP
  
• OSI Model, Encapsulation, Security Issues

• Network Interface Cards
  
• Wiring Hubs
  
• Wireless Access Points
  
• Bridges
  
• Switches
  
• Routers
  
• Gateways
  
• Device Security

• Differences Between LANs And WANs
  
• WAN Connection Methods
  
• Dial-Up And Wireless Connections And Risks
  
• Switching Techniques: Circuit, Message, Packet, Cell

• Internet Technologies
  
• IP Addressing
  
• URL
  
• DNS
  
• Web Application Programming Techniques
  
• Internet Risks And Controls

• Network Security Risk Analysis
  
• Vulnerability Testing
  
• Network Security Strategy

• Network Security Strategies
  
• Firewalls
  
• DMZ
  
• Intrusion Detection Systems
  
• Remote Access

• Types Of Encryption
  
• Digital Signatures And Certificates

• Objectives Of Application Audits
  
• Auditing The Transaction Life Cycle
  
• Auditing The Business Application Components
  
• Planning And Executing Application Audits

• Change Management Objectives/Risks
  
• Change Request Requirements
  
• Emergency Changes
  
• Library Control Software
  
• Vendor-Supplied Source Code
  
• New Programming Technologies

• Audits Role On Development Projects
  
• Business Risks Of Development Projects
  
• Project Governance Practices
  
• Traditional System Development Life Cycle
  
• Rapid Application Development
  
• System Testing And Acceptance
  
• Cutover And Implementation

• Project Management Risks
  
• Budgeting And Scheduling
  
• Auditing Project Management

• Disasters And Disruptive Events
  
• Business Continuity Planning Steps
  
• Business Impact Analysis (BIA)
  
• Disaster Recovery Strategies
  
• Testing The Recovery Plan
  
• Continuity Plan Maintenance