(314) 504-0530 info@bac-mail.com

CISA Boot Camp Day 5

  • Course Title: Protection of Information Assets
  • Corresponds to: Domain 5 of the CISA exam – 27%
  • Prerequisites: There is no prerequisite for this course
  • Learning Level: Basic
  • Instructional Method:  Group Live
  • CPE hours earned: 8
  • Field of Study: Information Technology – Technical

Back to Boot Camp Training Programs >

Course Description
Ensuring the integrity and confidentiality of information and the associated timely availability of systems to authorized users is the cornerstone of an effective system of internal controls to protect an organization’s information assets.  Information is among an organization’s more valuable assets and management relies upon information to support its business activities. The quality of preservation and retention of such information is key to an organization’s ability to provide services to its customers and stakeholders.

Therefore, the security of an organization’s information and of the technology that facilitates its use is a responsibility shared by all personnel. Any user who has been authorized to access the organization’s information has an obligation to preserve and protect these information assets in a consistent and reliable manner.

Controls provide the necessary physical and procedural safeguards to accomplish such obligations.  The establishment and management of such controls enable information to be shared while ensuring protection of that information and its associated systems.

Management, together with internal workforce and external third parties, is responsible for ensuring that appropriate controls are in place to maintain the objectives of confidentiality, integrity, and availability for the organization’s information.

Compliance with applicable legislative and regulatory mandates is key elements of an organization’s information asset protection program. Thus, compliance that all information is processed, maintained and disposed of in accordance with all relevant federal and state laws, rules, and regulations, is paramount.

The focus of this session will be to examine, in depth, the process, procedures, and methods used to protect an organization’s information assets.

Audience
This course would best meet the objectives of an individual preparing to sit for the CISA professional certification examination.  Additionally, non-exam candidates or individuals desiring to gain a deeper understanding of the IT Audit methodologies and process would also benefit from attending this course.
Objectives
:  After completing this course, participants will be able to:

  • Evaluate the techniques for the design, implementation, and monitoring of security controls, including security awareness programs
  • Assess logical access controls for the identification, authentication and restriction of users to authorized functions and data
  • Determine the configuration, implementation, operation and maintenance of network security controls
  • Identify network and Internet security devices, protocols, and techniques
  • Examine information system attack methods and techniques, including detection tools and control techniques (e.g., malware, virus detection, spyware)
  • Apprise security testing techniques (e.g., intrusion testing, vulnerability scanning)
  • Evaluate risks and controls associated with data leakage
  • Assess encryption-related methodologies including, public key infrastructure (PKI) components and digital signature techniques
  • Determine risks and controls for voice communications security (e.g., PBX, VoIP) along with mobile & wireless devices
  • Examine the evidence preservation techniques and processes followed in forensics investigations (e.g., IT, process, chain of custody)
  • Recognize the processes and procedures used to store, retrieve, transport and dispose of confidential information assets

Address the examination requirements for Domain 5 of the CISA exam.

CISA Boot Camp

Need more information?

If you have questions or would like more information about any of our courses please contact us using the form below. We look forward to hearing from you.

4 + 2 =

Request a Consultation Today

We provide a variety of consultation services and training options to fit the demanding and changing needs of our clients. Contact us today and we will help you determine the best way to meet your goals.

cybersecurity and infrastructure security angency

BAC is a vetted, current provider of training courses through the NICCS Education and Training Catalog. BAC’s courses are aligned to the specialty areas of the National Cybersecurity Workforce Framework.