Course Title 1: Information Security & Business Process Alignment
Course Description: Proper IT governance starts with aligning IT solutions with business processes. In this course, you'll explore how to identify the relationship between IT security and business objectives. You'll examine in detail how various regulations and security standards, such as HIPAA, GDPR, and PCI DSS, can influence an organization's IT security decisions, going through seven of such regulations one-by-one. Next, you'll examine the cloud services, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a...
Course Title 27: Managing IT Risk
Course Description: Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register. Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and and Microsoft FSRM. Moving on, you'll learn how...
Course Title 26: Cryptography & PKI
Course Description: Securing data at rest and in transit over a network is accomplished through the use of cryptography. In this course, you'll explore the concepts of hashing and encryption. You'll start by studying how cryptography addresses IT security before gaining hands-on experience generating file hashes and encrypting data at rest. Some of the methods you'll practice will be using Microsoft EFS and AxCrypt to protect files, Microsoft BitLocker to protect disk volumes, PuTTYgen to generate key pairs, and wiping disk data. Moving...
Course Title 25: TCP/IP Configuration
Course Description: Modern computing uses IPv4, and increasingly IPv6. In this course, you'll explore IPv4 and IPv6 configuration details in preparation for configuring IT services to support business processes. You'll work with DNS name resolution and DHCP. You'll identify the role played by various network infrastructure devices, such as routers and switches. Furthermore, you'll capture and analyze network traffic using Wireshark. By the end of this course, some of the skills you'll acquire will be to to recognize the connection between OSI model layers...
Course Title 24: Network Infrastructure Security
Course Description: Various laws, regulations, and security best practices require network traffic coming in and out of IT services to be controlled. In this course, you'll learn how to implement techniques to ensure the precious IT assets within your organization's network are secure. You'll begin by exploring what the IPsec network security protocol does and how it's employed. You'll then examine various types of firewalls and decipher when they should be used. Next, you'll work with correctly setting up Windows Defender Firewall, Linux...
Course Title 23: Identity & Access Management
Course Description: Information security managers must consider the security risks and potential impact of user access to resources. In this course, you'll explore how to manage and assign user authentication and authorization to use resources for various cloud and local services. You'll start by distinguishing between authentication and authorization. Next, you'll assign file system permissions in Windows and Linux. You'll then practice assigning permissions policies to AWS users. Lastly you'll enable multifactor authentication and single...
Course Title 22: Server Roles
Course Description: Servers provide many different types of functionality that must be adequately secured. To qualify as a Certified Information Security Manager, you'll need to know how to securely manage and deploy Windows and Linux cloud-based servers both on-premises and remotely in addition to encrypting a virtual machine. In this course, you'll begin by examining various server roles, when they should be used, and how to secure them. Next, you'll deploy Windows and Linux servers in the cloud and manage them from an on-premises...
Course Title 21: IT Security Policies
Course Description: IT security policies guide how IT services are deployed and managed in an organization. To achieve certification in information security management, you'll need to demonstrate a clear understanding of what policies exist and where and how to implement them. In this course, you'll explore various types of security policies, starting with those for securing change and patch management. You'll then investigate some network and host security hardening techniques. You'll move on to practice hardening Windows and Linux servers as...
Course Title 20: Detecting Security Anomalies
Course Description: Information security managers must have the most efficient tools to detect potential security incidents at their disposal. In this course, you'll explore several tools that can be used to detect anomalies and learn how to take action to mitigate these anomalies. You'll learn to differentiate intrusion detection from intrusion prevention, before using Snort for network anomaly detection. You'll then examine how honeypots provide insight related to malicious user techniques. Next, you'll analyze various types of Windows logs...
Course Title 19: Security Testing
Course Description: Periodic security testing sheds light on an organization's current security posture. As an information security manager, you should know how to accurately and thoroughly assess the condition of an organization's IT security. In this course, you'll learn the concepts and practices involved in this process. You'll start by examining how physical security can influence IT services. Next, you'll explore the benefits and techniques involved in network scanning, vulnerability assessments, and penetration testing. You'll round off...
Course Title 18: Digital Forensics
Course Description: Information security managers may be called upon to aid in the gathering and preservation of digital evidence. To achieve certification-level knowledge, you should be savvy in terms of the techniques, requirements, and potential hurdles involved in gathering digital evidence. In this course, you'll explore several digital forensic techniques, such as order of volatility, chain of custody, and data immutability. You'll also examine common digital forensic hardware and software tools. To round off the course, you'll gain hands-on...
Course Title 17: Business Continuity
Course Description: Information security managers must plan for inevitable business disruptions, knowing how best to minimize the impact of these disruptions on business processes and learn from them to prepare for future incidences. In this course, you'll explore techniques to reduce the chances of disruptions, plan for the inevitable, and learn from past occurrences. You'll start by examining personnel hiring and skills management and how this relates to IT governance. Next, you'll investigate the concept of high availability configurations before...
Course Title 16: Information System Auditing
Course Description: Discover keys to conducting a successful audit, its driving processes, and its underlying IT solutions in this 15-video course. Examine controls and audit reporting while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how information systems (IS) auditing shows whether IT solutions meet business objectives efficiently and effectively; the expectations of conduct for CISA-certified individuals; and how auditing standards provide guidance for conducting efficient audits...
Course Title 15: IT Management Frameworks
Course Description: Explore how IT management frameworks provide a structured approach to managing and auditing IT assets and how risk assessments often drive the IS audit in this 11-video course, helping learners prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 11-video course include: how IT governance provides a structured approach to ensuring IT solutions are aligned with business goals, including outsourced tasks; how Control Objectives for Information and Related Technologies...
Course Title 14: Data Privacy & Risk
Course Description: In this 14-video course, discover how identifying IT asset risks and applying appropriate data privacy standards helps keep sensitive data from unauthorized entities, while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered course include: how the CIA triad (confidentiality, integrity, and availability) enhances IT security; understanding examples of personally identifiable information (PII) and protected health information (PHI); how General Data Protection Regulation (GDPR)...
Course Title 13: IAM & Data Classification
Course Description: Explore how multifactor authentication (MFA) and role-based access control lessen risks of system compromise and privilege abuse, and how data classification uses tags to organize data, while preparing for the ISACA Certified Information Systems Auditor (CISA) exam in this 16-video course. Key concepts covered include: authentication categories and how authorization follows; how to create Active Directory (AD) users and groups on-premises; and how to create Azure AD users and groups. Learn how MFA enhances security...
Course Title 12: Performance & Management
Course Description: Efficient delivery of IT systems includes cost reduction and optimized system performance. In this 15-video course, discover how a structured approach for implementing changes and patches can reduce security incidents and downtime, in preparation for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how performance is related to service level agreements (SLAs), and differences between SLAs and operational level agreements; how; and how to deploy a private Microsoft CA...
Course Title 11: PKI & Data Protection
Course Description: Explore how public key infrastructure (PKI) provides a hierarchy of digital security certificates used to secure data and authenticate users and devices and how data are protected with encryption and file integrity verification, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 16-video course include: how cryptography protects data; distinguishing between asymmetric and symmetric encryption; steps in the PKI certificate lifecycle...
Course Title 10: Virtualization & Cloud
Course Description: Explore how virtualization provides efficient hardware usage and security boundaries and how cloud computing tracks pooled IT resource usage and charges fees accordingly, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts in this 14-video course include: when to use various virtualization technologies; how to distinguish differences between Type 1 and Type 2 hypervisors; how to install Microsoft Hyper-V hypervisor; and how to configure a Hyper-V; how to secure...
Course Title 9: Digital Asset Protection
Course Description: Security technicians must determine which security controls most effectively protect assets at a reasonable cost. Explore IT maturity models, and endpoint, Internet of Things (IoT), and mobile device security in this 15-video course. Key concepts covered here include: how IT maturity models provide assessments as to whether technology effectively meets business needs; how to map security hardware and software to the Open Systems Interconnection model (OSI model); and how to enable requirements for complex...
Course Title 8: Data Storage & Malware
Course Description: Explore the variety of methods through which stored data can be secured and made highly available, despite realization of malware threats, as you prepare for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered in this 16-video course include: distinguishing between data and information how they are secured; how to define the relationship between big data and the value of data analytics; and listing methods of securing a storage area network (SAN). Next, learn to enable password...
Course Title 7: BCP & Network Security
Course Description: This course addresses why and how organizations must have a Disaster Recovery Plan (DRP), for resiliency in the face of malicious attacks, as well as natural and man-made disasters. The DRP is part of the overall Business Continuity Plan (BCP), which ensures the ongoing functionality of business processes. In this course, you will learn a variety of disaster planning strategies, as well as network security configurations order when planning for business disruptions. Learners will explore the auditing, and what IS auditors need to
Course Title 6: System Design & Analysis
Course Description: This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and you will explore systems planning, testing, integration, and delivery to ensure timely delivery of system changes or entire new solutions for security planning. First, you will explore IT system planning, including the system development life cycle, and learn how technicians can evaluate IT solutions to align with business needs. You will examine how IT solutions will require a feasibility analysis to determine...
Course Title 5: Testing & Vulnerability
Course Description: This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, and explores auditor responsibilities such as identifying network and host weaknesses, reporting them to stakeholders, and suggesting recommendations to improve an organization's security. Learn to distinguish between white, black, and gray box testing, and then explore the benefits of periodic scans for identifying vulnerabilities. Learn how to use pen tests, and evaluate environmental and physical security...
Course Title 4: Digital Evidence Gathering
Course Description: This course covers material necessary to take the ISACA CISA (Certified Information Systems Auditor) exam, a professional certification that allows information system (IS) auditors to properly follow the IS audit process in risk management. You will learn how to identify assets and threats, hardening IT computing environments, performing IT forensics, and auditing tasks. This course explores the importance of gathering, handling, and storing digital evidence to ensure its admissible in a court of law. Because chain-of-custody...
Course Title 3: Continuous Monitoring
Course Description: This course explores the importance of continuously monitoring business processes, and the applicable supporting IT solutions. You will learn how information system (IS) auditing can identify and assist in continuous process improvement. In this course, learners will acquire knowledge of the skills necessary to audit monitoring solutions and business processes. You will explore how to establish baselines to easily detect anomalies. Then learn how to set a baseline for specific systems, like a web server, its normal performance...
Course Title 2: Scenario-Based Practice
Course Description: This course explores how to apply the information systems (IS) audit process to ensure adequate risk mitigation for audit planning, security control selection, travelling user vulnerability mitigation, Wi-Fi hardening, and proper PKI (public key infrastructure) key implementation. Learn the importance of having a ISACA CISA (Certified Information Systems Auditor) certification, which indicates you are a professional with the skills necessary as an IT security analyst in performing an IS audit. An IS auditor must have...
