Introduction
CISA Course and Certification
Basic Knowledge
Domain 1 — Information System Auditing Process
-
1.1 Conduct an IS Audit (9:17)
-
1.2 IS Audit Report and Presentation samples (4:58)
-
1.3 Information Asesst Register (6:12)
-
1.4 Audit Risk Assessment (12:30)
-
1.5 Audit Planning (5:20)
-
1.6 Audit Planning
-
1.7 Audit Planning and management (7:23)
-
1.8 Document Control (3:23)
-
1.9 Audit Scenario (44:08)
-
1.10 Business process (7:16)
-
1.11 Law and regulation (2:20)
-
1.12 Evidence (5:56)
-
1.13 Evidence Collection (4:46)
-
1.13 Evidence Collection
-
1.14 Sampling (3:58)
-
1.15 Security Governance (3:37)
-
1.16 Security Governance
-
1.17 Security Awareness and Training (3:43)
-
1.18 Security Awareness and Training
-
1.19 IT Audit Standards (4:26)
-
1.20 IT Audit Standards
-
1.21 Security Models (2:18)
-
1.22 Security Models
-
1.23 professional Ethics (4:32)
-
1.24 Professional Ethics
-
1.25 Security Documentation (2:47)
-
1.26 Security Documentation
-
1.27 Risk Management (4:32)
-
1.28 Risk management
-
1.29 Threat Modeling (5:16)
-
1.30 Threat Modeling
-
1.31 BCP (5:48)
-
1.32 BCP
-
1.33 Information security policy (3:08)
-
1.34 information security policy
Domain 2 – Governance & Management of IT
-
2.1 IT Governance (3:06)
-
2.2 IT Governance Frameworks (6:36)
-
2.3 IT Governance Frameworks
-
2.4. Governance and Management of IT (14:34)
-
2.5 NIST 800-100 (7:31)
-
2.6 Governance – Requirements (7:31)
-
2.7 Information System Strategy (4:53)
-
2.8 IT Organization (2:55)
-
2.9 Maintenace of Polices and Procedures (5:04)
-
2.10 Policy and Procedures Resources (74:39)
-
2.11 Legal Compliance (8:38)
-
2.12 Quality Managment System (1:59)
-
2.13 Maturity Models (3:22)
-
2.14 Process Optimization (3:56)
-
2.15 IT Investment Practices (5:34)
-
2.15 IT Supplier Selection (5:15)
-
2.16 Make or Buy decision (18:12)
-
2.17 Risk Managment (10:53)
-
2.18 Business Impact Analysis (10:41)
-
2.19 Information Asset Management (4:05)
-
2.20 information asset management
-
2.21 IT Strategy and Alignment (7:06)
-
2.22 IT Strategy and Alignment
-
2.23 Privacy Protection (4:06)
-
2.24 Privacy Protection
-
2.25 Asset Retention (5:17)
-
2.26 Asset Retention
-
2.27 Data Security Controls (4:02)
-
2.28 Data Security Controls
-
2.29 Secure Data Handling (5:04)
-
2.30 Secure Data Handling
-
2.31 Asset Classification (4:14)
-
2.32Asset Classification
-
2.33 Resource Provisioning and Protection (8:28)
-
2.34 Resource Provisioning and Protection
-
2.35 Enterprise Risk Management (7:02)
-
2.36 Enterprise Risk Management
Domain 3 – Information Systems Acquisition, Development, & Implementation
-
3.1 Information Systems Acquisition, Development and Implementation (9:28)
-
3.2 Project Governance (2:32)
-
3.3 Types of Organization (6:38)
-
3.4 Project Managment (6:38)
-
3.5 Architecture (5:36)
-
3.6 Procurement Managment (1:09)
-
3.7 Plan Procurement Managment (18:12)
-
3.8 Security in the Engineering Lifecycle (5:49)
-
3.9 Security in the Engineering Lifecycle
-
3.10 Cryptography Basics - Part 1 (3:05)
-
3.11 Cryptography Basics - Part 1
-
3.12 Cryptography Basics - Part 2 (0:53)
-
3.13 Cryptography Basics - Part 2
-
3.14 Cryptography Basics - Part 3 (1:55)
-
3.15 Cryptography Basics - Part 3
-
3.16 Symmetric vs. Asymmetric Cryptography (2:34)
-
3.17 Symmetric vs. Asymmetric Cryptography
-
3.18 Post-Incident Reviews and Lessons Learned (2:54)
-
3.19 Post-Incident Reviews and Lessons Learned
-
3.20 System Component Security- Part 1 (5:15)
-
3.21 System Component Security- Part 1
-
3.22 System Component Security - Part 2 (3:44)
-
3.23 System Component Security - Part 2
-
3.24 System Component security - part 3 (4:18)
-
3.25 System Component Security - Part 3
-
3.26 Security Models (3:33)
-
3.27 Security Models
-
3.28 Controls and Countermeasures in Enterprise Security (8:59)
-
3.29 Controls and Countermeasures in Enterprise Security
-
3.30 Information System Security Capabilities (7:09)
-
3.31 Information System Security Capabilities
-
3.32 Feasibility and Cost-Benefit Analysis (7:46)
-
3.33 Feasibility and Cost-Benefit Analysis
-
3.34 Security Principles in the System Lifecycle (7:27)
-
3.35 Security Principles in the System Lifecycle
-
3.36 Change Management (5:24)
-
3.37 Change Management
-
3.38 Acquisition Strategy and Practice (8:21)
-
3.39 Acquisition Strategy and Practice
Domain 4 – Information Systems Operations and Business Resilience
-
49. Information System Operations (6:51)
-
4.1 Service Level Management (5:09)
-
4.2 Hardware, Software and Network (7:32)
-
4.3 Software Licensing (3:15)
-
4.4 Capacity Managment (2:49)
-
4.5. Incident Managment (5:35)
-
4.6 Incident Report Form (5:33)
-
4.7 Backup (5:59)
-
4.8 Disaster Recovery Plans (3:34)
-
4.9 Alternative Sites (8:09)
-
4.10 Fundamentals of Network- Part 1 (5:16)
-
4.11 Fundamentals of Network- Part 1
-
4.12 Fundamentals of Network- Part 2 (3:33)
-
4.13 Fundamentals of Network- Part 2
-
4.12 Fundamentals of Network-Part 3 (4:04)
-
4.15 Fundamentals of Network-Part 3
-
4.16 Logging and Monitoring (4:18)
-
4.17 Logging and Monitoring
-
4.18 Incident Response (5:37)
-
4.19 Incident Response
-
4.20 Patch and Vulnerability Management (2:46)
-
4.21 Patch and Vulnerability Management
-
4.22 OSI Model (5:07)
-
4.23 OSI Model
-
4.24 Communication Channel Security (5:38)
-
4.25 Communication Channel Security
-
4.26 Network Attack Mitigation-Part 1 (3:52)
-
4.27 Network Attack Mitigation-Part 1
-
4.28 Network Attack Mitigation-Part 2 (5:38)
-
4.29 Network Attack Mitigation-Part 2
-
4.30 Disaster Recovery Planning (5:40)
-
4.31 Disaster Recovery Planning
-
4.32 Recovery Site Strategies (4:52)
-
4.33 Recovery Site Strategies
-
4.34 Backup and Data Recovery (6:57)
-
4.35 Backup and Data Recovery
-
4.36 Service Level Agreements (SLAs) (5:48)
-
4.37 Service Level Agreements (SLAs)
-
4.38 IT Operations Management (7:10)
-
4.39 IT Operations Management
Domain 5 – Protection of Information Assets
