Advanced Information Systems Auditing

This intellectually challenging course is underpinned by an in-depth understanding of how control processes operate within modern infrastructures and how an auditor can approach the evaluation of these processes.

Suitability and duration

Suitability: Intermediate - Advanced

Duration: 3 days

Who should attend

Those familiar with basic IT audits that need to extend their skills into more technical aspects of IT auditing. This course is suited for those with six months or more experience in information technology auditing. This course may also be beneficial to those taking QiCA, CISA, or CISSP exams.

Benefits

Skills

After completion of this course, you will be able to:

• Understand the process of hardening systems

• Evaluate vulnerability, patch and fix regimes

• Deploy analytical software products and techniques to locate or evaluate system weaknesses

• Analyse and evaluate critical preventative and directive control processes within systems

• Analyse and evaluate control trails and event logs

Support Materials

The course is accompanied by a detailed manual that contains briefings illustrations and screenshots, and after-course reference materials to form a powerful personal resource.

Programme

Hardening systems – preventative and detective measures

• Hardening of key software – the process

• Sources of knowledge of system vulnerability

• Interpreting vulnerability reporting

• Resolving vulnerability issues

• Patching and fixing systems

• Patch tracking and identification

Auditing systems security – tools and techniques for auditors

• Creating an audit toolkit – sources of software and issues in deploying tools

• Validation of security in systems

• Location of weaknesses in Systems Software – tools and technique

• Locating weaknesses in Networks – tools and technique

• Locating weaknesses in Applications – tools and technique

• Automated exploit testing – tools and technique

• Locating weaknesses in Hardware – tools and technique

• Physical security of locations, hosts, and data

• Penetration testing for auditors – penetration test contracts

• Do's and Don’ts of penetration testing

Data control – preventative and directive processes

• The big three – confidentiality, accountability, integrity

• Identifying data domains

• Identifying and defining data assets and ownership

• Inter-domain data asset protection

• Defining policy – rules for people rules for systems

• Systems objects, security reference monitors and their interaction

• Registration, identification, authentication, authorisation and logging processes – core control processes

• Locking down privilege – least rights rule and context setting

• Permissions and permissions structures – deploying best practice control structures – auditing permissions architectures

• Using inheritance to ensure consistent security rules and policies

• Securing the data on portable and removable devices: Notebooks, PDAs, cell phones, removable and portable media

Data control – detective processes

• Event logging processes

• Configuring event logs

• User processes, system processes, security processes

• Analysing server logs, firewall logs, and other logs

• Retrieving data from logs and sieving the results

• Analysing computers and media

Course designed, developed and presented by MindGrove.