#1 How to Pass Exam Certified Information Systems Auditor in 15 hours (CISA) | Full Course | Part 1

Timestamp:
0:00 The Purpose of Auditing
0:04 Information System Auditing
0:30 The IS Auditing Process
0:50 IS Audit Planning
2:06 Audit Procedures
3:12 ISACA Code of Conduct
6:02 ISACA Auditing Standards
10:19 Organizational Documentation
15:39 Stakeholder Needs
17:43 Stakeholder Needs - Compliance
19:27 Network Diagrams
19:31 IS Auditing and Network Diagrams
23:50 Security Control Types
29:00 Control Objectives and Controls
33:09 Audit Resource Planning
37:19 Audit Scheduling
39:54 Urgent Incident Discovery
42:59 Why Do People Partake in Fraud?
43:47 Audit Reporting
47:18 Audit Findings Remediation Follow-up
50:01 Exercise: Controls and IS Auditing
50:46 The Purpose of IS Auditing
51:07 Control Type Examples
52:31 Control Objectives and Control
53:22 IT Governance
54:43 Common IT governance frameworks
55:58 COBIT
59:08 COBIT 5
1:00:18 Information Technology Infrastructure Library (ITIL)
1:01:04 ITIL Lifecycle
1:04:03 ITIL and IS Audit Outcomes
1:04:44 ISO/IEC Standards
1:06:07 ISO/IEC 27001:2013
1:07:16 Risk Management
1:08:20 IT-related Risks
1:09:50 Risk Register
1:10:55 Risk Treatment
1:15:16 Business Model for Information Security (BMIS)
1:19:31 Information Technology Assurance Framework (ITAF)
1:21:34 IT Balanced Scorecards (IT BSC)
1:22:44 Sample Software Development Scorecard
1:24:27 Exercise: IT Frameworks and IS Auditing
1:25:00 IT Governance
1:25:29 COBIT
1:26:05 ITIL Phases
1:26:53 Risk Treatment
1:27:52 The CIA Triad
1:27:54 The CIA Security Triad
1:28:27 Confidentiality
1:29:12 Integrity
1:30:17 Availability
1:32:16 Personally Identifiable Information (PII)
1:34:33 PII Audit Assurance Review
1:35:20 Protected Health Information (PHI)
1:37:56 General Data Protection Regulation (GDPR)
1:41:05 GDPR Compliance
1:44:05 Payment Card Industry Data Security Standard (PCI DSS)
1:51:50 Health Insurance Portability and Accountability Act (HIPAA)
1:52:30 HIPAA Compliance
1:54:01 Federal Risk and Authorization Management Program (FedRAMP)
1:55:56 FedRAMP Requirements
1:57:33 FedRAMP Certified Cloud Providers
1:57:47 Assets and Risks
1:58:29 IT Asset Lifecycle
1:59:02 Asset Risk Calculations
2:00:52 Asset Risk Calculation Example
2:06:17 Network Inventory
2:08:21 Exercise: Mitigate Data Privacy Risks
2:09:01 CIA Security Triad
2:09:39 PII
2:09:51 PHI
2:10:04 Calculate ALE
2:10:55 Authentication and Authorization
2:10:56 Authentication
2:11:37 Authentication Categories
2:11:59 Strengthening Authentication
2:13:33 On-Premises Identity and Access Management (IAM)
2:17:41 Cloud-Based IAM
2:21:46 Multi Factor Authentication (MFA)
2:24:13 Multistep Authentication
2:24:46 Microsoft Azure MFA
2:27:36 Microsoft Azure Role Based Access Control (RBAC)
2:31:47 Amazon Web Services RBAC
2:25:30 Microsoft Active Directory Delegated Administration
2:39:18 Identity Federation
2:41:47 Identity Federation - Authentication
2:44:36 Data Tagging
2:46:17 Microsoft File Server Resource Manager
2:47:32 Search Criteria Tagging Examples
2:48:46 Standard Windows File System Permissions
2:54:11 Standard Linux File System Permissions
2:59:00 Windows File Server Resource Manager
3:05:18 Windows Dynamic Access Control
3:14:05 Exercise: Authentication and Data Classification
3:14:58 Identity Federation
3:19:48 Service Level Agreements (SLAs)
3:22:13 Performance Baselines
3:25:59 Windows Performance Monitoring
3:29:52 Linux Performance Monitoring
3:36:22 Cloud-Based Performance Monitoring
3:43:00 Change Management
3:44:36 Types of IT Changes
3:45:39 Change Management Event Flow
3:47:01 Configuration Management
3:48:02 Configuration Management Components
3:51:11 Vulnerability Management
3:52:24 Vulnerability Examples
3:54:29 Vulnerability Management Program
3:55:57 Group Policy Configuration Delegation
3:59:43 Microsoft SCCM Configuration Management
4:05:34 Microsoft SCCM Patch Deployment
4:11:27 Job Scheduling
4:16:21 Exercise: Optimize Performance and Security
4:17:16 Service Level Agreement
4:24:00 Cryptography
4:24:28 Cryptography Uses
4:25:48 Encryption
4:26:25 Hashing
4:27:00 File Hashing Process
4:28:06 Digital Signatures
4:29:26 Asymmetric and Symmetric Encryption
4:29:29 Symmetric Encryption
4:29:52 The Encryption Process
4:30:38 Common Symmetric Algorithms
4:31:17 Asymmetric Encryption
4:33:42 Common Asymmetric Algorithm
4:33:51 Public Key Infrastructure (PKI) Hierarchy
4:36:10 PKI Certificates
4:36:47 PKI Certificate Contents
4:37:35 Public and Private Keys
4:38:33 PKI Usage
4:39:48 The PKI Certificate Life Cycle
4:40:46 PKI Lifecycle
4:41:50 PKI Certificate Lifecycle Management
4:43:53 Private Certificate Authority
4:50:09 Manual Certificate Issuance
4:52:39 Securing Network Traffic
4:53:40 Transport Layer Security (TLS)
4:55:27 Securing Network Traffic with IPSec
4:56:55 Disable SSLv3
4:59:09 Enable a HTTPs Web Site
5:02:51 Client SSL/TLS Certificates
5:08:11 Windows Encrypting File System
5:10:53 Windows BitLocker
5:15:31 File Integrity
5:18:12 Exercise: Applying PKI Security
5:18:52 Symmetric and Asymmetric Encryption
5:19:20 Digital Signing - Hashing
5:19:47 HTTPS and PKI
5:21:09 Types of Virtualizations
5:21:31 Hypervisors
5:22:33 Application Virtualization
5:23:49 Operating System Virtualization
5:24:52 Desktop Virtualization
5:25:58 Hypervisors
5:26:11 Type 1 Hypervisor
5:26:49 Type 2 Hypervisor
5:27:43 Hypervisor Security
5:29:59 Virtual Machine Security
5:31:23 Hypervisor Installation
5:35:35 Virtual Network Switches
5:42:01 Virtual Machines
5:49:18 Hardening a Virtualized Environment
5:56:06 Cloud Computing
5:56:13 Cloud Computing Types
5:57:17 Public Cloud
5:58:12 Private Cloud
5:59:08 Hybrid Cloud
6:00:00 Community Cloud
6:00:46 Cloud Service Models
6:01:02 Infrastructure as a Service (IaaS)
6:01:30 Platform as a Service (PaaS)
6:02:03 Software as a Service (SaaS)
6:02:21 Common Cloud Service Offerings
6:05:48 Cloud Security
6:12:17 Windows Cloud-Based Virtual Machines
6:16:57 Linux Cloud-Based Virtual Machines
6:21:06 Cloud Endpoint Security
6:23:46 Exercise: Securing Cloud Environments
6:24:21 Hypervisors
6:24:50 Cloud Computing Risks
6:25:31 Private Cloud
6:25:57 Jump Box
6:26:28 It Maturity Models
6:27:35 Capability Maturity Model Integration (CMMI)
6:29:40 IT Maturity Assessment
6:30:48 Organizational Security Policies
6:33:37 Organizational Security Policies Types
6:34:50 Security and the OSI Model
6:34:52 The OSI Model
6:38:54 The OSI Model and Security
6:40:21 Password Security
6:40:28 Password Policies
6:41:06 User Account Management
6:43:24 Default Password Lists
6:43:50 Lookup Tables
6:45:09 Rainbow Tables
6:47:02 Endpoint Security
6:50:48 Data Loss Prevention
6:53:50 Data Loss Prevention - Malware
6:55:12 IoT Devices
6:56:17 IoT Device Examples
6:57:06 IoT Search Engine
6:58:04 IoT and Security
6:58:58 Vulnerable IoT Devices
7:04:48 Mobile Device Access Control
7:10:27 Mobile Device Partitioning
7:11:01 Mobile Device Hardening
7:13:53 Mobile Device Policies
7:18:40 Malicious Mobile Apps in App Stores
7:21:57 Auditing Mobile Apps
7:23:28 Exercise: Implement Security Controls
7:24:15 OSI
7:24:55 Rainbow Attack Mitigations
7:25:52 Common IoT Devices
7:26:38 Mobile Device Hardening

Thank you very much. I can’t express enough. We can see the kindness of the instructor through his voice alone. ❤

Excellent! Thanks for posting this. Don’t mind my bookmark. 2:58:28

Excellent resources and wondering if you have an updated recording of the same since this is 2 years old. I am getting ready for my CISA and finding this so helpful.

Taking this exam in a month and almost done your video. Thank you! Super informative

Great video. As a penetration tester and CISSP this digests really well and get straight into my objectives of becoming a CISA as well to start performing PCI-DSS compliance (after becoming a QSA of course)

For a 45 year-old exam, you'd think ISACA would have more than 150K CISA Certified members. They do it to themselves.

Very good training, very good examples, but please add timestamps for the 5 Domains of CISA so that those who are viewing can jump to specific domains

Hi, is part 3 of the series missing? If not can you share the link? Thanks in advance .. very helpful video series.

Thank you so much for providing this training. 🙏🏽

This video is very helpful. You are clear and concise. Thank you so much for putting it together. I plan to listen to the CISSP videos next 🤓🙏🏻🙆🏻‍♀️

Thank you for this very helpful information! I am trying to take the exam in a few months! 🤗

This video is awesome and useful. Thanks for the information.

Great work. Thank you. Is there a powerpoint that contains all the slides? thanks

Very informative, thank you

This video is a life saver

When was the course released originally? I wonder how old it is.

Is there a part 3? Can’t find it on the channel. Thanks

Can we only based on this video for the course to pass the examen after some exercices ,

Nice video. How can I get the PPT used in the video?

How can I get the PPT used in the video?😀

Hearing PII pronounced "pie" made me flinch every time.

Can add agenda of the present ? (with time and content)

Hi, can I get any type of notes in form of a PDF or Hard copy of this video related? Your Video is awesome and very helpful. Super

Many many many thanks

QUESTION FOR THE COMMUNITY - I see on the ISACA candidate preparation PDF that it says that the required experience to obtain the CISA is 5 years in IS/IT audit, control, assurance or security".
If one has over a decade in auditing in a technical field, but is not IS/IT (In my case it is Nuclear Quality Assurance Auditing), then is that acceptable experience or would it not apply?
Thanks all! 😁

Nice, Can you do a CISM and CRISC

Can I pass my CISA with this video?

Is this enough to pass the exam?

Where is part 2 of this video?

Thank you

can you please add time stamp on the video

Thanks!

Did anyone clear CISA after watching these 2 videos of 15 hours?

Nobody calls PII “pie” man

❤

Bernadine Walks

Alphonso Villages