CYBERSECURITY AUDIT AND CYBERSECURITY FUNDAMENTALS – Non-Technicians (Cybersecurity Audit Certification )

With the continuous increase in cybersecurity threats, including cybersecurity detail in every organization’s audit plans is becoming an increasingly critical factor. This requires auditors to know how to adequately audit cybersecurity processes and policies and to manage the tools to ensure that their organizations implement the appropriate controls.
The course program covers the 4 key areas of Cybersecurity Audit: (1) cybersecurity and audit’s role, (2) cybersecurity governance, (3) cybersecurity operations, (4) cybersecurity technology topics. It also provides an in-depth look at how to link COBIT control objectives to the security measures defined according to the NIST Cybersecurity Framework .

The course can also be combined with the 8-hour SUPPLEMENTARY MODULE VA & PENTEST FUNDAMENTALS, in order to gain greater skills in evaluating and interpreting VA and PT activities.

In particular, the overall path provides:
– IT AUDITORS with a 360-degree understanding of the key Cybersecurity factors to consider in an Audit Plan, allowing them to understand how to assess and reduce Cybersecurity risks, how to audit Cybersecurity controls, and how to interpret Cybersecurity evidence;
– CYBERSECURITY EXPERTS with a clear understanding of Audit processes;
– IT RISK MANAGERS with the ability to deepen their understanding of Cybersecurity risks and control measures.

Google 4.1/5 Average Rating
2,200+ Learners
Industry Recognized
Certification Body ISACA
Delivery Profice
Lowest price guaranteed
Live course + exam
€1340
Excl. VAT
Self Paced E-Learning + Exam
€1040
Excl. VAT
  • Exam voucher
  • Hands-on labs
  • Certificate
  • Lifetime support
  • Official courseware

Flexible payment — invoice, card or PayPal

Course Information

Course Code Cybersecurity Audit Certification
Duration 24 Hours
Delivery Online Live, Self Paced
Exam Voucher Included
Certification Body ISACA
Certification CYBERSECURITY AUDIT

What You Will Learn

The course prepares for the ISACA Cybersecurity Audit certification exam and enables participants to: - Understand Cybersecurity Frameworks, all aspects of cybersecurity governance, and identify appropriate best practices, and connections to COBIT control objectives - Oversee the Threat and Vulnerability Management System and tools and Identify legal and Cybersecurity requirements to support compliance assessments - Define and implement secure authorization and Access Management processes at the Enterprise level - Distinguish between firewalls and Network Security technologies and identify Application Security controls - Improve Asset Configuration and Change and Patch Management procedures - Identify weaknesses in Cloud strategies and controls - Perform Cybersecurity and Third-Party Risk Assessments Those who also attend the supplementary VA & PENTEST FUNDAMENTALS module will: - Understand how Vulnerability Assessment and Penetration Testing activities are performed and what results they produce. - Learn to read VAPT activity reports.

Course Curriculum

1) Cybersecurity vs Audit’s Role :
Digital Asset Protection; Lines of Defense; Role of Audit; Audit Objectives; Audit Scope

2) Cybersecurity Governance :
Security Organization Goals and Objectives; Cybersecurity Risk Assessment; Service Providers; Performance Measurement

3) Cybersecurity Operations – Cyberattacks :
Threat Assessment; Cybersecurity Measures; Vulnerability Management; Penetration Testing; Red Team/Blue Team/Purple Team Exercises

4) Cybersecurity Operations – Identity and Access Management :
Enterprise Identity and Access Management; Identity Management; Federated Identity Management; Key Objectives of Identity Management; Provisioning and Deprovisioning; Authorization; Privileged User Management and Controls; Third-party Access; Authentication Protocols; Configuration Management; Asset Management; Change Management; Patch Management; Network Security; Security Architecture; Security Perimeter; Network Perimeter; Interdependencies; Network Architecture; Remote Access; System Hardening

5) Cybersecurity Operations – Security Measures :
Incident Management; Digital Forensics; Client Endpoint Protection; Security within SDLC; Data Backup and Recovery

6) Cybersecurity Operations – Compliance and Cryptography :
Security Compliance; Cryptography

7) Security Technologies :
Firewall and Network Security technologies; Security Incident & Event Management (SIEM); Wireless Technology; Cloud Computing; Mobile Security; Internet of Things (IoT)

8) Correlations with COBIT
COBIT control objectives for the Cybersecurity Audit according to the NIST Cybersecurity Framework
Group exercises and practical examples

1) Basic concepts of Vulnerability Management
Main vulnerabilities, how and when to carry out an assessment and with which tools, remediation plan, criticality prioritization, reporting and classification.

2) Basic concepts of Penetration Testing and guidelines:
What is it for, who does it, when it should be done, Definition of the scope, recommendations on the use of tools, Non-Disclosure Agreement, etc.

3) Notes on the main frameworks that can be used (PCI, OSSTMM, etc.)

4) Phases of the PT with a focus on the attack phase

5)Definition, roles and skills of Blue/Red/Purple Team

6) Presentation and reasoned reading of a real Vulnerability Assessment and PenTest report

1) Fundamentals of Vulnerability Assessment for LAN networks
– Main types of host and application vulnerabilities
– The Vulnerability Assessment activity (Phases, standards, subjects involved, the final report)
– Vulnerability research (“Manual” research; General purpose vulnerability scanner (Nessus and OpenVas); Vulnerability scanner for web applications)

2) Fundamentals of Penetration Testing of LAN networks
– Penetration Testing activities
– Differences compared to VA
– Types of PenTest
– Critical issues in carrying out a PenTest
– The final report
– Frameworks that can be used for the Penetration Test of LAN networks

3) Group exercises and practical examples

Get the Full Syllabus as a PDF

Curriculum, exam format & everything included — sent straight to your inbox.

All You Need to Know

Who Should Attend

IT Auditors, Security Professionals, CISOs, Audit/Assurance professionals, IT Risk professionals, IT Risk Managers. The course is also aimed at Managers, Professionals, and Lawyers who wish to acquire the basic skills needed to understand cybersecurity risk scenarios, vulnerabilities, and threats, as defined by the NIST Cybersecurity Framework, internationally recognized as the cybersecurity reference framework.

Prerequisites

A basic understanding of cybersecurity fundamentals is recommended for participation in this course.
If you are completely new to this knowledge, supplementary e-learning sessions are available upon request.

Course Materials

The course includes the slides presented during the lectures.
Those who intend to take the exam will also receive the Official ISACA “Cybersecurity Audit Certificate Study Guide” in electronic format by purchasing the exam voucher.
The guide explores the following topics: Cybersecurity and the Audit’s role, Cybersecurity Governance, Cybersecurity Operations, case studies, examples, and insights into specific areas of Cybersecurity technologies.

Premium training, now at the lowest price.

Live course + exam €1340 excl. VAT
Self Paced E-Learning + Exam €1040 excl. VAT
4.1/5 Official ISACA partner Exam included 2,200+ alumni
Lowest price guaranteed Ready to enrol?

No payment now — reserve your seat and we'll send the invoice.

Under a minute · invoice, card or PayPal
How it works: 1 Submit your details 2 Receive your invoice 3 Pay & get access