• Identify roles and responsibilities of an auditor
• Define basic cybersecurity principles
• Gain an understanding of security frameworks to identify best practices
• Identify cyber and legal regulatory requirements to aid in compliance assessments
• Perform a risk assessment
• Define threat and vulnerability management
• Enhance asset, configuration, change and patch management practices
• Assess network security from security architecture to traffic analysis to segmentation to data loss prevention
• Identify application security controls
• Distinguish between firewall and network security technologies
• Identify cloud strategies and controls
• Identify the benefits and risks of containerization

Introduction
•Digital Asset Protection
•Lines of Defense
•Role of Audit
•Audit Objectives
•Audit Scope

Module 1: Cybersecurity Governance
•Security Organization Goals and Objectives
•Cybersecurity Risk Assessment
•Service Providers
•Performance Measurement

Module 2: Cybersecurity Operations – Cyberattacks
•Threat Assessment
•Cybersecurity Measures
•Vulnerability Management
•Penetration Testing
•Red Team/Blue Team/Purple Team

Module 3: Cybersecurity Operations – Identity and Access Management
•Enterprise Identity and Access Management
•Identity Management
•Federated Identity Management
•Key Objectives of Identity Management
•Provisioning and Deprovisioning
•Authorization
•Privileged User Management and Controls
•Third-party Access
•Authentication Protocols
•Configuration Management
•Asset Management
•Change Management
•Patch Management
•Network Security
•Security Architecture
•Security Perimeter
•Network Perimeter
•Interdependencies
•Network Architecture
•Remote Access
•System Hardening

Module 4: Cybersecurity Operations – Security Measures
•Incident Management
•Digital Forensics
•Client Endpoint Protection
•Security within SDLC
•Data Backup and Recovery

Module 5: Cybersecurity Operations – Compliance and Cryptography
•Security Compliance
•Cryptography

Module 6: Security Technologies
•Firewall and Network Security technologies
•Security Incident & Event Management (SIEM)
•Wireless Technology
•Cloud Computing
•Mobile Security

Module 7: Security Technologies – Mobile Security and Internet of Things
•Mobile Security
•Internet of Things (IoT)

• IT audit professionals and enterprises who need additional guidance on auditing cybersecurity
• Security professionals who need an understanding of the audit process
• Risk and assurance professionals who need in-depth knowledge of cyber-related risk and mitigating controls
• IT professionals who want to learn more about what an IT auditor needs to consider when auditing cybersecurity

Number of Questions: 75 Questions

Exam Duration: 2 Hours

Exam Format: Multiple Choice, Online, closed-book

Exam Location: Remotely-proctored exam

Passing Mark: 65%

Exam Fee: USD299 (ISACA non-member)

Course notes and exercises in softcopy (PDF) format

• We are the ISACA Accredited Training Organization of providing CSX Fundamentals and Cybersecurity Audit Certification training.
• Great Learning has solid experience in delivering I.T. security courses.
• Unlimited re-sit within 2 years. All lessons can be re-sit, refreshing your knowledge all the way.
• We are the IT technical and management specialists, highly experienced in delivering complicated and conceptual knowledge in an effective way.