• Education Bureau Registration Number:575690, 597600
Course Centre Day Date Time Hours Trainer Status Enrollment
Cybersecurity Audit Mongkok N/A To be confirmed N/A 6 Steve Yu Planning

Cybersecurity Audit

Important: This top up course is for students who have already certified with CSX Cybersecurity Fundamentals.


Course Duration: 6 hours, 2 sessions of 3 hours each

Course Fee: HKD1,600

Language of Delivery: Cantonese with English terms

Cybersecurity Audit Certificate provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits. It provides security professionals with an understanding of the audit process, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.

• Identify roles and responsibilities of an auditor
• Define basic cybersecurity principles
• Gain an understanding of security frameworks to identify best practices
• Identify cyber and legal regulatory requirements to aid in compliance assessments
• Perform a risk assessment
• Define threat and vulnerability management
• Enhance asset, configuration, change and patch management practices
• Assess network security from security architecture to traffic analysis to segmentation to data loss prevention
• Identify application security controls
• Distinguish between firewall and network security technologies
• Identify cloud strategies and controls
• Identify the benefits and risks of containerization

•Digital Asset Protection
•Lines of Defense
•Role of Audit
•Audit Objectives
•Audit Scope

Module 1: Cybersecurity Governance
•Security Organization Goals and Objectives
•Cybersecurity Risk Assessment
•Service Providers
•Performance Measurement

Module 2: Cybersecurity Operations – Cyberattacks
•Threat Assessment
•Cybersecurity Measures
•Vulnerability Management
•Penetration Testing
•Red Team/Blue Team/Purple Team

Module 3: Cybersecurity Operations – Identity and Access Management
•Enterprise Identity and Access Management
•Identity Management
•Federated Identity Management
•Key Objectives of Identity Management
•Provisioning and Deprovisioning
•Privileged User Management and Controls
•Third-party Access
•Authentication Protocols
•Configuration Management
•Asset Management
•Change Management
•Patch Management
•Network Security
•Security Architecture
•Security Perimeter
•Network Perimeter
•Network Architecture
•Remote Access
•System Hardening

Module 4: Cybersecurity Operations – Security Measures
•Incident Management
•Digital Forensics
•Client Endpoint Protection
•Security within SDLC
•Data Backup and Recovery

Module 5: Cybersecurity Operations – Compliance and Cryptography
•Security Compliance

Module 6: Security Technologies
•Firewall and Network Security technologies
•Security Incident & Event Management (SIEM)
•Wireless Technology
•Cloud Computing
•Mobile Security

Module 7: Security Technologies – Mobile Security and Internet of Things
•Mobile Security
•Internet of Things (IoT)

  • IT audit professionals and enterprises who need additional guidance on auditing cybersecurity
  • Security professionals who need an understanding of the audit process
  • Risk and assurance professionals who need in-depth knowledge of cyber-related risk and mitigating controls
  • IT professionals who want to learn more about what an IT auditor needs to consider when auditing cybersecurity

Number of Questions: 75 Questions

Exam Duration: 2 Hours

Exam Format: Multiple Choice, Online, closed-book

Exam Location: Remotely-proctored exam

Passing Mark: 65%

Exam Fee: USD299

Course notes and exercises in softcopy (PDF) format

  • Great Learning has solid experience in delivering I.T. security courses.
  • Unlimited re-sit within 2 years. All lessons can be re-sit, refreshing your knowledge all the way.
  • We are the IT technical and management specialists, highly experienced in delivering complicated and conceptual knowledge in an effective way.