Auditing & Monitoring Networks, Perimeters & Systems

Provided by

About the course

    Instructor: Clay Risenhoover
    6,275 EUR

    GSNA Certification
    Affiliate Pricing
    36 CPEs
    Laptop Required

    Masters Program
    DoDD 8140
    (CND Auditor)

One of the most significant obstacles facing many auditors today is how exactly to go about auditing the security of an enterprise. What systems really matter? How should the firewall and routers be configured? What settings should be checked on the various systems under scrutiny? Is there a set of processes that can be put into place to allow an auditor to focus on the business processes rather than the security settings? How do we turn this into a continuous monitoring process? All of these questions and more will be answered by the material covered in this course.

This track is organized specifically to provide a risk driven method for tackling the enormous task of designing an enterprise security validation program. After covering a variety of high level audit issues and general audit best practice, the students will have the opportunity to dive deep into the technical "how to" for determining the key controls that can be used to provide a level of assurance to an organization. Tips on how to verify these controls in a repeatable way and many techniques for continuous monitoring and automatic compliance validation will be given from real world examples.

One of the struggles that IT auditors face today is assisting management to understand the relationship between the technical controls and the risks to the business that these affect. In this course these threats and vulnerabilities are explained based on validated information from real world situations. The instructor will take the time to explain how this can be used to raise the awareness of management and others within the organization to build an understanding of why these controls specifically and auditing in general is important. From these threats and vulnerabilities, we will explain how to build the ongoing compliance monitoring systems and how to automatically validate defenses through instrumentation and automation of audit checklists.

You'll be able to use what you learn the day you get home. Five of the six days in the track will either produce or provide you directly with continuous monitoring scripts and a general checklist that can be customized for your audit practice. Each of these days includes hands-on exercises with a variety of tools discussed during the lecture sections so that you will leave knowing how to verify each and every control described in the class and know what to expect as audit evidence. Each of the five hands on days gives you the chance to perform a thorough technical audit of the technology being considered by applying the checklists provided in class to sample audit problems in a virtualized environment.

A great audit is more than marks on a checklist; it is the understanding of the what the underlying controls are, what the best practices are and why. Sign up for this course and experience the mix of theory, hands-on, and practical knowledge.

    A Sampling of Topics
        Audit planning and techniques
        Effective risk assessment for control specification
        Firewall and perimeter auditing
        Network auditing
        UNIX/Linux auditing
        Windows auditing & scaling to the enterprise
        Active Directory auditing
        A proven six-step audit process
        Time based auditing
        Effective network population auditing
        How to perform useful vulnerability assessments
        Uncovering "Back Doors"
        Building an audit toolkit
        Detailed router auditing
        Technical validation of network controls
        Web application auditing
        Audit Tools

Course Syllabus
  AUD507.1: Effective Auditing, Risk Assessment, Reporting
  AUD507.2: Effective Network & Perimeter Auditing / Monitoring
  AUD507.3: Web Application Auditing
  AUD507.4: Advanced Windows Auditing & Monitoring
  AUD507.5: Advanced UNIX Auditing & Monitoring
  AUD507.6: Audit the Flag: A NetWars Experience

Related article

As we become more reliant on digital technologies, the cyber security industry has grown in order to protect organisations against online attacks. ...