√лавна€    Ex Libris     ниги    ∆урналы    —татьи    —ерии     аталог    Wanted    «агрузка    ’удЋит    —правка    ѕоиск по индексам    ѕоиск    ‘орум   

ѕоиск по указател€м

Gregg M. Ч CISA Exam Cram
Gregg M. Ч CISA Exam Cram

ќбсудите книгу на научном форуме

Ќашли опечатку?
¬ыделите ее мышкой и нажмите Ctrl+Enter

Ќазвание: CISA Exam Cram

јвтор: Gregg M.


CISA Exam Prep

Certified Information Systems Auditor

Michael Gregg

Your Complete Certification Solution!

The Smart Way to StudyЩ

In This Book YouТll Learn How To:

* Approach the IS audit process from ISACAТs view of IS auditing best practices
* Relate and apply information security and systems audit best practices to the six CISA job practice areas
* Understand the IS audit process and learn how to apply best practices to secure an organizationТs assets
* Evaluate IT governance to ensure that the organization has the structure, policies, and mechanisms in place to provide sufficient IS controls
* Minimize risk within an IT/IS environment by using sound security techniques and practices
* Assess systems and infrastructure lifecycle practices to determine their effectiveness in meeting security requirements and meeting organizational objectives
* Gain a deeper understanding of the business continuity and disaster recovery process to help minimize risk
* Protect key informational assets by examining the security architecture and evaluating controls designed for the protection of confidentiality, availability, and integrity
* Streamline your exam preparations with our exam insights, tips, and study strategies

язык: en

–убрика: “ехнологи€/

—татус предметного указател€: √отов указатель с номерами страниц

ed2k: ed2k stats

»здание: Second Edition

√од издани€: 2006

 оличество страниц: 480

ƒобавлена в каталог: 11.12.2007

ќперации: ѕоложить на полку | —копировать ссылку дл€ форума | —копировать ID
ѕредметный указатель
802.11 standards      269
Abnormal events, tracking      202Ч203
access creep      301
Accuracy of biometric systems      388
Acid (atomicity, consistency, isolation, durability) test      464
ACID test (atomicity, consistency, isolation, and durability)      171 229 464
Active attacks      314Ч319 467
Active RFID tags      218
Administrative audits      41
AES (Advanced Encryption Standard)      344
Aggregation      226
Agile Software Development      143Ч144
Al-Kindi, Abu      340
ALE (Annual Loss Expectancy)      452
ALE (annual loss expectancy), calculating      85 416
Algorithms      341
Alternative applicationdevelopment techniques      142Ч145
ANSI X12      180
Answers (practice exam)      509Ч525
application layer, OSI reference model      246
Application layer, TCP/IP model      253Ч254
Application proxies      263
Application testing      172Ч173
Applications, auditing      168
Applications, auditing, continuous online auditing      173Ч175
Applications, auditing, data integrity controls      170Ч171
Applications, auditing, via observation and testing      169Ч170
Applications, disposing of      140Ч141
applications, testing      172Ч173
ApplicationЧdevelopment techniques      142Ч145
AR (abandon rate)      199
Arithmetic logic unit      210
ARO (annual rate of occurrence) estimating      416
ARP (Address Resolution Protocol)      251
artificial intelligence      185
ASCII (American Standard Code for Information Exchange)      225
assemblers      222 463
Asset identification      81Ч83
Assets, information assets, classifying      296Ч297
Assets, information assets, evaluating      296
Asymmetric encryption      341 344
Asymmetric encryption, ECC      345
Asymmetric encryption, RSA encryption      345
Asynchronous attacks      316
ATBASH      340
ATM (Asynchronous Transfer Mode)      267
Attack-detection tools      311
Attacks, active      314Ч319
Attacks, against Bluetooth      327
Attacks, cryptographic      351Ч352
Attacks, passive      313Ч314
Attenuation      256
Attribute sampling      47 450
Attributes      226
Attributes of CSAs      51
Audit monitors      181
Audit opinion, required elements      49
Audit planning process      26Ч27
Audit programs      41
Audit reduction tools      200 312
Auditing      39
Auditing, applications      168
Auditing, applications, continuous online auditing      173Ч175
Auditing, applications, data integrity controls      170Ч171
Auditing, applications, testing methods      172Ч173
Auditing, applications, via observation and testing      169Ч170
Auditing, business application systems, business intelligence      182Ч186
Auditing, business application systems, e-commerce      179Ч180
Auditing, business application systems, EDI      180Ч181
Auditing, business application systems, email      181Ч182
Auditing, classifying types of audits      40Ч41
Auditing, compliance testing      46
Auditing, continuous auditing      52
Auditing, continuous online auditing      174
Auditing, CSAs      50Ч51
Auditing, evidence      47
Auditing, evidence, reliability of      48
Auditing, fraud, detecting      49
Auditing, general control procedures      37
Auditing, independence as requirement      40
Auditing, information security      335
Auditing, information security, data ownership      335Ч336
Auditing, information security, security baselines      336
Auditing, information system control procedures      37
Auditing, infrastructure security      337
Auditing, infrastructure security, change management      339Ч340
Auditing, infrastructure security, network assessments      339
Auditing, infrastructure security, penetration testing      337Ч339
Auditing, integrated auditing      51Ч52
Auditing, internal controls, CobiT      38Ч39
Auditing, ISACA code of ethics      31Ч32
Auditing, methodology      42Ч43
Auditing, methodology, documentation      43Ч45
Auditing, objectives, defining      45
Auditing, project management      177Ч178
Auditing, risk analysis      32
Auditing, risk analysis, categories of risk      32Ч33
Auditing, risk management      33
Auditing, risk management, monitoring phase      35
Auditing, risk management, risk management team, establishing      33Ч34
Auditing, risk management, risk mitigation      34
Auditing, risk-based      35Ч36
Auditing, sampling      46Ч47
Auditing, substantive testing      46
Auditing, systems development      176Ч177
AUPs (Acceptable Use Policies)      311
Authentication by characteristic      306Ч307
Authentication by knowledge      304Ч305
Authentication by ownership      305
Authentication, biometric systems      387Ч389 466
Authentication, digital signatures      346Ч347
authentication, Kerberos      309
Authentication, single sign-on      307Ч309
Automated WPs, documenting audit findings      43Ч45
Availability, reports      219
Availability, role in IS      295Ч296
Awareness and training, role in overcoming privacy issues      298
B-to-B (Business to Business) e-commerce model      179
B-to-C (Business to Consumer) e-commerce model      179
B-to-E (Business to Employee) e-commerce model      179
B-to-G (Business to Government) e-commerce model      179
Background checks      92
Backup and restoration methods      431Ч432
Backup and restoration methods, media rotation      433
Backup and restoration methods, SANs      434
Backup power supplies      382
Balance data      165
Balanced matrix organizational form      119
Balanced score card      71
Balanced score card, performance, measuring      72
Base case system evaluation      173
Baseband transmission      256
Basel Accord Standard II      25
bastion hosts      265
Batch control      160
Batch controls      162
BCP (business continuity plan)      409 471
BCP (business continuity plan), BIA      411Ч412
BCP (business continuity plan), BIA, criticality analysis      416Ч417
BCP (business continuity plan), BIA, information gathering      413
BCP (business continuity plan), BIA, loss, methods of calculating      412Ч413
BCP (business continuity plan), implementation and testing phase      421Ч423
BCP (business continuity plan), implementation and testing phase, full operation tests      424
BCP (business continuity plan), implementation and testing phase, paper tests      423
BCP (business continuity plan), implementation and testing phase, preparedness tests      424
BCP (business continuity plan), monitoring and maintenance      425
BCP (business continuity plan), plan design and development      419Ч420
BCP (business continuity plan), project management and initiation      410
BCP (business continuity plan), recovery strategy      417Ч419
BCP (business continuity plan), tests      473
BCP (business continuity plan), training and awareness      420Ч421
BCP (business continuity plan), verifying      436Ч437
Beaman, Bob      225
Berners-Lee, Tim      272
Best practices for IT governance, goals of      67Ч68
BIA (business impact analysis)      472
BIA (business impact analysis), criticality analysis      416Ч417
BIA (business impact analysis), information gathering      413
BIA (business impact analysis), loss, methods of calculating      412Ч413
BIA (business impact analysis), role in BCP process      411Ч412
Biometric systems      306Ч307 387Ч389 466
Black Hats      331
Black-box tests      456
Block cipher algorithm      343
Blu-ray discs      213
Bluetooth      243 327
Bollards as physical security control      373
Bottom-up policy development      75 451
bottom-up testing      137
BRI (Basic Rate Interface)      268
bridges      259 261
Broadband transmission      256
broadcast domains      259
Broadcast transmission      251
brute-force attacks      318
Bump keys      379
Bus topology      255
Business application development      130Ч131
Business application development, systems-development methodology      131Ч132
Business application systems, business intelligence      182
Business application systems, business intelligence, artificial intelligence      185
Business application systems, business intelligence, CRM      185
Business application systems, business intelligence, data architecture components      183
Business application systems, business intelligence, DSS      184Ч185
Business application systems, business intelligence, SCM      186
Business application systems, e-commerce, auditing      179Ч180
Business application systems, EDI      180Ч181
Business application systems, email      181Ч182
Business intelligence      182
Business intelligence, artificial intelligence      185
Business intelligence, CRM      185
Business intelligence, data architecture components      183
Business intelligence, DSS      184Ч185
Business intelligence, SCM      186
Business process controls      159
Business process controls, input controls      160Ч162
Business process controls, output controls      166Ч167
Business process controls, processing controls      162Ч164
Business process controls, processing controls, data file controls      165Ч166
Business Software Alliance      230
Bypass label processing      311
CAATs (computer-assisted auditing techniques)      43
Cabling, attenuation      256
cabling, coaxial      256
cabling, fiber-optic      257
Cabling, plenum-grade      256
Cabling, twisted pair      256
Cabling, wireless communication      257
Caesar's cipher      340
Calculating, ALE      85 416 452
Calculating, project task time estimates      127
Calculating, SLE      86 416
Capacity management      220Ч221 463
Categories of twisted-pair cabling      256
CBD (component-based development)      145
CDs (compact discs)      213
Cerf, Vinton      272
CERTs (Computer Emergency Response Teams), responding to incidents      332Ч334
CGI (Common Gateway Interface)      273
Chain of custody      41
Change-management      95 206Ч207 339Ч340
Change-management, post-deployment      209
Change-management, program library systems      207Ч208
Change-management, release management      208Ч209
Changeover, methods of      456
Chargeback method of security system funding      74
Chief privacy officer, role in information security      295
Chief security officer, role in information security      295
Cipher text-only attacks      351
Circuit-level firewalls      321
Circuit-level proxies      264
Circuit-switched WANs      268
Citizen programmers      138
Class A networks      251
Class B networks      251
Class C networks      251
Classifying, information assets      296Ч297
Classifying, types of audits      40Ч41
Client systems      215
client/server networks      216
Client/server networks, security      324Ч325
closing projects      128Ч129
CMM (Capability Maturity Model)      98 453
Coaxial cable      256
CobiT (Control Objectives for Information and Related Technology)      38Ч39 98 454
COBOL (Common Business-Oriented Language)      222
COCOMO (Constructive Cost Model)      122
Cohen, Fred      316
Cold sites      427
collision domains      259
Collisions      259
Commercial data-classification system      297
Commercial information classification system      393
Common Criteria      76
Communication-driven DSS      184
Comparative analysis      317
Comparing OSI reference model and TCP/IP model      249
Compilers      222 463
Compliance testing      28 46
Compliance, ensuring      46Ч47
Compliance, regulatory standards, verifying with external regulations      25Ч26
computer forensics      334Ч335
Computer viruses      316
Computers      214
Computers, types of      462
Confidential information, handling      312Ч313
Confidentiality, role in IS      295Ч296
Confidentiality-based data classification systems      297
Content switches      260
Continuous assurance      52
Continuous audit techniques      52 460
Continuous backups      432
Continuous online auditing      173Ч175
Control procedures, information system control      449Ч450
Control procedures, processing control      458
Control unit (CPU)      210
Control zones      314
Controls for physical security      371
Controls for physical security, exterior controls      372Ч374
Controls for physical security, interior controls      375Ч378
Controls for physical security, personnel controls      379Ч381
Controls, compliance testing      46
Cookies      273
Core competency      94
Corrective control      76
COSO (Committee for Sponsoring Organizations of the Treadway Commission)      25 99
Cost of software, estimating      122Ч123
CPM (critical path methodology)      127 455
CPTED (crime prevention through environmental design)      373
CPUs      210 461
CPUs, Kilby, Jack      212
CPUs, types of      461
crackers      331
Crashing      127
Critical systems      472
Criticality analysis, quantitative method      416Ч417
CRM (Customer Relationship Management)      185 227
Cross-cut shredders      369
CRs (change requests)      96
Cryptographic attacks      351Ч352
1 2 3 4 5
       © Ёлектронна€ библиотека попечительского совета мехмата ћ√”, 2004-2023
Ёлектронна€ библиотека мехмата ћ√” | Valid HTML 4.01! | Valid CSS! ќ проекте