IT Audit Field Manual Strengthen Your Cyber Defense Through Proactive IT Auditing
Master effective IT auditing techniques, from security control reviews to advanced cybersecurity practices, with this essential field manual Key Features Secure and audit endpoints in Windows environments for robust defense Gain practical skills in auditing Linux systems, focusing on security config...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing, Limited
2024.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009850436806719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright and Credits
- Contributors
- Table of Contents
- Preface
- Part 1: Foundations of IT Auditing
- Chapter 1: Introduction to IT Auditing
- The role and importance of IT auditing
- An introduction to an information system (IS) audit and IT audit
- The proactive approach
- beyond risk assessment
- IT auditing in action
- case study reviews
- The evolution of IT auditing in cybersecurity
- The need for a dynamic approach to cybersecurity
- Real-time response and proactive security
- Current trends and the future outlook of IT auditing
- A shift to continuous auditing
- An emphasis on data privacy and protection
- The future outlook
- evolving with the digital landscape
- Key concepts and terminology in IT auditing
- Navigating through the audit life cycle
- Exploring the different types of IT audits
- The business process and people in the IT auditing process and planning
- The roles of various stakeholders in IT auditing
- Summary
- Chapter 2: Audit Planning and Preparation
- Understanding the importance of audit planning
- Defining audit scope and objectives
- Risk assessment and audit approach
- Audit risks versus risks identified by the audit mission
- Identifying and mitigating potential audit risks
- Steps in creating a comprehensive audit plan
- Resource allocation and timeline
- Identifying and allocating resources
- Techniques for resource allocation
- Audit methodologies and procedures
- Stakeholder engagement and communication
- Mapping stakeholders
- Planning communication strategies
- Summary
- Part 2: Auditing IT Systems and Networks
- Chapter 3: Cisco Switches and Routers
- Access Methods and Security Assessments
- Introduction to basic networking concepts
- Understanding Cisco switches and routers
- Access methods for Cisco switches and routers
- Cisco Catalyst 2960-X series switches
- Cisco Catalyst 9200 series switches
- Cisco 4000 series integrated services routers (ISRs)
- Cisco ASR 1001-X series routers
- Security risks associated with Cisco devices
- Common vulnerabilities in network devices
- Conducting security assessments on Cisco devices
- Summary
- Chapter 4: Next-Generation Firewall Auditing
- An introduction to NGFWs
- The key differentiators of NGFWs
- Scenario
- auditing file-sharing applications blocked by NGFWs
- Common firewall features and security assessment approaches
- An example
- introducing Healthy Bones Health Services
- Example
- Palo Alto PAN-OS
- its capabilities and auditing techniques
- Navigating the PAN-OS interface
- Best practices in NGFW configuration and management
- Common NGFW Pitfalls
- Audit best practices
- Summary
- Chapter 5: Cloud Security Auditing
- Introduction to cloud security auditing
- Understanding the cloud service models
- Impact of a cloud model on cloud security auditing
- Challenges in cloud auditing
- Auditing in Microsoft Azure
