CISA Domain: 5-Protection of Information Assets
Jump to navigation
Jump to search
- 27% of exam
- 5.2 CISA: Information Security Management
- 5.2.1 CISA: Key Elements of Information
- 5.2.2 CISA: Information Security Management Roles and Responsibilities
- 5.2.3 CISA: Classification of Information Assets
- 5.2.4 CISA: Fraud Risk Factors
- 5.2.5 CISA: Information Security Control Design
- 5.2.6 CISA: System Access Permission
- 5.2.7 CISA: Mandatory and Discretionary Access Controls
- 5.2.8 CISA: Privacy Principles and the Role of IS Auditors
- 5.2.9 CISA: Critical Success Factors to Information Security Management
- 5.2.10 CISA: Information Security and External Parties
- 5.2.11 CISA: Human Resources Security and Third Parties
- Screening
- Terms and Conditions of Employment
- During Employment
- Termination or Change of Employment
- Removal of Access Rights
- 5.2.12 CISA: Computer Crime Issues and Exposures
- 5.2.13 CISA: Security Incident Handling and Response
- 5.3 CISA: Logical Access
- 5.3.1 CISA: Logical Access Exposures
- 5.3.2 CISA: Familiarization With the Enterprise’s IT Environment
- 5.3.3 CISA: Paths of Logical Access
- General Points of Entry
- 5.3.4 CISA: Logical Access Control Software
- 5.3.5 CISA: Identification and Authentication
- 5.3.6 CISA: Authorization Issues
- 5.3.7 CISA: Storing, Retrieving, Transporting and Disposing of Confidential Information
- 5.4 CISA: Network Infrastructure Security
- 5.4.1 CISA: LAN Security
- 5.4.2 CISA: Client-server Security
- 5.4.3 CISA: Wireless Security Threats and Risk Mitigation
- 5.4.4 CISA: Internet Threats and Security
- CISA: Network Security Threats
- CISA: Passive Attacks
- CISA: Active Attacks
- CISA: Causal Factors for Internet Attacks
- CISA: Internet Security Controls
- CISA: Firewall Security Systems
- CISA: Firewall General Features
- CISA: Firewall Types
- Examples of Firewall Implementations
- CISA: Firewall Issues
- CISA: Firewall Platforms
- CISA: Intrusion Detection Systems
- CISA: Intrusion Prevention Systems
- CISA: Honeypots and CISA: Honeynets
- 5.4.5 CISA: Encryption
- 5.4.6 CISA: Malware
- 5.4.7 CISA: Voice-over IP
- 5.4.8 CISA: Private Branch Exchange
- CISA: PBX Risk
- CISA: PBX Audit
- CISA: PBX System Features
- CISA: PBX System Attacks
- CISA: Hardware Wiretapping
- CISA: Hardware Conferencing
- CISA: Remote Access
- CISA: Maintenance
- CISA: Special Manufacturer’s Features
- CISA: Manufacturer’s Development and Test Features
- CISA: Software Loading and Update Tampering
- CISA: Crash-restart Attacks
- CISA: Passwords
- 5.5 CISA: Auditing Information Security Management Framework
- 5.5.1 CISA: Auditing Information Security Management Framework
- CISA: Reviewing Written Policies, Procedures and Standards
- CISA: Logical Access Security Policies
- CISA: Formal Security Awareness and Training
- CISA: Data Ownership
- CISA: Data Owners
- CISA: Data Custodians
- CISA: Security Administrator
- CISA: New IT Users
- CISA: Data Users
- CISA: Documented Authorizations
- CISA: Terminated Employee Access
- CISA: Security Baselines
- CISA: Access Standards
- 5.5.2 CISA: Auditing Logical Access
- 5.5.3 CISA: Techniques for Testing Security
- CISA: Terminal Cards and Keys
- CISA: Terminal Identification
- CISA: Logon IDs and Passwords
- CISA: Controls Over Production Resources
- CISA: Logging and Reporting of Computer Access Violations
- CISA: Follow-up Access Violations
- CISA: Bypassing Security and Compensating Controls
- CISA: Review Access Controls and Password Administration
- 5.5.4 CISA: Investigation Techniques
- 5.5.1 CISA: Auditing Information Security Management Framework
- 5.6 CISA: Auditing Network Infrastructure Security
- 5.7 CISA: Environmental Exposures and Controls
- 5.7.1 CISA: Environmental Issues and Exposures
- 5.7.2 CISA: Controls for Environmental Exposures
- CISA: Alarm Control Panels
- CISA: Water Detectors
- CISA: Handheld Fire Extinguishers
- CISA: Manual Fire Alarms
- CISA: Smoke Detectors
- CISA: Fire Suppression Systems
- CISA: Strategically Locating the Computer Room
- CISA: Regular Inspection by Fire Department
- CISA: Fireproof Walls, Floors and Ceilings of the Computer Room
- CISA: Electrical Surge Protectors
- CISA: Uninterruptible Power Supply/Generator
- CISA: Emergency Power-off Switch
- CISA: Power Leads From Two Substations
- CISA: Fully Documented and Tested Business Continuity Plan
- CISA: Wiring Placed in Electrical Panels and Conduit
- CISA: Inhibited Activities Within the Information Processing Facility
- CISA: Fire-resistant Office Materials
- CISA: Documented and Tested Emergency Evacuation Plans
- 5.7.3 CISA: Auditing Environmental Controls
- CISA: Water and Smoke Detectors
- CISA: Handheld Fire Extinguishers
- CISA: Fire Suppression Systems
- CISA: Regular Inspection by Fire Department
- CISA: Fireproof Walls, Floors and Ceilings of the Computer Room
- CISA: Electrical Surge Protectors
- CISA: Power Leads From Two Substations
- CISA: Fully Documented and Tested Business Continuity Plan
- CISA: Wiring Placed in Electrical Panels and Conduit UPS/Generator
- CISA: Documented and Tested Emergency Evacuation Plans
- CISA: Humidity/Temperature Control
- 5.8 CISA: Physical Access Exposures and Controls
- 5.8.1 CISA: Physical Access Issues and Exposures
- Physical Access Exposures
- Possible Perpetrators
- 5.8.2 CISA: Physical Access Controls
- 5.8.3 CISA: Auditing Physical Access
- 5.8.1 CISA: Physical Access Issues and Exposures
- 5.9 CISA: Mobile Computing
- 5.10 CISA: Peer-to-peer Computing
- 5.11 CISA: Instant Messaging
- 5.12 CISA: Social Media
- 5.13 CISA: Cloud Computing
- 5.14 CISA: Data Leakage