Certified Information Systems Auditor (CISA) Competency (Intermediate Level)

  • 39m
  • 39 questions
The Certified Information Systems Auditor (CISA) Competency (Intermediate Level) benchmark measures your working understanding of the knowledge and technical skills required for auditing, control, and security. A learner who scores high on this benchmark demonstrates that they have the skills to work independently on active CISA projects, lead discussions of CISA topics, and provide feedback, reports, and consulting to customers.

Topics covered

  • align business needs with secured technological solutions
  • align data protection policies with GDPR
  • assign built-in AWS policies
  • assign built-in Microsoft Azure roles to Azure AD groups
  • classify Windows Server files with metadata
  • configure shared folder and NTFS Windows file system permissions
  • configure standard Linux file system permissions
  • create Active Directory users and groups on-premises
  • create Microsoft Azure AD users and groups
  • define how cryptography protects data
  • define how the CIA triad enhances IT security
  • describe how COBIT can ensure business objectives are met by aligning appropriate IT processes
  • describe how GDPR assures data privacy
  • describe how risk management can improve business operations
  • describe the Information Technology Assurance Framework
  • describe the purpose of IT balanced scorecards
  • describe when various virtualization technologies should be used
  • enable MFA for an Azure AD user
  • identify client needs that map to business objectives
  • identify control objectives required to secure organizational assets along with the controls themselves
  • identify how IT governance provides a structured approach to ensuring IT solutions are aligned with business goals, including outsourced tasks
  • interpret various types of documentation when preparing an IS audit
  • list different categories of security controls including internal business process controls, IT controls, and sampling types
  • list how ITIL practices can streamline IT service delivery
  • map various risk treatments to threats
  • plan for audit funding, personnel, and related items
  • recall how auditing standards provide guidance for conducting efficient audits
  • recall how IS auditing shows whether IT solutions meet business objectives efficiently and effectively
  • recognize authentication categories and how authorization then follows
  • recognize expectations of conduct for CISA certified individuals
  • recognize how an IT maturity model provides an assessment as to whether technology is effectively meeting business needs
  • recognize how ISO/IEC standards can result in proper IT governance
  • recognize how multifactor authentication enhances security
  • recognize how resource tagging aids in tracking and granting permissions
  • recognize how the Business Model for Information Security encompasses information security planning, implementation, and management
  • recognize the importance of network documentation
  • recognize the role of identity federation across organizations, including SSO
  • use resource and Active Directory attributes to conditionally grant file system permissions
  • use the delegation of control wizard to enable others to manage AD objects