Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Remote access has long been a way of life for many in the auditing, sales, and IT support professions, but the advent and implications of global pandemics has dramatically expanded the population to include everyday remote, work from home workers. The increased use of remote access and mobility has brought a lot of realized risks including: reduced employee supervision, ransomware attacks, phishing and identity theft, and data compromise. In this timely and highly relevant workshop, we will identity major control points and the significant risks associated with remote access and mobile computing. CyberSecurity best practices and practical audit techniques associated with remote access and mobile computing will be presented.

Learning Objectives

  • Define control points and significant risks associated with remote access and mobile device security
  • Identify best practices for controlling and securing remote access and mobile devices
  • Develop practical procedures for auditing the control and security of remote access and mobile device security
  • Locate sources of additional information and tools associated with remote access and mobile device security

Course Outline

Defining the Remote Access / Mobile Computing Landscape

  • Defining the cyberSecurity Technology landscape
  • Remote access and mobility risk management

Network User Authentication

  • Authentication credentials
  • Multi-factor authentication (MFA)
  • Point-to-point protocol (PPP)network authentication—PAP, CHAP, EAP
  • Authentication, authorization, accounting (AAA) – RADIUS, TACACS+
  • Port security / network access control (NAC)
  • Zero trust network access (ZTNA)
  • Enterprise directory services

Securing Remote Access

  • Remote access technologies
  • Network protocols and security services
  • Jump boxes and privileged access workstations (PAWs)
  • Virtual private networks (VPNs)
  • Remote desktop virtualization —VDI, RDP/RDS, desktop as a service (DaaS)
  • Virtual conferencing
  • Wireless risks and Safeguards
  • Internet of things (IoT) risks
  • Remote access security technical audits

Mobile Computing Security

  • Defining the mobile device landscape
  • Mobile device policies and deployment models
  • Mobile device endpoint security
  • Media security and data loss prevention (DLP)
  • Auditing mobile computing security

Wrap-up Summary

  • Top 10 remote access security safeguards
  • Sources of additional information and tools

Additional Information

Who Should Attend
  • IT Auditors
  • Information Security Managers, Analysts, and Architects and administrators
  • IT Management, IT Architects, Network Engineers
  • Consultants
Learning Level

Intermediate

Delivery

Group Live

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

Introduction to IT Auditing (AA01) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.

Session Duration

On Site: 2 day

CPE Credits: 18

Questions? Contact us

Phone: +1 (781) 784-4390
Email: fill out form below

    [recaptcha size:compact class:captcha]