Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Remote access has long been a way of life for many in the auditing, sales, and IT support professions, but the advent and implications of global pandemics has dramatically expanded the population to include everyday remote, work from home workers. The increased use of remote access and mobility has brought a lot of realized risks including: reduced employee supervision, ransomware attacks, phishing and identity theft, and data compromise. In this timely and highly relevant workshop, we will identity major control points and the significant risks associated with remote access and mobile computing. CyberSecurity best practices and practical audit techniques associated with remote access and mobile computing will be presented.

You will:

  • Define control points and significant risks associated with remote access and mobile device security
  • Identify best practices for controlling and securing remote access and mobile devices
  • Develop practical procedures for auditing the control and security of remote access and mobile device security
  • Locate sources of additional information and tools associated with remote access and mobile device security

Learning Objectives

  • Key risks and compliance requirements associated with logical access control
  • Key building blocks of logical access control
  • Locating typical logical access control points in infrastructure and applications
  • Industry best practices for logical access controls
  • Tools and techniques for auditing logical access controls

Course Outline

Auditing Remote Access and Virtual Private Networks (VPNs)

  • Remote access and mobility security risks
  • Remote access protocols, services, and applications
  • VPN endpoint configurations—remote access, network-to-network
  • VPN controls and safeguards
  • VPN configuration audits
  • Wireless access considerations
  • Network encryption testing

Auditing Enterprise Security Services)

  • User identification and authentication credentials
  • Network authentication services (RADIUS, TACACS+)
  • Enterprise directory services

Auditing Mobile Device Security

  • Mobile device risks
  • Device and data ownership issues and responsibilities
  • Mobile device controls and safeguards
  • End-point security
  • Mobile device management (MDM) / Enterprise mobility management (EMM)

Wrap-Up Summary

Additional Information

Who Should Attend
  • IT Auditors
  • Information Security Managers, Analysts, and Architects and administrators
  • IT Management, IT Architects, Network Engineers
  • Consultants
    Learning Level

    Intermediate

    Delivery

    Group Live or Group Internet-Based

    Field

    Auditing

    Advanced Preparation

    None

    Recommended Prerequisites

    Introduction to IT Auditing (AA01) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.

    Session Duration

    On Site: 1 day

    CPE Credits: 8

Questions? Contact us

Phone: +1 (781) 784-4390
Fax: +1 (781) 705-2327
Email: fill out form below

    [recaptcha size:compact class:captcha]