Want inspiration and special offers for your development? Sign up to our email alerts here!
Securing and Auditing Your Application Software Infrastructure: Operating Systems, Web Servers and Databases
Computerized applications are critical to the modern business and is both an enabler as well as a risk. Effective audit and IT security programs must ensure that they operate on a robust software infrastructure foundation to improve compliance with the challenging regulatory requirements, and to minimize risks.
This hands-on seminar focuses on:
- Identifying the main software infrastructure building block control points used to design, operate, and secure modern distributed business applications.
- Identify major threats, risks and industry best practice controls associated with different distributed application configuration scenarios.
- Software security best practices and IT audit procedures for important administrative and technical controls including: separation of duties, security baselines, identity management, least privilege, logical access control, change control, configuration management, and software integrity.
Who should attend?
This course is suitable for Internal and external IT auditors performing general controls and application audits. IT Security and compliance professionals needing to perform technical software security audits and risk assessments
Intermediate Audit (ITG241), CISSP, CISA or equivalent knowledge of or experience, especially in the area of logical access controls.
Software Infrastructure Essentials for IT Audit and Security Professionals
• defining and documenting distributed application software architectures: computing models, middleware concepts, software building blocks and infrastructures
• risks to application and infrastructure software…and associated data
• identity and access control management security and audit
• single sign-on authentication risks, security, and audit
• auditing Lightweight Directory Access Protocol (LDAP) directory services
• software configuration management and change control audits
Securing and Auditing Operating Systems and Other System Software
• defining types and roles of system software
• software and user privileged authority risk, safeguards, and audit procedures
• fundamental security controls for operating systems and other system software components
• virtualization (hypervisor) security and audit
• tools and techniques for server operating system audit data collection and analysis: Windows Server, Unix/Linux
Securing and Auditing Web Application Security
• web application building blocks and control points
• web application technology security risks
• web server configuration audit data collection and analysis: Apache, Microsoft IIS
• auditing web application Secure Sockets Layer (SSL) encryption strength and security
• application (middleware) server security audit considerations: ASP.NET, Java
Securing and Auditing Database Management Systems
• Database Management Systems (DBMS) terminology
• security risks associated with DBMS Systems
• Structured Query Language (SQL) concepts and audit utilization
• data dictionary/master catalog as an audit resource
• transaction logs and recoverability
• tools and techniques for DBMS security audit data collection and analysis: SQL Server, Oracle introduction
Degree and diploma etc.
Completion of this course is worth 40 CPE Credits
The cost of this course is $3095 per participant. Request information to learn more!
With offices in London and Boston, MISTI is the global leader in IT audit, audit and information security training. Founded in 1978, MISTI has gained experience through training more than 200,000 delegates across five continents. MISTI has made it their...
Find out more about this Securing and Auditing Your Application Software Infrastructure: Operating Systems, Web Servers and Databases course by simply filling out your details:
LOOKING FOR TRAINING?
findcourses.com offers a free consultancy service to help compare training for you and your team