Auditing A Cybersecurity Program Agenda
Seminar: ID# 1005026
Agenda
Vulnerability Assessment- Assessment components
- Conducting
- Evaluating
Threat Analysis- Assessment components
- Conducting
- Evaluating
Cybersecurity Risk Assessment- Assessment components
- Conducting
- Evaluating
Cybersecurity Program- Assessment components
- Conducting
- Evaluating
Conducting a Cybersecurity Audit Based on the Top 20 Controls Identified in CIS Critical Security Controls V6.1- Inventory authorized and unauthorized devices
- Inventory authorized and unauthorized software
- Secure configurations
- Continuous vulnerability assessment and remediation
- Control use of administrative privileges
- Maintenance, monitoring and analysis of audit logs
- Email and web browser protection
- Malware defenses
- Limitation and control of network ports, protocols and services
- Data recovery capability
- Security configurations for network devices
- Boundary defenses
- Data protection
- Controlled access based on need to know
- Wireless access control
- Account monitoring and control
- Security skills assessment and training
- Application software security
- Incident response and management
- Penetration test and red team exercises