ISACA TT Training Week Course Outline 2013 (final)
1. TRAINING WEEK 2013
COURSE OUTLINE
MAY 13-17 2013
The Carlton Savannah Hotel
Port of Spain, Trinidad, W.I.
2. Training Week 2013.May 13-17 2013.Carlton Savannah.
Page1
FACILITATOR’S BIOGRAPHY
Barry D. Lewis, CISSP, CISM, CGEIT, CRISC is the
President of Cerberus ISC Inc and has over 40 years of
experience in information technology, specializing in
Information Security for the last 30 years. He began work
in the consulting field in 1987 and worked for two major
audit firms before starting joining Cerberus ISC Inc in 1993.
He was awarded the John Kuyers Best Speaker/Conference Contributor Award
in 2008. He is co-author of numerous books, including Computer Security for
Dummies, Teach Yourself Windows 2000 Server in 21 Days and Wireless
Networks for Dummies. His books have been translated into numerous
languages around the world.
Barry lectures and consults world-wide on numerous security topics, including
Windows Active Directory, IT Governance, wireless networking and vulnerability
testing.
3. Training Week 2013.May 13-17 2013.Carlton Savannah.
Page2
HANDS-ON CORPORATE CYBER FORENSICS: 2 DAYS (HANDS-ON)
In this introductory two day session attendees will learn the basic approach to Windows based forensics,
what is involved, how to approach evidence and how to use readily available tools to assist in evidence
gathering.
Attendees will also learn proper forensic approaches, evidence gathering and legal ramifications, although
emphasis will be on internal corporate investigations and not court cases.
SESSION HIGHLIGHTS
Understand how to properly perform an
investigation.
Understand chain of custody
Learn how to create a forensic lab
Hands-on lab environment used for
demonstration & discussion purposes
Detailed discussion of output and results
obtained from each part of the assessment
Listing of reference material for appropriate
techniques and tools
SESSION OBJECTIVES
Participants will be equipped to properly investigate Windows systems and obtain relevant data using
forensically sound investigative techniques and tools.
LAB EXERCISES
Learn how MD5 hashes work by using a
hashing program to verify copies of evidence
Use a physical write blocker to copy a disk
(will be shared among participants)
Participate in evidence seizure following
proper protocols
Create a clean drive using special disk wipe
software
Search for deleted files on a disk
Recover deleted files from Recycler and
elsewhere
Create a forensically sound drive image
Perform a memory dump to collect evidence
Create an Alternate Data Stream to hide a
file
Search for and find an Alternate Data Stream
Change Windows to show Hidden files
Analyze cookies and temporary files
View Explorer cache files using Cache View
Analyze password recovery tools
Review demo based commercial forensic
products.
4. Training Week 2013.May 13-17 2013.Carlton Savannah.
Page3
IT AUDIT FUNDAMENTALS: 2 DAY (SEMINAR)
This two day seminar outlines the key concepts of information technology needed in order to understand
how best to audit the environment. You will learn how to conduct an audit, understand important
frameworks, ensure key security controls are present and ensure business continuity.
You will learn to focus on key risks and controls in such critical areas as user access, network security,
database controls and change management. You will leave the seminar confident in your ability to
understand and audit an enterprise IT system.
SESSION HIGHLIGHTS
Steps for conducting an IT Audit including planning, developing the audit program, fieldwork, wrap-up
and reporting.
Key IT Audit Risks
Audit areas include information security, IT operations, application development, change management,
database and network security.
SESSION OBJECTIVES
Recognize the key steps in an audit
Clearly understand the various technologies in use in today’s enterprises
Understand how to audit databases, operating systems, networks and other key aspects of IT
5. Training Week 2013.May 13-17 2013.Carlton Savannah.
Page4
SOCIAL NETWORKING RISKS & CONTROLS: 1 DAY (SEMINAR)
This session explores the risks and potential controls of social networking tools and will invite discussion on
where the benefits lie and whether risks can be adequately controlled.
The session will also help prepare you to adequately manage that risk.
SESSION HIGHLIGHTS
Review of the various social networking tools available today and their use in a business context.
How can social networking be controlled within a business.
Privacy and security controls and the risks associated in social networking tools.
SESSION OBJECTIVES
Recognize the main social networking sites.
Clearly understand the various uses in the business world.
Understand the risks and assess the possible controls.