Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from CISA – Certified Information Systems Auditor Study Guide Aligned with the CISA Review Manual 2019 to help you audit, monitor, and assess information systems

Product type Paperback

Published in Aug 2020

Publisher Packt

ISBN-13 9781838989583

Length 590 pages

Edition 1st Edition

Languages

Python

Tools

Cisco

Concepts

IT Certification

Author (1):

Hemang Doshi

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Information System Auditing Process

2. Audit Planning FREE CHAPTER

3. Audit Execution

4. Section 2: Governance and Management of IT

5. IT Governance

6. IT Management

7. Section 3: Information Systems Acquisition, Development, and Implementation

8. Information Systems Acquisition and Development

9. Information Systems Implementation

10. Section 4: Information System Operations and Business Resilience

11. Information System Operations

12. Business Resilience

13. Section 5: Protection of Information Assets

14. Information Asset Security and Control

15. Network Security and Control

16. Public Key Cryptography and Other Emerging Technologies

17. Security Event Management

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Information system attack methods and techniques

An IS auditor should be aware of the following methods and techniques in relation to information system attacks:

Alteration attack: In this type of attack, the data or code is altered or modified code without authorization. Cryptographic code is used to prevent alteration attacks.

Botnets: Botnets are compromised computers, also known as zombie computers. They are primarily used to run malicious software for DDoS attacks, adware, or spam.

Buffer overflow: A buffer overflow, or buffer overrun, is a common software coding mistake that an attacker could exploit in order to gain access to the system. This error occurs when there is more data in a buffer than it can handle, causing the data to overflow into adjacent storage. Due to this, an attacker gets an opportunity to manipulate the coding errors for malicious actions. A major cause of buffer overflow is poor programming and coding practices.

Denial-of-Service attack (DoS): A DoS attack...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Hemang Doshi

Hemang Doshi has more than 15 years of experience in the field of system audit, IT risk and compliance, internal audit, risk management, information security audit, third-party risk management, and operational risk management. He has authored several books for certification such as CISA, CRISC, CISM, DISA, CEH and enterprise risk management. His books and lectures are sold in more than 175 countries and more than 35 languages. Gratitude To my mother, Jyoti Doshi, and to the memory of my father, Hasmukh Doshi, for their sacrifices and for exemplifying the power of determination. To my wife, Namrata Doshi, for being my loving partner throughout our life journey together, and to my kids Jia and Neev for allowing me to write this book. To my sister, Pooja Shah, my brother-in-law, Hiren Shah, and my nephew, Phenil Shah, for their love, support, and inspiration. To my in-laws, Chandrakant Shah, Bharti Shah, and Ravish Shah, for their love and motivation. To my mentor and guide, Dipak Mazumder, for showing me how talent and creativity evolve.

See other products by Hemang Doshi