Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from CISA – Certified Information Systems Auditor Study Guide Aligned with the CISA Review Manual 2019 to help you audit, monitor, and assess information systems

Product type Paperback

Published in Aug 2020

Publisher Packt

ISBN-13 9781838989583

Length 590 pages

Edition 1st Edition

Languages

Python

Tools

Cisco

Concepts

IT Certification

Author (1):

Hemang Doshi

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Information System Auditing Process

2. Audit Planning FREE CHAPTER

3. Audit Execution

4. Section 2: Governance and Management of IT

5. IT Governance

6. IT Management

7. Section 3: Information Systems Acquisition, Development, and Implementation

8. Information Systems Acquisition and Development

9. Information Systems Implementation

10. Section 4: Information System Operations and Business Resilience

11. Information System Operations

12. Business Resilience

13. Section 5: Protection of Information Assets

14. Information Asset Security and Control

15. Network Security and Control

16. Public Key Cryptography and Other Emerging Technologies

17. Security Event Management

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Email security

In this digital world, email is a widely used mode of official communication for both internal and external communication. A lot of critical and sensitive information is shared through email. It is very important to secure email communication.

The following are some email-related risks and controls:

Relying only on SMTP is not relatively secure as email security requires an end-to-end method, such as the use of digital signatures or the use of integrity checks at the transport level.

Social engineering attacks such as phishing and spear phishing can be addressed through security awareness training of employees.
Email attachments should be scanned by anti-malware software.
Users should be trained on the security aspect of using email.
Mail servers should be properly hardened and configured as per the organization's security policy and guidelines.
The implementation of encryption technologies to protect user authentication and mail data should be considered.
The use...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Hemang Doshi

Hemang Doshi has more than 15 years of experience in the field of system audit, IT risk and compliance, internal audit, risk management, information security audit, third-party risk management, and operational risk management. He has authored several books for certification such as CISA, CRISC, CISM, DISA, CEH and enterprise risk management. His books and lectures are sold in more than 175 countries and more than 35 languages. Gratitude To my mother, Jyoti Doshi, and to the memory of my father, Hasmukh Doshi, for their sacrifices and for exemplifying the power of determination. To my wife, Namrata Doshi, for being my loving partner throughout our life journey together, and to my kids Jia and Neev for allowing me to write this book. To my sister, Pooja Shah, my brother-in-law, Hiren Shah, and my nephew, Phenil Shah, for their love, support, and inspiration. To my in-laws, Chandrakant Shah, Bharti Shah, and Ravish Shah, for their love and motivation. To my mentor and guide, Dipak Mazumder, for showing me how talent and creativity evolve.

See other products by Hemang Doshi