Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial value of cybersecurity.
Explain both low-tech and high-tech methods used to gain access to a company’s networks and databases, the vulnerabilities of information systems, and cybercrime symptoms. Describe the critical role of senior management, acceptable use policies, security procedures, and IT for defense-in-depth.
Describe types and characteristics of fraud, the role of corporate governance, and IT tools to detect fraudulent activities.
Explain general, administrative, and endpoint controls needed to secure information systems, networks, and wireless devices; and to manage risk.
Describe network security measures needed to protect the endpoints or wired and wireless networks and deny unauthenticated access.
Describe the role of the internal control environment in deterring fraud and complying with regulations.
Explain the benefits of business continuity and disaster recovery planning methods and why audits are an important part of control systems.