CISA Dec 2016 Study session in Johannesburg

Posted on October 19, 2016

It’s that time of year again when the CISA December exams are looming large. There are just a few weeks left until the exam and if you are writing you should be getting into the thick of things.

It is always much easier studying in a group than trying to do it alone.

A study group has been established in the Gauteng area and EY has been kind enough to provide the venue. The group (currently around 12) are getting together each Saturday morning at the EY offices in Sandton.  The first session was held last Saturday and covered a general intro (slides attached) and going through some questions from the database.

We are getting together each Saturday until the exam day. Message me if you want more details or come meet with us at the EY offices around 9 (for 930 start).

cisa-dec-2016-intro-v1

CISA 2016 Self Assessment Model Answer

Posted on October 13, 2016

If you are writing CISA this year and have completed the self assessment on the ISACA site you will see that although you get a score you dont get to see where you went wrong or the correct answers.

Below is the model answer so you can see what is happening. Thanks to Grant for helping compile this. Around 10 questions have changed from the 2014 version.

http://j-j.co.za/wp-content/uploads/2016/10/CISA-2016-Self-Assessment-Model-Answer.pdf

(apologies for not having clickable link, seems to be issue with my wordpress install I need to resolve)

 

Writing CISA? Save cash by becoming an ISACA member

Posted on February 04, 2016

Over the years I have liaised with many people writing the CISA exam. This can be quite a costly exercise. Many people don’t realise that they can save (a little) cash by becoming an ISACA member before they register for the exam, buy the study guide and Q&A database.

I put together a comparison of the options, as shown below, using South Africa as the example country. Country dues vary from country to country so the saving (or not) needs to be recalculated for your country if you aren’t living in South Africa.  These country membership dues can be found here : http://www.isaca.org/membership/join-isaca/pages/professionals.aspx

what does cisa cost

 

Hope this helps you in your registration process, saves you some money, and gains ISACA a membership. Don’t forget that with the membership comes a whole host of benefits, including access to your local chapter, research materials, the ISACA magazine,  discounts on ISACA material such as COBIT 5 and access to an on-line library.

 

Tips for CISA studies and questions answered

Posted on October 17, 2015

I have recently received a few mails and had a few discussions around tips for the CISA exams (thanks MacVite Chadza, Sunil Nangare and others). During the CISA sessions we held earlier in the year there were a number that covered this, with session 14 explicitly doing so. Go and take a look at this post : Session 14  I would suggest you download the slides from the link and then also watch the YouTube video where we discuss the slides. Finally, download and read Shirish Deshpande & Rafeq’s excellent Tips guide :  tipsforcisaexam

In addition to all of that, a few final comments.

Firstly, try to start preparing at least 3 months ahead of the exam to give yourself sufficient time for each section. I would suggest spending two weeks on each Chapter, and then an extra week or two on those on which you are struggling. Set yourself a specific timetable to ensure you spend the requisite time studying. Take a look at the schedule we included in each week’s slides as an example. Feel free to update your schedule as required, but keep to the general plan. Keeping the discipline when studying alone can be very difficult so try to find one or two (or more) people in your area who are doing the exam and set up a study group. Getting together on a regular basis to discuss progress and issues is a good way of forcing yourself to keep on track.

Try and do all of the questions available. Personally I prefer the on-line questions database. It is configurable to give you what you need at the time you need it, whether you have half an hour here or there, or want to do your questions in an hour or two-hour stretches.  If you are using the Q&A books, try to get all of them, with the supplemental questions. See some further thoughts on this in my answers to the questions below.

A mail I received from Sunil Nangare from India asked some more specific questions which I list below with my suggestestions. Thanks for the feedback and questions Sunil, I hope this helps.

Q1. For Domain 2 , on the segregation of duties matrix,any tips/ short-cuts to remember the matrix .
Further , whether it is important to remember all the roles to identify the SOD or incompatible
functions.

I don’t have a specific trick to learning this table of duties. Personally I struggle to learn things off by heart, I need to understand the concepts and principles in order to be able to remember. For matrices like these, try to understand the job functions that each of these roles should be performing. Understand the principles of which functions should not be done with other functions and why. This can then assist in answering questions on which functions can and can’t be performed together. In practice we also see that many organisations struggle with staff shortages and it necessitates that people double up (or more) on the job functions being performed. Many times this results in incompatible functions being performed. Try and stick to the theory in answering questions on this area rather than base your answers on what you are seeing in practice. Also try to think about what compensating controls could be put in place to allow people to perform what otherwise may be considered conflicting roles.

You will not have to reproduce a table like this, but would most likely get one or two questions on this, either directly or through a case study type questions. So you don’t have to know all the roles in order to be able to list them but could be asked about any of them.

 

Q2. In addition, whether its is a good idea to solve all the questions in the online database after
revision of each chapter or we need to space it out in a sample of 50 questions. Further, what is a
good score from the online database which will give a comfort on the preparedness.

I would do this on a sample basis. Read each chapter, do the revision questions in the Review Manual, do some of the questions from the database, make sure that you read all of the answer explanations regardless of whether you got the answers right or wrong, identify areas where your knowledge is lacking and then revise those in a bit more detail. The online database keeps track of the questions you get wrong so can be used to come back to those.

Q3. If the sample method is to be followed. How do we revise and work upon the questions which have been incorrectly answered.

As above, read all of the explanations for all of the questions, regardless of whether you got them right or wrong. Revise from the Review Manual on those areas where you had a number of incorrect answers. I used the database to first give me “new questions” that I had not previously answered. I would do a few batches of these. Then I would set it to only give me questions I had answered incorrectly the previous time, and work my way through answering these questions again, and hopefully getting them right the second time. If I still got a few wrong I would flag those for extra attention. In doing this, by the time I got to the exam, I had answered every question in the database at least once, and the last time I had answered the question I had answered it correctly.

A number of people suggest using a lot of supplementary material to the Review Manual. I would agree with this, however, only after you have been through the manual at least twice, in detail, and answered all of the review questions. I would suggest extra material (than what is in the review manual) where you are struggling to understand concepts. Areas I have seen people struggle include things like cryptography, networking and firewalls, sampling techniques amongst others.

If you go through the on-line videos I posted on YouTube, or download the PDF’s of the slides, you will see that in some cases there are links to supplementary videos and extra material to download. I would suggest you watch these and download the material. The ISACA CISA glossary of terms is an extremely useful document. Download it and use it throughout your studies. Even print a copy that you can then highlight as you come across each term and flag those you may be struggling with. By the time you have finished your studies you should have used / understood all of the terms.

Should you have any further questions or comments, please feel free to mail me, or to use the comments section below.  Good luck with the studies.

Main Security Challenges with Convergence of IT & OT ISC2 SecureJohannesburg

Posted on October 12, 2015

I had the privilege of presenting at the (ISC)2 SecureJohannesburg event last week on “The Main Security challenges with the convergence of IT & OT”.

The Abstract for the presentation was :

“In critical infrastructure shared across public and private sector organisations, we have seen an increase in interconnections between operational technology (e.g. SCADA, ICS etc.) and information technology.
Previously air-gapped systems which control key processes with potential loss of life consequences when compromised, are now exposed to the organisation’s internal networks and sometimes even the public internet. Most of these systems are managed entirely differently than typical IT assets, and by a distinctly different organisation.
The two top priorities in OT are up-time and safety, making things such as patching and even monitoring much more complicated than in IT. Currently, as with so many matters related to information security, the operational technology security conundrum is too often dismissed as a technical challenge.
This presentation will zoom in on the main organisational and often political challenges that will need to be overcome prior to successfully addressing the technical and process changes required for combining IT and OT in a more unified approach to cyber security.”

Below is the PDF of the presentation. Questions and discussion welcome as always.

ITvsOT

Security and Ethics Presentation to UKZN MBA classes

Posted on August 07, 2015

It has been my pleasure for the last few years to get to present to the UKZN MBA programme students as a guest lecturer. Attached is the PDF’d copy of that presentation.  Thanks to all those who have attended (and are still to attend) for your attention and questions. I always enjoy these discussions primarily for the interaction I get from you the students.

If you have been to a previous incantation of this session take a look for the 2014 / 2015 updates. Some most interesting happenings over the last year or two. Certain some game changing examples of how previously theoretical discussions are starting to manifest in our world.

The presentation can be downloaded here : Security and Ethics August 2015 v21 (no video)

IT Web Security Summit Presentations 2015 (including my co-presented session)

Posted on July 17, 2015

The IT Web Security Summit remains the premier Information Security event in South Africa. I had the privilege of co-presenting with an ex-colleague Mohamed Khan this year on “Practical application of data analysis in information security”. This presentation along with all of the others from the two days are now available on-line on the ITWeb website with the audio recordings. An invaluable resource and highly recommended to all those who couldn’t make it to the summit or want to catch up on a session that they missed.

Day 1 sessions

Day 2 sessions

Direct link to my presentation

Direct link to the audio recording (MP3)

 

Recovering your Hyper V VM after a BIOS upgrade

Posted on June 30, 2015

I recently performed a BIOS upgrade on my Dell Latitude E5540 laptop. This had a couple of unanticipated consequences.

Firstly, Microsoft Bitlocker wouldn’t run – it recognised a hardware change and required the recovery key to be entered before it would proceed. Thankfully I had saved this into OneNote and could access this from my phone.

Secondly, my VM’s would boot in Hyper V. I was getting a message along the lines of : Hyper v failed to restore VM XXX using processor-specific features. The virtual machine ‘<VM Name>’ is using processor-specific features not supported on physical computer ‘<Hyper-V Host>’.

This one stumped me for a while. I googled various options and tried some solutions, including helpful (but unhelpful) ones suggesting that during the BIOS upgrade some BIOS options had been changed and I need to go and change them back. I spent an hour going through all of the options, but for the life of me could not identify any that had changed, and if they had I certainly had no idea.

In desperation I decided to create a new VM, and point it back to the existing virtual disks. This probably would have worked, but in the process of doing this I noticed that in Hyper-V manager if I right clicked on my existing VM there was an option to reset the state. This worked like a charm and the problem was solved, now the VM booted from scratch. Simple really when you know how.

Discussion of 2013 CISA Review Q,A&E sample exam:ISACA CISA Exam (Session 15) live on Hangouts OnAir

Posted on June 09, 2015

On Saturday the study group went through a mock exam, and using the Sample Exam from the 2013 Review Questions, Answers and Explanations Manual. This evening we will be discussing questions and areas which the participants struggled with from the Exam as well as any other areas of concern. Please join us.

This session will be hosted by yours truly, Justin Williams. Top placed candidate in the Dec 2014 exam.

Hangout link : https://plus.google.com/events/c9rkl5fnpaavk2m6n0u66loopsc

Youtube link : http://www.youtube.com/watch?v=TxbIgR6kuOw

 

 

Tips and Techniques for the ISACA CISA Exam (Session 14)

Posted on June 06, 2015

Apologies for the delay in getting up the slides from Tuesday’s session. The video is up on Youtube and you can find it below. I have also uploaded a copy of the very useful guide by Shirish Deshpande & Rafeq. Goodluck to all candidates, hope that things are going well with your studies, and don’t forget to use the CISA discussion forum on the ISACA website if you have any specific challenges.

 


Link to video on Youtube

Download the slides : ITSec CISA Prep June 2015 session 14 2nd June 2015 Exam tips

 

Download Shirish Deshpande & Rafeq’s excellent Tips guide :  tipsforcisaexam

 

The last session before the exam will be next week Tuesday. The video will be broadcast live through hangouts and available on Youtube pretty soon thereafter.

 

 

Facilitated CISA Study Session 19/5/2015 : Chapter 5 Part 2 to be broadcast via Google Hangouts

Posted on May 19, 2015

On 19 May (this afternoon) we are discussing Chapter 5 of the study material. We will be discussing specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

If there are specific questions you might have, please email them through (preferably as a word document or similar) so we can discuss them.  If we don’t get to them all in the session they can be carried forward to the following week or even an additional special sitting considered.

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try to do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

Slides will be made available after the session.

Facilitated CISA Study Session 12/5/2015 : Chapter 5 Part 1 to be broadcast via Google Hangouts

Posted on May 11, 2015

On 12 May we are discussing Chapter 5 of the study material. We will go through a general overview of the Chapter and then be discussing specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

Raniel is going to lead this session provided he has recovered from his illness. If so he will give his insights into Chapters 4 and 5.

If there are specific questions you might have, please email them through (preferably as a word document or similar) so we can discuss them.  If we don’t get to them all in the session they can be carried forward to the following week or even an additional special sitting considered.

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try to do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

Slides will be made available after the session.

ITSec CISA Prep June 2015 session 11 12th May 2015 Chapter 5 pt1

CISA Presentation raniel ch4 ch5

 

For those who missed the last two sessions, they are available on Youtube as follows:

CISA Special Q&A Session (Session 9) public

CISA Chapter 4 Part 2 (Session 10) public

 

Facilitated CISA Study Session 28/4/2015 : Chapter 4 Part 1 to be broadcast via Google Hangouts

Posted on April 28, 2015

This evening we are discussing Chapter 4 of the study material. We will go through a general overview of the Chapter and then be discussing specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding. Raniel was going to lead this afternoon’s session but has taken ill so I (Justin) will lead it. Don’t forget we are also planning to host a question binge discussion session / catch-up on Saturday 2nd May 2015 (the full schedule of the remaining sessions is in the slide deck).

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try to do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 


You can download a copy of tonight’s slides here : ITSec CISA Prep June 2015 session 8 28th April 2015 Chapter 4 pt1

Facilitated CISA Study Session 21/4/2015 : Chapter 3 Part 2 to be broadcast via Google Hangouts

Posted on April 21, 2015

This evening we are discussing Chapter 3 of the study material. We will had an overview last week so if you didn’t catch that please go back and look at last week’s recording. This afternoon we are discussing specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try to do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

You can download a copy of tonight’s slides here : ITSec CISA Prep June 2015 session 7 21st April 2015 Chapter 3 pt2

Facilitated CISA Study Session 14/4/2015 : Chapter 3 Part 1 to be broadcast via Google Hangouts

Posted on April 14, 2015

This evening we are discussing Chapter 3 of the study material. We will have an overview of the content of the chapter and then discuss specific challenges participants may have and also questions from any of the sources that they may have got wrong or are having difficulty understanding.

The sessions from the last few weeks have been reasonably successfully broadcast and recorded on Google Hangouts On Air so we will try and do the same for this afternoon’s session.  If there is something we can improve ahead of the next session please let us know.

Link to the Google Hangout event

Link to Youtube live broadcast

 

 

You can download a copy of tonight’s slides here : ITSec CISA Prep June 2015 session 6 14th April 2015 Chapter 3 pt1.

%d bloggers like this: