AUD507 Auditing Systems, Applications, and the Cloud (GSNA) Course (VoD/PDF/USB)


Price: 25.00 USD | Size: 44.6 GB | (VoD/PDF/USB) | Duration : 26+  Hours | 826 video Lessons | ⭐️⭐️⭐️⭐️⭐️ 4.9




Price: 25.00 USD | Size: 44.6 GB | (VoD/PDF/USB) | Duration : 26+  Hours | 826 video Lessons | ⭐️⭐️⭐️⭐️⭐️ 4.9



AUD507 Auditing Systems, Applications, and the Cloud (GSNA) Course (VOD PDF USB)

Performing IT security audits at the enterprise level can be an overwhelming task. It is difficult to know where to start and which controls should be audited first. Audits often focus on things that are not as important, wasting precious time and resources. Management is left in the dark about the real risk to the organization’s mission. Operations staff can’t use the audit report to reproduce or remediate findings. AUD507 gives the student the tools, techniques and thought processes required to perform meaningful risk assessments and audits. Learn to use risk assessments to recommend which controls should be used and where they should be placed. Know which tools will help you focus your efforts and learn how to automate those tools for maximum effectiveness. 20 Hands-On Exercises


What You Will Learn

This course is organized specifically to provide a risk-driven method for tackling the enormous task of designing an enterprise security validation program, covering systems, applications, and the cloud. After covering a variety of high-level audit issues and general audit best practices, students will have the opportunity to delve into the technical “how-to” for determining the key controls that can be used to provide a high level of assurance to an organization. Real-world examples provide students with tips on how to verify these controls in a repeatable way, as well as many techniques for continuous monitoring and automatic compliance validation. These same real-world examples help the students learn how to be most effective in communicating risk to management and operations staff.

Students will leave the course with the know-how to perform effective tests of enterprise security in a variety of areas including systems, applications, and the cloud. The combination of high-quality course content, provided audit checklists, in-depth discussion of common audit challenges and solutions, and ample opportunities to hone their skills in the lab provides a unique setting for students to learn how to be an effective enterprise auditor.



  • Apply risk-based decision making to the task of auditing enterprise security
  • Understand the different types of controls (e.g., technical vs. non-technical) essential to performing a successful audit
  • Conduct a proper risk assessment of an enterprise to identify vulnerabilities and develop audit priorities
  • Establish a well-secured baseline for computers and networks as a standard to conduct audit against
  • Perform cloud environment audits using automated tools and a repeatable process
  • Audit virtualization hosts and container environments to ensure properly deployment and configuration
  • Utilize vulnerability assessment tools effectively to provide management with the continuous remediation information necessary to make informed decisions about risk and resources
  • Audit a web application’s configuration, authentication, and session management to identify vulnerabilities attackers can exploit
  • Utilize automated tools to audit Windows and Linux systems
  • Audit Active Directory Domains


This course goes beyond simply discussing the tools students could use; we give them the experience to use the tools and techniques effectively to measure and report on the risk in their organizations. AUD507 uses hands-on labs to reinforce the material discussed in class and develop the “muscle memory” needed to perform the required technical tasks during audits. In sections 1-5, students will spend about 25% of their time in lab exercises. The final section of the course is a full-day lab that lets students challenge themselves by solving realistic audit problems using and refining what they have learned in class.

Students learn how to use technical tests to develop the evidence needed to support their findings and recommendations. Each section affords students opportunities to use the tools and techniques discussed in class, with labs designed to simulate real-world enterprise auditing challenges and to allow the students to use appropriate tools and techniques to solve these problems.

  • Section 1: Audit Tool Setup, Network scanning and Continuous Monitoring with Nmap, Network Discovery Scanning with Nessus, Configuring and Using Cloud Provider Tools, Cloud Provider Inventory
  • Section 2: Introduction to PowerShell, Windows System Measurements, Auditing Users, Permissions and Logging, Compliance and Testing at Scale
  • Section 3: Linux System Information and Permissions, File Integrity, Kernel Settings and Services, Linux Logging, Linux System Audits
  • Section 4: VMWare and Kubernetes, Cloud Identity and Access Management, Cloud Infrastructure, Cloud Benchmarks
  • Section 5: Web Auditing with Burp, Server Configuration and Static Analysis, Fuzzing with Burp, Injection Flaws
  • Section 6: Capture the Flag: Audit Essentials, Windows Systems, Windows Domains, Kubernetes, Linux, OSQuery and Fleet, Cloud Services, Web Applications


GIAC Systems and Network Auditor

The GIAC Systems and Network Auditor (GSNA) certification validates a practitioner’s ability to apply basic risk analysis techniques and to conduct technical audits of essential information systems. GSNA certification holders have demonstrated knowledge of network, perimeter, and application auditing as well as risk assessment and reporting.

  • Auditing, risk assessments, and reporting

Network and perimeter auditing and monitoring, web application auditing

  • Auditing and monitoring in windows and Unix environments
    Your Cart
    Your cart is emptyReturn to Shop

    Add to cart