What do you think?
Rate this book
CISA Review Manual
This book prepares candidates testing June 2019 and later. CISA Review Manual, 27th Edition is a comprehensive reference guide designed to help individuals prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor. The manual has been revised according to the 2019 CISA Job Practice and represents the most current, comprehensive, peer-reviewed IS audit, assurance, security and control resource available worldwide. The 27th Edition is organized to assist candidates in understanding essential concepts and studying the CISA 2019 Job Practice Areas. Also included are definitions of terms most commonly found on the exam. This manual is excellent as a stand-alone document for individual study, as a guide or reference for study groups and instructor-led training events, and it can also be used in conjunction with CISA Review Questions, Answers & Explanations Manual, 12th Edition, CISA Review Questions, Answers & Explanations Database - 12 Month Subscription (Available at ISACA.org), CISA Online Review Course (Available at ISACA.org), CISA Virtual or Live Instructor-led Training (Available at ISACA.org)
385 pages, Paperback
First published November 1, 2007
70 people are currently reading
1077 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 23 of 23 reviews
May 31, 2024
Work got me reading this. It’s not as interesting as all the other reviews make out. Tough, tough read. Might just fail the exam it’s better than reading this to be honest
Read
February 27, 2021The official CISA Exam study resource from ISACA. Just for fun, here’s some unusually-named but 100% real cyberattacks that you need to memorize when studying.
“Smurf attack—Occurs when misconfigured network devices allow packets to be sent to all hosts on a particular network via the broadcast address of the network.”
“Teardrop attack—Involves sending mangled IP fragments with overlapping, oversized payloads to the target machine”
“Banana attack—Redirects outgoing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets”
“Pulsing zombie—A DoS attack in which a network is subjected to hostile pinging by different attacker computers over an extended time period. This results in a degraded quality of service and increased workload for the network’s resources.”
“Juice Jacking - Occurs when malware is surreptitiously installed on, or data are copied from, a smart phone, tablet or other device using an often public USB charging port that doubles as a data connection”
“Logic bomb—A program or a section of a program that is triggered when a certain condition, time or event occurs.”
“Pharming - An attack that aims to redirect the traffic of a website to a bogus website. Pharming can be conducted either by changing the host’s file on a victim’s computer or by exploiting a vulnerability in DNS server software.”
“Piggybacking - The act of following an authorized person through a secured door or electronically attaching to an authorized telecommunications link to intercept and possibly alter transmissions.”
“Salami Attack - Involves slicing small amounts of money from a computerized transaction or account.”
“Worms—Destructive programs that may destroy data or use up tremendous computer and communication resources, but worms do not replicate like viruses.”
“Smurf attack—Occurs when misconfigured network devices allow packets to be sent to all hosts on a particular network via the broadcast address of the network.”
“Teardrop attack—Involves sending mangled IP fragments with overlapping, oversized payloads to the target machine”
“Banana attack—Redirects outgoing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets”
“Pulsing zombie—A DoS attack in which a network is subjected to hostile pinging by different attacker computers over an extended time period. This results in a degraded quality of service and increased workload for the network’s resources.”
“Juice Jacking - Occurs when malware is surreptitiously installed on, or data are copied from, a smart phone, tablet or other device using an often public USB charging port that doubles as a data connection”
“Logic bomb—A program or a section of a program that is triggered when a certain condition, time or event occurs.”
“Pharming - An attack that aims to redirect the traffic of a website to a bogus website. Pharming can be conducted either by changing the host’s file on a victim’s computer or by exploiting a vulnerability in DNS server software.”
“Piggybacking - The act of following an authorized person through a secured door or electronically attaching to an authorized telecommunications link to intercept and possibly alter transmissions.”
“Salami Attack - Involves slicing small amounts of money from a computerized transaction or account.”
“Worms—Destructive programs that may destroy data or use up tremendous computer and communication resources, but worms do not replicate like viruses.”
March 8, 2016
This is the only reliable book any one should read for cisa exam..how ever..if the content materials would be written in more interesting way, with some examples, colours and diagrams..it would be more interesting to study.
May 19, 2016
can't recommend enough
April 5, 2021
Pretty dry reading. But can't complain too much when it helped me pass the exam despite having no prior IT experience or education to speak of. Would definitely suggest pairing with the review questions to help in your studies.
September 19, 2017
Good Book For Giving the Cisa exam
February 12, 2018
I want to read the book from goodreads. But it doesn't allow this!!!!! Then what is the function of "goodreads"?
May 1, 2019
Horribly dry. We'll see if it's effective in a few weeks.
November 30, 2021
Lasīju nākamo izdevumu, pēc skaita 27. Tajā ir 987 lappuses.. Obligātā literatūra kursā "MGS 642: IS Auditing".
August 1, 2022
Very dry and boring, especially for a study material.
July 3, 2023
tag yourself i’m the pulsing zombie attack
(really hope i pass this exam)
(really hope i pass this exam)
October 12, 2024
Studiny cisa certificate what made me read this book
December 15, 2024
Should be used to torture enemies of the state. Made me cry constantly
January 18, 2026
Shoutout to Dr. Pascal Bizarro at BGSU
August 1, 2019
This book changed my career. Am a Certified Information Systems Auditor (CISA) now with ISACA. 800 pages of mind-changing chapters.
Am on to the next certification offered by ISACA now. 1,600 pages, here I come!!!!
Am on to the next certification offered by ISACA now. 1,600 pages, here I come!!!!
January 20, 2010
its so amazing!!! sampe bingung mo dipahamin pake cara gimana...wakakakak
jadilah...melayang begitu saja...
jadilah...melayang begitu saja...
February 15, 2014
I passed, so I guess it was good.
Read
November 28, 2016great book
Want to read
July 8, 2017Nice
Want to read
October 23, 2017read
Currently reading
February 5, 2018sdf
Read
April 20, 2019Important for the exam
Displaying 1 - 23 of 23 reviews