ISACA has a free glossary of IT, audit, and security terms that is not only helpful in studying for the CISA exam, but is a good reference guide for new and experienced auditors.
Category Archives: Free
If you’ve been wondering how to add a computed field to an existing ACL table, you’re at the right place. I’ll take you through it step-by-step.
In ACL tip: What is a Computed Field?, I defined computed fields and provided 2 examples. I suggest you read that post before you dive into this one.
That post also explains expressions and functions, which you need to understand when creating computed fields. Both that post and this one are long ones, complete with graphics. You might want to print them both out first…
In this post, I’ll show you how to add the c_Region field that is described in the computed field post. It’s not as hard as it looks.
PSPad is a great text editor and search tool, so by default, it’s a great audit tool, and it’s free. It can also handle a million lines of text–literally. Are you interested yet? It is also a great file diff/compare tool I’ve ever seen.
PSPad works with text files, such as those ending in TXT or CSV, or any text-based file (like an ini file). It works with DOC files too.
I’ll explain how to do the following with PSPad:
- Search a file (find all lines containing X)
- List all occurrences/matches of a search term
- Export a list of occurrences
- Compare 2 documents (diff)
- Download & install PSPad
The Taddong Security Blog has a great list of vulnerable web applications you can play with to learn and test your web hacking knowledge and pen-testing tools, handcuffs not included. In other words, you can enter and stay at the playground without going to jail.
Some of them you download and install on your own systems, some of them you run as virtual machines (VMs) or ISOs on your systems, and others are available on the web for your malfeasance pleasure.
If you decide to use it, here’s a couple points to keep in mind:
Free ACL tutorials are available on YouTube, along with a lot of videos with talking heads. The tutorials walk you through how to do a couple tests, but I found the video resolution to be rather poor. Maybe it’s my equipment, maybe it’s the result of a company trying to adapt some tutorials they already have to another delivery method.