This chapter discussed the various aspects of security awareness training and programs, security testing, and monitoring tools and techniques. You also learned how to evaluate incident management policies and practices, and we discussed how to evaluate evidence collection and the forensics process. The following is a recap of the important topics taught in this chapter: • In a social engineering attack, an intruder attempts to obtain sensitive information from users through their social and psychological skills. They manipulate people into divulging confidential information such as passwords. This kind of attack can best be restricted and addressed by educating users through frequent security awareness training. • Digital evidence can be used in legal proceedings provided it has been preserved in its original state. Evidence loses its integrity if the chain of custody is not maintained. • The chain of custody refers to the process of identifying, preserving, analyzing, and presenting evidence in such a manner that it demonstrates the reliability and integrity of the evidence. With this final chapter, you have acquired the skills and knowledge required to pass the CISA exam as well as perform IS audits. It is strongly recommended that you refer to the key aspects mentioned at the end of each topic and practice self-assessment questions in order to excel in the CISA exam.