Certified Information Security Manager (CISM)

(CISM) / ISBN : 978-1-61691-183-6
This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs (Add-on)
350 Reviews
Get A Free Trial

About This Course

Skills You’ll Get

1

Information Security Governance

  • Security Strategy
  • Information Security Governance framework
  • Integrating security governance into corporate governance
  • Security Policies: standards, procedures, and guidelines
  • Business cases to support investments
  • Internal and external influences on information security strategy
  • Management and other stakeholder commitment
  • Roles and Responsibilities
  • Measuring the effectiveness of the information security strategy
2

Information Risk Management and Compliance

  • Information asset classification
  • Risk management, assessments, vulnerability assessments and threat analyses
  • Risk treatment options
  • Manage risk of noncompliance
  • Information security controls
  • Current and desired risk levels: Gap analysis
  • Monitoring risk
3

Information Security Program Development and Management

  • Alignment of IS program with information security strategy
  • Information security manager's role and responsibilities in alignment
  • Information security frameworks
  • Information security architectures
  • Evaluating the effectiveness and efficiency of the IS program
  • Integrating the IS program with IT processes
  • Integrating the IS program into contracts and activities of third parties
  • Controls and countermeasures
  • Security Program Metrics and Monitoring
4

Information Security Incident Management

  • Organizational definition and severity hierarchy for security incidents
  • Incident response plan
  • Processes for timely identification
  • Testing and review
  • Investigating and documenting information security incidents
  • Integration of incident response plan, disaster recovery plan and business continuity plan
5

Video Tutorials

  • Introduction
  • Information Security Threats, Management, And Protection
  • Security Compliance And Strategy
  • Business Functions And Policies
  • Security Standards, Activities, And Strategy Development
  • Information Security Governance Framework
  • Regulatory Requirements And Liability Management
  • Business Case, Budgetary Reporting Methods And Planning Strategy
  • Organizational Drivers And Their Impacts
  • Commitment To Info Security
  • Management Roles And Responsibilities
  • Reporting And Communicating
  • Risks Assessment
  • Information: Classification, Ownership, And Resource Valuation
  • Baseline And BIAs
  • Risk: Countermeasures, Mitigation Strategies, And Life Cycle
  • Risk: Management And Reporting
  • Information Security Strategies And Programs
  • Security Technologies, Cryptography, And Access Controls
  • Monitoring Tools, Security Programs And Controls
  • Business Assurance Function And SLAs
  • Resources, Services, And Skills
  • Security Architecture, Model, And Deployment
  • Info Security: Policies, Awareness And Training Programs
  • Documentation
  • Organizational Processes
  • Contracts, Joint Ventures, Business Partners And Customers
  • Third Parties, Suppliers, And Subcontractors
  • Info Security Metrics
  • Goals And Methods Of Evaluating Info Security Controls
  • Vulnerability
  • Assessment Tools And Tracking Info Security Awareness Training And Education Programs
  • Evaluation And Management Metrics
  • Data Collection, Reviews, And Measurement
  • Assurance Providers, Line Management, Budgeting, And Staff Management
  • Facilities And Program Resources
  • Security Policy, Administrative Processes, And Procedures
  • Access Control, Access Security Policy Principles, And Identity Management
  • Authentication, Remote Access And User Registration
  • Procurement And Enforcing Policy Standard and Compliance
  • Third Party Relationships
  • SLAs, SDLC, And Security Enforcement
  • Maintenance, Monitoring, And Configuration Management
  • Maintaining Info Security And Due Diligence Activities
  • Info Access, Security Advice, Guidance, And Awareness
  • Stakeholders
  • Testing Info Security Control
  • Noncompliance Issues And Security Baselines
  • Incident Response And Continuity Of Operations
  • Disaster Recovery And Business Continuity Plan
  • Incident Management And Response Plan
  • Processes, Requirements, And Plans
  • Incident Response, Disaster Recovery And Business Continuity Plans
  • Forensics Procedures And Incident Review Process
  • Conclusion

1

Information Risk Management and Compliance

  • Demonstrating Network Mapping and Quarantining a Vulnerable System
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Vulnerability Scanning Using OpenVAS
  • Performing Vulnerability Scanning Using OSSIM
  • Using Social Engineering Techniques to Plan an Attack
2

Information Security Program Development and Management

  • Observing an MD5-Generated Hash Value
  • Observe an SHA-Generated Hash Value
  • Assigning File or Folder Permissions
  • Configuring a Linux Firewall Using Iptables
  • Using the Windows Firewall
  • Configuring User Access Control Settings
  • Scanning Ports Using Metasploit
  • Completing the Chain of Custody
  • Configuring IPSec
  • Using OpenSSL to Create a Public/Private Key Pair
  • Configuring RAID 5
  • Configuring a VPN
  • Configuring the Audit Group Policy 
  • Defending against IP Spoofing
  • Configuring an Extended Access Control List
  • Configuring VLAN
  • Configuring Static NAT
  • Configuring Dynamic NAT
  • Scanning Using nmap
  • Configuring Snort
  • Taking an Incremental Backup
  • Taking a Full Backup
  • Restricting Local Accounts
  • Encrypting Files with EFS
  • Encrypting the Disk
  • Enabling Intrusion Prevention and Detection
  • Exploiting a Website Using SQL Injection
  • Conducting a Cross-Site Request Forgery Attack
  • Performing Session Hijacking Using Burp Suite
  • Performing ARP Spoofing
  • Attacking a Website Using XSS Injection
  • Exploiting Windows 7 Using Metasploit
  • Causing a DarkComet Trojan Infection
  • Conducting a DoS Attack Using a SYN Flood

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Certified Information Security Manager (CISM)

$ 301.71

Buy Now
scroll to top