Certified Information Security Manager (CISM)
(CISM) / ISBN : 978-1-61691-183-6
This course includes
Interactive Lessons
Gamified TestPrep
Hands-On Labs (Add-on)
350
Reviews
About This Course
Skills You’ll Get
Interactive Lessons
5+ Interactive Lessons | 529+ Exercises | 115+ Quizzes | 107+ Flashcards | 107+ Glossary of terms
Gamified TestPrep
15+ Pre Assessment Questions | 3+ Full Length Tests | 150+ Post Assessment Questions | 450+ Practice Test Questions
Hands-On Labs
39+ LiveLab | 39+ Video tutorials | 52+ Minutes
Video Lessons
347+ Videos | 12:57+ Hours
1
Information Security Governance
- Security Strategy
- Information Security Governance framework
- Integrating security governance into corporate governance
- Security Policies: standards, procedures, and guidelines
- Business cases to support investments
- Internal and external influences on information security strategy
- Management and other stakeholder commitment
- Roles and Responsibilities
- Measuring the effectiveness of the information security strategy
2
Information Risk Management and Compliance
- Information asset classification
- Risk management, assessments, vulnerability assessments and threat analyses
- Risk treatment options
- Manage risk of noncompliance
- Information security controls
- Current and desired risk levels: Gap analysis
- Monitoring risk
3
Information Security Program Development and Management
- Alignment of IS program with information security strategy
- Information security manager's role and responsibilities in alignment
- Information security frameworks
- Information security architectures
- Evaluating the effectiveness and efficiency of the IS program
- Integrating the IS program with IT processes
- Integrating the IS program into contracts and activities of third parties
- Controls and countermeasures
- Security Program Metrics and Monitoring
4
Information Security Incident Management
- Organizational definition and severity hierarchy for security incidents
- Incident response plan
- Processes for timely identification
- Testing and review
- Investigating and documenting information security incidents
- Integration of incident response plan, disaster recovery plan and business continuity plan
5
Video Tutorials
- Introduction
- Information Security Threats, Management, And Protection
- Security Compliance And Strategy
- Business Functions And Policies
- Security Standards, Activities, And Strategy Development
- Information Security Governance Framework
- Regulatory Requirements And Liability Management
- Business Case, Budgetary Reporting Methods And Planning Strategy
- Organizational Drivers And Their Impacts
- Commitment To Info Security
- Management Roles And Responsibilities
- Reporting And Communicating
- Risks Assessment
- Information: Classification, Ownership, And Resource Valuation
- Baseline And BIAs
- Risk: Countermeasures, Mitigation Strategies, And Life Cycle
- Risk: Management And Reporting
- Information Security Strategies And Programs
- Security Technologies, Cryptography, And Access Controls
- Monitoring Tools, Security Programs And Controls
- Business Assurance Function And SLAs
- Resources, Services, And Skills
- Security Architecture, Model, And Deployment
- Info Security: Policies, Awareness And Training Programs
- Documentation
- Organizational Processes
- Contracts, Joint Ventures, Business Partners And Customers
- Third Parties, Suppliers, And Subcontractors
- Info Security Metrics
- Goals And Methods Of Evaluating Info Security Controls
- Vulnerability
- Assessment Tools And Tracking Info Security Awareness Training And Education Programs
- Evaluation And Management Metrics
- Data Collection, Reviews, And Measurement
- Assurance Providers, Line Management, Budgeting, And Staff Management
- Facilities And Program Resources
- Security Policy, Administrative Processes, And Procedures
- Access Control, Access Security Policy Principles, And Identity Management
- Authentication, Remote Access And User Registration
- Procurement And Enforcing Policy Standard and Compliance
- Third Party Relationships
- SLAs, SDLC, And Security Enforcement
- Maintenance, Monitoring, And Configuration Management
- Maintaining Info Security And Due Diligence Activities
- Info Access, Security Advice, Guidance, And Awareness
- Stakeholders
- Testing Info Security Control
- Noncompliance Issues And Security Baselines
- Incident Response And Continuity Of Operations
- Disaster Recovery And Business Continuity Plan
- Incident Management And Response Plan
- Processes, Requirements, And Plans
- Incident Response, Disaster Recovery And Business Continuity Plans
- Forensics Procedures And Incident Review Process
- Conclusion
1
Information Risk Management and Compliance
- Demonstrating Network Mapping and Quarantining a Vulnerable System
- Conducting Vulnerability Scanning Using Nessus
- Performing Vulnerability Scanning Using OpenVAS
- Performing Vulnerability Scanning Using OSSIM
- Using Social Engineering Techniques to Plan an Attack
2
Information Security Program Development and Management
- Observing an MD5-Generated Hash Value
- Observe an SHA-Generated Hash Value
- Assigning File or Folder Permissions
- Configuring a Linux Firewall Using Iptables
- Using the Windows Firewall
- Configuring User Access Control Settings
- Scanning Ports Using Metasploit
- Completing the Chain of Custody
- Configuring IPSec
- Using OpenSSL to Create a Public/Private Key Pair
- Configuring RAID 5
- Configuring a VPN
- Configuring the Audit Group Policy
- Defending against IP Spoofing
- Configuring an Extended Access Control List
- Configuring VLAN
- Configuring Static NAT
- Configuring Dynamic NAT
- Scanning Using nmap
- Configuring Snort
- Taking an Incremental Backup
- Taking a Full Backup
- Restricting Local Accounts
- Encrypting Files with EFS
- Encrypting the Disk
- Enabling Intrusion Prevention and Detection
- Exploiting a Website Using SQL Injection
- Conducting a Cross-Site Request Forgery Attack
- Performing Session Hijacking Using Burp Suite
- Performing ARP Spoofing
- Attacking a Website Using XSS Injection
- Exploiting Windows 7 Using Metasploit
- Causing a DarkComet Trojan Infection
- Conducting a DoS Attack Using a SYN Flood
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us Now