Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Certified Information Security Manager Exam Prep Guide
  • Table Of Contents Toc
Certified Information Security Manager Exam Prep Guide

Certified Information Security Manager Exam Prep Guide - Second Edition

By : Hemang Doshi
4.8 (71)
Buy this Book
close
close
Certified Information Security Manager Exam Prep Guide

Certified Information Security Manager Exam Prep Guide

4.8 (71)
By: Hemang Doshi
Buy this Book

Overview of this book

CISM is a globally recognized and much sought-after certification in the field of IT security. This second edition of the Certified Information Security Manager Exam Prep Guide is up to date with complete coverage of the exam content through comprehensive and exam-oriented explanations of core concepts. Written in a clear, succinct manner, this book covers all four domains of the CISM Review Manual. With this book, you’ll unlock access to a powerful exam-prep platform which includes interactive practice questions, exam tips, and flashcards. The platform perfectly complements the book and even lets you bring your questions directly to the author. This mixed learning approach of exploring key concepts through the book and applying them to answer practice questions online is designed to help build your confidence in acing the CISM certification. By the end of this book, you'll have everything you need to succeed in your information security career and pass the CISM certification exam with this handy, on-the-job desktop reference guide.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
Online Exam-Prep Tools
Icon
Download a free PDF copy of this book
Lock Free Chapter
1
Enterprise Governance
chevron up
Icon
Enterprise Governance
Icon
Importance of Information Security Governance
Icon
Organizational Culture
Icon
Legal, Regulatory, and Contractual Requirements
Icon
Retention of Business Records
Icon
Organizational Structure
Icon
Maturity Model
Icon
Governance of Third-Party Relationships
Icon
Information Security Governance Metrics
Icon
Summary
Icon
Revision Questions
2
Information Security Strategy
Icon
Information Security Strategy
Icon
Information Security Strategy and Plan
Icon
Information Governance Frameworks and Standards
Icon
The IT Balanced Scorecard
Icon
Information Security Programs
Icon
Enterprise Information Security Architecture
Icon
Awareness and Education
Icon
Governance, Risk Management, and Compliance
Icon
Senior Management Commitment
Icon
Business Case and Feasibility Study
Icon
Summary
Icon
Revision Questions
3
Information Risk Assessment
Icon
Information Risk Assessment
Icon
Understanding Risk
Icon
Differentiating Risk Identification, Risk Analysis, and Risk Evaluation
Icon
Differentiating Risk Capacity, Risk Appetite, and Risk Tolerance
Icon
Inherent Risk and Residual Risk
Icon
Phases of Risk Management
Icon
Risk Awareness
Icon
Risk Assessment
Icon
Risk Identification
Icon
Risk Analysis
Icon
Risk Evaluation
Icon
Risk Register
Icon
Emerging Risk and the Threat Landscape
Icon
Vulnerability and Control Deficiency
Icon
Security Baselines
Icon
Summary
4
Information Risk Response
Icon
Information Risk Response
Icon
Risk Treatment/Risk Response Options
Icon
Risk Ownership and Accountability
Icon
Risk Monitoring and Communication
Icon
Implementing Risk Management
Icon
Change Management
Icon
Patch Management
Icon
Operational Risk Management
Icon
Risk Management Integration with Life Cycle
Icon
Summary
Icon
Revision Questions
5
Information Security Program Development
Icon
Information Security Program Development
Icon
Information Security Program Overview
Icon
Information Security Program Resources
Icon
Information Asset Identification and Classification
Icon
Information Asset Valuation
Icon
Industry Standards and Frameworks for Information Security
Icon
Information Security Policies, Procedures, and Guidelines
Icon
Defining an Information Security Program Roadmap
Icon
Information Security Program Metrics
Icon
Summary
Icon
Revision Questions
6
Information Security Program Management
Icon
Information Security Program Management
Icon
Information Security Control Design and Selection
Icon
Security Baseline Controls
Icon
Information Security Awareness and Training
Icon
Management of External Services and Relationships
Icon
Documentation
Icon
Information Security Program Objectives
Icon
Security Budget
Icon
Security Program Management and Administrative Activities
Icon
Privacy Laws
Icon
Cloud Computing
Icon
Summary
Icon
Revision Questions
7
Information Security Infrastructure and Architecture
Icon
Information Security Infrastructure and Architecture
Icon
Information Security Architecture
Icon
Architecture Implementation
Icon
Access Control
Icon
Virtual Private Networks
Icon
Biometrics
Icon
Factors of Authentication
Icon
Wireless Networks
Icon
Different Attack Methods for Information Security
Icon
Summary
Icon
Revision Questions
8
Information Security Monitoring Tools and Techniques
Icon
Information Security Monitoring Tools and Techniques
Icon
Firewall Types and Implementations
Icon
Intrusion Detection Systems and Intrusion Prevention Systems
Icon
Digital Signatures
Icon
Public Key Infrastructure
Icon
Cryptography
Icon
Penetration Testing
Icon
Summary
Icon
Revision Questions
9
Incident Management Readiness
Icon
Incident Management Readiness
Icon
Incident Management and Incident Response Overview
Icon
Incident Management and Incident Response Plans
Icon
Business Continuity and Disaster Recovery Procedures
Icon
Insurance
Icon
Incident Classification/Categorization
Icon
Testing Incident Response, BCP, and DRP
Icon
Summary
Icon
Revision Questions
10
Incident Management Operations
Icon
Incident Management Operations
Icon
Incident Management Tools and Technologies
Icon
Executing Response and Recovery Plans
Icon
Incident Containment Methods
Icon
Incident Response Communications
Icon
Incident Eradication
Icon
Recovery
Icon
Post-Incident Activities and Investigations
Icon
Incident Response Procedures
Icon
Incident Management Metrics and Indicators
Icon
The Current State of Incident Response Capabilities
Icon
Summary
Icon
Revision Questions
11
Answers to Practice Questions
Icon
Chapter 1: Enterprise Governance
Icon
Chapter 2: Information Security Strategy
Icon
Chapter 3: Information Risk Assessment
Icon
Chapter 4: Information Risk Response
Icon
Chapter 5: Information Security Program Development
Icon
Chapter 6: Information Security Program Management
Icon
Chapter 7: Information Security Infrastructure and Architecture
Icon
Chapter 8: Information Security Monitoring Tools and Techniques
Icon
Chapter 9: Incident Management Readiness
Icon
Chapter 10: Incident Management Operations

Enterprise Governance

Accessing the Online Content

With this book, you get unlimited access to web-based CISM exam prep tools which include practice questions, flashcards, exam tips, and more. To unlock the content, you'll need to create an account using your unique sign-up code provided with this book. Refer to the Instructions for Unlocking the Online Content section in the Preface on how to do that.

If you've already created your account using those instructions, visit this link http://packt.link/cismexamguidewebsite or scan the following QR code to quickly open the website. Once there, click the Login link in the top-right corner of the page to access the content using your credentials.

Barcode 2

Governance is an important aspect of the certified information security manager (CISM) exam. In simple terms, governance means a set of policies, procedures, and standards used to monitor and control an activity. Enterprise governance refers to policies, procedures, and standards put in place to monitor an entire organization. Information security governance is a subset of overall enterprise governance, and its objective is to monitor and control activities related to information security.

In this chapter, you will gain an overview of information security governance and understand the impact of good governance on the effectiveness of information security projects.

You will learn about how organizational structure and culture impact information security governance and details about the various roles and responsibilities of the security function. You will also be introduced to the best practices for implementing information security governance.

This chapter will cover the following topics:

  • Importance of Information Security Governance
  • Organizational Culture
  • Legal, Regulatory, and Contractual Requirements
  • Retention of Business Records
  • Organizational Structure
  • Maturity Model
  • Governance of Third-Party Relationships
  • Information Security Governance Metrics
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Certified Information Security Manager Exam Prep Guide
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon