This course prepares the student to take the ISACA Certified Information Security Manager (CISM) certification exam.
Course Outline:
Chapter 1: Introduction
- The CISM Exam
- CISM Exam Objectives
- CISM Certification Exam Objective Map
Chapter 2: Today’s Information Security Manager
- Information Security Objectives
- Role of the Information Security Manager
- Information Security Risks
- Building an Information Security Strategy
- Implementing Security Controls
- Data Protection
- Summary
- Exam Essentials
Chapter 3: Information Security Governance and Compliance
- Governance
- Understanding Policy Documents
- Complying with Laws and Regulations
- Adopting Standard Frameworks
- Security Control Verification and Quality Control
- Summary
- Exam Essentials
Chapter 4: Information Risk Management
- Analyzing Risk
- Risk Treatment and Response
- Risk Analysis
- Disaster Recovery Planning
- Privacy
- Summary
- Exam Essentials
Chapter 5: Cybersecurity Threats
- Exploring Cybersecurity Threats
- Threat Data and Intelligence
- Summary
- Exam Essentials
Chapter 6: Information Security Program Development and Management
- Information Security Programs
- Security Awareness and Training
- Managing the Information Security Team
- Managing the Security Budget
- Integrating Security with Other Business Functions
- Summary
- Exam Essentials
Chapter 7: Security Assessment and Testing
- Vulnerability Management
- Security Vulnerabilities
- Penetration Testing
- Training and Exercises
- Summary
- Exam Essentials
Chapter 8: Cybersecurity Technology
- Endpoint Security
- Network Security
- Cloud Computing Security
- Cryptography
- Code Security
- Identity and Access Management
- Summary
- Exam Essentials
Chapter 9: Incident Response
- Security Incidents
- Phases of Incident Response
- Building the Incident Response Plan
- Creating an Incident Response Team
- Coordination and Information Sharing
- Classifying Incidents
- Conducting Investigations
- Plan Training, Testing, and Evaluation
- Summary
- Exam Essentials
Chapter 10: Business Continuity and Disaster Recovery
- Planning for Business Continuity
- Project Scope and Planning
- Business Impact Analysis
- Continuity Planning
- Plan Approval and Implementation
- The Nature of Disaster
- System Resilience, High Availability, and Fault Tolerance
- Recovery Strategy
- Recovery Plan Development
- Training, Awareness, and Documentation
- Testing and Maintenance
- Summary
- Exam Essentials
Certification(s):
This course prepares the student to take the ISACA Certified Information Security Manager (CISM) certification exam.
