Certified Information Security Manager Exam Guide: Aligned with the latest edition of the CISM Review Manual to help you pass the CISM exam with confidence
by Hemang Doshi
- Length: 566 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2021-12-09
- ISBN-10: 1801074100
- ISBN-13: 9781801074100
- Sales Rank: #0 (See Top 100 Books)
Pass the Certified Information Security Manager (CISM) exam and implement your organization’s security strategy with ease
Key Features
- Pass the CISM exam confidently with this step-by-step guide
- Explore practical solutions that validate your knowledge and expertise in managing enterprise information security teams
- Enhance your cybersecurity skills with practice questions and mock tests
Book Description
With cyber threats on the rise, IT professionals are now choosing cybersecurity as the next step to boost their career, and holding the relevant certification can prove to be a game-changer in this competitive market. CISM is one of the top-paying and most sought-after certifications by employers.
CISM Certification Guide comprises comprehensive self-study exam content for those who want to achieve CISM certification on the first attempt. This book is a great resource for information security leaders with a pragmatic approach toward challenges related to real-world case scenarios. You’ll learn about the practical aspects of information security governance and information security risk management. As you advance through the chapters, you’ll get to grips with information security program development and management. The book will also help you to gain a clear understanding of the procedural aspects of information security incident management.
By the end of this CISM exam book, you’ll have covered everything needed to pass the CISM certification exam and have a handy, on-the-job desktop reference guide.
What you will learn
- Understand core exam objectives to pass the CISM exam with confidence
- Create and manage your organization’s information security policies and procedures with ease
- Broaden your knowledge of the organization’s security strategy designing
- Manage information risk to an acceptable level based on risk appetite in order to meet organizational goals and objectives
- Find out how to monitor and control incident management procedures
- Discover how to monitor activity relating to data classification and data access
Who This Book Is For
If you are an aspiring information security manager, IT auditor, chief information security officer (CISO), or risk management professional who wants to achieve certification in information security, then this book is for you. A minimum of two years’ experience in the field of information technology is needed to make the most of this book. Experience in IT audit, information security, or related fields will be helpful.
Table of Contents
- Overview of Information Security Governance
- Practical Aspects of Information Security Strategy
- Overview of Risk Management
- Practical Aspects of Information Risk Management
- Procedural Aspects of Information Risk Management
- Overview of Information Security Program Development and Management
- Information Security Infrastructure and Architecture
- Practical Aspects of Information Security Program Development Management
- Information Security Monitoring Tools and Techniques
- Overview of Information Security Incident Management
- Practical Aspects of Information Security Incident Management
Certified Information Security Manager Exam Prep Guide
Contributors
About the author
About the reviewers
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Get in touch
Share your thoughts
Section 1: Information Security Governance
Chapter 1: Information Security Governance
Introducing information security governance
The responsibility of information security governance
Governance framework
Key aspects from the CISM exam perspective
Questions
Understanding governance, risk management, and compliance
Key aspects from the CISM exam perspective
Questions
Discovering the maturity model
Key aspects from the CISM exam perspective
Questions
Getting to know the information security roles and responsibilities
Board of directors
Senior management
Business process owners
Steering committee
Chief information security officer
Chief operating officer
Data custodian
Communication channel
Indicators of a security culture
Key aspects from the CISM exam perspective
Questions
Finding out about the governance of third-party relationships
The culture of an organization
Compliance with laws and regulations
Key aspects from the CISM exam perspective
Questions
Obtaining commitment from senior management
Information security investment
Strategic alignment
Key aspects from the CISM exam perspective
Questions
Introducing the business case and the feasibility study
Feasibility analysis
Key aspects from the CISM exam perspective
Questions
Understanding information security governance metrics
The objective of metrics
Technical metrics vis-à-vis governance-level metrics
Characteristics of effective metrics
Key aspects from the CISM exam perspective
Questions
Summary
Chapter 2: Practical Aspects of Information Security Governance
Information security strategy and plan
Information security policies
Key aspects from the CISM exam perspective
Practice questions
Information security program
Key aspects from the CISM exam perspective
Practice questions
Enterprise information security architecture
Challenges in designing security architectures
Benefits of security architectures
Key aspects from the CISM exam perspective
Practice questions
Organizational structure
Board of directors
Security steering committee
Reporting of the security function
Centralized vis-à-vis decentralized security functioning
Key aspects from the CISM exam perspective
Practice questions
Record retention
Electronic discovery
Key aspects from the CISM exam perspective
Practice questions
Awareness and education
Increasing the effectiveness of security training
Key aspects from the CISM exam perspective
Summary
Section 2: Information Risk Management
Chapter 3: Overview of Information Risk Management
Risk management overview
Phases of risk management
The outcome of the risk management program
Key aspects from the CISM exam's perspective
Questions
Risk management strategy
Risk capacity, appetite, and tolerance
Risk communication
Risk awareness
Tailored awareness program
Training effectiveness
Awareness training for senior management
Key aspects from the CISM exam's perspective
Questions
Implementing risk management
Risk management process
Integrating risk management in business processes
Prioritization of risk response
Defining a risk management framework
Defining the external and internal environment
Determining the risk management context
Gap analysis
Cost-benefit analysis
Other kinds of organizational support
Key aspects from the CISM exam's perspective
Questions
Risk assessment and analysis methodologies
Phases of risk assessment
Risk assessment
Asset identification
Asset valuation
Aggregated and cascading risk
Identifying risk
Threats and vulnerabilities
Risk, likelihood, and impact
Risk register
Risk analysis
Annual loss expectancy
Value at Risk (VaR)
OCTAVE
Other risk analysis methods
Evaluating risk
Risk ranking
Risk ownership and accountability
Risk treatment options
Understanding inherent risk and residual risk
Security baseline
Key aspects from the CISM exam's perspective
Questions
Summary
Chapter 4: Practical Aspects of Information Risk Management
Information asset classification
Benefits of classification
Understanding the steps involved in classification
Success factors for effective classification
Criticality, sensitivity, and impact assessment
Business dependency assessment
Risk analysis
Business interruptions
Key aspects from the CISM exam's perspective
Questions
Asset valuation
Determining the criticality of assets
Key aspects from the CISM exam's perspective
Questions
Operational risk management
Recovery time objective (RTO)
Recovery Point Objective (RPO)
Difference between RTO and RPO
Service delivery objective (SDO)
Maximum tolerable outage (MTO)
Allowable interruption window (AIW)
Questions
Outsourcing and third-party service providers
Evaluation criteria for outsourcing
Steps for outsourcing
Outsourcing – risk reduction options
Provisions for outsourcing contracts
The role of the security manager in monitoring outsourced activities
Service-level agreement
Right to audit clause
Impact of privacy laws on outsourcing
Sub-contracting/fourth party
Compliance responsibility
Key aspects from the CISM exam's perspective
Questions
Risk management integration with the process life cycle
System development life cycle
Key aspects from the CISM exam's perspective
Questions
Summary
Chapter 5: Procedural Aspects of Information Risk Management
Change management
The objective of change management
Approval from the system owner
Regression testing
Involvement of the security team
Preventive control
Key aspects from a CISM exam perspective
Questions
Patch management
Key aspects from a CISM exam perspective
Questions
Security baseline controls
Benefits of a security baseline
Developing a security baseline
Key aspects from a CISM exam perspective
Questions
Risk monitoring and communication
Risk reporting
Key risk indicators
Reporting significant changes in risk
Key aspects from a CISM exam perspective
Questions
Security awareness training and education
Key aspects from a CISM exam perspective
Questions
Documentation
Summary
Section 3: Information Security Program Development Management
Chapter 6: Overview of Information Security Program Development Management
Information security program management overview
Outcomes of an information security program
The starting point of a security program
Information security charter
Support from senior management
Defense in depth
Key aspects from a CISM exam perspective
Questions
Information security program objectives
Key aspects from a CISM exam perspective
Questions
Information security framework components
Framework – success factor
Key aspects from a CISM exam perspective
Questions
Defining an information security program road map
Gap analysis
Value of a security program
Security program integration with another department
Key aspects from a CISM exam perspective
Questions
Policy, standards, and procedures
Reviewing and updating documents
Key aspects from a CISM exam perspective
Questions
Security budget
Key aspects from a CISM exam perspective
Questions
Security program management and administrative activities
Information security team
Acceptable usage policy
Documentation
Project management
Program budgeting
Plan – do – check – act
Security operations
Key aspects from a CISM exam perspective
Questions
Privacy laws
Questions
Summary
Chapter 7: Information Security Infrastructure and Architecture
Information security architecture
Key learning aspects from the CISM exam perspective
Questions
Architecture implementation
Key aspects from the CISM exam perspective
Questions
Access control
Mandatory access control
Discretionary access control
Role-based access control
Degaussing (demagnetizing)
Key aspects from the CISM exam perspective
Questions
Virtual private networks
VPNs – technical aspects
Advantages of VPNs
VPNs – security risks
Virtual desktop infrastructure environment
Key aspects from the CISM exam perspective
Questions
Biometrics
Biometrics – accuracy measure
Biometric sensitivity tuning
Control over the biometric process
Types of biometric attacks
Questions
Factors of authentication
Password management
Key aspects from the CISM exam perspective
Questions
Wireless network
Enabling encryption
Enabling MAC filtering
Disabling the SSID
Disabling DHCP
Common attack methods and techniques for a wireless network
Key aspects from the CISM exam perspective
Questions
Different attack methods
Key aspects from the CISM exam perspective
Questions
Summary
Chapter 8: Practical Aspects of Information Security Program Development Management
Cloud computing
Cloud computing – deployment models
Types of cloud services
Cloud computing – the security manager's role
Key aspects from a CISM exam perspective
Questions
Controls and countermeasures
Countermeasures
General controls and application-level controls
Control categories
Failure mode – fail closed or fail open
Continuous monitoring
Key aspects from a CISM exam perspective
Questions
Penetration testing
Aspects to be covered within the scope of the test
Types of penetration tests
White box testing and black box testing
Risks associated with penetration testing
Key aspects from a CISM exam perspective
Questions
Security program metrics and monitoring
Objective of metrics
Monitoring
Attributes of effective metrics
Information security objectives and metrics
Useful metrics for management
Key aspects from a CISM exam perspective
Questions
Summary
Chapter 9: Information Security Monitoring Tools and Techniques
Firewall types and their implementation
Types of firewalls
Types of firewall implementation
Placing firewalls
Source routing
Firewall and the corresponding OSI layer
Key aspects from the CISM exam's perspective
Questions
IDSes and IPSes
Intrusion detection system
Intrusion prevention system
Difference between IDS and IPS
Honeypots and honeynets
Key aspects from the CISM exam's perspective
Questions
Digital signature
Creating a digital signature
What is a hash or message digest?
Key aspects from the CISM exam's perspective
Questions
Elements of PKI
PKI terminologies
The process of issuing a PKI
CA versus RA
Single point of failure
Functions of RA
Key aspects from the CISM exam's perspective
Questions
Asymmetric encryption
Symmetric encryption vis a vis asymmetric encryption
Encryption keys
Using keys for different objectives
Key aspects from the CISM exam's perspective
Questions
Summary
Section 4: Information Security Incident Management
Chapter 10: Overview of Information Security Incident Manager
Incident management overview
Objectives of incident management
Phases of the incident management life cycle
Incident management, business continuity, and disaster recovery
Incident management and service delivery objective
Maximum tolerable outage (MTO) and allowable interruption window (AIW)
Key aspects from the CISM exam’s perspective
Practice questions
Incident response procedure
The outcome of incident management
The role of the information security manager
Security Information and Event Management (SIEM)
Key aspects from the CISM exam’s perspective
Practice questions
Incident management metrics and indicators
Key performance indicators and key goal indicators
Metrics for incident management
Reporting to senior management
The current state of the incident response capabilities
History of incidents
Threats and vulnerabilities
Threats
Vulnerability
Developing an incident response plan
Elements of an IRP
Gap analysis
Business impact analysis
Escalation process
Help desk/service desk process for identifying incidents
Incident management and response teams
Incident notification process
Challenges in developing an incident management plan
Key aspects from the CISM exam’s perspective
Practice questions
Summary
Chapter 11: Practical Aspects of Information Security Incident Management
Business continuity and disaster recovery procedures
Phases of recovery planning
Recovery sites
Continuity of network services
Insurance
Key aspects from the CISM exam's perspective
Practice questions
Testing incident response, BCP, and DRP
Types of test
Effectiveness of tests
Category of tests
Recovery test metrics
Success criteria for the test
Key aspects from the CISM exam's perspective
Practice questions
Executing response and recovery plans
Key aspects from the CISM exam's perspective
Practice questions
Post-incident activities and investigation
Identifying the root cause and corrective action
Documenting the event
Chain of custody
Key aspects from the CISM exam's perspective
Practice questions
Summary
Why subscribe?
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughtsDonate to keep this site alive
To access the Link, solve the captcha.
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Certified Information Security Manager Exam Guide: Aligned with the latest edition of the CISM Review Manual to help you pass the CISM exam with confidence, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.
