book

CISM Certified Information Security Manager Study Guide

by Mike Chapple

May 2022

Intermediate to advanced

432 pages

12h 45m

English

Sybex

Audiobook available

Read now

Unlock full access

The CISM ExamCISM Exam ObjectivesCISM Certification Exam Objective MapAssessment TestAnswers to Assessment Test
Information Security ObjectivesRole of the Information Security ManagerInformation Security RisksBuilding an Information Security StrategyImplementing Security ControlsData ProtectionSummaryExam EssentialsReview Questions
GovernanceUnderstanding Policy DocumentsComplying with Laws and RegulationsAdopting Standard FrameworksSecurity Control Verification and Quality ControlSummaryExam EssentialsReview Questions

Analyzing RiskRisk Treatment and ResponseRisk AnalysisDisaster Recovery PlanningPrivacySummaryExam EssentialsReview Questions
Exploring Cybersecurity ThreatsThreat Data and IntelligenceSummaryExam EssentialsReview Questions
Information Security ProgramsSecurity Awareness and TrainingManaging the Information Security TeamManaging the Security BudgetIntegrating Security with Other Business FunctionsSummaryExam EssentialsReview Questions
Vulnerability ManagementSecurity VulnerabilitiesPenetration TestingTraining and ExercisesSummaryExam EssentialsReview Questions
Endpoint SecurityNetwork SecurityCloud Computing SecurityCryptographyCode SecurityIdentity and Access ManagementSummaryExam EssentialsReview Questions
Security IncidentsPhases of Incident ResponseBuilding the Incident Response PlanCreating an Incident Response TeamCoordination and Information SharingClassifying IncidentsConducting InvestigationsPlan Training, Testing, and EvaluationSummaryExam EssentialsReview Questions
Planning for Business ContinuityProject Scope and PlanningBusiness Impact AnalysisContinuity PlanningPlan Approval and ImplementationThe Nature of DisasterSystem Resilience, High Availability, and Fault ToleranceRecovery StrategyRecovery Plan DevelopmentTraining, Awareness, and DocumentationTesting and MaintenanceSummaryExam EssentialsReview Questions
Chapter 1: Today's Information Security ManagerChapter 2: Information Security Governance and ComplianceChapter 3: Information Risk ManagementChapter 4: Cybersecurity ThreatsChapter 5: Information Security Program Development and ManagementChapter 6: Security Assessment and TestingChapter 7: Cybersecurity TechnologyChapter 8: Incident ResponseChapter 9: Business Continuity and Disaster Recovery

Content preview from CISM Certified Information Security Manager Study Guide

Chapter 3Information Risk Management

THE CERTIFIED INFORMATION SECURITY MANAGER (CISM) DOMAINS AND SUBTOPICS COVERED IN THIS CHAPTER INCLUDE:

Domain 2: Information Risk Management
- A. Information Security Risk Assessment
  - 2A3. Risk Assessment and Analysis
- B. Information Security Risk Response
  - 2B1. Risk Treatment/Risk Response Options
  - 2B2. Risk and Control Ownership
  - 2B3. Risk Monitoring and Reporting
Domain 3: Information Security Program
- A. Information Security Program Development
  - 3A2. Information Asset Identification and Classification

THE CERTIFIED INFORMATION SECURITY MANAGER (CISM) SUPPORTING TASKS COVERED IN THIS CHAPTER INCLUDE:

20. Establish and/or maintain a process for information asset identification and classification. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Certified Information Security Manager CISM Study Guide

Mike Chapple, PhD, CISM

Certified Information Security Manager (CISM)

ACI Learning, Adam Gordon, Chris Ward

Certified Information Security Manager (CISM) Course

Peter H. Gregory

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition

Mike Chapple, James Michael Stewart, Darril Gibson

Publisher Resources

ISBN: 9781119801931Purchase Link