CISM Certified Information Security Manager All-in-One Exam Guide, Second Edition, 2nd Edition

CHAPTER 8 Incident Management Operations

In this chapter, you will learn about

• The steps of security incident response

• Incident response tools and techniques

• Attorney–client privilege

• Crisis management and communications

• Post incident review and reporting

This chapter covers Certified Information Security Manager (CISM) Domain 4, “Incident Management,” part B, “Incident Management Operations.” The entire Incident Management domain represents 30 percent of the CISM examination.

One Supporting Task in the CISM job practice aligns with the Incident Management / Incident Management Operations domain:

37. Conduct post-incident reviews to facilitate continuous improvement, including root-cause analysis, lessons learned, corrective ...

Get CISM Certified Information Security Manager All-in-One Exam Guide, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISM Certified Information Security Manager All-in-One Exam Guide, Second Edition, 2nd Edition by Peter H. Gregory

CHAPTER 8

Incident Management Operations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly