Certified Information Security Manager (CISM)
Description
Overview
The ISACA Certified Information Security Manager (CISM) certification prep self-study resource helps prepare candidates to sit for the management-focused CISM exam, and strengthens students information security management expertise through in-depth lecture topics, reinforcing demonstrations, and practice exam. The course includes concepts from the four job practice areas of the 2017 CISM certification: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.
Course Outline
- Lesson 1: Explain how a Security Operations Center (SOC) operates and describe the different types of services that are performed from a Tier 1 SOC analyst’s perspective
- Lesson 2: Explain Network Security Monitoring (NSM) tools that are available to the network security analyst
- Lesson 3: Explain the data that is available to the network security analyst
- Lesson 4: Describe the basic concepts and uses of cryptography
- Lesson 5: Describe security flaws in the TCP/IP protocol and how they can be used to attack networks and hosts
- Lesson 6: Understand common endpoint security technologies
- Lesson 7: Understand the kill chain and the diamond models for incident investigations, and the use of exploit kits by threat actors
- Lesson 8: Identify resources for hunting cyber threats
- Lesson 9: Explain the need for event data normalization and event correlation
- Lesson 10: Identify the common attack vectors
- Lesson 11: Identify malicious activities
- Lesson 12: Identify patterns of suspicious behaviors
- Lesson 13: Conduct security incident investigations
- Lesson 14: Explain the use of a typical playbook in the SOC
- Lesson 15: Explain the use of SOC metrics to measure the effectiveness of the SOC
- Lesson 16: Explain the use of a workflow management system and automation to improve the effectiveness of the SOC
- Lesson 17: Describe a typical incident response plan and the functions of a typical Computer Security Incident Response Team (CSIRT)
- Lesson 18: Explain the use of Vocabulary for Event Recording and Incident Sharing (VERIS) to document security incidents in a standard format