Peltier | Complete Guide to CISM Certification | E-Book | www2.sack.de
E-Book

E-Book, Englisch, 480 Seiten

Peltier Complete Guide to CISM Certification


Erscheinungsjahr 2006
ISBN: 978-1-4200-1325-2
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

E-Book, Englisch, 480 Seiten

ISBN: 978-1-4200-1325-2
Verlag: Taylor & Francis
Format: PDF
 Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

The Certified Information Security Manager®(CISM®) certification program was developed by the Information Systems Audit and Controls Association (ISACA®). It has been designed specifically for experienced information security managers and those who have information security management responsibilities. The Complete Guide to CISM® Certification examines five functional areas—security governance, risk management, information security program management, information security management, and response management. Presenting definitions of roles and responsibilities throughout the organization, this practical guide identifies information security risks. It deals with processes and technical solutions that implement the information security governance framework, focuses on the tasks necessary for the information security manager to effectively manage information security within an organization, and provides a description of various techniques the information security manager can use. The book also covers steps and solutions for responding to an incident. At the end of each key area, a quiz is offered on the materials just presented. Also included is a workbook to a thirty-question final exam. Complete Guide to CISM® Certification describes the tasks performed by information security managers and contains the necessary knowledge to manage, design, and oversee an information security program. With definitions and practical examples, this text is ideal for information security managers, IT auditors, and network and system administrators.

Peltier Complete Guide to CISM Certification jetzt bestellen!

Zielgruppe

Information security managers, IT auditors, and network and system administrators seeking CISM<sup>®</sup> certification.

Autoren/Hrsg.

Peltier, Thomas R.
Peltier, Justin

Fachgebiete

Weitere Infos & Material

Information Security Governance

Functional Area Overview

Introduction

Developing an Information Security Strategy in Support of Business Strategy and Direction

Senior Management Commitment and Support

Definitions of Roles and Responsibilities

Obtaining Senior Management Commitment

Establish Reporting Communications That Support Information

Security Governance Activities

Legal and Regulatory Issues

Establish and Maintain Information Security Policies

Ensure the Development of Procedures and Guidelines

Develop Business Case and Enterprise Value Analysis Support

Summary

Questions

Information Security Risk Management

Functional Area Overview

Introduction

Develop a Systematic and Continuous Risk Management Process

Ensure Risk Identification, Analysis, and Mitigation Activities Are Integrated Into the Life Cycle Process

Apply Risk Identification and Analysis Methods

Define Strategies and Prioritize Options to Mitigate Risks to

Levels Acceptable to the Enterprise

Report Significant Changes in Risk

Knowledge Statements

Summary

Questions

Information Security Program Management

Functional Area Overview

CISM® Mapping

Introduction

The OSI Model

The TCP/IP Model

IP Addressing

Transmission Control Protocol (TCP)

User Datagram Protocol (UDP)

Internet Control Message Protocol (ICMP)

CIA Triad

PPPN

Threats

Controls

Buffer Overflows versus Application Security

Virtual Private Networks (VPNs)

Web Server Security versus Internet Security

Security Testing

Summary

Questions

Information Security Management

Functional Area Overview

Introduction

Information Systems Comply

Ensure the Administrative Procedures for Information Systems Comply with the Enterprise’s Information Security Policy

Ensure Services Outsourced Are Consistent

Measure, Monitor, and Report on the Effectiveness and Efficiency of the Controls and Compliance with Information Security Policies

Ensure That Information Security Is Not Compromised Throughout the Change Management Process

Perform Vulnerability Assessments to Evaluate Effectiveness of Existing Controls

Ensure That Noncompliance Issues and Other Variances are Resolved in a Timely Manner

Information Security Awareness and Education

Summary

Questions

Response Management

Functional Area Overview

CISM Mapping

Introduction

Threat Source Information

Business Continuity Planning and Disaster Recovery Planning

Incident Response

Summary

Questions

Index

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.