Atnaujinkite slapukų nuostatas

CISM Certified Information Security Manager All-in-One Exam Guide [Multiple-component retail product]

4.05/5 (85 ratings by Goodreads)
  • Formatas: Multiple-component retail product, 541 pages, aukštis x plotis x storis: 231x185x28 mm, weight: 828 g, Illustrations
  • Išleidimo metai: 06-Jun-2018
  • Leidėjas: McGraw-Hill Education
  • ISBN-10: 1260027031
  • ISBN-13: 9781260027037
Kitos knygos pagal šią temą:
CISM Certified Information Security Manager All-in-One Exam GuideDidesnis paveikslėlis
  • Formatas: Multiple-component retail product, 541 pages, aukštis x plotis x storis: 231x185x28 mm, weight: 828 g, Illustrations
  • Išleidimo metai: 06-Jun-2018
  • Leidėjas: McGraw-Hill Education
  • ISBN-10: 1260027031
  • ISBN-13: 9781260027037
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9781260027037.html
Raktažodžiai:

This effective study guide provides 100% coverage of every topic on the latest version of the CISM exam

Written by an information security executive consultant, experienced author, and university instructor, this highly effective integrated self-study system enables you to take the challenging CISM exam with complete confidence. CISM Certified Information Security Manager All-in-One Exam Guide covers all four exam domains developed by ISACA. You’ll find learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. All questions closely match those on the live test in tone, format, and content. “Note,” “Tip,” and “Caution” sections throughout provide real-world insight and call out potentially harmful situations. Beyond fully preparing you for the exam, the book also serves as a valuable on-the-job reference.

Covers all exam domains, including:

•Information security governance

•Information risk management

•Information security program development and management

•Information security incident management 

Electronic content includes:

•400 practice exam questions

•Test engine that provides full-length practice exams and customizable quizzes by exam topic

•Secured book PDF


Acknowledgments xv
Introduction xvii
Chapter 1 Becoming a GSM
1(16)
Benefits of CISM Certification
2(1)
Becoming a CISM Professional
3(4)
Experience Requirements
4(3)
ISACA Code of Professional Ethics
7(1)
The Certification Exam
7(2)
Exam Preparation
9(3)
Before the Exam
9(2)
Day of the Exam
11(1)
After the Exam
12(1)
Applying for CISM Certification
12(1)
Retaining Your CISM Certification
13(2)
Continuing Education
13(2)
CPE Maintenance Fees
15(1)
Revocation of Certification
15(1)
Summary
16(1)
Chapter 2 Information Security Governance
17(86)
Introduction to Information Security Governance
18(37)
Reason for Security Governance
20(1)
Security Governance Activities and Results
21(1)
Business Alignment
22(2)
Roles and Responsibilities
24(14)
Monitoring Responsibilities
38(1)
Information Security Governance Metrics
38(6)
The Security Balanced Scorecard
44(1)
Business Model for Information Security
44(11)
Security Strategy Development
55(39)
Strategy Objectives
55(1)
Control Frameworks
56(6)
Risk Objectives
62(1)
Strategy Resources
62(13)
Strategy Development
75(15)
Strategy Constraints
90(4)
Chapter Review
94(9)
Notes
96(2)
Questions
98(3)
Answers
101(2)
Chapter 3 Information Risk Management
103(88)
Risk Management Concepts
103(3)
The Importance of Risk Management
104(1)
Outcomes of Risk Management
104(1)
Risk Management Technologies
105(1)
Implementing a Risk Management Program
106(9)
Risk Management Strategy
106(2)
Risk Management Frameworks
108(2)
Risk Management Context
110(1)
Gap Analyses
111(1)
External Support
112(3)
The Risk Management Life Cycle
115(42)
The Risk Management Process
115(2)
Risk Management Methodologies
117(9)
Asset Identification and Valuation
126(2)
Asset Classification
128(6)
Asset Valuation
134(1)
Threat Identification
135(6)
Vulnerability Identification
141(2)
Risk Identification
143(1)
Risk, Likelihood, and Impact
144(2)
Risk Analysis Techniques and Considerations
146(11)
Operational Risk Management
157(24)
Risk Management Objectives
158(3)
Risk Management and Business Continuity Planning
161(1)
Third-Party Risk Management
161(7)
The Risk Register
168(4)
Integration of Risk Management into Other Processes
172(7)
Risk Monitoring and Reporting
179(1)
Key Risk Indicators
179(1)
Training and Awareness
180(1)
Risk Documentation
180(1)
Chapter Review
181(10)
Notes
184(2)
Questions
186(3)
Answers
189(2)
Chapter 4 Information Security Program Development and Management
191(188)
Information Security Programs
192(7)
Outcomes
192(1)
Charter
193(1)
Scope
194(1)
Information Security Management Frameworks
194(1)
Defining a Road Map
195(1)
Information Security Architecture
195(4)
Security Program Management
199(72)
Security Governance
199(4)
Risk Management
203(1)
The Risk Management Program
203(1)
The Risk Management Process
204(9)
Risk Treatment
213(5)
Audits and Reviews
218(18)
Policy Development
236(2)
Third-Party Risk Management
238(13)
Administrative Activities
251(20)
Security Program Operations
271(51)
Event Monitoring
272(1)
Vulnerability Management
273(3)
Secure Engineering and Development
276(2)
Network Protection
278(10)
Endpoint Protection and Management
288(5)
Identity and Access Management
293(3)
Security Incident Management
296(1)
Security Awareness Training
297(4)
Managed Security Services Providers
301(1)
Data Security
302(20)
Business Continuity Planning
322(1)
IT Service Management
322(14)
Service Desk
323(1)
Incident Management
323(1)
Problem Management
324(1)
Change Management
325(2)
Configuration Management
327(1)
Release Management
328(2)
Service-Level Management
330(1)
Financial Management
331(1)
Capacity Management
331(1)
Service Continuity Management
332(1)
Availability Management
332(1)
Asset Management
333(3)
Controls
336(31)
Control Classification
336(4)
Internal Control Objectives
340(1)
Information Systems Control Objectives
340(1)
General Computing Controls
341(1)
Control Frameworks
341(24)
Controls Development
365(2)
Control Assessment
367(1)
Metrics and Monitoring
367(4)
Types of Metrics
368(2)
Audiences
370(1)
Continuous Improvement
371(1)
Chapter Review
371(8)
Notes
373(2)
Questions
375(2)
Answers
377(2)
Chapter 5 Information Security Incident Management
379(96)
Security Incident Response Overview
380(5)
Phases of Incident Response
383(2)
Incident Response Plan Development
385(13)
Objectives
385(1)
Maturity
386(1)
Resources
386(5)
Roles and Responsibilities
391(1)
Gap Analysis
392(1)
Plan Development
392(6)
Responding to Security Incidents
398(8)
Detection
399(1)
Initiation
400(1)
Evaluation
401(2)
Eradication
403(1)
Recovery
404(1)
Remediation
404(1)
Closure
405(1)
Post-incident Review
405(1)
Business Continuity and Disaster Recovery Planning
406(62)
Business Continuity Planning
407(34)
Disaster Recovery Planning
441(21)
Testing BC and DR Plans
462(6)
Chapter Review
468(7)
Notes
469(1)
Questions
470(2)
Answers
472(3)
Appendix About the CD-ROM
475(2)
System Requirements
475(1)
Installing and Running Total Tester Premium Practice Exam Software
475(1)
Total Tester Premium Practice Exam Software
475(1)
Secured Book PDF
476(1)
Technical Support
476(1)
Glossary 477(36)
Index 513
Peter H. Gregory (Seattle, WA), CISA, CRISC, CISSP, CCISO, QSA, CCSK, is a 30-year career technologist and an executive advisor for clients at Optiv Security. He is the author of over 40 books on information security and technology, including CISA Certified Information Systems Auditor All-in-One Exam Guide, Third Edition.