Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword or section
Like this
9Activity

Table Of Contents

1 Foreword
2 Certifed Information Security Manager
3 Exam Specifcs
4 Information Security Governance
4.1 Information Security Basics
4.1.1 Business Goals and Objectives
4.1.2 Information Security Concepts
4.1.3 Information Security Strategies
4.2 Information Security Governance
4.2.1 Governance Concepts
4.2.2 Scope and Charter of Governance
4.2.3 Business Function Relationships
4.2.4 Information Security Governance Framework
4.3 Information Security Requirements
4.3.1 Drivers for Information Security
4.3.2 Budget Planning
4.3.3 Regulatory Requirements
4.3.4 Third Party Relationships
4.4 Information Security Preparation
4.4.1 International Standards
4.4.2 Roles and Responsibilities
4.4.3 Information Security Ofcer
Information Security Ofcer
4.4.4 Policies and Objectives
4.4.5 Centralized and Distributed Methods
5 Information Risk Management
5.1 Risk Management
5.1.1 Key Defnitions
5.1.2 Principles and Practices
5.1.3 Controls and Countermeasures
5.2 Information Schemas
5.2.1 Information Classifcation
5.2.2 Information Ownership
5.3 Information Threats and Vulnerabilities
5.3.1 Denial of Service (DoS)
5.3.2 Bufer Overfows
5.3.3 Mobile Code
5.3.4 Malicious Software
5.3.5 Password Crackers
5.3.6 Spoofng/Masquerading
5.3.7 Snifers, Eavesdropping, and Tapping
5.3.8 Emanations
5.3.9 Shoulder Surfng
5.3.10 Object Reuse
5.3.11 Data Remanence
5.3.12 Unauthorized Targeted Data Mining
5.3.13 Dumpster Diving
5.3.14 Backdoors and Trapdoors
5.3.15 Theft
5.3.16 Social Engineering
5.4 Risk Assessments and Analysis
5.4.1 General Process
5.4.2 Qualitative Risk Assessments
5.4.3 Quantitative Risk Assessments
5.4.4 Common Security Measurements
5.4.5 Assessment Methodologies
5.4.6 Baseline Modeling
5.4.7 Gap Analysis
5.4.8 Cost Beneft Analysis
5.4.9 Information Value
6 Information Security Program Development
6.1 Security Program Concepts
6.1.1 Strategies
6.1.2 Program Activities
6.1.3 Managing Implementation
6.2 Security Controls
6.2.1 Control Categories
6.2.2 Administrative Controls
6.2.3 Technical Controls
6.2.4 Access Control Models
6.2.5 Integrity Models
6.2.6 Rainbow Series
6.2.7 Information Technology Security Evaluation Criteria (ITSEC)
6.2.8 Common Criteria
6.3 Security Technologies
6.3.1 Identity Management
6.3.2 Access Control Technologies
6.3.3 Access Control Lists
6.3.4 Types of Access Control
6.3.5 Authentication Devices
6.3.6 Integrated Circuit Cards
6.3.7 Biometrics
6.3.8 Intrusion Detection Systems (IDS)
6.3.9 Cryptography Methods
6.3.10 Cryptography Forms
6.3.11 Access Control Technologies
6.4 IP Security (IPSec)
6.4.1 Authentication Headers and Encapsulating Security Payload
6.4.2 Internet Key Exchange (IKE)
6.4.3 The IKE Process
6.4.4 Methods of Encryption and Integrity
6.4.5 Renegotiating Lifetimes
6.4.6 Subnets and Security Associations
6.5 Security Documentation
6.5.1 Types of Documentation
6.5.2 Security Education
6.6 Compliance
6.6.1 Certifcation and Accreditation
6.6.2 Service Level Agreements
6.6.3 Laws and Standards
6.6.4 1996 National Information Infrastructure Protection Act
6.6.5 President’s Executive Order on Critical Infrastructure Protection
6.6.6 USA Patriot Act of 2001
6.6.7 Homeland Security Act of 2002
6.6.8 Computer Fraud and Abuse Act
6.6.9 Electronic Communications Privacy Act (ECPA)
6.7 Security Monitoring
6.7.1 Change Management
6.7.2 Confguration Management
6.7.3 Information Access Control
6.7.4 Problem Management
6.7.5 Recovery and Continuity Planning
6.7.6 Continuity Planning Process
6.7.7 Information Incident Management
6.7.8 Managing Evidence
6.8 Facilities
6.8.1 Entry Points
6.8.3 Physical Security Implementation
7 Practice Exam
8 Answer Guide
9 References
P. 1
CISM Certified Information Security Manager Certification Exam Preparation Course in a Book for Passing the CISM Exam - The How To Pass on Your First Try Certification Study Guide - Second Edition

CISM Certified Information Security Manager Certification Exam Preparation Course in a Book for Passing the CISM Exam - The How To Pass on Your First Try Certification Study Guide - Second Edition

Ratings: (0)|Views: 2,079|Likes:
Published by Emereo Publishing
CISM certification promotes international practices and provides executive management with assurance that those earning the certificate have the required experience and knowledge to provide effective security management and consulting services.

Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential.

This self-study exam preparation guide for the CISM Certified Information Security Manager certification exam contains everything you need to test yourself and pass the Exam. All Exam topics are covered and insider secrets, complete explanations of all CISM Certified Information Security Manager subjects, test tricks and tips, numerous highly realistic sample questions, and exercises designed to strengthen understanding of CISM Certified Information Security Manager concepts and prepare you for exam success on the first attempt are provided.

Put your knowledge and experience to the test. Achieve CISM certification and accelerate your career.

Can you imagine valuing a book so much that you send the author a "Thank You" letter?

Tens of thousands of people understand why this is a worldwide best-seller. Is it the authors years of experience? The endless hours of ongoing research? The interviews with those who failed the exam, to identify gaps in their knowledge? Or is it the razor-sharp focus on making sure you don't waste a single minute of your time studying any more than you absolutely have to? Actually, it's all of the above.

This book includes new exercises and sample questions never before in print. Offering numerous sample questions, critical time-saving tips plus information available nowhere else, this book will help you pass the CISM Certified Information Security Manager exam on your FIRST try.

Up to speed with the theory? Buy this. Read it. And Pass the CISM Exam.

Considering the increasing number of IT Professionals and their Organizations who want to be actively involved in IT Security Management, this book should do at least as well as the first edition, which is a bestseller.
CISM certification promotes international practices and provides executive management with assurance that those earning the certificate have the required experience and knowledge to provide effective security management and consulting services.

Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential.

This self-study exam preparation guide for the CISM Certified Information Security Manager certification exam contains everything you need to test yourself and pass the Exam. All Exam topics are covered and insider secrets, complete explanations of all CISM Certified Information Security Manager subjects, test tricks and tips, numerous highly realistic sample questions, and exercises designed to strengthen understanding of CISM Certified Information Security Manager concepts and prepare you for exam success on the first attempt are provided.

Put your knowledge and experience to the test. Achieve CISM certification and accelerate your career.

Can you imagine valuing a book so much that you send the author a "Thank You" letter?

Tens of thousands of people understand why this is a worldwide best-seller. Is it the authors years of experience? The endless hours of ongoing research? The interviews with those who failed the exam, to identify gaps in their knowledge? Or is it the razor-sharp focus on making sure you don't waste a single minute of your time studying any more than you absolutely have to? Actually, it's all of the above.

This book includes new exercises and sample questions never before in print. Offering numerous sample questions, critical time-saving tips plus information available nowhere else, this book will help you pass the CISM Certified Information Security Manager exam on your FIRST try.

Up to speed with the theory? Buy this. Read it. And Pass the CISM Exam.

Considering the increasing number of IT Professionals and their Organizations who want to be actively involved in IT Security Management, this book should do at least as well as the first edition, which is a bestseller.

More info:

Published by: Emereo Publishing on Jul 22, 2011
Copyright:Traditional Copyright: All rights reserved
List Price: $29.95

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
Full version available to members
See more
See less

10/31/2014

You're Reading a Free Preview
Pages 4 to 100 are not shown in this preview.
You're Reading a Free Preview
Pages 104 to 132 are not shown in this preview.

Activity (9)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
saryus2012 liked this
Eric Duval liked this
Saurabh Sanand liked this
akbisoi1 liked this
BWETA liked this

You're Reading a Free Preview

Download
scribd