ISACA

CISM Certified Information Security Manager

(CISM.AE1) / ISBN : 9781644593806

This course includes
Lessons
TestPrep
LiveLab

Get hands-on experience in information security with CISM Certified Information Security Manager course and lab. The course contains interactive tools like CISM exam objective-based lessons, test preps, and live labs for a hands-on experience. The lessons have knowledge checks, quizzes, flashcards, and glossary terms to get a detailed understanding of information security. It will be a great source to learn about Information Security Manager, Information Risk Management, Cybersecurity Threats, Incident Responses, and so on.

Here's what you will get

ISACA’s Certified Information Security Manager (CISM) certification is designed for candidates who have technical expertise and experience in IS/IT security and control and who want to make the move from team player to manager. CISM can add credibility and confidence to your interactions with internal and external stakeholders, peers, and regulators. This certification brings credibility to your team and ensures alignment between the organization's information security program and its broader goals and objectives. It validates your team’s commitment to compliance, security, and integrity and increases customer retention.

Lessons

10+ Lessons | 520+ Exercises | 175+ Quizzes | 555+ Flashcards | 455+ Glossary of terms

TestPrep

125+ Pre Assessment Questions | 2+ Full Length Tests | 125+ Post Assessment Questions | 200+ Practice Test Questions

Hand on lab

20+ LiveLab | 20+ Video tutorials | 57+ Minutes

Here's what you will learn

Download Course Outline

  • The CISM Exam
  • CISM Exam Objectives
  • CISM Certification Exam Objective Map

  • Information Security Objectives
  • Role of the Information Security Manager
  • Information Security Risks
  • Building an Information Security Strategy
  • Implementing Security Controls
  • Data Protection
  • Summary
  • Exam Essentials

  • Governance
  • Understanding Policy Documents
  • Complying with Laws and Regulations
  • Adopting Standard Frameworks
  • Security Control Verification and Quality Control
  • Summary
  • Exam Essentials

  • Analyzing Risk
  • Risk Treatment and Response
  • Risk Analysis
  • Disaster Recovery Planning
  • Privacy
  • Summary
  • Exam Essentials

  • Exploring Cybersecurity  Threats
  • Threat Data and Intelligence
  • Summary
  • Exam Essentials

  • Information Security Programs
  • Security Awareness and Training
  • Managing the Information Security Team
  • Managing the Security Budget
  • Integrating Security with Other Business Functions
  • Summary
  • Exam Essentials

  • Vulnerability Management
  • Security Vulnerabilities
  • Penetration  Testing
  • Training and Exercises
  • Summary
  • Exam Essentials

  • Endpoint Security
  • Network Security
  • Cloud Computing Security
  • Cryptography
  • Code Security
  • Identity and Access Management
  • Summary
  • Exam Essentials

  • Security Incidents
  • Phases of Incident Response
  • Building the Incident Response Plan
  • Creating an Incident Response Team
  • Coordination and Information Sharing
  • Classifying Incidents
  • Conducting Investigations
  • Plan Training, Testing, and Evaluation
  • Summary
  • Exam Essentials

  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Analysis
  • Continuity Planning
  • Plan Approval and Implementation
  • The Nature of Disaster
  • System Resilience, High Availability, and Fault Tolerance
  • Recovery Strategy
  • Recovery Plan Development
  • Training, Awareness, and Documentation
  • Testing and Maintenance
  • Summary
  • Exam Essentials

Hands-on LAB Activities

  • Using Nikto
  • Consulting a Vulnerability Database
  • Configuring a Nessus Scan
  • Performing Passive Reconnaissance
  • Performing Active Reconnaissance

  • Simulating the DDoS Attack
  • Enabling Intrusion Detection and Prevention
  • Creating a VPN Connection
  • Implementing Port Security
  • Creating a Virtual LAN
  • Creating a Demilitarized Zone
  • Using Windows Firewall
  • Observing an SHA-Generated Hash Value
  • Observing an MD5-Generated Hash Value
  • Examining Asymmetric Encryption
  • Performing Symmetric Encryption

  • Completing the Chain of Custody

  • Configuring RAID
  • Taking an Incremental Backup
  • Taking a Full Backup

Exam FAQs

Five (5) or more years of experience in information security management. Experience waivers are available for a maximum of two (2) years.

Exam registration fees are based on membership status at the time of exam registration.

  • ISACA Member: US $575
  • ISACA Nonmember: US $760

ISACA

Multiple choice questions

The exam contains 150 questions.

240 minutes

450

(on a scale of 200-800)

Individuals have 4 attempts within a rolling twelve-month period to pass the exam. Those that do not pass on their first attempt are allowed to retake the exam a total of 3 more times within 12 months from the date of the first attempt. Please note that candidates must pay the registration fee in full for each exam attempt.

Usually five years after launch