To receive updates and new releases subscribe today.
CISM Training - Certified Information Security Manager
 Instructor
Course Outline
|
  Online Delivery
$795
$695
DVD-ROM Delivery
$795
$695
|
COURSE OVERVIEW
The CISM certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. CISM is globally recognized as the leading credential for information security managers.
Our CISM Certified Information Security Manager course provides the student with the knowledge and proficiency to prepare for the globally recognized CISM 2011 certification exam. The CISM certification combines the achievement of passing a comprehensive exam with recognition of work, management and educational experience, providing you with greater credibility in the marketplace. This course will immerse the student into the subject, with in-depth coverage of the information covering the five domains that make up the "Body of Knowledge" for the CISM 2011 exam and will provide the student the tools to build their technical skills to manage, design, oversee and assess an enterprise's information security.
PACKAGE INCLUDES
- Online Training Access or 3 DVD-ROMs Featuring live instructor-led classroom sessions with full audio, video and demonstration components
- Printable Courseware
- Exclusive LearningZone Live Mentor Click for Details (Value at $295) Help whenever you need it! Exclusive LearningZone - Why wait for email support? Chat Live with our Certified Instructors anytime around the clock (24/7)
- Exclusive Exam Pass Guarantee
- Free 1 Year Upgrade Policy
YOUR INSTRUCTOR
Kenneth Mayer - Certified CEH Trainer (CCSI, MCT, CCNP, CCDA) Ken Mayer is a Microsoft Certified Trainer as well as a Certified Ethical Hacker Trainer and Security consultant. He started his career in computer technology in 1980s. He has offered a wide variety of IT training and high Chapter consulting projects for Fortune 500 companies across the United States and Western Europe. He has achieved the Certified Cisco Systems Instructor certification. The CCSI certification involved a two-day lab and observation event held on Cisco in Paris, France Facility. This gave Ken the accreditation to be able to deliver Cisco Authorized Courses as a CCSI. He has taught the full line of Cisco CCNA, CCDA, CCNP, CCDP and CCIP course curriculums, including Cisco's security appliances such as PIX and IDS.
FEATURES
-
Main Menu
The organized and effective structure enables users to browse through hours of comprehensive content rapidly and with ease. -
PowerPoint
PowerPoint presentations improve instruction by displaying all types of information for users. They can better comprehend material by viewing graphs, definitions, charts, etc. -
Exclusive Learning Zone
Train anywhere in the world at any time. Certified online instructors are situated at international support centers in the United States, United Kingdom, Australia, and Singapore to offer support and answer technology-related questions 24 hours a day. In other words, no matter where you live, you can communicate with specialists at any time. This level of interaction between instructors and students makes it possible for students to get answers to specific questions at their convenience. -
Controls
Move ahead, review, or repeat previous topics and sections. A progress bar monitors progress as you complete exercises. -
Full Motion Video
Every course offers full-motion videos of classroom instruction. It's as if you're sitting in a classroom. Our one of a kind delivery mimics a one-on-one classroom setting for more personalized educational experiences. -
Study Guides
Users can print entire course study guides, permitting them to view and review course material at their convenience. -
Review Exercises
Every section contains a review quiz to assist and enhance learning by testing whether students comprehend course concepts before moving forward. -
Resume
Every course resumes where you finished during the previous session in case you forget where you stopped. -
Live Demonstrations
Instructors provide live and "hands on" demonstrations to explain and show users how to complete tasks. This enables users to witness professionals perform everyday tasks in real world settings as often as they like. -
Certificate of Completion
We are internationally recognized for our technology-centered IT training programs. Once you finish a program, you'll receive a Certificate of Completion.
COURSE OUTLINE
Domain 01 - Information Security Governance
Lesson 1: Information Security Governance Overview
Information Security Governance Overview
Importance of Information Security Governance
Outcomes of Information Security Governance
Lesson 2: Effective Information Security Governance
Business Goals and Objectives
Roles and Responsibilities of Senior Management
Governance, Risk Management and Compliance
Business Model for Information Security
Dynamic Interconnections
Lesson 3: Information Security Concepts and Technologies
Information Security Concepts and Technologies
Technologies
Lesson 4: Information Security Manager
Responsibilities
Senior Management Commitment
Obtaining Senior Management Commitment
Establishing Reporting and Communication Channels
Lesson 5: Scope and Charter of Information Security Governance
Assurance Process Integration and Convergence
Convergence
Governance and Third-Party Relationships
Lesson 6: Information Security Governance Metrics
Metrics
Effective Security Metrics
Security Implementation Metrics
Strategic Alignment
Risk Management
Value Delivery
Resource Management
Performance Measurement
Assurance Process Integration/Convergence
Lesson 7: Information Security Strategy Overview
Another View of Strategy
Lesson 8: Creating Information Security Strategy
Information Security Strategy
Common Pitfalls
Objectives of the Information Security Strategy
What is the Goal?
Defining Objectives
Business Linkages
Business Case Development
Business Case Objectives
The Desired State
COBIT
COBIT Controls
COBIT Framework
Capability Maturity Model
Balanced Scorecard
Architectural Approaches
ISO/IEC 27001 and 27002
Risk Objectives
Lesson 9: Determining Current State Of Security
Current Risk
BIA
Lesson 10: Information Security Strategy Development
Elements of a Strategy
The Roadmap
Strategy Resources and Constraints
Lesson 11: Strategy Resources
Policies and Standards
Definitions
Enterprise Information Security Architectures
Controls
Countermeasures
Technologies
Personnel
Organizational Structure
Employee Roles and Responsibilities
Skills
Audits
Compliance Enforcement
Threat Assessment
Vulnerability Assessment
Risk Assessment
Insurance
Business Impact Assessment
Outsourced Security Providers
Lesson 12: Strategy Constraints
Legal and Regulatory Requirements
Physical Constraints
The Security Strategy
Lesson 13: Action Plan to Implement Strategy
Gap Analysis
Policy Development
Standards Development
Training and Awareness
Action Plan Metrics
General Metric Considerations
CMM4 Statements
Objectives for CMM4
Domain 01 Review
Information Security Governance Overview
Importance of Information Security Governance
Outcomes of Information Security Governance
Lesson 2: Effective Information Security Governance
Business Goals and Objectives
Roles and Responsibilities of Senior Management
Governance, Risk Management and Compliance
Business Model for Information Security
Dynamic Interconnections
Lesson 3: Information Security Concepts and Technologies
Information Security Concepts and Technologies
Technologies
Lesson 4: Information Security Manager
Responsibilities
Senior Management Commitment
Obtaining Senior Management Commitment
Establishing Reporting and Communication Channels
Lesson 5: Scope and Charter of Information Security Governance
Assurance Process Integration and Convergence
Convergence
Governance and Third-Party Relationships
Lesson 6: Information Security Governance Metrics
Metrics
Effective Security Metrics
Security Implementation Metrics
Strategic Alignment
Risk Management
Value Delivery
Resource Management
Performance Measurement
Assurance Process Integration/Convergence
Lesson 7: Information Security Strategy Overview
Another View of Strategy
Lesson 8: Creating Information Security Strategy
Information Security Strategy
Common Pitfalls
Objectives of the Information Security Strategy
What is the Goal?
Defining Objectives
Business Linkages
Business Case Development
Business Case Objectives
The Desired State
COBIT
COBIT Controls
COBIT Framework
Capability Maturity Model
Balanced Scorecard
Architectural Approaches
ISO/IEC 27001 and 27002
Risk Objectives
Lesson 9: Determining Current State Of Security
Current Risk
BIA
Lesson 10: Information Security Strategy Development
Elements of a Strategy
The Roadmap
Strategy Resources and Constraints
Lesson 11: Strategy Resources
Policies and Standards
Definitions
Enterprise Information Security Architectures
Controls
Countermeasures
Technologies
Personnel
Organizational Structure
Employee Roles and Responsibilities
Skills
Audits
Compliance Enforcement
Threat Assessment
Vulnerability Assessment
Risk Assessment
Insurance
Business Impact Assessment
Outsourced Security Providers
Lesson 12: Strategy Constraints
Legal and Regulatory Requirements
Physical Constraints
The Security Strategy
Lesson 13: Action Plan to Implement Strategy
Gap Analysis
Policy Development
Standards Development
Training and Awareness
Action Plan Metrics
General Metric Considerations
CMM4 Statements
Objectives for CMM4
Domain 01 Review
Domain 02 - Information Risk Management
Lesson 1: Risk Management Overview
Types of Risk Analysis
The Importance of Risk Management
Risk Management Outcomes
Risk Management Strategy
Lesson 2: Good Information Security Risk Management
Context and Purpose
Scope and Charter
Assets
Other Risk Management Goals
Roles and Responsibilities
Lesson 3: Information Security Risk Management Concepts
Technologies
Lesson 4: Implementing Risk Management
The Risk Management Framework
The External Environment
The Internal Environment
The Risk Management Context
Risk Analysis
Lesson 5: Risk Assessment
NIST Risk Assessment Methodology
Aggregated or Cascading Risk
Other Risk Assessment Approaches
Identification of Risks
Threats
Vulnerabilities
Risks
Analysis of Relevant Risks
Risk Analysis
Semi-Quantitative Analysis
Quantitative Analysis Example
Evaluation of Risks
Risk Treatment Options
Impact
Lesson 6: Controls Countermeasures
Controls
Residual Risk
Information Resource Valuation
Methods of Valuing Assets
Information Asset Classification
Determining Classification
Impact
Lesson 7: Recovery Time Objectives
Recovery Point Objectives
Service Delivery Objectives
Third-Party Service Providers
Working with Lifecycle Processes
IT System Development
Project Management
Lesson 8: Risk Monitoring and Communication
Risk Monitoring and Communication
Other Communications
Domain 02 Review
Types of Risk Analysis
The Importance of Risk Management
Risk Management Outcomes
Risk Management Strategy
Lesson 2: Good Information Security Risk Management
Context and Purpose
Scope and Charter
Assets
Other Risk Management Goals
Roles and Responsibilities
Lesson 3: Information Security Risk Management Concepts
Technologies
Lesson 4: Implementing Risk Management
The Risk Management Framework
The External Environment
The Internal Environment
The Risk Management Context
Risk Analysis
Lesson 5: Risk Assessment
NIST Risk Assessment Methodology
Aggregated or Cascading Risk
Other Risk Assessment Approaches
Identification of Risks
Threats
Vulnerabilities
Risks
Analysis of Relevant Risks
Risk Analysis
Semi-Quantitative Analysis
Quantitative Analysis Example
Evaluation of Risks
Risk Treatment Options
Impact
Lesson 6: Controls Countermeasures
Controls
Residual Risk
Information Resource Valuation
Methods of Valuing Assets
Information Asset Classification
Determining Classification
Impact
Lesson 7: Recovery Time Objectives
Recovery Point Objectives
Service Delivery Objectives
Third-Party Service Providers
Working with Lifecycle Processes
IT System Development
Project Management
Lesson 8: Risk Monitoring and Communication
Risk Monitoring and Communication
Other Communications
Domain 02 Review
Domain 03 - Information Security Program Development
Lesson 1: Development of Information Security Program
Importance of the Program
Outcomes of Security Program Development
Effective Information Security Program Development
Cross Organizational Responsibilities
Lesson 2: Information Security Program Development Concepts
Technology Resources
Information Security Manager
Lesson 3: Scope and Charter of Information Security Program Development
Assurance Function Integration
Challenges in Developing Information Security Program
Pitfalls
Objectives of the Security Program
Program Goals
The Steps of the Security Program
Defining the Roadmap
Elements of the Roadmap
Gap Analysis
Lesson 4: Information Security Program Resources
Resources
Documentation
Enterprise Architecture
Controls as Strategy Implementation Resources
Common Control Practices
Countermeasures
Technologies
Personnel
Security Awareness
Awareness Topics
Formal Audits
Compliance Enforcement
Project Risk Analysis
Other Actions
Other Organizational Support
Program Budgeting
Lesson 5: Implementing an Information Security Program
Policy Compliance
Standards Compliance
Training and Education
ISACA Control Objectives
Third-party Service Providers
Integration into Lifecycle Processes
Monitoring and Communication
Documentation
The Plan of Action
Lesson 6: Information Infrastructure and Architecture
Managing Complexity
Objectives of Information Security Architectures
Physical and Environmental Controls
Lesson 7: Information Security Program
Information Security Program Deployment Metrics
Metrics
Strategic Alignment
Risk Management
Value Delivery
Resource Management
Assurance Process Integration
Performance Measurement
Security Baselines
Domain 03 Review
Importance of the Program
Outcomes of Security Program Development
Effective Information Security Program Development
Cross Organizational Responsibilities
Lesson 2: Information Security Program Development Concepts
Technology Resources
Information Security Manager
Lesson 3: Scope and Charter of Information Security Program Development
Assurance Function Integration
Challenges in Developing Information Security Program
Pitfalls
Objectives of the Security Program
Program Goals
The Steps of the Security Program
Defining the Roadmap
Elements of the Roadmap
Gap Analysis
Lesson 4: Information Security Program Resources
Resources
Documentation
Enterprise Architecture
Controls as Strategy Implementation Resources
Common Control Practices
Countermeasures
Technologies
Personnel
Security Awareness
Awareness Topics
Formal Audits
Compliance Enforcement
Project Risk Analysis
Other Actions
Other Organizational Support
Program Budgeting
Lesson 5: Implementing an Information Security Program
Policy Compliance
Standards Compliance
Training and Education
ISACA Control Objectives
Third-party Service Providers
Integration into Lifecycle Processes
Monitoring and Communication
Documentation
The Plan of Action
Lesson 6: Information Infrastructure and Architecture
Managing Complexity
Objectives of Information Security Architectures
Physical and Environmental Controls
Lesson 7: Information Security Program
Information Security Program Deployment Metrics
Metrics
Strategic Alignment
Risk Management
Value Delivery
Resource Management
Assurance Process Integration
Performance Measurement
Security Baselines
Domain 03 Review
Domain 04 - Information Security Program Management
Lesson 1: Information Security Management Overview
Importance of Security Management
Outcomes of Effective Security Management
Risk Management
Value Delivery
Business Process Assurance
Lesson 2: Organizational Roles and Responsibilities
Information Security Manager Responsibilities
Risk Management Responsibilities
Technology Competencies
Management and Administrative Responsibilities
Board of Directors
Executive Management
Security Steering Committee
Information Technology Unit
Business Unit Manager
Other Business Units
Lesson 3: The Framework for Information Security Management
Technical Components
Operational Components of Security
Management Components of Security
The Administration Components of Security
Other Components
Lesson 4: Measuring Performance
Measuring Risk and Loss
Metrics for Organizational Objectives
Determining Compliance
Measuring Productivity
Other Metrics
Lesson 5: Challenges Facing Information Security
What Is the State of Security Management
The State of Information Security Management
Lesson 6: Resources
Control Best Practices
Control Countermeasures
Other Control Countermeasures
Lesson 7: Other Management Considerations
Implementation of the Security Program Management
Management Metrics and Monitoring
Other Security Monitoring Efforts
The Lifecycle Process
Other Aspects of Monitoring
What Should Be Done About Noncompliance Issues
Domain 04 Review
Importance of Security Management
Outcomes of Effective Security Management
Risk Management
Value Delivery
Business Process Assurance
Lesson 2: Organizational Roles and Responsibilities
Information Security Manager Responsibilities
Risk Management Responsibilities
Technology Competencies
Management and Administrative Responsibilities
Board of Directors
Executive Management
Security Steering Committee
Information Technology Unit
Business Unit Manager
Other Business Units
Lesson 3: The Framework for Information Security Management
Technical Components
Operational Components of Security
Management Components of Security
The Administration Components of Security
Other Components
Lesson 4: Measuring Performance
Measuring Risk and Loss
Metrics for Organizational Objectives
Determining Compliance
Measuring Productivity
Other Metrics
Lesson 5: Challenges Facing Information Security
What Is the State of Security Management
The State of Information Security Management
Lesson 6: Resources
Control Best Practices
Control Countermeasures
Other Control Countermeasures
Lesson 7: Other Management Considerations
Implementation of the Security Program Management
Management Metrics and Monitoring
Other Security Monitoring Efforts
The Lifecycle Process
Other Aspects of Monitoring
What Should Be Done About Noncompliance Issues
Domain 04 Review
Domain 05 - Incident Management and Response
Lesson 1: Responding to the Incident Overview
Responding to the Incident Overview
Response and Management
Incident Response Planning
Importance of Incident Response
Outcomes of the IRP
Lesson 2: Incident Management Concepts
Software Engineering Institute Definitions
Technologies of Incident Response
Incident Management Charter
Lesson 3: The Incident Response Manager
The Objectives of Incident Management
Monitoring and Measuring Incident Management
Alignment
Integration
Other Incident Management Considerations
Lesson 4: What Are Good Incident Management Procedures
The Difficulties of Creating an Incident Management Plan
Lesson 5: Resources for Incident Management
Human Resources
Incident Response Team Organization
IRT Roles and Responsibilities
IRT Roles
IRT Skills
BIA
IRT Capability
Combining the BIA with the IRT
Creating the Incident Response Plan
Response and Recovery Plans
Goals of Recovery Operations
Choosing a Site Selection
Implementing the Strategy
Incident Management Response Teams
Network Service High-availability
Storage High-availability
Risk Transference
Other Response Recovery Plan Options
Lesson 6: Testing Response and Recovery Plans
Periodic Testing
Analyzing Test Results
Measuring the Test Results
Lesson 7: Executing the Plan
Updating the Plan
Intrusion Detection Policies
Who to Notify about an Incident
Recovery Operations
Other Recovery Operations
Forensic Investigation
Hacker / Penetration Methodology
Demo - Vulnerability Scan
Domain 05 Review
Course Closure
Responding to the Incident Overview
Response and Management
Incident Response Planning
Importance of Incident Response
Outcomes of the IRP
Lesson 2: Incident Management Concepts
Software Engineering Institute Definitions
Technologies of Incident Response
Incident Management Charter
Lesson 3: The Incident Response Manager
The Objectives of Incident Management
Monitoring and Measuring Incident Management
Alignment
Integration
Other Incident Management Considerations
Lesson 4: What Are Good Incident Management Procedures
The Difficulties of Creating an Incident Management Plan
Lesson 5: Resources for Incident Management
Human Resources
Incident Response Team Organization
IRT Roles and Responsibilities
IRT Roles
IRT Skills
BIA
IRT Capability
Combining the BIA with the IRT
Creating the Incident Response Plan
Response and Recovery Plans
Goals of Recovery Operations
Choosing a Site Selection
Implementing the Strategy
Incident Management Response Teams
Network Service High-availability
Storage High-availability
Risk Transference
Other Response Recovery Plan Options
Lesson 6: Testing Response and Recovery Plans
Periodic Testing
Analyzing Test Results
Measuring the Test Results
Lesson 7: Executing the Plan
Updating the Plan
Intrusion Detection Policies
Who to Notify about an Incident
Recovery Operations
Other Recovery Operations
Forensic Investigation
Hacker / Penetration Methodology
Demo - Vulnerability Scan
Domain 05 Review
Course Closure
Product Code: CA-CISM