CISM Certification Package
Certified Information Security Manager from ISACA
Trainer: Michael J. Shannon
Running Time: 7 Hours
Are you already working in network security, but want to give your career a big boost? Then turn yourself into a recognized security guru by becoming a Certified Information Security Manager (CISM). You'll put your security career into overdrive as you learn a common body of knowledge that's accepted by security pros worldwide.
CISM certification focuses on business and risk management issues. According to Certification Magazine, it is the leading information security certification. The CISM certification process combines an exam with real-life work credit and ongoing education. It tells upper management that you've got what it takes to be the high-level security manager they need.
As you listen to CBT Nuggets Trainer Michael Shannon, the entire CISM process will open up for you. Michael shows you how to prepare for the exam and how to get -- or substitute for -- the work experience you need (both before and after the test).
Michael walks you through CISM's 5 job-practice (domain) areas and ties them directly to the exam:
• Information Security Governance
• Information Risk Management
• Information Security Program Development
• Information Security Program Management
• Incidence Management & Response
For each domain, he gives you an overview of its goals, its relative importance on the exam and your responsibilities as a manager. Soon you'll be on your way to CISM certification and a successful information security (INFOSEC) professional career.
CISM is vendor independent. But note that Microsoft recognizes it as an accepted security credential for Security Solutions Competency in the Microsoft Partner Program.
The CISM Certification Package contains the following videos:
• Information Security Governance (Part 1)
• Information Security Governance (Part 2)
• Information Security Governance (Part 3)
• Information Risk Management (Part 1)
• Information Risk Management (Part 2)
• Information Risk Management (Part 3)
• Information Security Program Development (Part 1)
• Information Security Program Development (Part 2)
• Information Security Program Development (Part 3)
• Information Security Program Management (Part 1)
• Information Security Program Management (Part 2)
• Information Security Program Management (Part 3)
• Incident Management and Response (Part 1)
• Incident Management and Response (Part 2)
CISM Certification Package highlights for each video:
Video #1. Introduction In this introductory video you will find out about the recent 5 CISM domains and the many topics covered on the way to becoming a Certified Information Security Manager.
Video #2. Information Security Governance (Part 1) In this update video you will get an overview of Information Security (INFOSEC) Governance and the 6 key results of proper Infosec governance. You will learn the responsibilities of senior management as well. This nugget also explores Infosec terminology and concepts along with the role of the Information Security Manager.
Video #3. Information Security Governance (Part 2) You will really enjoy this video as you explore INFOSEC governance scope and charter. The nugget finishes with governance metrics as well as strategy goals and objectives.
Video #4. Information Security Governance (Part 3) This fourth nugget of the CISM series covers three topics: several approaches to a security framework; strategy resources and constraints; and an action plan for Infosec governance strategy.
Video #5. Information Risk Management (Part 1) This update video delves even deeper into Risk Management. First we define in depth the concept of risk management and provide an overview of security risk management. The final topics then cover a risk management strategy and the elements of effective risk management.
Video #6. Information Risk Management (Part 2) The second video of this domain covers further the risk management process. You will understand what defines a risk management framework and a risk analysis framework as well. Finally you will get an overview of risk assessment.
Video #7. Information Risk Management (Part 3) In the third video of this CISM domain you will explore five important knowledge areas: threats and vulnerabilities; operational risk categories; additional risk management responses; impacts of risk; and controls and countermeasures.
Video #8. Information Security Program Development (Part 1) In this first video you will get an overview of Information Security Program Development as well as the importance and expected results of INFOSEC programs. You will discover an Infosec Management Workflow. You will take a survey of relevant technologies for programs and, finally, revisit the role of the Information Security Manager as INFOSEC Program Manager.
Video #9. Information Security Program Development (Part 2) The second part of this domain covers the scope of INFOSEC programs as well as the ongoing challenges to program development. This nugget also explores the topics of program objectives, implementation strategy, and, finally, an information security program development roadmap.
Video #10. Information Security Program Development (Part 3) The following topics are addressed in this final nugget of this CSIM domain: documentation requirements; operational security architecture; and the SABSA framework for security management.
Video #11. Information Security Program Management (Part 1) This particular domain makes up almost a quarter of the tested content. In the first domain nugget you will get an overview of INFOSEC Program Management. You will learn about the results of effective information security program management. You will explore organizational/business roles and responsibilities as they relate to Infosec program management. Lastly, you will evaluate an information security management framework.
Video #12. Information Security Program Management (Part 2) This particular nugget deals with the concepts of performance measurement, obstacles to effective security program management, the evaluation of security programs and a survey of information security management resources.
Video #13. Information Security Program Management (Part 3) This beefy third nugget of the domain explores 14 key practical elements of deploying and implementing information security management programs: policies and standards; metrics and monitoring; control testing; third party providers; life cycle integration; communication; documentation; assurance integration; acceptable use policies; assigning roles and responsibilities; change management; vulnerability assessment; due diligence; and non-compliance resolution.
Video #14. Incident Management and Response (Part 1) As one of the smaller content domains, this first of two nuggets will cover an overview of incident management and response…related concepts and technologies are also covered. Next, you will learn about INFOSEC management responsibilities and objectives relating to incidents and response. You will explore metrics, indicators, procedures, and resources. Finally you will look closer at the Business Impact Analysis (BIA) process.
Video #15. Incident Management and Response (Part 2) The final nugget of the CISM will show you how to evaluate the current state of incident response in the organization. You will then learn how to develop the plans, test the plans, implement the plans, and then finally, conduct the documentation phase and post-review.
About the Instructor:
Michael J. Shannon
• CBT Nuggets CCNP and Exchange 2000 Instructor
• MCSE 2000
• CompTIA Network+
• CompTIA Linux+
• CompTIA I-Net+
"I really enjoy the way that computers can bring people together, move information quickly and empower learning. I come from three generations of teachers. My great-grandmother had a huge influence on me, having taught school for 50 years. As soon as I learn something new I want to find someone and tell them about it. I have been a teacher and a trainer off and on since high school, it’s my favorite way to help others.
I began configuring hubs and routers in the early 1990's while a network technician for a Phoenix, Arizona telecommunications company and have been implementing, consulting and instructing on internetworking technology for over 12 years. My past employment includes positions as a senior technician, trainer, consultant and mentor throughout the U.S. for companies such as ExecuTrain, Mastering Computers, Platinum Technology, Fujitsu and Mindworks.
My background includes both practical experience in the day-to-day operations of corporate IT departments as well as instructional and classroom training experience. This gives me a unique perspective for being able to use the equipment and software in a live environment and turn around to pass along that experience in the form of training that is easy to understand and thorough enough to cover ‘real-world’ issues.
Currently, I am a full-time author, consultant and instructor and look forward to producing more CBT Nuggets titles. Some of the books I have written include:
- Building Scalable Cisco Internetworks (CCNP/CCIP):
...Exam Cram 2 2003
- Linux+ Certification Course version 1.0
...Softcover - 300 pages (Book + test manual + CD)
...Savant Publishing 2003
- A+ Operating Systems Certification Study Guide
...Softcover - 50 pages
...SelfTest Software 2003
- I-NET+ Certification Course version 1.0
...Softcover - 325 pages (Book + test manual + CD)
...Savant Publishing 2000
- Windows 2000 Professional Certification Course
...Softcover - 380 pages (Book + test manual + CD)
...Savant Publishing 2000
I really believe that CBT Nuggets videos are absolutely the best format in which to teach computer technology - short of hiring an expert at $50-100 an hour to sit next to you at your computer and personally train you. Even with that expert though, he or she will eventually leave you with nothing but your memory and your notes. CBT Nuggets provides a format that’s great for initial as well as continuing education/on-the-job training. I’m proud to be a part of this innovative approach."
Visit here for more info: h**p://www.cbtnuggets.com/webapp/product?id=408