Monday, January 5, 2009
CISM Certification Package
CISM Certification Package
Are you already working in network security, but want to give your career a big boost? Then turn yourself into a recognized security guru by becoming a Certified Information Security Manager (CISM). You'll put your security career into overdrive as you learn a common body of knowledge that's accepted by security pros worldwide.
CISM certification focuses on business and risk management issues. According to Certification Magazine, it is the leading information security certification. The CISM certification process combines an exam with real-life work credit and ongoing education. It tells upper management that you've got what it takes to be the high-level security manager they need.
As you listen to CBT Nuggets Trainer Michael Shannon, the entire CISM process will open up for you. Michael shows you how to prepare for the exam and how to get -- or substitute for -- the work experience you need (both before and after the test).
Michael walks you through CISM's 5 job-practice (domain) areas and ties them directly to the exam:
# Information Security Governance
# Information Risk Management
# Information Security Program Development
# Information Security Program Management
# Incidence Management & Response
For each domain, he gives you an overview of its goals, its relative importance on the exam and your responsibilities as a manager. Soon you'll be on your way to CISM certification and a successful information security (INFOSEC) professional career.
CISM is vendor independent. But note that Microsoft recognizes it as an accepted security credential for Security Solutions Competency in the Microsoft Partner Program.
The CISM Certification Package contains the following videos:
# Information Security Governance (Part 1) (free video)
# Information Security Governance (Part 2)
# Information Security Governance (Part 3
# Information Risk Management (Part 1)
# Information Risk Management (Part 2)
# Information Risk Management (Part 3)
# Information Security Program Development (Part 1)
# Information Security Program Development (Part 2)
# Information Security Program Development (Part 3)
# Information Security Program Management (Part 1)
# Information Security Program Management (Part 2)
# Information Security Program Management (Part 3)
# Incident Management and Response (Part 1)
# Incident Management and Response (Part 2)
CISM Certification Package highlights for each video:
Video #1. Introduction In this introductory video you will find out about the recent 5 CISM domains and the many topics covered on the way to becoming a Certified Information Security Manager.
Video #2. Information Security Governance (Part 1) In this update video you will get an overview of Information Security (INFOSEC) Governance and the 6 key results of proper Infosec governance. You will learn the responsibilities of senior management as well. This nugget also explores Infosec terminology and concepts along with the role of the Information Security Manager.
Video #3. Information Security Governance (Part 2) You will really enjoy this video as you explore INFOSEC governance scope and charter. The nugget finishes with governance metrics as well as strategy goals and objectives.
Video #4. Information Security Governance (Part 3) This fourth nugget of the CISM series covers three topics: several approaches to a security framework; strategy resources and constraints; and an action plan for Infosec governance strategy.
Video #5. Information Risk Management (Part 1) This update video delves even deeper into Risk Management. First we define in depth the concept of risk management and provide an overview of security risk management. The final topics then cover a risk management strategy and the elements of effective risk management.
Video #6. Information Risk Management (Part 2) The second video of this domain covers further the risk management process. You will understand what defines a risk management framework and a risk analysis framework as well. Finally you will get an overview of risk assessment.
Video #7. Information Risk Management (Part 3) In the third video of this CISM domain you will explore five important knowledge areas: threats and vulnerabilities; operational risk categories; additional risk management responses; impacts of risk; and controls and countermeasures.
Video #8. Information Security Program Development (Part 1) In this first video you will get an overview of Information Security Program Development as well as the importance and expected results of INFOSEC programs. You will discover an Infosec Management Workflow. You will take a survey of relevant technologies for programs and, finally, revisit the role of the Information Security Manager as INFOSEC Program Manager.
Video #9. Information Security Program Development (Part 2) The second part of this domain covers the scope of INFOSEC programs as well as the ongoing challenges to program development. This nugget also explores the topics of program objectives, implementation strategy, and, finally, an information security program development roadmap.
Video #10. Information Security Program Development (Part 3) The following topics are addressed in this final nugget of this CSIM domain: documentation requirements; operational security architecture; and the SABSA framework for security management.
Video #11. Information Security Program Management (Part 1) This particular domain makes up almost a quarter of the tested content. In the first domain nugget you will get an overview of INFOSEC Program Management. You will learn about the results of effective information security program management. You will explore organizational/business roles and responsibilities as they relate to Infosec program management. Lastly, you will evaluate an information security management framework.
Video #12. Information Security Program Management (Part 2) This particular nugget deals with the concepts of performance measurement, obstacles to effective security program management, the evaluation of security programs and a survey of information security management resources.
Video #13. Information Security Program Management (Part 3) This beefy third nugget of the domain explores 14 key practical elements of deploying and implementing information security management programs: policies and standards; metrics and monitoring; control testing; third party providers; life cycle integration; communication; documentation; assurance integration; acceptable use policies; assigning roles and responsibilities; change management; vulnerability assessment; due diligence; and non-compliance resolution.
Video #14. Incident Management and Response (Part 1) As one of the smaller content domains, this first of two nuggets will cover an overview of incident management and response�related concepts and technologies are also covered. Next, you will learn about INFOSEC management responsibilities and objectives relating to incidents and response. You will explore metrics, indicators, procedures, and resources. Finally you will look closer at the Business Impact Analysis (BIA) process.
Video #15. Incident Management and Response (Part 2) The final nugget of the CISM will show you how to evaluate the current state of incident response in the organization. You will then learn how to develop the plans, test the plans, implement the plans, and then finally, conduct the documentation phase and post-review.
All trademarks and copyrights are the property of their respective holders.