CISM Certified Information Security Manager Study Guide

Sharpen your information security skills and grab an invaluable new credential with this unbeatable study guideAs cybersecurity becomes an increasingly mission-critical issue, more and more employers and professionals are turning to ISACA's trusted and recognized Certified Information Security Manager qualification as a tried-and-true indicator of information security management expertise.In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you need to prove yourself where it really counts: on the job.Chapters are organized intuitively and by exam objective so you can easily keep track of what you've covered and what you still need to study. You'll also get access to a pre-assessment, so you can find out where you stand before you take your studies further.Sharpen your skills with Exam Essentials and chapter review questions with detailed explanations in all four of the CISM exam domains: Information Security Governance, Information Security Risk Management, Information Security Program, and Incident Management.In this essential resource, you'll also:* Grab a head start to an in-demand certification used across the information security industry* Expand your career opportunities to include rewarding and challenging new roles only accessible to those with a CISM credential* Access the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key termsPerfect for anyone prepping for the challenging CISM exam or looking for a new role in the information security field, the Certified Information Security Manager (CISM) Study Guide is an indispensable resource that will put you on the fast track to success on the test and in your next job.

Introduction Assessment Test xxiChapter 1 Today's Information Security Manager 1Information Security Objectives 2Role of the Information Security Manager 3Chief Information Security Officer 4Lines of Authority 4Organizing the Security Team 5Roles and Responsibilities 7Information Security Risks 8The DAD Triad 8Incident Impact 9Building an Information Security Strategy 12Threat Research 12SWOT Analysis 13Gap Analysis 13Creating SMART Goals 16Alignment with Business Strategy 16Leadership Support 17Internal and External Influences 17Cybersecurity Responsibilities 18Communication 19Action Plans 19Implementing Security Controls 20Security Control Categories 21Security Control Types 21Data Protection 23Summary 25Exam Essentials 25Review Questions 27Chapter 2 Information Security Governance and Compliance 31Governance 33Corporate Governance 33Governance, Risk, and Compliance Programs 35Information Security Governance 35Developing Business Cases 36Third- Party Relationships 37Understanding Policy Documents 38Policies 38Standards 40Procedures 42Guidelines 43Exceptions and Compensating Controls 44Developing Policies 45Complying with Laws and Regulations 46Adopting Standard Frameworks 47Cobit 47NIST Cybersecurity Framework 49NIST Risk Management Framework 52ISO Standards 53Benchmarks and Secure Configuration Guides 54Security Control Verification and Quality Control 56Summary 57Exam Essentials 57Review Questions 59Chapter 3 Information Risk Management 63Analyzing Risk 65Risk Identification 66Risk Calculation 67Risk Assessment 68Risk Treatment and Response 72Risk Mitigation 73Risk Avoidance 74Risk Transference 74Risk Acceptance 75Risk Analysis 75Disaster Recovery Planning 78Disaster Types 78Business Impact Analysis 79Privacy 79Sensitive Information Inventory 80Information Classification 80Data Roles and Responsibilities 82Information Lifecycle 83Privacy- Enhancing Technologies 83Privacy and Data Breach Notification 84Summary 84Exam Essentials 85Review Questions 86Chapter 4 Cybersecurity Threats 91Chapter 5 Exploring Cybersecurity Threats 92Classifying Cybersecurity Threats 92Threat Actors 94Threat Vectors 99Threat Data and Intelligence 101Open Source Intelligence 101Proprietary and Closed Source Intelligence 104Assessing Threat Intelligence 105Threat Indicator Management and Exchange 107Public and Private Information Sharing Centers 108Conducting Your Own Research 108Summary 109Exam Essentials 109Review Questions 111Information Security Program Development and Management 115Information Security Programs 117Establishing a New Program 117Maintaining an Existing Program 121Security Awareness and Training 123User Training 123Role- Based Training 124Ongoing Awareness Efforts 124Managing the Information Security Team 125Hiring Team Members 126Developing the Security Team 126Managing the Security Budget 127Organizational Budgeting 127Fiscal Years 127Expense Types 128Budget Monitoring 129Integrating Security with Other Business Functions 130Procurement 130Accounting 133Human Resources 133Information Technology 135Audit 138Summary 139Exam Essentials 139Review Questions 141Chapter 6 Security Assessment and Testing 145Vulnerability Management 146Identifying Scan Targets 146Determining Scan Frequency 148Configuring Vulnerability Scans 149Scanner Maintenance 154Vulnerability Scanning Tools 155Reviewing and Interpreting Scan Reports 159Validating Scan Results 160Security Vulnerabilities 161Patch Management 162Legacy Platforms 163Weak Configurations 164Error Messages 164Insecure Protocols 165Weak Encryption 166Penetration Testing 167Adopting the Hacker Mindset 168Reasons for Penetration Testing 169Benefits of Penetration Testing 169Penetration Test Types 170Rules of Engagement 171Reconnaissance 173Running the Test 173Cleaning Up 174Training and Exercises 174Summary 175Exam Essentials 176Review Questions 177Chapter 7 Cybersecurity Technology 181Endpoint Security 182Malware Prevention 183Endpoint Detection and Response 183Data Loss Prevention 184Change and Configuration Management 185Patch Management 185System Hardening 185Network Security 186Network Segmentation 186Network Device Security 188Network Security Tools 191Cloud Computing Security 195Benefits of the Cloud 196Cloud Roles 198Cloud Service Models 198Cloud Deployment Models 202Shared Responsibility Model 204Cloud Standards and Guidelines 207Cloud Security Issues 208Cloud Security Controls 210Cryptography 212Goals of Cryptography 212Symmetric Key Algorithms 214Asymmetric Cryptography 215Hash Functions 217Digital Signatures 218Digital Certificates 219Certificate Generation and Destruction 220Code Security 223Software Development Life Cycle 223Software Development Phases 224Software Development Models 226DevSecOps and DevOps 229Code Review 230Software Security Testing 232Identity and Access Management 234Identification, Authentication, and Authorization 234Authentication Techniques 235Authentication Errors 237Single- Sign On and Federation 238Provisioning and Deprovisioning 238Account Monitoring 239Summary 240Exam Essentials 241Review Questions 244Chapter 8 Incident Response 249Security Incidents 251Phases of Incident Response 252Preparation 253Detection and Analysis 254Containment, Eradication, and Recovery 255Post- Incident Activity 267Building the Incident Response Plan 269Policy 269Procedures and Playbooks 270Documenting the Incident Response Plan 270Creating an Incident Response Team 272Incident Response Providers 273CSIRT Scope of Control 273Coordination and Information Sharing 273Internal Communications 274External Communications 274Classifying Incidents 274Threat Classification 275Severity Classification 276Conducting Investigations 279Investigation Types 279Evidence 282Plan Training, Testing, and Evaluation 288Summary 289Exam Essentials 290Review Questions 292Chapter 9 Business Continuity and Disaster Recovery 297Planning for Business Continuity 298Project Scope and Planning 299Organizational Review 300BCP Team Selection 301Resource Requirements 302Legal and Regulatory Requirements 303Business Impact Analysis 304Identifying Priorities 305Risk Identification 306Likelihood Assessment 308Impact Analysis 309Resource Prioritization 310Continuity Planning 310Strategy Development 311Provisions and Processes 311Plan Approval and Implementation 313Plan Approval 313Plan Implementation 314Training and Education 314BCP Documentation 314The Nature of Disaster 318Natural Disasters 319Human- Made Disasters 324System Resilience, High Availability, and Fault Tolerance 327Protecting Hard Drives 328Protecting Servers 329Protecting Power Sources 331Recovery Strategy 331Business Unit and Functional Priorities 332Crisis Management 333Emergency Communications 334Workgroup Recovery 334Alternate Processing Sites 334Database Recovery 338Recovery Plan Development 340Emergency Response 341Personnel and Communications 341Assessment 342Backups and Offsite Storage 342Utilities 345Logistics and Supplies 345Training, Awareness, and Documentation 345Testing and Maintenance 346Read- Through Test 346Structured Walk- Through 346Simulation Test 347Parallel Test 347Full- Interruption Test 347Lessons Learned 347Maintenance 348Summary 349Exam Essentials 349Review Questions 351Appendix Answers to the Review Questions 357Chapter 1: Today's Information Security Manager 358Chapter 2: Information Security Governance and Compliance 360Chapter 3: Information Risk Management 362Chapter 4: Cybersecurity Threats 363Chapter 5: Information Security Program Development and Management 365Chapter 6: Security Assessment and Testing 368Chapter 7: Cybersecurity Technology 370Chapter 8: Incident Response 372Chapter 9: Business Continuity and Disaster Recovery 374Index 377