Information Security Manager: intermediate
- 40 Courses | 42h 55m 3s
- 7 Books | 41h 5m
Information security management is crucial to organizations. Explore the development and management of information security programs.
GETTING STARTED
CISM 2022: Information Security Governance
-
1m 19s
-
7m 7s
COURSES INCLUDED
CISM 2022: Information Security Governance
The best way to improve the enterprise security stance is to align IT security solutions with business objectives. In this course, you will consider how information security must align with business strategies. You will explore the business model for information security and review the importance of identifying and classifying assets critical to a business. Next, you will learn about supply chain security, personnel management, and the components of an information security program. You will discover the relationship between service-level agreements (SLAs) and organizational objectives and discuss the relevance of change and configuration management. Then, consider how to develop organizational security policies. Lastly, explore expense types, chain of custody, organizational culture, and how the Control Objectives for Information Technologies (COBIT) framework applies to IT governance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 40m
Assessment
Badge
CISM 2022: Business Continuity & Security
Keeping business processes up and running is a priority for every type of business. Security plays an important role in the success of business continuity planning. In this course, you will discover the characteristics that define a business impact analysis (BIA) and explore disaster recovery plans (DRPs) and various data and IT security roles commonly present in an enterprise. Next, you will learn how contractual obligations can necessitate security compliance and audits. You will discover the importance of establishing performance and security baselines on-premises and in the cloud. Lastly, you will explore physical security and security control types with a slant on business process alignment. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 13m
Assessment
Badge
CISM 2022: Incident Response
Incident response is initiated when a security incident is confirmed. Incident response plan participants must know their roles and plan details for effectively minimizing the impact of security incidents. In this course, you will explore the components that make up an incident response plan, including roles, escalation procedures, and communication plans. Next, focus on incident escalation where applicable, incident eradication according to planned procedures, and incident containment to prevent further incident damage. Then discover the importance of analyzing past incident responses in the spirit of constant improvement and the reduction of incident response times. Lastly, find out how incident detection and automated responses are possible in the cloud. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
41m
Assessment
Badge
CISM 2022: Security Standards
Global and local security standards, including laws and regulations, are an important input to determine how enterprises deploy and manage security controls. In this course, you will learn how the European Union's General Data Protection Regulation (GDPR) data privacy legislation applies to any organization world-wide handling private EU citizen data. Next, you will explore various International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for proper data governance, followed by American data privacy and cloud security standards such as Health Insurance Portability and Accountability Act (HIPAA) and Federal Risk and Authorization Management Program (FedRamp). Discover how to secure cardholder data as related to Payment Card Industry Data Security Standard (PCI DSS) international security standards and review other data privacy legislation including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and China's Personal Information Protection Law (PIPL). Lastly, explore the importance of securing cloud service usage in alignment with the Cloud Controls Matrix (CCM). This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Managing Risk
Residual risk remains after security controls are put in place to mitigate the impact of threats. The organizational appetite for risk determines what level of residual risk is acceptable. In this course, you will explore how risk management improves business operations by minimizing the impact of realized threats. You will learn how to calculate the cost of mitigating risk compared to the value of the protected asset and determine the cost-benefit analysis and return on investment when implementing security controls. Next, discover the importance of risk assessments, especially where there are changes to some aspect of the business or a specific business process. You will then explore how various risk approaches, such as risk acceptance, avoidance, transfer, and reduction, apply to an organization's tolerance of residual risk. Lastly, discover how risk heat maps are an effective method for communicating various degrees of risk. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Privacy
Enterprises must comply with relevant laws and regulations related to data privacy. This requires recognizing applicable laws and regulations and implementing the appropriate security controls. In this course, you will explore examples of personally identifiable information (PII) and protected health information (PHI) and learn about data residency implications related to the physical storage location of sensitive data. Next, learn how to reduce the possibility of data exfiltration through data loss protection policies and how to discover and classify data using Amazon Macie and Microsoft Purview governance. Then you will learn to configure data classification on the Microsoft Windows server platform and tag cloud resources for classification purposes. Lastly, explore how to configure Microsoft Azure storage account encryption using a customer-managed key. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
56m
Assessment
Badge
CISM 2022: Assessing Risk
Assessing risk is a crucial activity that enables organizations to evaluate risk exposure for business processes and assets. In this course, you will begin by exploring how to conduct vulnerability assessments and how the results can shed light on security control deficiencies. Next, you will learn how to perform a network vulnerability assessment and review the results, followed by scanning a web application for web app-specific vulnerabilities. You will discover how to conduct a gap analysis to determine the current security posture compared to a desired security posture. Then, you will explore the important aspects of when and how to run penetration tests. Lastly, you will see how to configure Microsoft Azure Policy assignments to determine cloud resource configuration compliance. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
45m
Assessment
Badge
CISM 2022: Managing Authentication
Strong authentication, such as with multi-factor authentication (MFA), ensures that devices, software, and users get legitimate access to resources. The omission of strong authentication configurations may result in successful brute force credential attacks. In this course, you will begin with a discussion of authentication categories and how they strengthen device, software, and user sign-in procedures. Next, you will learn to manage Amazon Web Services (AWS) and Microsoft Azure users and groups in the cloud followed by managing on-premises users and groups on the Windows and Linux platforms. You will then configure MFA for an AWS Identity and Access Management (IAM) user account and test MFA login. Lastly, you will learn how to harden user login security through password policies and how identity federation works. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
53m
Assessment
Badge
CISM 2022: Implementing Access Control
Authorization allows limited access to resources only after successful authentication. Resources can include IT services such as applications, databases, files, and folders, among others. In this course, explore the role authorization plays in allowing resource access and the various access control models used to ensure least privilege. Next, learn how to configure ABAC through Microsoft Dynamic Access Control, create an Azure dynamic group in the cloud, and use RBAC to grant permissions to Azure cloud resources. Finally, discover how to manage permissions for Windows and Linux-based file systems, handle Windows NTFS file system auditing, and configure Microsoft Active Directory delegated administration. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
11 videos |
1h 2m
Assessment
Badge
CISM 2022: Network Security
Organizations should secure resource access while remaining compliant with relevant laws and regulations. One of the many ways to do this is to ensure proper network security controls are in place and reviewed regularly. In this course, examine the OSI model layers and their relevance to network security controls, as well as the security aspects of network switching and network access control. Next, explore DHCP and DNS security issues and Wi-Fi authentication methods, and discover how to harden a DHCP and DNS deployment on Windows Server. Finally, learn the importance of using honeypots and honeynets, and how to implement a honeypot and analyze captured network traffic. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
11 videos |
1h 10m
Assessment
Badge
CISM 2022: Network Attack Mitigation
To effectively defend against common network attacks, organizations must truly understand how they are executed. Thereafter, information security managers can implement and manage security controls to address network security control objectives. In this course, explore firewall types, configure the built-in Windows Defender Firewall, and adjust firewall rules on a Linux host. Next, learn how to manage Azure cloud network security groups to control virtual network subnet and interface traffic and how forward and reverse proxy servers can enable inbound and outbound network security. Finally, examine the relevance of intrusion detection placement and prevention configurations and configure the open-source Snort IDS tool to detect suspicious traffic. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
10 videos |
1h 2m
Assessment
Badge
CISM 2022: IT Service & Data Availability
Ensuring IT service and data high availability can reduce downtime and increase business productivity. The configurations put in place to achieve high availability align with standard business continuity requirements. In this course, you will discover the importance of high availability as it relates to business objectives. Begin by exploring load balancing as a method of optimizing application performance and availability. Next, you will learn how to deploy a cloud-based application load balancing solution. Examine various backup types such as differential and incremental, in order to adhere to the Recovery Point Objective (RPO). Then configure backup for Windows Server and for Microsoft Azure resources and find out how redundant array of inexpensive disks (RAID) levels apply to data availability and resiliency to disk failures. Finally, configure software RAID on the Windows and Linux platforms and enable availability in the cloud by enabling storage account and virtual machine replication. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
13 videos |
1h 16m
Assessment
Badge
CISM 2022: Common Network Security Threats
Some security controls are very specific to the threat that they address. Information security managers must be well versed in common network security threats in order to minimize the impact of realized threats on business processes. In this course, you will start by exploring various types of threat actors and their motivation for attacking networks. You will review industry standards related to categorizing threats, including common vulnerabilities and exposures (CVEs), the MITRE ATT&CK knowledge base, and the OWASP Top 10 web application security attacks. Next, you will learn how bug bounties are paid by companies to ensure the utmost in security for their products, which can influence customer choices. You will discover how various types of network attacks are executed including Wi-Fi attacks, SYN flood attacks, buffer overflow attacks, advanced persistent threats (APTs), and distributed denial-of-service (DDoS) attacks. Lastly, you will see how VPN anonymizer solutions and the Tor web browser can be used for anonymous network connectivity for legitimate as well as illegal purposes. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
13 videos |
1h 14m
Assessment
Badge
CISM 2022: Common Network Security Attacks
Security technicians can benefit significantly by executing network security attacks in a controlled environment. This allows for an in-depth periodic review of security control efficacy related to IT networks. In this course, you will discover how networks can be scanned by attackers seeking potentially vulnerable services using free tools such as Nmap. You will then explore how attackers can compromise a user web browser, how SQL injection attacks can reveal more information than intended by the app designer, and how to configure a reverse shell where the compromised station reaches out to the attacker station, often defeating standard firewall rule sets. Next, you will learn how to spoof network traffic and execute a distributed denial-of-service (DDoS) attack. Lastly, you will discover how to brute force a Windows remote desktop protocol (RDP) connection to gain access to a Windows host. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Cloud Computing & Coding
The use of cloud services is a form of outsourcing of IT service which also introduces an element of risk. Software developers can use on-premises as well as cloud-based services to create, test, and deploy software solutions. In this course, you will explore cloud deployment models including public, private, hybrid, and community clouds. You will then cover cloud computing service models, such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), including where the security responsibility lies in each model. Next, you will explore various cloud-based security controls addressing a wide variety of cloud computing security needs. You will discover how to deploy a repeatable compliant cloud-based sandbox environment using Microsoft Azure Blueprints. Next, explore how security must be included in each software development life cycle (SDLC) phase as opposed to post-implementation. Finally, discover the importance of secure coding practices and how security must integrate with software development, testing, deployment, and patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
9 videos |
49m
Assessment
Badge
CISM 2022: Data Protection with Cryptography
Cryptography provides solutions for ensuring data privacy and integrity. Various firmware and software solutions protect data in transit and data at rest. In this course, you will explore the CIA security triad and how it relates to the organization's security program. You will then review various cryptography solutions and discuss data integrity to assure that tampering has not occurred. Next, you will learn how Hardware Security Module (HSM) appliances and Trusted Platform Module (TPM) firmware provide cryptographic services. You will see how Transport Layer Security (TLS) supersedes the deprecated Secure Sockets Layer (SSL) network security protocol suite followed by discussing virtual private network (VPN) encrypted network tunnels, and the IP Security (IPsec) network security protocol suite. Lastly, you will explore the PKI hierarchy and how public key infrastructure (PKI) certificates are used for digital security throughout the certificate life cycle. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
12 videos |
1h 5m
Assessment
Badge
CISM 2022: Applied Cryptography
The periodic evaluation of the efficacy of cryptographic solutions is possible only with an understanding of how cryptography secures digital environments. In this course, you will explore data integrity by hashing files on the Linux and Windows platforms in an effort to detect unauthorized changes. You will configure a web application HTTPS binding to secure network communications to and from the web application. Then you will deploy a private certificate authority (CA), manage certificate templates, and deploy public key infrastructure (PKI) certificates. Next, you will configure a web application to require trusted client certificates. Finally, you will encrypt data at rest on Linux, on Windows with Encrypting File System (EFS), and Microsoft Bitlocker, and you will configure a cloud VPN connection and implement IPsec on Windows. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
14 videos |
1h 16m
Assessment
Badge
CISM 2022: Secure Device & OS Management
IT departments must work in conjunction with higher-level management to determine when and how to securely use technological solutions that support the business strategy. In this course, begin by exploring how mobile device usage in a business environment can introduce risk and how that risk can be managed with centralized remote wipe capabilities. Then find out how Microsoft Intune can be used to centrally manage devices and how to securely wipe a disk partition. Learn how to harden Windows computers using Group Policy and disable the deprecated SSL network security protocol on Windows hosts. Next, investigate common digital forensics hardware and software solutions, as well as the storage area network (SAN) security and jump box solutions to manage hosts securely and remotely. Finally, discover how to manage Azure resources permissions using managed identities, examine device and OS hardening techniques, and investigate the importance of firmware and software patching. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
16 videos |
1h 38m
Assessment
Badge
CISM 2022: Social Engineering & Malware
Modern day IT device users must have an awareness of the deception by malicious actors through their devices. Recurring security awareness training in an organization is by far the most effective way to minimize realized threats against business assets. In this course, you will explore social engineering in its various forms, focusing on malware types like viruses, trojans, and ransomware. Then you will review various examples of phishing email messages and find out how to detect that they are fraudulent. Next, you will use the Metasploit Framework's Social-Engineer Toolkit (SET) to execute a social engineering attack, discover how botnets work, and learn how their function can be mitigated. You will configure a Microsoft Windows virus and threat protection. Finally, you will upload an infected file to an online service for malware scanning. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
8 videos |
42m
Assessment
Badge
CISM 2022: Security Monitoring
Because today's business computing environments can contain a dizzying array of device types, centralized data ingestion, and analysis, looking for anomalies is a critical part of defending against technological threats. In this course, you will begin by reviewing Microsoft Defender for Cloud security recommendations in the Microsoft Azure cloud and monitoring the performance of Windows hosts. Then you will review, search, and filter Windows Event Viewer logs, configure Windows log forwarding to a second Windows host, and monitor the performance of a Linux host. Next, you will view various Linux logs, enable Linux log forwarding using syslog-ng, review web server logs, and monitor the performance of cloud services. Finally, you will learn how to decipher threat positives and negatives, how security information and event management (SIEM) and security orchestration, automation, and response (SOAR) can detect and remediate security incidents, and how to configure the Microsoft Sentinel SIEM. This course can be used to prepare for the Certified Information Security Manager (CISM) exam.
15 videos |
1h 24m
Assessment
Badge
CISM 2020: Information Security & Business Process Alignment
Proper IT governance starts with aligning IT solutions with business processes. In this course, you'll explore how to identify the relationship between IT security and business objectives. You'll examine in detail how various regulations and security standards, such as HIPAA, GDPR, and PCI DSS, can influence an organization's IT security decisions, going through seven of such regulations one-by-one. Next, you'll examine the cloud services, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) to determine how responsibility is divided between provider and consumer. Lastly, you'll investigate several public cloud providers' security accreditations. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 13m
Assessment
Badge
CISM 2020: Managing IT Risk
Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register. Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and Microsoft FSRM. Moving on, you'll learn how to tag cloud resources and carry out cloud risk assessments. You'll explore how to determine if specific security controls are worth implementing to protect assets. Lastly, you'll investigate how to establish a security awareness program through the organization. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 20m
Assessment
Badge
CISM 2020: Cryptography & PKI
Securing data at rest and in transit over a network is accomplished through the use of cryptography. In this course, you'll explore the concepts of hashing and encryption. You'll start by studying how cryptography addresses IT security before gaining hands-on experience generating file hashes and encrypting data at rest. Some of the methods you'll practice will be using Microsoft EFS and AxCrypt to protect files, Microsoft BitLocker to protect disk volumes, PuTTYgen to generate key pairs, and wiping disk data. Moving along, you'll examine and work with PKI certificate authorities, deploying and requesting both Microsoft and AWS certificate authorities. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h
Assessment
Badge
CISM 2020: TCP/IP Configuration
Modern computing uses IPv4, and increasingly IPv6. In this course, you'll explore IPv4 and IPv6 configuration details in preparation for configuring IT services to support business processes. You'll work with DNS name resolution and DHCP. You'll identify the role played by various network infrastructure devices, such as routers and switches. Furthermore, you'll capture and analyze network traffic using Wireshark. By the end of this course, some of the skills you'll acquire will be to recognize the connection between OSI model layers from TCP/IP protocols, set up TCP/IP both manually and with DHCP, and configure DNS using Azure, AWS, and GoDaddy. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 14m
Assessment
Badge
CISM 2020: Network Infrastructure Security
Various laws, regulations, and security best practices require network traffic coming in and out of IT services to be controlled. In this course, you'll learn how to implement techniques to ensure the precious IT assets within your organization's network are secure. You'll begin by exploring what the IPsec network security protocol does and how it's employed. You'll then examine various types of firewalls and decipher when they should be used. Next, you'll work with correctly setting up Windows Defender Firewall, Linux firewall settings, and cloud-based packet filtering rules. Lastly, you'll practice hardening a Wi-Fi network and forging network traffic. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
12 videos |
1h 11m
Assessment
Badge
CISM 2020: Identity & Access Management
Information security managers must consider the security risks and potential impact of user access to resources. In this course, you'll explore how to manage and assign user authentication and authorization to use resources for various cloud and local services. You'll start by distinguishing between authentication and authorization. Next, you'll assign file system permissions in Windows and Linux. You'll then practice assigning permissions policies to AWS users. Lastly, you'll enable multifactor authentication and single sign-on for AWS users. By the end of this course, you'll be able to create and manage Microsoft AD, Linux, and AWS users and groups and set up various types of permissions for them. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 18m
Assessment
Badge
CISM 2020: Server Roles
Servers provide many different types of functionality that must be adequately secured. To qualify as a Certified Information Security Manager, you'll need to know how to securely manage and deploy Windows and Linux cloud-based servers both on-premises and remotely in addition to encrypting a virtual machine. In this course, you'll begin by examining various server roles, when they should be used, and how to secure them. Next, you'll deploy Windows and Linux servers in the cloud and manage them from an on-premises environment. Lastly, you'll assign SQL Server roles and encrypt an on-premises VMware workstation virtual machine. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
8 videos |
41m
Assessment
Badge
CISM 2020: IT Security Policies
IT security policies guide how IT services are deployed and managed in an organization. To achieve certification in information security management, you'll need to demonstrate a clear understanding of what policies exist and where and how to implement them. In this course, you'll explore various types of security policies, starting with those for securing change and patch management. You'll then investigate some network and host security hardening techniques. You'll move on to practice hardening Windows and Linux servers as well as a network printer and passwords. You'll then examine how to detect social engineering scams and deal with malware infections. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 21m
Assessment
Badge
CISM 2020: Detecting Security Anomalies
Information security managers must have the most efficient tools to detect potential security incidents at their disposal. In this course, you'll explore several tools that can be used to detect anomalies and learn how to take action to mitigate these anomalies. You'll learn to differentiate intrusion detection from intrusion prevention, before using Snort for network anomaly detection. You'll then examine how honeypots provide insight related to malicious user techniques. Next, you'll analyze various types of Windows logs, before working with logging in Linux. Lastly, you'll configure data loss prevention in the cloud, view compliance reports, and outline how SIEM and SOAR can be used for incident detection and response. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
10 videos |
56m
Assessment
Badge
CISM 2020: Security Testing
Periodic security testing sheds light on an organization's current security posture. As an information security manager, you should know how to accurately and thoroughly assess the condition of an organization's IT security. In this course, you'll learn the concepts and practices involved in this process. You'll start by examining how physical security can influence IT services. Next, you'll explore the benefits and techniques involved in network scanning, vulnerability assessments, and penetration testing. You'll round off the course by analyzing cloud-based security recommendations. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
7 videos |
30m
Assessment
Badge
CISM 2020: Digital Forensics
Information security managers may be called upon to aid in the gathering and preservation of digital evidence. To achieve certification-level knowledge, you should be savvy in terms of the techniques, requirements, and potential hurdles involved in gathering digital evidence. In this course, you'll explore several digital forensic techniques, such as order of volatility, chain of custody, and data immutability. You'll also examine common digital forensic hardware and software tools. To round off the course, you'll gain hands-on experience using steganography, hard disk image creation, and data recovery using Autopsy in Kali Linux. You'll then investigate common web application attacks and secure coding practices. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
12 videos |
1h 7m
Assessment
Badge
CISM 2020: Business Continuity
Information security managers must plan for inevitable business disruptions, knowing how best to minimize the impact of these disruptions on business processes and learn from them to prepare for future incidences. In this course, you'll explore techniques to reduce the chances of disruptions, plan for the inevitable, and learn from past occurrences. You'll start by examining personnel hiring and skills management and how this relates to IT governance. Next, you'll investigate the concept of high availability configurations before delving into data replication, load balancing, and data backups. You'll also practice some associated techniques. Lastly, you'll learn how to craft disaster recovery and incident response plans, along with post-incident reviews. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 15m
Assessment
Badge
Information Security Governance Part I
Explore the information security strategy techniques and best practices for a governance framework to meet your organizational goals and objectives.
11 videos |
1h 13m
Assessment
Badge
Information Security Governance Part II
Examine the roles and security responsibilities of organizational staff, as well as effective communication and reporting techniques needed as part of an effective security governance framework.
10 videos |
1h 10m
Assessment
Badge
Information Risk Management Part I
Discover how to implement an effective information risk management strategy for your organization, including how to recognize information asset classification, ownership, and threats, vulnerabilities, and exposures.
10 videos |
53m
Assessment
Badge
Information Risk Management Part II
Explore risk assessment and analysis methodologies, such as risk treatment, risk response, and gap analysis techniques, that can be used as part of your organization's risk management strategy.
11 videos |
52m
Assessment
Badge
Information Security Program Development Part I
Create an effective information security program by examining the security technologies available, as well as techniques and best practices involved in meeting security regulations, standards, and guidelines.
9 videos |
52m
Assessment
Badge
Information Security Program Development Part II
Information security is only effective if everyone involved is on-board and properly trained. Discover how to develop security awareness and training programs, and how to implement and test the effectiveness of security controls.
9 videos |
56m
Assessment
Badge
Information Security Incident Management Part I
Explore the fundamentals of security incident management, including methods for classifying incidents, roles, responsibilities, and training for incident response team members, and notification and escalation processes.
10 videos |
59m
Assessment
Badge
Information Security Incident Management Part II
Security incidents can have a huge cost factor on an organization. Examine incident logging, analyzing, and documenting, as well as techniques for responding to and recovering from information security incidents.
10 videos |
59m
Assessment
Badge
SHOW MORE
FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.BOOKS INCLUDED
Book
Practical Information Security Management: A Complete Guide to Planning and ImplementationCovering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks.
6h 51m
By Tony Campbell
Book
Information Security Policies, Procedures, and Standards: A Practitioner's ReferenceHighlighting key terminology, policy development concepts and methods, and suggested document structures, this practical guide includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.
3h 18m
By Douglas J. Landoll
Book
Assessing Information Security: Strategies, Tactics, Logic and Framework, Second EditionProviding expert guidance on information security, underpinned by a profound understanding of human conflict, this book draws on the work of Clausewitz and Sun Tzu, and applies it to the understanding of information security.
5h 33m
By Andrew Vladimirov, Andriej Michajlowski, Konstantin Gavrilenko
Book
Building Effective Cybersecurity Programs: A Security Manager's HandbookIntended to give you the knowledge and guidance that will allow you to choose wisely and avoid pitfalls, this practical resource lays out a step-by-step roadmap you can follow as you build or enhance your cybersecurity program.
4h 11m
By Tari Schreider
Book
Information Technology Risk Management and Compliance in Modern OrganizationsIncluding extensive coverage on a broad range of topics, this book is a pivotal reference source featuring the latest scholarly research on the need for an effective chain of information management and clear principles of information technology governance.
6h 41m
By John Walp, Manish Gupta, Pavankumar Mulgund (eds), Raj Sharman
Book
Information Security for ManagersUtilizing an incremental development method called knowledge scaffolding, this text provides an overview of conceptual and applied knowledge of information and systems security.
13h 39m
By Daniel C. Phelps, John N. Gathegi, Michael Workman
Book
Lessons Learned: Critical Information Infrastructure Protection: How to Protect Critical Information InfrastructureHelping you understand how to protect your critical information infrastructure (CII), this book aims to teach the IT framework from within, allowing you to reduce dependence on IT systems and put in place the necessary processes and procedures to help protect your CII.
52m
By Toomas Viira
SHOW MORE
FREE ACCESS
YOU MIGHT ALSO LIKE
Channel
Secure Programming
