Information Security Manager: Intermediate
- 20 Courses | 21h 27m 22s
- 7 Books | 41h 5m
Information security management is crucial to organizations. Explore the development and management of information security programs.
GETTING STARTED
CISM 2020: Information Security & Business Process Alignment
-
1.Course Overview2m 5sNOW PLAYING
-
2.Information Security Management3m 30sUP NEXT
COURSES INCLUDED
CISM 2020: Information Security & Business Process Alignment
Proper IT governance starts with aligning IT solutions with business processes. In this course, you'll explore how to identify the relationship between IT security and business objectives. You'll examine in detail how various regulations and security standards, such as HIPAA, GDPR, and PCI DSS, can influence an organization's IT security decisions, going through seven of such regulations one-by-one. Next, you'll examine the cloud services, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) to determine how responsibility is divided between provider and consumer. Lastly, you'll investigate several public cloud providers' security accreditations. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 13m
Assessment
Badge
CISM 2020: Managing IT Risk
Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register. Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and Microsoft FSRM. Moving on, you'll learn how to tag cloud resources and carry out cloud risk assessments. You'll explore how to determine if specific security controls are worth implementing to protect assets. Lastly, you'll investigate how to establish a security awareness program through the organization. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 20m
Assessment
Badge
CISM 2020: Cryptography & PKI
Securing data at rest and in transit over a network is accomplished through the use of cryptography. In this course, you'll explore the concepts of hashing and encryption. You'll start by studying how cryptography addresses IT security before gaining hands-on experience generating file hashes and encrypting data at rest. Some of the methods you'll practice will be using Microsoft EFS and AxCrypt to protect files, Microsoft BitLocker to protect disk volumes, PuTTYgen to generate key pairs, and wiping disk data. Moving along, you'll examine and work with PKI certificate authorities, deploying and requesting both Microsoft and AWS certificate authorities. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h
Assessment
Badge
CISM 2020: TCP/IP Configuration
Modern computing uses IPv4, and increasingly IPv6. In this course, you'll explore IPv4 and IPv6 configuration details in preparation for configuring IT services to support business processes. You'll work with DNS name resolution and DHCP. You'll identify the role played by various network infrastructure devices, such as routers and switches. Furthermore, you'll capture and analyze network traffic using Wireshark. By the end of this course, some of the skills you'll acquire will be to recognize the connection between OSI model layers from TCP/IP protocols, set up TCP/IP both manually and with DHCP, and configure DNS using Azure, AWS, and GoDaddy. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 14m
Assessment
Badge
CISM 2020: Network Infrastructure Security
Various laws, regulations, and security best practices require network traffic coming in and out of IT services to be controlled. In this course, you'll learn how to implement techniques to ensure the precious IT assets within your organization's network are secure. You'll begin by exploring what the IPsec network security protocol does and how it's employed. You'll then examine various types of firewalls and decipher when they should be used. Next, you'll work with correctly setting up Windows Defender Firewall, Linux firewall settings, and cloud-based packet filtering rules. Lastly, you'll practice hardening a Wi-Fi network and forging network traffic. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
12 videos |
1h 11m
Assessment
Badge
CISM 2020: Identity & Access Management
Information security managers must consider the security risks and potential impact of user access to resources. In this course, you'll explore how to manage and assign user authentication and authorization to use resources for various cloud and local services. You'll start by distinguishing between authentication and authorization. Next, you'll assign file system permissions in Windows and Linux. You'll then practice assigning permissions policies to AWS users. Lastly, you'll enable multifactor authentication and single sign-on for AWS users. By the end of this course, you'll be able to create and manage Microsoft AD, Linux, and AWS users and groups and set up various types of permissions for them. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 18m
Assessment
Badge
CISM 2020: Server Roles
Servers provide many different types of functionality that must be adequately secured. To qualify as a Certified Information Security Manager, you'll need to know how to securely manage and deploy Windows and Linux cloud-based servers both on-premises and remotely in addition to encrypting a virtual machine. In this course, you'll begin by examining various server roles, when they should be used, and how to secure them. Next, you'll deploy Windows and Linux servers in the cloud and manage them from an on-premises environment. Lastly, you'll assign SQL Server roles and encrypt an on-premises VMware workstation virtual machine. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
8 videos |
41m
Assessment
Badge
CISM 2020: IT Security Policies
IT security policies guide how IT services are deployed and managed in an organization. To achieve certification in information security management, you'll need to demonstrate a clear understanding of what policies exist and where and how to implement them. In this course, you'll explore various types of security policies, starting with those for securing change and patch management. You'll then investigate some network and host security hardening techniques. You'll move on to practice hardening Windows and Linux servers as well as a network printer and passwords. You'll then examine how to detect social engineering scams and deal with malware infections. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
14 videos |
1h 21m
Assessment
Badge
CISM 2020: Detecting Security Anomalies
Information security managers must have the most efficient tools to detect potential security incidents at their disposal. In this course, you'll explore several tools that can be used to detect anomalies and learn how to take action to mitigate these anomalies. You'll learn to differentiate intrusion detection from intrusion prevention, before using Snort for network anomaly detection. You'll then examine how honeypots provide insight related to malicious user techniques. Next, you'll analyze various types of Windows logs, before working with logging in Linux. Lastly, you'll configure data loss prevention in the cloud, view compliance reports, and outline how SIEM and SOAR can be used for incident detection and response. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
10 videos |
56m
Assessment
Badge
CISM 2020: Security Testing
Periodic security testing sheds light on an organization's current security posture. As an information security manager, you should know how to accurately and thoroughly assess the condition of an organization's IT security. In this course, you'll learn the concepts and practices involved in this process. You'll start by examining how physical security can influence IT services. Next, you'll explore the benefits and techniques involved in network scanning, vulnerability assessments, and penetration testing. You'll round off the course by analyzing cloud-based security recommendations. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
7 videos |
30m
Assessment
Badge
CISM 2020: Digital Forensics
Information security managers may be called upon to aid in the gathering and preservation of digital evidence. To achieve certification-level knowledge, you should be savvy in terms of the techniques, requirements, and potential hurdles involved in gathering digital evidence. In this course, you'll explore several digital forensic techniques, such as order of volatility, chain of custody, and data immutability. You'll also examine common digital forensic hardware and software tools. To round off the course, you'll gain hands-on experience using steganography, hard disk image creation, and data recovery using Autopsy in Kali Linux. You'll then investigate common web application attacks and secure coding practices. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
12 videos |
1h 7m
Assessment
Badge
CISM 2020: Business Continuity
Information security managers must plan for inevitable business disruptions, knowing how best to minimize the impact of these disruptions on business processes and learn from them to prepare for future incidences. In this course, you'll explore techniques to reduce the chances of disruptions, plan for the inevitable, and learn from past occurrences. You'll start by examining personnel hiring and skills management and how this relates to IT governance. Next, you'll investigate the concept of high availability configurations before delving into data replication, load balancing, and data backups. You'll also practice some associated techniques. Lastly, you'll learn how to craft disaster recovery and incident response plans, along with post-incident reviews. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.
13 videos |
1h 15m
Assessment
Badge
Information Security Governance Part I
Explore the information security strategy techniques and best practices for a governance framework to meet your organizational goals and objectives.
11 videos |
1h 13m
Assessment
Badge
Information Security Governance Part II
Examine the roles and security responsibilities of organizational staff, as well as effective communication and reporting techniques needed as part of an effective security governance framework.
10 videos |
1h 10m
Assessment
Badge
Information Risk Management Part I
Discover how to implement an effective information risk management strategy for your organization, including how to recognize information asset classification, ownership, and threats, vulnerabilities, and exposures.
10 videos |
53m
Assessment
Badge
Information Risk Management Part II
Explore risk assessment and analysis methodologies, such as risk treatment, risk response, and gap analysis techniques, that can be used as part of your organization's risk management strategy.
11 videos |
52m
Assessment
Badge
Information Security Program Development Part I
Create an effective information security program by examining the security technologies available, as well as techniques and best practices involved in meeting security regulations, standards, and guidelines.
9 videos |
52m
Assessment
Badge
Information Security Program Development Part II
Information security is only effective if everyone involved is on-board and properly trained. Discover how to develop security awareness and training programs, and how to implement and test the effectiveness of security controls.
9 videos |
56m
Assessment
Badge
Information Security Incident Management Part I
Explore the fundamentals of security incident management, including methods for classifying incidents, roles, responsibilities, and training for incident response team members, and notification and escalation processes.
10 videos |
59m
Assessment
Badge
Information Security Incident Management Part II
Security incidents can have a huge cost factor on an organization. Examine incident logging, analyzing, and documenting, as well as techniques for responding to and recovering from information security incidents.
10 videos |
59m
Assessment
Badge
SHOW MORE
FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.BOOKS INCLUDED
Book
Practical Information Security Management: A Complete Guide to Planning and ImplementationCovering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks.
6h 51m
By Tony Campbell
Book
Information Security Policies, Procedures, and Standards: A Practitioner's ReferenceHighlighting key terminology, policy development concepts and methods, and suggested document structures, this practical guide includes examples, checklists, sample policies and procedures, guidelines, and a synopsis of the applicable standards.
3h 18m
By Douglas J. Landoll
Book
Assessing Information Security: Strategies, Tactics, Logic and Framework, Second EditionProviding expert guidance on information security, underpinned by a profound understanding of human conflict, this book draws on the work of Clausewitz and Sun Tzu, and applies it to the understanding of information security.
5h 33m
By Andrew Vladimirov, Andriej Michajlowski, Konstantin Gavrilenko
Book
Building Effective Cybersecurity Programs: A Security Manager's HandbookIntended to give you the knowledge and guidance that will allow you to choose wisely and avoid pitfalls, this practical resource lays out a step-by-step roadmap you can follow as you build or enhance your cybersecurity program.
4h 11m
By Tari Schreider
Book
Information Technology Risk Management and Compliance in Modern OrganizationsIncluding extensive coverage on a broad range of topics, this book is a pivotal reference source featuring the latest scholarly research on the need for an effective chain of information management and clear principles of information technology governance.
6h 41m
By John Walp, Manish Gupta, Pavankumar Mulgund (eds), Raj Sharman
Book
Information Security for ManagersUtilizing an incremental development method called knowledge scaffolding, this text provides an overview of conceptual and applied knowledge of information and systems security.
13h 39m
By Daniel C. Phelps, John N. Gathegi, Michael Workman
Book
Lessons Learned: Critical Information Infrastructure Protection: How to Protect Critical Information InfrastructureHelping you understand how to protect your critical information infrastructure (CII), this book aims to teach the IT framework from within, allowing you to reduce dependence on IT systems and put in place the necessary processes and procedures to help protect your CII.
52m
By Toomas Viira
SHOW MORE
FREE ACCESS
