SKILL BENCHMARK
Certified Information Security Manager (CISM) Mastery (Expert Level)
- 40m
- 40 questions
The Certified Information Security Manager (CISM) Mastery benchmark measures whether a learner is an information security thought leader who can describe the details of key process, procedures, benefits and consequences of the practice. A learner who scores high on this benchmark demonstrates genuine expertise and knowledge in all areas of information security and can work independently.
Topics covered
- apply IPv4 concepts to a network environment
- apply IPv6 concepts to a network environment
- craft a disaster recovery plan in accordance with the RTO
- define high availability solutions
- describe the PKI hierarchy
- determine the appropriate backup type given a scenario
- determine what types of digital evidence should be gathered first
- differentiate between authentication and authorization
- discuss how IPsec secures network traffic
- draw a correlation between OSI layers and TCP/IP protocols
- identify common hardening techniques for networks and hosts
- identify how identity and access management constitutes a critical aspect of IT security
- identify how IPD and IPS systems differ
- identify the common hardware used for digital forensics
- identify the common software used for digital forensics
- identify the relationship between IT security and business processes
- outline how cryptography addresses IT security
- outline how risk assessments differ from a business impact analysis
- outline how to apply common risk management concepts, such as gap analysis, SWOT, and risk vs. incident
- outline how to determine the risk appetite of an organization
- outline how to manage incidents to minimize damage using IRPs
- outline how to review incident details to increase the efficacy of the IRP (incident response plan)
- outline how to safeguard potential digital evidence from being tampered with
- recall how MFA enhances user sign-in security
- recall how physical security is an important aspect of IT governance
- recall how the first phase of IT attacks is reconnaissance
- recall how Wi-Fi networks can be secured
- recall when federated identities should be used
- recognize how different server roles can be deployed and managed safely including through a jump box
- recognize how DNS is a network name resolution service
- recognize how immutability relates to data read-only retention
- recognize how IT security policies must align to securing business processes
- recognize how personnel background checks, skillsets, and responsibility are important constituents of IT governance
- recognize how security baselines can help identify potential indicators of compromise
- recognize the benefit of periodic penetration testing
- recognize the benefit of periodic vulnerability assessments
- recognize the relevance of IT security in today's business environment
- recognize when different types of firewalls should be used
- use change management to securely modify network and device configurations in a structured manner
- use patch management to securely deploy updates in a structured manner
