Certified Information Security Manager (CISM) Proficiency (Advanced Level)

  • 24m
  • 24 questions
The Certified Information Security Manager (CISM) Proficiency benchmark measures whether a learner has advanced knowledge of advanced IT security practices and theories. A learner who scores high on this benchmark demonstrates a genuine working knowledge in the major areas of information security and can work independently.

Topics covered

  • apply IPv4 concepts to a network environment
  • apply IPv6 concepts to a network environment
  • describe the PKI hierarchy
  • differentiate between authentication and authorization
  • discuss how IPsec secures network traffic
  • draw a correlation between OSI layers and TCP/IP protocols
  • identify common hardening techniques for networks and hosts
  • identify how identity and access management constitutes a critical aspect of IT security
  • identify how IPD and IPS systems differ
  • identify the relationship between IT security and business processes
  • outline how cryptography addresses IT security
  • outline how to apply common risk management concepts, such as gap analysis, SWOT, and risk vs. incident
  • outline how to determine the risk appetite of an organization
  • recall how MFA enhances user sign-in security
  • recall how Wi-Fi networks can be secured
  • recall when federated identities should be used
  • recognize how different server roles can be deployed and managed safely including through a jump box
  • recognize how DNS is a network name resolution service
  • recognize how IT security policies must align to securing business processes
  • recognize how security baselines can help identify potential indicators of compromise
  • recognize the relevance of IT security in today's business environment
  • recognize when different types of firewalls should be used
  • use change management to securely modify network and device configurations in a structured manner
  • use patch management to securely deploy updates in a structured manner