YoVDO

CISM Cert Prep: 2 Information Risk Management

Offered By: LinkedIn Learning

Tags

CISM Certification Courses Cybersecurity Courses Risk Management Courses Penetration Testing Courses Risk Assessment Courses Malware Courses Business Continuity Planning Courses Vulnerability Scanning Courses

Course Description

Overview

Prepare to pass the Certified Information Security Manager (CISM) exam. Explore the detailed information you need to prepare for the Information Risk Management exam domain.

Syllabus

Introduction
  • Information security risk management
  • What you need to know
  • Study resources
1. Risk Assessment
  • Risk assessment
  • Quantitative risk assessment
  • Information classification
2. Risk Management
  • Risk treatment options
  • Security control selection and implementation
  • Ongoing risk management
  • Risk management frameworks
  • Risk visibility and reporting
3. Malware
  • Comparing viruses, worms, and Trojans
  • Malware payloads
  • Understanding backdoors and logic bombs
  • Botnets
  • Advanced persistent threats
4. Understanding Attackers
  • Cybersecurity adversaries
  • Preventing insider threats
  • Threat intelligence
5. Attack Types
  • Denial of service attacks
  • Eavesdropping attacks
  • DNS attacks
  • Layer 2 attacks
  • Network address spoofing
  • Password attacks
  • Password spraying and credential stuffing
  • Watering hole attacks
6. Social Engineering Attacks
  • Social engineering
  • Impersonation attacks
  • Physical social engineering
7. Vulnerability Scanning and Penetration Testing
  • What is vulnerability management?
  • Identify scan targets
  • Scan configuration
  • Scan perspective
  • Security Content Automation Protocol (SCAP)
  • Common Vulnerability Scoring System (CVSS)
  • Analyzing scan reports
  • Correlating scan results
8. Awareness and Training
  • Security awareness training
  • Compliance training
  • User habits
  • Measuring compliance and security posture
  • Awareness program reviews
9. Business Continuity
  • Business continuity planning
  • Business continuity controls
  • High availability and fault tolerance
10. Disaster Recovery
  • Disaster recovery planning
  • Backups
  • Restoring backups
  • Disaster recovery sites
  • Testing BC/DR plans
11. Supply Chain Risk
  • Managing vendor relationships
  • Vendor agreements
  • Vendor information management
  • Audits and assessments
  • Cloud audits
12. Compliance
  • Legal and compliance risks
  • Privacy compliance
  • Data breaches
  • Intellectual property
Conclusion
  • Continuing your studies

Taught by

Mike Chapple

Related Courses

Emergency and Disaster Training and Exercising: An Introduction
Coventry University via FutureLearn Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Building Change Capability for Managers
LinkedIn Learning CCSP Cert Prep: 3 Cloud Platform and Infrastructure Security
LinkedIn Learning CISSP Cert Prep (2021): 6 Security Assessment and Testing
LinkedIn Learning