Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

CISM Cert Prep: 3 Information Security Program Development and Management

via LinkedIn Learning

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Get the detailed information you need to tackle the Information Security Program domain on the Certified Information Security Manager (CISM) exam.

Syllabus

Introduction
  • Information security program
  • What you need to know
  • Study resources
1. Information Security Program Development
  • Scope and charter
  • Alignment of security and business objectives
  • Building a security team
  • Conducting a gap analysis
2. Personnel Security
  • Improving personnel security
  • Security in the hiring process
  • Employee termination process
  • Employee privacy
  • Social networking
3. Cloud Computing and Virtualization
  • What is the cloud?
  • Cloud computing roles
  • Drivers for cloud computing
  • Virtualization
  • Cloud activities and the Cloud Reference Architecture
  • Cloud deployment models
  • Cloud service categories
  • Security and privacy concerns in the cloud
4. Host Security
  • Operating system security
  • Malware prevention
  • Application management
  • Host-based network security controls
  • File integrity monitoring
  • Data loss prevention
  • Data encryption
  • Hardware and firmware security
5. Mobile Security
  • Mobile device security
  • Mobile device management
  • Mobile device tracking
  • Mobile application security
  • Mobile security enforcement
  • Bring your own device (BYOD)
  • Mobile deployment models
6. Cryptography
  • Understanding encryption
  • Symmetric and asymmetric cryptography
  • Goals of cryptography
  • Choosing encryption algorithms
  • The cryptographic lifecycle
  • Key exchange
  • Diffie-Hellman
  • Key escrow
  • Key stretching
  • Trust models
  • PKI and digital certificates
  • Hash functions
  • Digital signatures
  • TLS and SSL
  • IPsec
  • Securing common protocols
7. Physical Security
  • Site and facility design
  • Data center environmental controls
  • Physical access control
  • Visitor management
  • Physical security personnel
8. Network Security
  • Routers, switches, and bridges
  • Firewalls
  • VPNs and VPN concentrators
  • Network intrusion detection and prevention
  • Unified threat management
  • VLANs and network segmentation
  • Network access control
  • Remote network access
9. Identity and Access Management
  • Identification, authentication, and authorization
  • Usernames and access cards
  • Authentication factors
  • Biometrics
  • Multi-factor authentication
  • Something you have
  • Understanding account and privilege management
  • Account types
  • Account policies
  • Account monitoring
  • Privileged access management
  • Provisioning and deprovisioning
10. Asset Management
  • Change management
  • Configuration management
  • Physical asset management
11. Personnel Safety
  • Personnel safety
  • Emergency management
12. Software Security
  • Software platforms
  • Development methodologies
  • Maturity models
  • Operation, maintenance, and change management
  • Code review
  • Software testing
  • Code security tests
  • Third-party code
Conclusion
  • Continuing your studies

Taught by

Mike Chapple

Reviews

4.8 rating at LinkedIn Learning based on 380 ratings

Start your review of CISM Cert Prep: 3 Information Security Program Development and Management

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.