Certified Information Security Manager (CISM) Cert Prep (2022): 2 Information Security Risk Management
3h 41mAdvanced2022-06-30
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
Prepare to pass the Certified Information Security Manager (CISM) exam. In this course, Mike Chapple dives into the topic of information security risk management practices, helping you bolster your ability to identify, assess, and mitigate risks as you prepare for the Information Risk Management exam domain. Mike goes over the key steps of the risk assessment process, the possible risk management options, and frameworks and tools that can help you keep your organization safe. He also includes comprehensive coverage of the many cybersecurity threats facing modern organizations, including viruses, adware, and advanced persistent threats (APTs). Learn about business continuity, disaster recovery, legal and regulatory compliance, and more.
Skills covered
Vulnerability ManagementGovernance, Risk, and ComplianceCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Information security risk management
- 02 - What you need to know
- 03 - Study resources
1. Risk Assessment
- 04 - Risk assessment
- 05 - Quantitative risk assessment
- 06 - Information classification
2. Risk Management
- 07 - Risk treatment options
- 08 - Security control selection and implementation
- 09 - Ongoing risk management
- 10 - Risk management frameworks
- 11 - Risk visibility and reporting
3. Malware
- 12 - Comparing viruses, worms, and Trojans
- 13 - Malware payloads
- 14 - Understanding backdoors and logic bombs
- 15 - Botnets
- 16 - Advanced persistent threats
4. Understanding Attackers
- 17 - Cybersecurity adversaries
- 18 - Preventing insider threats
- 19 - Threat intelligence
5. Attack Types
- 20 - Denial of service attacks
- 21 - Eavesdropping attacks
- 22 - DNS attacks
- 23 - Layer 2 attacks
- 24 - Network address spoofing
- 25 - Password attacks
- 26 - Password spraying and credential stuffing
- 27 - Watering hole attacks
6. Social Engineering Attacks
- 28 - Social engineering
- 29 - Impersonation attacks
- 30 - Physical social engineering
7. Vulnerability Scanning and Penetration Testing
- 31 - What is vulnerability management
- 32 - Identify scan targets
- 33 - Scan configuration
- 34 - Scan perspective
- 35 - Security Content Automation Protocol (SCAP)
- 36 - Common Vulnerability Scoring System (CVSS)
- 37 - Analyzing scan reports
- 38 - Correlating scan results
8. Awareness and Training
- 39 - Security awareness training
- 40 - Compliance training
- 41 - User habits
- 42 - Measuring compliance and security posture
- 43 - Awareness program reviews
9. Business Continuity
- 44 - Business continuity planning
- 45 - Business continuity controls
- 46 - High availability and fault tolerance
10. Disaster Recovery
- 47 - Disaster recovery planning
- 48 - Backups
- 49 - Restoring backups
- 50 - Disaster recovery sites
- 51 - Testing BC DR plans
11. Supply Chain Risk
- 52 - Managing vendor relationships
- 53 - Vendor agreements
- 54 - Vendor information management
- 55 - Audits and assessments
- 56 - Cloud audits
12. Compliance
- 57 - Legal and compliance risks
- 58 - Privacy compliance
- 59 - Data breaches
- 60 - Intellectual property
Conclusion
- 61 - Continuing your studies
Related courses
- Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
- Certified Information Security Manager (CISM) Cert Prep (2022): 3 Information Security Program
- Certified Information Security Manager (CISM) Cert Prep (2022): 4 Incident Management
- Exam Tips: Certified Information Security Manager (CISM) (2022)
- ISACA Certified Information Security Manager (CISM) Cert Prep
- Certified Information Privacy Manager (CIPM) Cert Prep: 4 Privacy Operational Life Cycle: Protect
- IAPP Certified Information Privacy Manager (CIPM) Cert Prep
- ISO 27001:2013-Compliant Cybersecurity: Getting Started
Related learn paths
- Prepare for the Certified Information Security Manager (CISM) Certification Exam (2022)
- Prepare for the Certified Information Security Manager (CISM) exam
- Prepare for the Certified Professional Privacy Manager (CIPM) Certification
- Explore Cybersecurity Careers
- Optimizing Enterprise Security and Productivity Using Microsoft 365
- Prepare for the VMware Certified Professional: Network Virtualization 2022 (VCP-NV) Certification Exam
- Prepare for the CompTIA PenTest+ (PT0-002) Certification Exam
- Prepare for the MTA: Software Development Fundamentals Exam (98-361)