Mike Chapple (University of Notre Dame)
CISM Certified Information Security Manager Study Guide
Mike Chapple (University of Notre Dame)
CISM Certified Information Security Manager Study Guide
- Broschiertes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Sharpen your information security skills and grab an invaluable new credential with this unbeatable study guide As cybersecurity becomes an increasingly mission-critical issue, more and more employers and professionals are turning to ISACA's trusted and recognized Certified Information Security Manager qualification as a tried-and-true indicator of information security management expertise. In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you…mehr
Andere Kunden interessierten sich auch für
- Aaron KrausThe Official (ISC)2 CCSP CBK Reference55,99 €
- Mike Chapple (University of Notre Dame)(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide43,99 €
- Mike Chapple (University of Notre Dame)(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide & Practice Tests Bundle65,99 €
- Mike Chapple (University of Notre Dame)(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests30,99 €
- Kathiravan UdayakumarMCE Microsoft Certified Expert Cybersecurity Architect Study Guide47,99 €
- Kim CrawleyHacker Culture A to Z30,99 €
- Andreas AntonopoulosMastering Ethereum43,99 €
-
-
-
Sharpen your information security skills and grab an invaluable new credential with this unbeatable study guide As cybersecurity becomes an increasingly mission-critical issue, more and more employers and professionals are turning to ISACA's trusted and recognized Certified Information Security Manager qualification as a tried-and-true indicator of information security management expertise. In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you need to prove yourself where it really counts: on the job. Chapters are organized intuitively and by exam objective so you can easily keep track of what you've covered and what you still need to study. You'll also get access to a pre-assessment, so you can find out where you stand before you take your studies further. Sharpen your skills with Exam Essentials and chapter review questions with detailed explanations in all four of the CISM exam domains: Information Security Governance, Information Security Risk Management, Information Security Program, and Incident Management. In this essential resource, you'll also: * Grab a head start to an in-demand certification used across the information security industry * Expand your career opportunities to include rewarding and challenging new roles only accessible to those with a CISM credential * Access the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms Perfect for anyone prepping for the challenging CISM exam or looking for a new role in the information security field, the Certified Information Security Manager (CISM) Study Guide is an indispensable resource that will put you on the fast track to success on the test and in your next job.
Produktdetails
- Produktdetails
- Sybex Study Guide
- Verlag: John Wiley & Sons Inc
- Artikelnr. des Verlages: 1W119801930
- Erscheinungstermin: 14. Juli 2022
- Englisch
- Abmessung: 227mm x 136mm x 21mm
- Gewicht: 802g
- ISBN-13: 9781119801931
- ISBN-10: 1119801931
- Artikelnr.: 62040003
- Sybex Study Guide
- Verlag: John Wiley & Sons Inc
- Artikelnr. des Verlages: 1W119801930
- Erscheinungstermin: 14. Juli 2022
- Englisch
- Abmessung: 227mm x 136mm x 21mm
- Gewicht: 802g
- ISBN-13: 9781119801931
- ISBN-10: 1119801931
- Artikelnr.: 62040003
ABOUT THE AUTHOR MIKE CHAPPLE, PhD, CISM, is Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame's Mendoza College of Business. He is a bestselling author of over 25 books and serves as the Academic Director of the University's Master of Science in Business Analytics program. He holds multiple additional certifications, including the CISSP (Certified Information Systems Security Professional), CySA+ (CompTIA Cybersecurity Analyst), CIPP/US (Certified Information Privacy Professional), CompTIA PenTest+, and CompTIA Security+. Mike provides cybersecurity certification resources at his website, CertMike.com
Introduction Assessment Test xxi Chapter 1 Today's Information Security
Manager 1 Information Security Objectives 2 Role of the Information
Security Manager 3 Chief Information Security Officer 4 Lines of Authority
4 Organizing the Security Team 5 Roles and Responsibilities 7 Information
Security Risks 8 The DAD Triad 8 Incident Impact 9 Building an Information
Security Strategy 12 Threat Research 12 SWOT Analysis 13 Gap Analysis 13
Creating SMART Goals 16 Alignment with Business Strategy 16 Leadership
Support 17 Internal and External Influences 17 Cybersecurity
Responsibilities 18 Communication 19 Action Plans 19 Implementing Security
Controls 20 Security Control Categories 21 Security Control Types 21 Data
Protection 23 Summary 25 Exam Essentials 25 Review Questions 27 Chapter 2
Information Security Governance and Compliance 31 Governance 33 Corporate
Governance 33 Governance, Risk, and Compliance Programs 35 Information
Security Governance 35 Developing Business Cases 36 Third- Party
Relationships 37 Understanding Policy Documents 38 Policies 38 Standards 40
Procedures 42 Guidelines 43 Exceptions and Compensating Controls 44
Developing Policies 45 Complying with Laws and Regulations 46 Adopting
Standard Frameworks 47 Cobit 47 NIST Cybersecurity Framework 49 NIST Risk
Management Framework 52 ISO Standards 53 Benchmarks and Secure
Configuration Guides 54 Security Control Verification and Quality Control
56 Summary 57 Exam Essentials 57 Review Questions 59 Chapter 3 Information
Risk Management 63 Analyzing Risk 65 Risk Identification 66 Risk
Calculation 67 Risk Assessment 68 Risk Treatment and Response 72 Risk
Mitigation 73 Risk Avoidance 74 Risk Transference 74 Risk Acceptance 75
Risk Analysis 75 Disaster Recovery Planning 78 Disaster Types 78 Business
Impact Analysis 79 Privacy 79 Sensitive Information Inventory 80
Information Classification 80 Data Roles and Responsibilities 82
Information Lifecycle 83 Privacy- Enhancing Technologies 83 Privacy and
Data Breach Notification 84 Summary 84 Exam Essentials 85 Review Questions
86 Chapter 4 Cybersecurity Threats 91 Chapter 5 Exploring Cybersecurity
Threats 92 Classifying Cybersecurity Threats 92 Threat Actors 94 Threat
Vectors 99 Threat Data and Intelligence 101 Open Source Intelligence 101
Proprietary and Closed Source Intelligence 104 Assessing Threat
Intelligence 105 Threat Indicator Management and Exchange 107 Public and
Private Information Sharing Centers 108 Conducting Your Own Research 108
Summary 109 Exam Essentials 109 Review Questions 111 Information Security
Program Development and Management 115 Information Security Programs 117
Establishing a New Program 117 Maintaining an Existing Program 121 Security
Awareness and Training 123 User Training 123 Role- Based Training 124
Ongoing Awareness Efforts 124 Managing the Information Security Team 125
Hiring Team Members 126 Developing the Security Team 126 Managing the
Security Budget 127 Organizational Budgeting 127 Fiscal Years 127 Expense
Types 128 Budget Monitoring 129 Integrating Security with Other Business
Functions 130 Procurement 130 Accounting 133 Human Resources 133
Information Technology 135 Audit 138 Summary 139 Exam Essentials 139 Review
Questions 141 Chapter 6 Security Assessment and Testing 145 Vulnerability
Management 146 Identifying Scan Targets 146 Determining Scan Frequency 148
Configuring Vulnerability Scans 149 Scanner Maintenance 154 Vulnerability
Scanning Tools 155 Reviewing and Interpreting Scan Reports 159 Validating
Scan Results 160 Security Vulnerabilities 161 Patch Management 162 Legacy
Platforms 163 Weak Configurations 164 Error Messages 164 Insecure Protocols
165 Weak Encryption 166 Penetration Testing 167 Adopting the Hacker Mindset
168 Reasons for Penetration Testing 169 Benefits of Penetration Testing 169
Penetration Test Types 170 Rules of Engagement 171 Reconnaissance 173
Running the Test 173 Cleaning Up 174 Training and Exercises 174 Summary 175
Exam Essentials 176 Review Questions 177 Chapter 7 Cybersecurity Technology
181 Endpoint Security 182 Malware Prevention 183 Endpoint Detection and
Response 183 Data Loss Prevention 184 Change and Configuration Management
185 Patch Management 185 System Hardening 185 Network Security 186 Network
Segmentation 186 Network Device Security 188 Network Security Tools 191
Cloud Computing Security 195 Benefits of the Cloud 196 Cloud Roles 198
Cloud Service Models 198 Cloud Deployment Models 202 Shared Responsibility
Model 204 Cloud Standards and Guidelines 207 Cloud Security Issues 208
Cloud Security Controls 210 Cryptography 212 Goals of Cryptography 212
Symmetric Key Algorithms 214 Asymmetric Cryptography 215 Hash Functions 217
Digital Signatures 218 Digital Certificates 219 Certificate Generation and
Destruction 220 Code Security 223 Software Development Life Cycle 223
Software Development Phases 224 Software Development Models 226 DevSecOps
and DevOps 229 Code Review 230 Software Security Testing 232 Identity and
Access Management 234 Identification, Authentication, and Authorization 234
Authentication Techniques 235 Authentication Errors 237 Single- Sign On and
Federation 238 Provisioning and Deprovisioning 238 Account Monitoring 239
Summary 240 Exam Essentials 241 Review Questions 244 Chapter 8 Incident
Response 249 Security Incidents 251 Phases of Incident Response 252
Preparation 253 Detection and Analysis 254 Containment, Eradication, and
Recovery 255 Post- Incident Activity 267 Building the Incident Response
Plan 269 Policy 269 Procedures and Playbooks 270 Documenting the Incident
Response Plan 270 Creating an Incident Response Team 272 Incident Response
Providers 273 CSIRT Scope of Control 273 Coordination and Information
Sharing 273 Internal Communications 274 External Communications 274
Classifying Incidents 274 Threat Classification 275 Severity Classification
276 Conducting Investigations 279 Investigation Types 279 Evidence 282 Plan
Training, Testing, and Evaluation 288 Summary 289 Exam Essentials 290
Review Questions 292 Chapter 9 Business Continuity and Disaster Recovery
297 Planning for Business Continuity 298 Project Scope and Planning 299
Organizational Review 300 BCP Team Selection 301 Resource Requirements 302
Legal and Regulatory Requirements 303 Business Impact Analysis 304
Identifying Priorities 305 Risk Identification 306 Likelihood Assessment
308 Impact Analysis 309 Resource Prioritization 310 Continuity Planning 310
Strategy Development 311 Provisions and Processes 311 Plan Approval and
Implementation 313 Plan Approval 313 Plan Implementation 314 Training and
Education 314 BCP Documentation 314 The Nature of Disaster 318 Natural
Disasters 319 Human- Made Disasters 324 System Resilience, High
Availability, and Fault Tolerance 327 Protecting Hard Drives 328 Protecting
Servers 329 Protecting Power Sources 331 Recovery Strategy 331 Business
Unit and Functional Priorities 332 Crisis Management 333 Emergency
Communications 334 Workgroup Recovery 334 Alternate Processing Sites 334
Database Recovery 338 Recovery Plan Development 340 Emergency Response 341
Personnel and Communications 341 Assessment 342 Backups and Offsite Storage
342 Utilities 345 Logistics and Supplies 345 Training, Awareness, and
Documentation 345 Testing and Maintenance 346 Read- Through Test 346
Structured Walk- Through 346 Simulation Test 347 Parallel Test 347 Full-
Interruption Test 347 Lessons Learned 347 Maintenance 348 Summary 349 Exam
Essentials 349 Review Questions 351 Appendix Answers to the Review
Questions 357 Chapter 1: Today's Information Security Manager 358 Chapter
2: Information Security Governance and Compliance 360 Chapter 3:
Information Risk Management 362 Chapter 4: Cybersecurity Threats 363
Chapter 5: Information Security Program Development and Management 365
Chapter 6: Security Assessment and Testing 368 Chapter 7: Cybersecurity
Technology 370 Chapter 8: Incident Response 372 Chapter 9: Business
Continuity and Disaster Recovery 374 Index 377
Manager 1 Information Security Objectives 2 Role of the Information
Security Manager 3 Chief Information Security Officer 4 Lines of Authority
4 Organizing the Security Team 5 Roles and Responsibilities 7 Information
Security Risks 8 The DAD Triad 8 Incident Impact 9 Building an Information
Security Strategy 12 Threat Research 12 SWOT Analysis 13 Gap Analysis 13
Creating SMART Goals 16 Alignment with Business Strategy 16 Leadership
Support 17 Internal and External Influences 17 Cybersecurity
Responsibilities 18 Communication 19 Action Plans 19 Implementing Security
Controls 20 Security Control Categories 21 Security Control Types 21 Data
Protection 23 Summary 25 Exam Essentials 25 Review Questions 27 Chapter 2
Information Security Governance and Compliance 31 Governance 33 Corporate
Governance 33 Governance, Risk, and Compliance Programs 35 Information
Security Governance 35 Developing Business Cases 36 Third- Party
Relationships 37 Understanding Policy Documents 38 Policies 38 Standards 40
Procedures 42 Guidelines 43 Exceptions and Compensating Controls 44
Developing Policies 45 Complying with Laws and Regulations 46 Adopting
Standard Frameworks 47 Cobit 47 NIST Cybersecurity Framework 49 NIST Risk
Management Framework 52 ISO Standards 53 Benchmarks and Secure
Configuration Guides 54 Security Control Verification and Quality Control
56 Summary 57 Exam Essentials 57 Review Questions 59 Chapter 3 Information
Risk Management 63 Analyzing Risk 65 Risk Identification 66 Risk
Calculation 67 Risk Assessment 68 Risk Treatment and Response 72 Risk
Mitigation 73 Risk Avoidance 74 Risk Transference 74 Risk Acceptance 75
Risk Analysis 75 Disaster Recovery Planning 78 Disaster Types 78 Business
Impact Analysis 79 Privacy 79 Sensitive Information Inventory 80
Information Classification 80 Data Roles and Responsibilities 82
Information Lifecycle 83 Privacy- Enhancing Technologies 83 Privacy and
Data Breach Notification 84 Summary 84 Exam Essentials 85 Review Questions
86 Chapter 4 Cybersecurity Threats 91 Chapter 5 Exploring Cybersecurity
Threats 92 Classifying Cybersecurity Threats 92 Threat Actors 94 Threat
Vectors 99 Threat Data and Intelligence 101 Open Source Intelligence 101
Proprietary and Closed Source Intelligence 104 Assessing Threat
Intelligence 105 Threat Indicator Management and Exchange 107 Public and
Private Information Sharing Centers 108 Conducting Your Own Research 108
Summary 109 Exam Essentials 109 Review Questions 111 Information Security
Program Development and Management 115 Information Security Programs 117
Establishing a New Program 117 Maintaining an Existing Program 121 Security
Awareness and Training 123 User Training 123 Role- Based Training 124
Ongoing Awareness Efforts 124 Managing the Information Security Team 125
Hiring Team Members 126 Developing the Security Team 126 Managing the
Security Budget 127 Organizational Budgeting 127 Fiscal Years 127 Expense
Types 128 Budget Monitoring 129 Integrating Security with Other Business
Functions 130 Procurement 130 Accounting 133 Human Resources 133
Information Technology 135 Audit 138 Summary 139 Exam Essentials 139 Review
Questions 141 Chapter 6 Security Assessment and Testing 145 Vulnerability
Management 146 Identifying Scan Targets 146 Determining Scan Frequency 148
Configuring Vulnerability Scans 149 Scanner Maintenance 154 Vulnerability
Scanning Tools 155 Reviewing and Interpreting Scan Reports 159 Validating
Scan Results 160 Security Vulnerabilities 161 Patch Management 162 Legacy
Platforms 163 Weak Configurations 164 Error Messages 164 Insecure Protocols
165 Weak Encryption 166 Penetration Testing 167 Adopting the Hacker Mindset
168 Reasons for Penetration Testing 169 Benefits of Penetration Testing 169
Penetration Test Types 170 Rules of Engagement 171 Reconnaissance 173
Running the Test 173 Cleaning Up 174 Training and Exercises 174 Summary 175
Exam Essentials 176 Review Questions 177 Chapter 7 Cybersecurity Technology
181 Endpoint Security 182 Malware Prevention 183 Endpoint Detection and
Response 183 Data Loss Prevention 184 Change and Configuration Management
185 Patch Management 185 System Hardening 185 Network Security 186 Network
Segmentation 186 Network Device Security 188 Network Security Tools 191
Cloud Computing Security 195 Benefits of the Cloud 196 Cloud Roles 198
Cloud Service Models 198 Cloud Deployment Models 202 Shared Responsibility
Model 204 Cloud Standards and Guidelines 207 Cloud Security Issues 208
Cloud Security Controls 210 Cryptography 212 Goals of Cryptography 212
Symmetric Key Algorithms 214 Asymmetric Cryptography 215 Hash Functions 217
Digital Signatures 218 Digital Certificates 219 Certificate Generation and
Destruction 220 Code Security 223 Software Development Life Cycle 223
Software Development Phases 224 Software Development Models 226 DevSecOps
and DevOps 229 Code Review 230 Software Security Testing 232 Identity and
Access Management 234 Identification, Authentication, and Authorization 234
Authentication Techniques 235 Authentication Errors 237 Single- Sign On and
Federation 238 Provisioning and Deprovisioning 238 Account Monitoring 239
Summary 240 Exam Essentials 241 Review Questions 244 Chapter 8 Incident
Response 249 Security Incidents 251 Phases of Incident Response 252
Preparation 253 Detection and Analysis 254 Containment, Eradication, and
Recovery 255 Post- Incident Activity 267 Building the Incident Response
Plan 269 Policy 269 Procedures and Playbooks 270 Documenting the Incident
Response Plan 270 Creating an Incident Response Team 272 Incident Response
Providers 273 CSIRT Scope of Control 273 Coordination and Information
Sharing 273 Internal Communications 274 External Communications 274
Classifying Incidents 274 Threat Classification 275 Severity Classification
276 Conducting Investigations 279 Investigation Types 279 Evidence 282 Plan
Training, Testing, and Evaluation 288 Summary 289 Exam Essentials 290
Review Questions 292 Chapter 9 Business Continuity and Disaster Recovery
297 Planning for Business Continuity 298 Project Scope and Planning 299
Organizational Review 300 BCP Team Selection 301 Resource Requirements 302
Legal and Regulatory Requirements 303 Business Impact Analysis 304
Identifying Priorities 305 Risk Identification 306 Likelihood Assessment
308 Impact Analysis 309 Resource Prioritization 310 Continuity Planning 310
Strategy Development 311 Provisions and Processes 311 Plan Approval and
Implementation 313 Plan Approval 313 Plan Implementation 314 Training and
Education 314 BCP Documentation 314 The Nature of Disaster 318 Natural
Disasters 319 Human- Made Disasters 324 System Resilience, High
Availability, and Fault Tolerance 327 Protecting Hard Drives 328 Protecting
Servers 329 Protecting Power Sources 331 Recovery Strategy 331 Business
Unit and Functional Priorities 332 Crisis Management 333 Emergency
Communications 334 Workgroup Recovery 334 Alternate Processing Sites 334
Database Recovery 338 Recovery Plan Development 340 Emergency Response 341
Personnel and Communications 341 Assessment 342 Backups and Offsite Storage
342 Utilities 345 Logistics and Supplies 345 Training, Awareness, and
Documentation 345 Testing and Maintenance 346 Read- Through Test 346
Structured Walk- Through 346 Simulation Test 347 Parallel Test 347 Full-
Interruption Test 347 Lessons Learned 347 Maintenance 348 Summary 349 Exam
Essentials 349 Review Questions 351 Appendix Answers to the Review
Questions 357 Chapter 1: Today's Information Security Manager 358 Chapter
2: Information Security Governance and Compliance 360 Chapter 3:
Information Risk Management 362 Chapter 4: Cybersecurity Threats 363
Chapter 5: Information Security Program Development and Management 365
Chapter 6: Security Assessment and Testing 368 Chapter 7: Cybersecurity
Technology 370 Chapter 8: Incident Response 372 Chapter 9: Business
Continuity and Disaster Recovery 374 Index 377
Introduction Assessment Test xxi Chapter 1 Today's Information Security
Manager 1 Information Security Objectives 2 Role of the Information
Security Manager 3 Chief Information Security Officer 4 Lines of Authority
4 Organizing the Security Team 5 Roles and Responsibilities 7 Information
Security Risks 8 The DAD Triad 8 Incident Impact 9 Building an Information
Security Strategy 12 Threat Research 12 SWOT Analysis 13 Gap Analysis 13
Creating SMART Goals 16 Alignment with Business Strategy 16 Leadership
Support 17 Internal and External Influences 17 Cybersecurity
Responsibilities 18 Communication 19 Action Plans 19 Implementing Security
Controls 20 Security Control Categories 21 Security Control Types 21 Data
Protection 23 Summary 25 Exam Essentials 25 Review Questions 27 Chapter 2
Information Security Governance and Compliance 31 Governance 33 Corporate
Governance 33 Governance, Risk, and Compliance Programs 35 Information
Security Governance 35 Developing Business Cases 36 Third- Party
Relationships 37 Understanding Policy Documents 38 Policies 38 Standards 40
Procedures 42 Guidelines 43 Exceptions and Compensating Controls 44
Developing Policies 45 Complying with Laws and Regulations 46 Adopting
Standard Frameworks 47 Cobit 47 NIST Cybersecurity Framework 49 NIST Risk
Management Framework 52 ISO Standards 53 Benchmarks and Secure
Configuration Guides 54 Security Control Verification and Quality Control
56 Summary 57 Exam Essentials 57 Review Questions 59 Chapter 3 Information
Risk Management 63 Analyzing Risk 65 Risk Identification 66 Risk
Calculation 67 Risk Assessment 68 Risk Treatment and Response 72 Risk
Mitigation 73 Risk Avoidance 74 Risk Transference 74 Risk Acceptance 75
Risk Analysis 75 Disaster Recovery Planning 78 Disaster Types 78 Business
Impact Analysis 79 Privacy 79 Sensitive Information Inventory 80
Information Classification 80 Data Roles and Responsibilities 82
Information Lifecycle 83 Privacy- Enhancing Technologies 83 Privacy and
Data Breach Notification 84 Summary 84 Exam Essentials 85 Review Questions
86 Chapter 4 Cybersecurity Threats 91 Chapter 5 Exploring Cybersecurity
Threats 92 Classifying Cybersecurity Threats 92 Threat Actors 94 Threat
Vectors 99 Threat Data and Intelligence 101 Open Source Intelligence 101
Proprietary and Closed Source Intelligence 104 Assessing Threat
Intelligence 105 Threat Indicator Management and Exchange 107 Public and
Private Information Sharing Centers 108 Conducting Your Own Research 108
Summary 109 Exam Essentials 109 Review Questions 111 Information Security
Program Development and Management 115 Information Security Programs 117
Establishing a New Program 117 Maintaining an Existing Program 121 Security
Awareness and Training 123 User Training 123 Role- Based Training 124
Ongoing Awareness Efforts 124 Managing the Information Security Team 125
Hiring Team Members 126 Developing the Security Team 126 Managing the
Security Budget 127 Organizational Budgeting 127 Fiscal Years 127 Expense
Types 128 Budget Monitoring 129 Integrating Security with Other Business
Functions 130 Procurement 130 Accounting 133 Human Resources 133
Information Technology 135 Audit 138 Summary 139 Exam Essentials 139 Review
Questions 141 Chapter 6 Security Assessment and Testing 145 Vulnerability
Management 146 Identifying Scan Targets 146 Determining Scan Frequency 148
Configuring Vulnerability Scans 149 Scanner Maintenance 154 Vulnerability
Scanning Tools 155 Reviewing and Interpreting Scan Reports 159 Validating
Scan Results 160 Security Vulnerabilities 161 Patch Management 162 Legacy
Platforms 163 Weak Configurations 164 Error Messages 164 Insecure Protocols
165 Weak Encryption 166 Penetration Testing 167 Adopting the Hacker Mindset
168 Reasons for Penetration Testing 169 Benefits of Penetration Testing 169
Penetration Test Types 170 Rules of Engagement 171 Reconnaissance 173
Running the Test 173 Cleaning Up 174 Training and Exercises 174 Summary 175
Exam Essentials 176 Review Questions 177 Chapter 7 Cybersecurity Technology
181 Endpoint Security 182 Malware Prevention 183 Endpoint Detection and
Response 183 Data Loss Prevention 184 Change and Configuration Management
185 Patch Management 185 System Hardening 185 Network Security 186 Network
Segmentation 186 Network Device Security 188 Network Security Tools 191
Cloud Computing Security 195 Benefits of the Cloud 196 Cloud Roles 198
Cloud Service Models 198 Cloud Deployment Models 202 Shared Responsibility
Model 204 Cloud Standards and Guidelines 207 Cloud Security Issues 208
Cloud Security Controls 210 Cryptography 212 Goals of Cryptography 212
Symmetric Key Algorithms 214 Asymmetric Cryptography 215 Hash Functions 217
Digital Signatures 218 Digital Certificates 219 Certificate Generation and
Destruction 220 Code Security 223 Software Development Life Cycle 223
Software Development Phases 224 Software Development Models 226 DevSecOps
and DevOps 229 Code Review 230 Software Security Testing 232 Identity and
Access Management 234 Identification, Authentication, and Authorization 234
Authentication Techniques 235 Authentication Errors 237 Single- Sign On and
Federation 238 Provisioning and Deprovisioning 238 Account Monitoring 239
Summary 240 Exam Essentials 241 Review Questions 244 Chapter 8 Incident
Response 249 Security Incidents 251 Phases of Incident Response 252
Preparation 253 Detection and Analysis 254 Containment, Eradication, and
Recovery 255 Post- Incident Activity 267 Building the Incident Response
Plan 269 Policy 269 Procedures and Playbooks 270 Documenting the Incident
Response Plan 270 Creating an Incident Response Team 272 Incident Response
Providers 273 CSIRT Scope of Control 273 Coordination and Information
Sharing 273 Internal Communications 274 External Communications 274
Classifying Incidents 274 Threat Classification 275 Severity Classification
276 Conducting Investigations 279 Investigation Types 279 Evidence 282 Plan
Training, Testing, and Evaluation 288 Summary 289 Exam Essentials 290
Review Questions 292 Chapter 9 Business Continuity and Disaster Recovery
297 Planning for Business Continuity 298 Project Scope and Planning 299
Organizational Review 300 BCP Team Selection 301 Resource Requirements 302
Legal and Regulatory Requirements 303 Business Impact Analysis 304
Identifying Priorities 305 Risk Identification 306 Likelihood Assessment
308 Impact Analysis 309 Resource Prioritization 310 Continuity Planning 310
Strategy Development 311 Provisions and Processes 311 Plan Approval and
Implementation 313 Plan Approval 313 Plan Implementation 314 Training and
Education 314 BCP Documentation 314 The Nature of Disaster 318 Natural
Disasters 319 Human- Made Disasters 324 System Resilience, High
Availability, and Fault Tolerance 327 Protecting Hard Drives 328 Protecting
Servers 329 Protecting Power Sources 331 Recovery Strategy 331 Business
Unit and Functional Priorities 332 Crisis Management 333 Emergency
Communications 334 Workgroup Recovery 334 Alternate Processing Sites 334
Database Recovery 338 Recovery Plan Development 340 Emergency Response 341
Personnel and Communications 341 Assessment 342 Backups and Offsite Storage
342 Utilities 345 Logistics and Supplies 345 Training, Awareness, and
Documentation 345 Testing and Maintenance 346 Read- Through Test 346
Structured Walk- Through 346 Simulation Test 347 Parallel Test 347 Full-
Interruption Test 347 Lessons Learned 347 Maintenance 348 Summary 349 Exam
Essentials 349 Review Questions 351 Appendix Answers to the Review
Questions 357 Chapter 1: Today's Information Security Manager 358 Chapter
2: Information Security Governance and Compliance 360 Chapter 3:
Information Risk Management 362 Chapter 4: Cybersecurity Threats 363
Chapter 5: Information Security Program Development and Management 365
Chapter 6: Security Assessment and Testing 368 Chapter 7: Cybersecurity
Technology 370 Chapter 8: Incident Response 372 Chapter 9: Business
Continuity and Disaster Recovery 374 Index 377
Manager 1 Information Security Objectives 2 Role of the Information
Security Manager 3 Chief Information Security Officer 4 Lines of Authority
4 Organizing the Security Team 5 Roles and Responsibilities 7 Information
Security Risks 8 The DAD Triad 8 Incident Impact 9 Building an Information
Security Strategy 12 Threat Research 12 SWOT Analysis 13 Gap Analysis 13
Creating SMART Goals 16 Alignment with Business Strategy 16 Leadership
Support 17 Internal and External Influences 17 Cybersecurity
Responsibilities 18 Communication 19 Action Plans 19 Implementing Security
Controls 20 Security Control Categories 21 Security Control Types 21 Data
Protection 23 Summary 25 Exam Essentials 25 Review Questions 27 Chapter 2
Information Security Governance and Compliance 31 Governance 33 Corporate
Governance 33 Governance, Risk, and Compliance Programs 35 Information
Security Governance 35 Developing Business Cases 36 Third- Party
Relationships 37 Understanding Policy Documents 38 Policies 38 Standards 40
Procedures 42 Guidelines 43 Exceptions and Compensating Controls 44
Developing Policies 45 Complying with Laws and Regulations 46 Adopting
Standard Frameworks 47 Cobit 47 NIST Cybersecurity Framework 49 NIST Risk
Management Framework 52 ISO Standards 53 Benchmarks and Secure
Configuration Guides 54 Security Control Verification and Quality Control
56 Summary 57 Exam Essentials 57 Review Questions 59 Chapter 3 Information
Risk Management 63 Analyzing Risk 65 Risk Identification 66 Risk
Calculation 67 Risk Assessment 68 Risk Treatment and Response 72 Risk
Mitigation 73 Risk Avoidance 74 Risk Transference 74 Risk Acceptance 75
Risk Analysis 75 Disaster Recovery Planning 78 Disaster Types 78 Business
Impact Analysis 79 Privacy 79 Sensitive Information Inventory 80
Information Classification 80 Data Roles and Responsibilities 82
Information Lifecycle 83 Privacy- Enhancing Technologies 83 Privacy and
Data Breach Notification 84 Summary 84 Exam Essentials 85 Review Questions
86 Chapter 4 Cybersecurity Threats 91 Chapter 5 Exploring Cybersecurity
Threats 92 Classifying Cybersecurity Threats 92 Threat Actors 94 Threat
Vectors 99 Threat Data and Intelligence 101 Open Source Intelligence 101
Proprietary and Closed Source Intelligence 104 Assessing Threat
Intelligence 105 Threat Indicator Management and Exchange 107 Public and
Private Information Sharing Centers 108 Conducting Your Own Research 108
Summary 109 Exam Essentials 109 Review Questions 111 Information Security
Program Development and Management 115 Information Security Programs 117
Establishing a New Program 117 Maintaining an Existing Program 121 Security
Awareness and Training 123 User Training 123 Role- Based Training 124
Ongoing Awareness Efforts 124 Managing the Information Security Team 125
Hiring Team Members 126 Developing the Security Team 126 Managing the
Security Budget 127 Organizational Budgeting 127 Fiscal Years 127 Expense
Types 128 Budget Monitoring 129 Integrating Security with Other Business
Functions 130 Procurement 130 Accounting 133 Human Resources 133
Information Technology 135 Audit 138 Summary 139 Exam Essentials 139 Review
Questions 141 Chapter 6 Security Assessment and Testing 145 Vulnerability
Management 146 Identifying Scan Targets 146 Determining Scan Frequency 148
Configuring Vulnerability Scans 149 Scanner Maintenance 154 Vulnerability
Scanning Tools 155 Reviewing and Interpreting Scan Reports 159 Validating
Scan Results 160 Security Vulnerabilities 161 Patch Management 162 Legacy
Platforms 163 Weak Configurations 164 Error Messages 164 Insecure Protocols
165 Weak Encryption 166 Penetration Testing 167 Adopting the Hacker Mindset
168 Reasons for Penetration Testing 169 Benefits of Penetration Testing 169
Penetration Test Types 170 Rules of Engagement 171 Reconnaissance 173
Running the Test 173 Cleaning Up 174 Training and Exercises 174 Summary 175
Exam Essentials 176 Review Questions 177 Chapter 7 Cybersecurity Technology
181 Endpoint Security 182 Malware Prevention 183 Endpoint Detection and
Response 183 Data Loss Prevention 184 Change and Configuration Management
185 Patch Management 185 System Hardening 185 Network Security 186 Network
Segmentation 186 Network Device Security 188 Network Security Tools 191
Cloud Computing Security 195 Benefits of the Cloud 196 Cloud Roles 198
Cloud Service Models 198 Cloud Deployment Models 202 Shared Responsibility
Model 204 Cloud Standards and Guidelines 207 Cloud Security Issues 208
Cloud Security Controls 210 Cryptography 212 Goals of Cryptography 212
Symmetric Key Algorithms 214 Asymmetric Cryptography 215 Hash Functions 217
Digital Signatures 218 Digital Certificates 219 Certificate Generation and
Destruction 220 Code Security 223 Software Development Life Cycle 223
Software Development Phases 224 Software Development Models 226 DevSecOps
and DevOps 229 Code Review 230 Software Security Testing 232 Identity and
Access Management 234 Identification, Authentication, and Authorization 234
Authentication Techniques 235 Authentication Errors 237 Single- Sign On and
Federation 238 Provisioning and Deprovisioning 238 Account Monitoring 239
Summary 240 Exam Essentials 241 Review Questions 244 Chapter 8 Incident
Response 249 Security Incidents 251 Phases of Incident Response 252
Preparation 253 Detection and Analysis 254 Containment, Eradication, and
Recovery 255 Post- Incident Activity 267 Building the Incident Response
Plan 269 Policy 269 Procedures and Playbooks 270 Documenting the Incident
Response Plan 270 Creating an Incident Response Team 272 Incident Response
Providers 273 CSIRT Scope of Control 273 Coordination and Information
Sharing 273 Internal Communications 274 External Communications 274
Classifying Incidents 274 Threat Classification 275 Severity Classification
276 Conducting Investigations 279 Investigation Types 279 Evidence 282 Plan
Training, Testing, and Evaluation 288 Summary 289 Exam Essentials 290
Review Questions 292 Chapter 9 Business Continuity and Disaster Recovery
297 Planning for Business Continuity 298 Project Scope and Planning 299
Organizational Review 300 BCP Team Selection 301 Resource Requirements 302
Legal and Regulatory Requirements 303 Business Impact Analysis 304
Identifying Priorities 305 Risk Identification 306 Likelihood Assessment
308 Impact Analysis 309 Resource Prioritization 310 Continuity Planning 310
Strategy Development 311 Provisions and Processes 311 Plan Approval and
Implementation 313 Plan Approval 313 Plan Implementation 314 Training and
Education 314 BCP Documentation 314 The Nature of Disaster 318 Natural
Disasters 319 Human- Made Disasters 324 System Resilience, High
Availability, and Fault Tolerance 327 Protecting Hard Drives 328 Protecting
Servers 329 Protecting Power Sources 331 Recovery Strategy 331 Business
Unit and Functional Priorities 332 Crisis Management 333 Emergency
Communications 334 Workgroup Recovery 334 Alternate Processing Sites 334
Database Recovery 338 Recovery Plan Development 340 Emergency Response 341
Personnel and Communications 341 Assessment 342 Backups and Offsite Storage
342 Utilities 345 Logistics and Supplies 345 Training, Awareness, and
Documentation 345 Testing and Maintenance 346 Read- Through Test 346
Structured Walk- Through 346 Simulation Test 347 Parallel Test 347 Full-
Interruption Test 347 Lessons Learned 347 Maintenance 348 Summary 349 Exam
Essentials 349 Review Questions 351 Appendix Answers to the Review
Questions 357 Chapter 1: Today's Information Security Manager 358 Chapter
2: Information Security Governance and Compliance 360 Chapter 3:
Information Risk Management 362 Chapter 4: Cybersecurity Threats 363
Chapter 5: Information Security Program Development and Management 365
Chapter 6: Security Assessment and Testing 368 Chapter 7: Cybersecurity
Technology 370 Chapter 8: Incident Response 372 Chapter 9: Business
Continuity and Disaster Recovery 374 Index 377