English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 3h 30m | 460 MB
Prepare to pass the Certified Information Security Manager (CISM) exam. In this course, Mike Chapple dives into the topic of information security risk management practices, helping you bolster your ability to identify, assess, and mitigate risks as you prepare for the Information Risk Management exam domain. Mike goes over the key steps of the risk assessment process, the possible risk management options, and frameworks and tools that can help you keep your organization safe. He also includes comprehensive coverage of the many cybersecurity threats facing modern organizations, including viruses, adware, and advanced persistent threats (APTs). Learn about business continuity, disaster recovery, legal and regulatory compliance, and more.
Topics include:
- Using information classification
- Selecting and implementing security controls
- Conducting ongoing risk management activities
- Comparing adware, spyware, and ransomware
- Dangers posed by advanced persistent threats (APTs)
- Understanding attackers
- Types of attacks, including networking and password attacks
- Social engineering attacks
- Scanning for vulnerabilities
- Business continuity and disaster recovery planning
- Managing vendor relationships
Table of Contents
1 Information risk management
2 What you need to know
3 Study resources
4 Risk assessment
5 Quantitative risk assessment
6 Information classification
7 Risk treatment options
8 Security control selection and implementation
9 Ongoing risk management
10 Risk management frameworks
11 Risk visibility and reporting
12 Comparing viruses, worms, and trojans
13 Comparing adware, spyware, and ransomware
14 Understanding backdoors and logic bombs
15 Botnets
16 Advanced persistent threats
17 Cybersecurity adversaries
18 Preventing insider threats
19 Threat intelligence
20 Denial of service attacks
21 Eavesdropping attacks
22 Network attacks
23 Network address spoofing
24 Password attacks
25 Watering hole attacks
26 Social engineering
27 Impersonation attacks
28 Physical social engineering
29 Security assessment tools
30 Scanning for vulnerabilities
31 Assessing threats
32 Threat assessment techniques
33 Penetration testing
34 Advanced vulnerability scanning
35 Security policy training and procedures
36 Compliance training
37 User habits
38 User-based threats
39 Measuring compliance and security posture
40 Awareness program reviews
41 Business continuity planning
42 Business continuity controls
43 High availability and fault tolerance
44 Disaster recovery planning
45 Backups
46 Validating backups
47 Disaster recovery sites
48 Testing BC DR plans
49 Managing vendor relationships
50 Vendor agreements
51 Vendor information management
52 Legal and regulatory compliance
53 Privacy compliance
54 Intellectual property
55 Data breaches
56 What’s next
Resolve the captcha to access the links!