CISM Cert Prep: 4 Information Security Incident Management

November 29, 2018 Courses
CISM Cert Prep: 4 Information Security Incident Management

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 2h 17m | 349 MB

Even the best security controls aren’t foolproof. That’s why security professionals need a solid incident management plan. The fourth domain of the Certified Information Security Manager (CISM) exam—Information Security Incident Management—tests your mastery of this important topic. Take this CISM Cert Prep course to study for the exam and gain a deeper understanding of how your team should react to and resolve a security incident, whether it’s an attack on your network, an email-born virus, or data theft. Instructor Mike Chapple explains how to identify, triage, and respond to an event, minimizing the damage and maximizing your ability to find the root cause, so you can resume normal operations. He also provides tips for logging and monitoring ongoing security-related events. Each topic maps to a relevant objective from the CISM certification exam.

Topics include:

  • Creating an incident response team
  • Classifying incidents
  • Building an incident response program
  • Identifying symptoms of incidents
  • Conducting forensic investigations
  • Logging and monitoring
Table of Contents

1 Information security incident management
2 What you need to know
3 Study resources
4 The manager’s role in incident response
5 Creating an incident response team
6 Identifying and classifying security incidents
7 Threat classification
8 Zero days and the advanced persistent threat
9 Determining incident severity
10 Build an incident response program
11 Incident communications plan
12 Incident identification
13 Escalation and notification
14 Mitigation
15 Containment techniques
16 Incident eradication and recovery
17 Validation
18 Lessons learned and reporting
19 Network symptoms
20 Rogue access points and evil twins
21 Endpoint symptoms
22 Application symptoms
23 Conducting investigations
24 Evidence types
25 Introduction to forensics
26 System and file forensics
27 Creating forensic images
28 Digital forensics toolkit
29 Operating system analysis
30 Password forensics
31 Network forensics
32 Software forensics
33 Mobile device forensics
34 Embedded device forensics
35 Chain of custody
36 Ediscovery and evidence production
37 Correlating security event information
38 Continuous security monitoring
39 Data loss prevention
40 Next steps

Resolve the captcha to access the links!