Information Systems Audit and Control Association (ISACA) provides only two testing opportunities each year, so we developed this CISM exam prep course to help you get it right the first time. The course focuses on advanced risk management and specific compliance and security management operations.
Level: Advanced
Certified Information Security Manager (CISM)
5 Day | Instructor Led
Ideal Candidates for Certified Information Security Manager (CISM) Class
Experienced information security managers and those who have information security management responsibilities, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers.
Certified Information Security Manager (CISM) Prerequisites
Five years of experience with audit, IT systems, and security of information systems; systems administration experience; familiarity with TCP/IP; and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course course.
What You'll Get in Certified Information Security Manager (CISM)
Expert Level InstructionThe CISM Review Manual 2012
The CISM Review Questions, Answers & Explanations Manual 2012
The CISM Review Questions, Answers & Explanations Manual 2012 supplement
Ultimate Knowledge Institute Award Winning CISM Student Workbook
Daily Homework Questions (Over 600 Questions)
Daily Quiz Questions (Over 600 Questions)
Handy Reference Charts and Tables
Flash Cards
Course Related Readings (Reinforcement)
Daily Exercises to Reinforce Memory Recall - Cognitive Core
What You'll Learn in Certified Information Security Manager (CISM)
1. Information Security Governance2. Information Risk Management
3. Information Security Program Development
4. Information Security Program Management
5. Incident Management and Response
Certified Information Security Manager (CISM) Certification
The CISM exam is offered each year in June and December and consists of 200 multiple-choice questions. The CISM exam is focused on the five domains defined by ISACA.
Certified Information Security Manager (CISM) Outline
1. Testing-Taking Tips and Study Techniques
- Preparation for the CISM exam
- Submitting Required Paperwork
- Resources and Study Aids
- Passing the Exam the First Time
2. Information Security Governance
- Asset Identification
- Risk Assessment
- Vulnerability Assessments
- Asset Management
3. Information Risk Management
- Asset Classification and Ownership
- Structured Information Risk Assessment Process
- Business Impact Assessments
- Change Management
4. Information Security Program Development
- Information Security Strategy
- Program Alignment of Other Assurance Functions
- Development of Information Security Architectures
- Security Awareness, Training, and Education
- Communication and Maintenance of Standards, Procedures, and Other Documentation
- Change Control
- Lifecycle Activities
- Security Metrics
5. Information Security Program Management
- Security Program Management Overview
- Planning
- Security Baselines
- Business Processes
- Security Program Infrastructure
- Lifecycle Methodologies
- Security Impact on Users
- Accountability
- Security Metrics
- Managing Resources
6. Incident Management and Response
- Response Management Overview
- Importance of Response Management
- Performing a Business Impact Analysis
- Developing Response and Recovery Plans
- The Incident Response Process
- Implementing Response and Recovery Plans
- Response Documentation
- Post-Event Reviews
7. Review and Q&A Session
- Final Review and Test Prep
Testimonials
This course is definitely an eye opener. With how much social media has taken over, it is important to be fully aware of the capabilities along with all the risks it brings. It is important to get this course because social media is the new norm.
The Social Media and Security Training course offered by UKI is a great and beneficial course combining technical training to fully understand TCP IP networking, DNS, and the harms of malware and cross-site scripting; as well as practical training that allowed attendees to play with open source social intelligence gathering solutions. This is the perfect class for those involved in IT security and interested in social media and identity theft.
Top Related Courses
The Ransomware exercise is a customized, six-hour, live fire Cyber Range training exercise hosted on ACRE. This exercise is led by expert cyber security engineers and can be executed in a classroom as well as remotely. In this exercise, a ransomware-based attack (i.e., “WannaKry”) is launched via a malicious spear phishing originated compromise. This exercise includes a hands-on keyboard interface, which creates realistic technical training and management interaction opportunities. This exercise is not simulated – it is real malware, detonated in representative network enviroment. Participants are encouraged to view the attack as if it were happening to their institutions in real time, and asked to share what they have done or would do based on the facts provided. Such “range-based” exercises help institutions better understand the impact of an attack and prompt them to improve the ways in which their network defenders respond, communicate, request assistance, and recover from real-world cyber attacks. Institutions that have participated in this exercise have benefited directly by building greater interaction with their security community, as well as increasing capability maturity levels and resiliency across their specific customer sector.
The Cloud Leak exercise is a customized, six-hour, Cyber Range exercise hosted on ManTech’s ACRE® cyber range. This exercise is led by technical instructors and expert cybersecurity engineers and can accommodate 10 to 50 participants in a classroom or remotely. In this exercise, an attack on a cloud-hosted storage service is simulated. Participants are given the following scenario: A major media outlet has contacted bank.com media relations asking for a statement about the discovery that thousands of bank.com customer credit card numbers were obtained through a breach of a cloud storage service. Bank.com is unaware of any such breach. The CEO has requested an immediate investigation into the breach. Participants must determine how the cloud storage site was compromised and the extent of the intrusion, including the types of data exposed and any further infiltration of bank.com’s network. This exercise uses a hands-on keyboard approach to create realistic technical training and management interaction opportunities where participants respond to and report events as identified. Participants are encouraged to view the attack as if it were happening to their institutions in real time. Participants are asked to share what they have done or would do based on the facts provided.
CompTIA's Cybersecurity Analyst (CSA+) training from UKI teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Vendor Details
ISACA
Since its inception, ISACA has become a pace-setting global organization for information governance, control, security and audit professionals. Its IS auditing and IS control standards are followed by practitioners worldwide. Its research pinpoints professional issues challenging its constituents. Its Certified Information Systems Auditor (CISA) certification is recognized globally and has been earned by more than 70,000 professionals since inception. The Certified Information Security Manager (CISM) certification uniquely targets the information security management audience and has been earned by more than 10,000 professionals.
CISA
The ISACA Certified Information Systems Auditor (CISA) is a highly prestigious and sought after security certification that is intended for upper level security associates and professionals. An auditor is an individual that routinely inspects the condition and level of security in an organization, who carefully monitors information activity in a business and is designed to protect against malicious intentions.
The CISA program is very difficult and the requirements are quite strict. In addition to being a long and extremely difficult test, the CISA certification requires a minimum of five years of direct professional security experience.
CISM
Certified Information Security Manager is very high end, prestigious certification that indicates a mastery of the subject of IT security and the ability to manage the protection thereof. ISACA maintains vigorous standards for this certification and it is not to be taken lightly. A CISM will manage, oversee, or direct almost all portions of security within their organization and will most likely have a position such as "Director" or "Senior Administrator." At the minimum, ISACA requires 7 years PROFESSIONAL security experience. Only one exam is required to become a CISM, but it is considered extremely difficult and rarely passed.
Ultimate Knowledge is proud of our close relationship with ISACA and is one of the rare organizations authorized by ISACA to offer CISM and CISA training courses to the Department of Defense utilizing official training materials licensed by ISACA. Ultimate Knowledge offers the best possible ISACA training solution available and we help hundreds of students each year to reach their ISACA certification goals. Our clients include the Department of Defense, Federal Agencies, DOD Contracting Partners, and Fortune 500 companies.
Our Expert ISACA certified instructors use our patented Learn>Test>Certify™ methodology coupled with our proprietary Ultimate CMF™(Certification Management Framework). The CMF provides one portal for the organization’s Workforce Manager to track and update information about their entire workforce and it provides one location for the individual to track all of their professional training and certification. Ultimate Knowledge’s ISACA training solution ensures training and certification success for you or your entire team maximizing your return on training investment.
Ultimate Knowledge delivers the following Authorized ISACA training and certification classes:
A. Erlich
RITSC, N6CI just wanted to say your presentation on Social Media Technology and Security was the finest I have ever attended.