Table of Contents
Preface
1
Enterprise Governance
Importance of Information Security Governance
Desired Outcomes of Good Information Security Governance
Responsibility for Information Security Governance
Steps for Establishing Governance
Governance Framework
Top-Down and Bottom-Up Approaches
Key Aspects from the CISM Exam Perspective
A Note on the Practice Questions
Practice Question Set 1
Organizational Culture
Acceptable Usage Policy
Ethics Training
Practice Question Set 2
Legal, Regulatory, and Contractual Requirements
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Retention of Business Records
Electronic Discovery
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Organizational Structure
Board of Directors
Security Steering Committee
Reporting of Security Functions
Centralized vis-à-vis Decentralized Security Functioning
Practice Question Set 5
Information Security Roles and Responsibilities
RACI Chart
Board of Directors
Senior Management
Business Process Owners
Steering Committee
Chief Information Security Officer
Chief Operating Officer
Data Custodian
Communication Channel
Indicators of a Security Culture
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Maturity Model
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Governance of Third-Party Relationships
Information Security Governance Metrics
The Objective of Metrics
Technical Metrics vis-à-vis Governance-Level Metrics
Characteristics of Effective Metrics
Key Aspects from the CISM Exam Perspective
Practice Question Set 8
Summary
Revision Questions
2
Information Security Strategy
Information Security Strategy and Plan
Information Security Policies
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Information Governance Frameworks and Standards
The Objective of Information Security Governance
Information Security/Cybersecurity Management Frameworks
The IT Balanced Scorecard
Practice Question Set 2
Information Security Programs
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Enterprise Information Security Architecture
Challenges in Designing the Security Architecture
Benefits of Security Architecture
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Awareness and Education
Increasing the Effectiveness of Security Training
Key Aspects from the CISM Exam Perspective
Governance, Risk Management, and Compliance
Key Aspects from the CISM Exam Perspective
Practice Question Set 5
Senior Management Commitment
Information Security Investment
Strategic Alignment
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Business Case and Feasibility Study
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Summary
Revision Questions
3
Information Risk Assessment
Understanding Risk
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Differentiating Risk Identification, Risk Analysis, and Risk Evaluation
Risk Management
Risk Assessment
Risk Analysis
Risk Evaluation
Differentiating Risk Capacity, Risk Appetite, and Risk Tolerance
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Inherent Risk and Residual Risk
Inherent Risk
Residual Risk
Differentiating between Inherent Risk and Residual Risk
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Phases of Risk Management
Phases of Risk Management
The Outcome of a Risk Management Program
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Risk Awareness
Tailored Awareness Programs
Training Effectiveness
Awareness Training for Senior Management
Key Aspects from the CISM Exam Perspective
Practice Question Set 5
Risk Assessment
Phases of Risk Assessment
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Risk Identification
Risk Identification Process
Asset Identification
Asset Valuation
Aggregated and Cascading Risk
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Risk Analysis
Quantitative Risk Analysis
Qualitative Risk Analysis
Semi-Quantitative Risk Analysis
The Best Method for Risk Analysis
Annual Loss Expectancy
Value at Risk (VaR)
OCTAVE
Other Risk Analysis Methods
Key Aspects from the CISM Exam Perspective
Practice Question Set 8
Risk Evaluation
Risk Ranking
Practice Question Set 9
Risk Register
Practice Question Set 10
Emerging Risk and the Threat Landscape
Emerging Threats
Advanced Persistent Threats
Practice Question Set 11
Vulnerability and Control Deficiency
Key Aspects from the CISM Exam Perspective
Practice Question Set 12
Security Baselines
Risk Communication
Summary
4
Information Risk Response
Risk Treatment/Risk Response Options
Risk Mitigation
Risk Sharing/Transferring
Risk Avoidance
Risk Acceptance
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Risk Ownership and Accountability
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Risk Monitoring and Communication
Risk Reporting
Key Risk Indicators
Reporting Significant Changes in Risk
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Implementing Risk Management
Risk Management Process
Integrating Risk Management into Business Processes
Prioritization of Risk Response
Defining a Risk Management Framework
Defining the External and Internal Environment
Determining the Risk Management Context
Gap Analysis
Cost-Benefit Analysis
Other Kinds of Organizational Support
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Change Management
Objectives of Change Management
Approval from the System Owner
Regression Testing
Involvement of the Security Team
Preventive Controls
Key Aspects from the CISM Exam Perspective
Practice Question Set 5
Patch Management
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Operational Risk Management
Recovery Time Objective
Recovery Point Objective
Difference between RTO and RPO
Service Delivery Objective
Maximum Tolerable Outage
Allowable Interruption Window
Practice Question Set 7
Risk Management Integration with Life Cycle
System Development Life Cycle
Key Aspects from the CISM Exam Perspective
Practice Question Set 8
Summary
Revision Questions
5
Information Security Program Development
Information Security Program Overview
Ideal Outcomes of an Information Security Program
The Starting Point of a Security Program
Information Security Charter
Support from Senior Management
Defense in Depth
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Information Security Program Resources
Information Asset Identification and Classification
Benefits of Classification
Understanding the Steps Involved in Classification
Success Factors for the Effective Classification of Assets
Criticality, Sensitivity, and Impact
Assessment
Business Dependency Assessment
Risk Analysis
Business Interruptions
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Information Asset Valuation
Determining the Criticality of Assets
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Industry Standards and Frameworks for Information Security
Framework – Success Factors
Some Industry-Recognized Frameworks
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Information Security Policies, Procedures, and Guidelines
Reviewing and Updating Documents
Key Aspects from the CISM Exam Perspective
Practice Question Set 5
Defining an Information Security Program Roadmap
Gap Analysis
The Value of a Security Program
Integration of the Security Program with Other Departments
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Information Security Program Metrics
Objective of Metrics
Monitoring
Attributes of Effective Metrics
Information Security Objectives and Metrics
Useful Metrics for Management
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Summary
Revision Questions
6
Information Security Program Management
Information Security Control Design and Selection
Countermeasures
General Controls and Application-Level Controls
Control Categories
Failure Modes – Fail Closed or Fail Open
Continuous Monitoring
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Security Baseline Controls
Developing a Security Baseline
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Information Security Awareness and Training
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Management of External Services and Relationships
Evaluation Criteria for Outsourcing
Steps for Outsourcing
Outsourcing – Risk Reduction Options
Provisions for Outsourcing Contracts
The Security Manager's Role in Outsourcing
Service-Level Agreements
Right-to-Audit Clause
Impact of Privacy Laws on Outsourcing
Subcontracting/Fourth Party
Compliance Responsibility
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Documentation
Information Security Program Objectives
Key Aspects from the CISM Exam Perspective
Practice Question Set 5
Security Budget
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Security Program Management and Administrative Activities
Information Security Team
Acceptable Usage Policy
Documentation
Project Management
Program Budgeting
Plan – Do – Check – Act
Security Operations
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Privacy Laws
Practice Question Set 8
Cloud Computing
Cloud Computing – Deployment Models
Types of Cloud Services
Cloud Computing – the Security Manager's Role
Key Aspects from the CISM Exam Perspective
Practice Question Set 9
Summary
Revision Questions
7
Information Security Infrastructure and Architecture
Information Security Architecture
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Architecture Implementation
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Access Control
Mandatory Access Control
Discretionary Access Control
Role-Based Access Control
Degaussing (Demagnetizing)
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Virtual Private Networks
VPNs – Technical Aspects
Advantages of a VPN
VPN Security Risks
Virtual Desktop Environments
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Biometrics
Biometrics – Accuracy Measure
Biometric Sensitivity Tuning
Control over the Biometric Process
Types of Biometric Attacks
Practice Question Set 5
Factors of Authentication
Password Management
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Wireless Networks
Encryption
Enabling MAC Filtering
Disabling a Service Set Identifier
Disabling Dynamic Host Configuration Protocol
Common Attack Methods and Techniques for Wireless Networks
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Different Attack Methods for Information Security
Key Aspects from the CISM Exam Perspective
Practice Question Set 8
Summary
Revision Questions
8
Information Security Monitoring Tools and Techniques
Firewall Types and Implementations
Types of Firewalls
Types of Firewall Implementation
Placement of Firewalls
Source Routing
Firewall Types and Their Corresponding OSI Layers
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems
Intrusion Prevention Systems
Difference between IDSs and IPSs
Honeypots and Honeynets
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Digital Signatures
Steps for Creating a Digital Signature
What is a Hash or a Message Digest?
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Public Key Infrastructure
PKI Terminology
Processes Involved in PKI
CA versus RA
Single Point of Failure
Functions of an RA
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Cryptography
Symmetric Encryption vis-à-vis Asymmetric Encryption
Encryption Keys
The Use of Keys for Different Objectives
Key Aspects from the CISM Exam Perspective
Practice Question Set 5
Penetration Testing
Aspects to be Covered within the Scope of Penetration Testing
Types of Penetration Tests
White Box Testing and Black Box Testing
Risks Associated with Penetration Testing
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Summary
Revision Questions
9
Incident Management Readiness
Incident Management and Incident Response Overview
The Relationship between Incident Management and Incident Response
The Objectives of Incident Management
Phases of the Incident Management Life Cycle
Incident Management, Business Continuity, and Disaster Recovery
Incident Management and the Service Delivery Objective
Maximum Tolerable Outage (MTO) and Allowable Interruption Window (AIW)
Key Aspects from the CISM Exam Perspective
Practice Question Set 1
Incident Management and Incident Response Plans
Elements of the IRP
Gap Analysis
Business Impact Analysis
Escalation Process
Help Desk/Service Desk Process for the Identification of Incidents
Incident Management and Response Teams
Incident Notification Process
Challenges in Developing an Incident Management Plan
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Business Continuity and Disaster Recovery Procedures
Phases of Recovery Planning
Recovery Sites
Continuity of Network Services
Key Aspects from the CISM Exam Perspective
Practice Question Set 3
Insurance
Key Aspects from the CISM Exam Perspective
Practice Question Set 4
Incident Classification/Categorization
Help/Service Desk Processes for Identifying Security Incidents
Practice Question Set 5
Testing Incident Response, BCP, and DRP
Types of Tests
Effectiveness of Tests
Category of Tests
Recovery Test Metrics
Success Criteria for Tests
Key Aspects from the CISM Exam Perspective
Practice Question Set 6
Summary
Revision Questions
10
Incident Management Operations
Incident Management Tools and Technologies
Incident Management Systems
Personnel
Audits
Outsourced Security Providers
Practice Question Set 1
Executing Response and Recovery Plans
Key Aspects from the CISM Exam Perspective
Practice Question Set 2
Incident Containment Methods
Practice Question Set 3
Incident Response Communications
Practice Question Set 4
Incident Eradication
Practice Question Set 5
Recovery
Practice Question Set 6
Post-Incident Activities and Investigations
Identifying the Root Cause and Taking Corrective Action
Documenting Events
Chain of Custody
Key Aspects from the CISM Exam Perspective
Practice Question Set 7
Incident Response Procedures
The Outcome of Incident Management
The Role of the Information Security Manager
Security Information and Event Management
Key Aspects from the CISM Exam Perspective
Practice Question Set 8
Incident Management Metrics and Indicators
Key Performance Indicators and Key Goal Indicators
Metrics for Incident Management
Reporting to Senior Management
The Current State of Incident Response Capabilities
History of Incidents
Threats and Vulnerabilities
Threats
Vulnerabilities
Summary
Revision Questions
Answers to Practice Questions
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.