Udemy, Coursera, 2U/edX Face Lawsuits Over Meta Pixel Use

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

CISM Cert Prep: 3 Information Security Program Development and Management

via LinkedIn Learning

Go to class Write review

Overview

Get the detailed information you need to tackle the Information Security Program Development and Management domain on the Certified Information Security Manager (CISM) exam.

Syllabus

Introduction
  • Information security program development and management
  • What you need to know
  • Study resources
1. Information Security Program Development
  • Scope and charter
  • Alignment of security and business objectives
  • Building a security team
  • Conducting a gap analysis
2. Personnel Security
  • Improving personnel security
  • Security in the hiring process
  • Employee termination process
  • Employee privacy
  • Social networking
3. Data Security Controls
  • File permissions
  • Data encryption
4. Cloud Computing and Virtualization
  • Virtualization
  • Cloud computing models
  • Public cloud tiers
  • Cloud storage security
5. Host Security
  • Operating system security
  • Malware prevention
  • Application management
  • Host-based network security controls
  • Hardware security
6. Mobile Security
  • Mobile device security
  • Mobile device management
  • Mobile device tracking
  • Mobile application security
  • Bring your own device (BYOD) policy
7. Cryptography
  • Understanding encryption
  • Symmetric and asymmetric cryptography
  • Goals of cryptography
  • Choosing encryption algorithms
  • The cryptographic life cycle
  • Key exchange
  • Diffie–Hellman
  • Key escrow
  • Key stretching
  • Trust models
  • PKI and digital certificates
  • Hash functions
  • Digital signatures
  • TLS and SSL
  • IPsec
  • Securing common protocols
8. Physical Security
  • Physical security control types
  • Physical access control
  • Visitor management
9. Network Security
  • Routers and switches
  • Firewalls
  • VPNs and VPN concentrators
  • Network intrusion detection and prevention
  • Unified threat management
  • VLANs and network segmentation
  • Network access control
  • Remote network access
10. Identity and Access Management
  • Identity and access management
  • Identification, authentication, and authorization
  • Usernames and access cards
  • Authentication factors
  • Biometrics
  • Multifactor authentication
  • Something you have
11. Asset Management
  • Physical asset management
  • Change and configuration management
12. Personnel Safety
  • Employee safety
  • Emergency management
13. Software Security
  • Application security
  • Development methodologies
  • Maturity models
  • Operation, maintenance, and change management
  • Risk analysis and mitigation
  • Software testing
  • Acquired software
Conclusion
  • What's next?

Taught by

Mike Chapple

Reviews

4.7 rating at LinkedIn Learning based on 172 ratings

Start your review of CISM Cert Prep: 3 Information Security Program Development and Management

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.