Certified Information Security Manager (CISM) Study Guide

Gain the advanced cybersecurity skills to defend your digital assets with a CISM training to back it up!

(CISM.AE2) / ISBN : 978-1-64459-516-9
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Get A Free Trial

About This Course

This CISM certification training dives deep into everything a modern-day Information Security Manager needs to know. We’ll cover the essentials–from cracking down on cyber threats to setting up a rock-solid security strategy and even managing the aftermath of security breaches with ease. 

You’ll work with real-world tools and tackle topics such as risk management, governance, compliance, and incident response. 

So, learn to keep data under lock and key, while getting prepped to take on the ISACA Certified Information Security Manager (CISM) certification exam. 

Skills You’ll Get

  • Develop detailed and practical information security strategies 
  • Analyze and assess information security risks
  • Deploy security controls and data protection measures 
  • Manage security governance and compliance with laws and regulations 
  • Create and enforce security policies aligned with industry standards 
  • Evaluate and respond to cybersecurity threats and vulnerabilities 
  • Conduct risk assessments and disaster recovery planning 
  • Structure an information security program and learn a security team management
  • Execute vulnerability assessments and penetration testing 
  • Integrate security into other business functions and budget management 
  • Coordinate and oversee incident response plans and team efforts 
  • Apply security best practices across network, endpoint, and cloud environments 
  • Establish business continuity and disaster recovery plans

 

1

Introduction

  • The CISM Exam
  • CISM Exam Objectives
  • CISM Certification Exam Objective Map
2

Today's Information Security Manager

  • Information Security Objectives
  • Role of the Information Security Manager
  • Information Security Risks
  • Building an Information Security Strategy
  • Implementing Security Controls
  • Data Protection
  • Summary
  • Exam Essentials
3

Information Security Governance and Compliance

  • Governance
  • Understanding Policy Documents
  • Complying with Laws and Regulations
  • Adopting Standard Frameworks
  • Security Control Verification and Quality Control
  • Summary
  • Exam Essentials
4

Information Risk Management

  • Analyzing Risk
  • Risk Treatment and Response
  • Risk Analysis
  • Disaster Recovery Planning
  • Privacy
  • Summary
  • Exam Essentials
5

Cybersecurity  Threats

  • Exploring Cybersecurity  Threats
  • Threat Data and Intelligence
  • Summary
  • Exam Essentials
6

Information Security Program Development and Management

  • Information Security Programs
  • Security Awareness and Training
  • Managing the Information Security Team
  • Managing the Security Budget
  • Integrating Security with Other Business Functions
  • Summary
  • Exam Essentials
7

Security Assessment and Testing

  • Vulnerability Management
  • Security Vulnerabilities
  • Penetration  Testing
  • Training and Exercises
  • Summary
  • Exam Essentials
8

Cybersecurity  Technology

  • Endpoint Security
  • Network Security
  • Cloud Computing Security
  • Cryptography
  • Code Security
  • Identity and Access Management
  • Summary
  • Exam Essentials
9

Incident Response

  • Security Incidents
  • Phases of Incident Response
  • Building the Incident Response Plan
  • Creating an Incident Response Team
  • Coordination and Information Sharing
  • Classifying Incidents
  • Conducting Investigations
  • Plan Training, Testing, and Evaluation
  • Summary
  • Exam Essentials
10

Business Continuity and Disaster Recovery

  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Analysis
  • Continuity Planning
  • Plan Approval and Implementation
  • The Nature of Disaster
  • System Resilience, High Availability, and Fault Tolerance
  • Recovery Strategy
  • Recovery Plan Development
  • Training, Awareness, and Documentation
  • Testing and Maintenance
  • Summary
  • Exam Essentials

1

Security Assessment and Testing

  • Using Nikto
  • Consulting a Vulnerability Database
  • Configuring a Nessus Scan
  • Performing Passive Reconnaissance
  • Performing Active Reconnaissance
2

Cybersecurity  Technology

  • Simulating the DDoS Attack
  • Enabling Intrusion Detection and Prevention
  • Creating a VPN Connection
  • Implementing Port Security
  • Creating a Virtual LAN
  • Creating a Demilitarized Zone
  • Using Windows Firewall
  • Observing an SHA-Generated Hash Value
  • Observing an MD5-Generated Hash Value
  • Examining Asymmetric Encryption
  • Performing Symmetric Encryption
3

Incident Response

  • Completing the Chain of Custody
4

Business Continuity and Disaster Recovery

  • Configuring RAID
  • Taking an Incremental Backup
  • Taking a Full Backup

Any questions?
Check out the FAQs

Read all about our CISM exam preparation guide here.

Contact Us Now

CISM Certified Information Security Manager is a globally recognized certification issued by ISACA. It is for individuals managing, designing, and overseeing an enterprise’s information security program.

This CISM training program is ideal for information security managers, aspiring managers, IT professionals, and anyone interested in managing and overseeing their organization’s information security.

Candidates must have at least 5 years of cumulative experience in information security management. This should include at least 3 years of experience in 3 or 4 domains defined by ISACA, which are: 

  • Information security governance
  • Information risk management
  • Information security program development and management
  • Incident management

The CISM certification exam consists of multiple-choice questions that assess your understanding of the core concepts covered in the objectives.

You must achieve a passing score of 450 out of a possible 800 to become a CISM certification holder.

CISM certification online can open doors to various roles, such as Information Security Manager, IT Security Consultant, and Chief Information Security Officer (CISO), among others.

The average salary for CISM holders in the U.S. exceeds $149,000, with a remarkable 42% increase for those in managerial positions. According to InfoSec, CISM-certified professionals can earn up to $232,000 on average.

Related Courses

All Course
scroll to top