Notes And Keywords For CISM Certification

2y ago
91 Views
6 Downloads
939.14 KB
52 Pages
Last View : Today
Last Download : 2m ago
Upload by : Philip Renner
Transcription

Notes and keywords for CISMcertificationIng. Ondřej Ševeček GOPAS a.s. MCSM:Directory MVP:Enterprise Security CEH CHFI CISA CISM ondrej@sevecek.com www.sevecek.com GOPAS: info@gopas,cz www.gopas.cz www.facebook.com/P.S.GOPASCISM exam 300 questions / 6 hours / 70% nothing around except for a pen 5 domains Information security governance Information security risk management Information security program development andmanagement Information security incident management Current technical controls awareness1

Format and other notes [synonym/s] (note/s) Avanset VCE Player 1 month license www.avanset.com www.examcollection.com CISM Certified Information Security Manager All-inOne Exam Guide (Peter H. Gregory) paperback, KindleSecurity Confidentiality Integrityvs. Availability information, operations, . electronic, paper, spoken etc.2

Owners risk owner approves the treatment plan and accepts the residual risks those who can do something about the risk data owners data owner responsibility and authority data custodian the IT guy data steward knows the business data, responsible for their quality and whether the data arefit for the purpose (the BI guys, GDPR data protection officer) data architect based on input from data steward produces designs process ownertechnical asset ownerbusiness asset ownerproject sponsor the one who signs-off (approves) on the project and its phasesRecovery sites cold site (longest time, cheapest) just a space reserved, no equipment warm site equipment ready, just bring-in the backups bare-metal restore hot site (shortest time, most expensive) everything running in parallel at any particular time regional clusters, (a)synchronous data replication, . redundant site reciprocal arrangement/agreement warm sites only3

Testing Unit testing individual modules of the whole solution code, practices/procedures, hardware, equipment who: software developer Integration testing [I&T] group of unit-tested modules who: software developer System testing overall testing without knowledge of the internals [black-boxtesting] who: software developer customer Acceptance testing top level user needs, business processes, requirements who: customerSecurity evaluation and testing Ethical hacker white-hat hacker Black-hat hacker Black-box pentest ethical hackers only :-) White-box [clear-box, glass-box] pentest may find unrealistic intrusions4

Risks inherent the natural risks if no controls or other mitigating factorswere in place residual the risks remaining after remediation has been applied control risk the potential of a control to fail audit risk measure of audit/review tendency to fail to detect problemsRisks Environmental threats storms, earth movement, flooding, fire, disease LaborViolenceMalwareHacking attackHardware failuresSoftware failuresUtilitiesTransportationHazardous materialsCriminalErrors5

Risk treatment/mitigation treat, remediate, mitigate and minimize using controls transfer insurance contract to share/assume liability [hold-harmless, saveharmless, indemnity] accept residuum terminate/avoid cost/benefit analysis [CBA/BCA] benefit-cost ration [BCR]Quantitative risk analysis Asset value server customer's buying behavior data radio internet connection Exposure factor percentage of asset value if a threat realizes Single loss expectancy [SLE] Annualized rate of occurrence [ARO] Annualized loss expectancy SLE x ARO Can history be used?6

Roles stock owner [shareholder]stakeholder board of directors CEO might act as inside chairman [director]or the company may employ outside [independent] chairman [director]management anybody interested in the organizationemployees, management, government, customers, creditors, trade unions, owners, investors, supplierssenior [executive, top, upper, higher] management authorize budget spendingmiddle management communicate strategy and direction to lower managementlower [front-line] management supervisors, team-leaderscontractor(security) steering committee high-level stakeholders experts CISOprovides guidance to top management (chief) information security manager [officer]incident response team normal user security event security incidentperson who interacts with a system, typically through an interface, to extract some functional benefitsystem user normal user with some special responsibilities, such as testerspassword policies often do not require password expirationOrganizational structureshareholdersboard of directorsEmployeesContractorsCExecutiveOsenior [top, executive] managementCFinancialO, COperationsO, CMarketingO, CSecurityO, CInfoO, .infosecmanagermiddle managementbranch manager, regional manager, section manager, .lower [front-line] managementsupervisors, team-leaderssecuritysteeringcommitteeworkers7

First rule governance Top management full support and dedicationFirst rule of independence Lower level send requirements up any requirements access requests Manager decides and approvesInfosec manager monitors and recommendsWorker implementsAuditor controls8

Steering anizationmission andobjectivespast resultssteering ategypolicyinformation security programpractices(processes procedures)standardsFramework and its relations security strategy security policy overall direction, not always currently implemented or currently possiblecurrently enforcedwhat should be donebut not how it should be done security standard technology, protocol, suppliers, methodology, configuration, architecture, ."standard document editor", "standard contractor NDA agreement", "standard firewall configblocks all with exceptions", .security proceduresecurity governance roles and responsibilitiesdevelopment practices and change managementoperational practices ( service desk, backups, monitoring)other processes and documents (incidents, projects, vulnerability, support, data storage)acceptable useprivacy policyno security without governanceno nothing without governancecorporate strategybusiness strategy9

Rule of responsibilities and authority Top management is responsible and has the eternal authority Infosec manager (coordinator) can delegate, but must delegate seejustifyinvestigatedirectly managing incident response teamAnybody else d to incidents and exceptionsbehavereportDetection or errors False negative/rejection [FRR, Type 1] False positive/acceptance [FAR, Type 2] Crossover [equal] error rate [CER] the level to tune any security control to Biometrics quality in decreasing order of CER iris, retina, fingerprint, hand geometry, voice pattern,keystroke pattern, signature (Zephyr Chart) Biometrics in decreasing order of user acceptance voice, keystroke, signature, hand geometry, hand print,fingerprint, iris, retina10

Rules of incident response Ensure personal safetyReport to management.ActEvaluateImproveContinuity availability business continuity planning business impact analysis recovery time objective [RTO] time until normal operation disaster tolerance acceptable interruption window (until operation even if partial) RTO lower DT shorter AIW recovery point objective [RPO] backup strategy frequency, amount, types (full, incremental, differential) disaster recovery strategy11

ificationriskassessmentaccesscontrol policyPlanning SWOT analysis [strengths, weaknesses, opportunities,threats] balanced scorecard [BSC] report (using SWOT) used by management strategy vision statement strategic objectives monitoring measures standard IT balanced scorecard business contribution as seen from non-IT executives position end-user satisfaction with systems and support operational excellence - number of support cases, unscheduleddowntime, problems reported innovation and training digital dashboard business dashboard enterprisedashboard executive dashboard management cockpit desk exercise12

Review key performance indicator [KPI] key recovery indicatorSDLC [Software development life cycle]1. Initiation 2.3.4.5.6.7.8.market conditions, costs, regulation, change in risks,customer requirementsFeasibility studyRequirements definitionDesign and implementation13

Rule of essential and cheapest solution Employee awareness trainingOther terms Business record legally required documents employment contracts, accounting source documents, minutes,internal memoranda, other legal documents Business case reasoning for initiating a project or a task TCO [total cost of ownership] Baseline comparison comparison (cost, measurement, etc.) with other companies orindustries or with historical experience Opportunity cost the cost :-) Retrofitting adding something where it was not before14

Access Control Discretionary Access Control [DAC] Mandatory Access Control [MAC] per-object permissions applied to individual/groups of subjectsaccess based on identitysecurity levels applied to subjects and rules that define the leveled access to objects, orjust a single level for each objectaccess based on levelRole-based Access Control [RBAC] "groups" used by both DAC or MACstatic separation of duties subject cannot be member of two conflicting roles/groups (admin/auditor,invoicing/payments, .) dynamic separation of duties subject can be member of two conflicting roles, but must not do the conflicting operations(cannot audit own administrative configurations, cannot issue payments for invoices heapproves) Dual control Two-men control two operators are needed to do the tasktwo operators each verify and approve the other one's tasksSample questionsNotes and keywords for CISM certification15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

Baseline comparison comparison (cost, measurement, etc.) with other companies or industries or with historical expe

Related Documents:

The CISM Practice Test covers all the exam topics and objectives and will prepare you for success quickly and efficiently. The CISM exam is very challenging, but with our CISM questions and answers practice exam, you can feel confident in obtaining your success on the CISM exam on your FIRST TRY! Financial CISM Exam Features

The CISM PDF contains some of the most valuable preparation tips and the details and instant access to useful CISM study materials just at one click. ISACA CISM Information Security Manager Certification Details: Exam Name ISACA Certified Information Security Manager (CISM) Exam Code CISM Exam Price ISACA Member 575 (USD) Exam Price ISACA

CISM candidate to refer to specific questions to evaluate comprehension of the topics covered within each domain. These questions are representative of CISM questions, although they are not actual exam items. They are provided to assist the CISM candidate in understanding the material in the CISM Review Manual 15th Edition and to depict the

CISM STUDY GUIDE Contents: Page # Chapter 1 & 2 In CISM Certification Study Guide Part 1 Chapter 3: Information Security Program Development and management 2 Chapter 4: Information Security Incident management 19 Take the CISM Practice Assessment to See if You Are Ready To Get CISM Certified .

The CISM is best suitable for candidates who want to gain knowledge in the ISACA IT Security. Before you start your CISM preparation you may struggle to get all the crucial Information Security Manager materials like CISM syllabus, sample questions, study guide. But don't worry the CISM PDF is here to help you prepare in a stress free manner.

Bruksanvisning för bilstereo . Bruksanvisning for bilstereo . Instrukcja obsługi samochodowego odtwarzacza stereo . Operating Instructions for Car Stereo . 610-104 . SV . Bruksanvisning i original

Critical Incident Stress Management Program (CISM) The CISM program supports the psychological, emotional, physical, and spiritual wellness of staff, students and their families by offering a comprehensive Critical Incident Stress Management (CISM) Program. CISM Contact Info. Main Office (912) 267-2633 1 (877) 235-7337 (24 hours-a-day)

wrote a comprehensive review of Critical Incident Stress Management (CISM) (Everly & Mitchell, 1999). This volume represents the latest available review of the core concepts, intervention tactics, and research on Critical Incident Stress Management (CISM), albeit in digest form. Since the last review of CISM was written, many