Certified Information Security Manager Exam Prep Guide: Aligned with the latest edition of the CISM Review Manual to help you pass the exam with confidence (Paerback) (資訊安全管理師考試準備指南:與最新版本的CISM複習手冊對齊,助你自信通過考試)

Hemang Doshi

買這商品的人也買了...

相關主題

商品描述

Key Features

  • Pass the CISM exam confidently with this step-by-step guide
  • Explore practical solutions that validate your knowledge and expertise in managing enterprise information security teams
  • Enhance your cybersecurity skills with practice questions and mock tests

Book Description

With cyber threats on the rise, IT professionals are now choosing cybersecurity as the next step to boost their career, and holding the relevant certification can prove to be a game-changer in this competitive market. CISM is one of the top-paying and most sought-after certifications by employers.

This CISM Certification Guide comprises comprehensive self-study exam content for those who want to achieve CISM certification on the first attempt. This book is a great resource for information security leaders with a pragmatic approach to challenges related to real-world case scenarios. You'll learn about the practical aspects of information security governance and information security risk management. As you advance through the chapters, you'll get to grips with information security program development and management. The book will also help you to gain a clear understanding of the procedural aspects of information security incident management.

By the end of this CISM exam book, you'll have covered everything needed to pass the CISM certification exam and have a handy, on-the-job desktop reference guide.

What you will learn

  • Understand core exam objectives to pass the CISM exam with confidence
  • Create and manage your organization's information security policies and procedures with ease
  • Broaden your knowledge of the organization's security strategy designing
  • Manage information risk to an acceptable level based on risk appetite in order to meet organizational goals and objectives
  • Find out how to monitor and control incident management procedures
  • Discover how to monitor activity relating to data classification and data access

Who this book is for

If you are an aspiring information security manager, IT auditor, chief information security officer (CISO), or risk management professional who wants to achieve certification in information security, then this book is for you. A minimum of two years' experience in the field of information technology is needed to make the most of this book. Experience in IT audit, information security, or related fields will be helpful.

商品描述(中文翻譯)

主要特點


  • 透過這個逐步指南,自信地通過CISM考試

  • 探索實用解決方案,驗證您在管理企業資訊安全團隊方面的知識和專業能力

  • 通過練習問題和模擬測試提升您的網絡安全技能

書籍描述

隨著網絡威脅的增加,IT專業人員現在選擇網絡安全作為提升職業生涯的下一步,持有相關認證在這個競爭激烈的市場中可以成為一個改變遊戲規則的因素。CISM是雇主們最高薪酬和最受追捧的認證之一。

這本CISM認證指南包含了全面的自學考試內容,適用於那些希望在第一次嘗試中獲得CISM認證的人。這本書是一個很好的資源,針對與現實案例相關的挑戰提供了實用的解決方案。您將學習有關資訊安全治理和資訊安全風險管理的實際方面。隨著您進一步閱讀,您將掌握資訊安全計劃的開發和管理。本書還將幫助您清楚了解資訊安全事件管理的程序方面。

通過閱讀本CISM考試書籍,您將涵蓋通過CISM認證考試所需的一切,並擁有一本方便的工作參考指南。

您將學到什麼


  • 了解核心考試目標,自信通過CISM考試

  • 輕鬆創建和管理組織的資訊安全政策和程序

  • 擴展您對組織安全策略設計的知識

  • 根據風險承受能力將信息風險管理到可接受的水平,以實現組織的目標

  • 了解如何監控和控制事件管理程序

  • 發現如何監控與數據分類和數據訪問相關的活動

適合閱讀對象

如果您是一位有抱負的資訊安全經理、IT審計師、首席資訊安全官(CISO)或風險管理專業人士,並希望獲得資訊安全認證,那麼這本書適合您。需要至少兩年的資訊技術領域工作經驗才能充分利用本書。具有IT審計、資訊安全或相關領域的經驗將有所幫助。

作者簡介

Hemang Doshi is a chartered accountant and a Certified Information System Auditor with more than 15 years' experience in the field of information system auditing/risk-based auditing/compliance auditing/vendor risk management/due diligence/system risk and control. He is the founder of CISA Exam Study and CRISC Exam Study, dedicated platforms for those studying for the CISA and CRISC certifications, respectively. He has also authored a few books on information security.

作者簡介(中文翻譯)

Hemang Doshi是一位特許會計師和持有認證的資訊系統審計師,擁有超過15年的資訊系統審計/風險審計/合規審計/供應商風險管理/盡職調查/系統風險和控制領域的經驗。他是CISA考試學習和CRISC考試學習的創始人,這兩個平台專門為準備CISA和CRISC認證的人提供學習資源。他還撰寫了幾本關於資訊安全的書籍。

目錄大綱

Table of Contents

  1. Information Security Governance
  2. Practical Aspects of Information Security Governance
  3. Overview of Information Risk Management
  4. Practical Aspects of Information Risk Management
  5. Procedural Aspects of Information Risk Management
  6. Overview of Information Security Program Development Management
  7. Information Security Infrastructure and Architecture
  8. Practical Aspects of Information Security Program Development Management
  9. Information Security Monitoring Tools and Techniques
  10. Overview of Information Security Incident Manager

目錄大綱(中文翻譯)

目錄


  1. 資訊安全治理

  2. 資訊安全治理的實際面向

  3. 資訊風險管理概述

  4. 資訊風險管理的實際面向

  5. 資訊風險管理的程序面向

  6. 資訊安全計劃開發管理概述

  7. 資訊安全基礎設施和架構

  8. 資訊安全計劃開發管理的實際面向

  9. 資訊安全監控工具和技術

  10. 資訊安全事件管理概述