CISM 2012: Information Security Incident Management (Part 2)


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Preparing incident response and recovery plans is a very important part of a CISM's role. This course examines how to identify the current state of incident response capability, identifies the elements of incident response and recovery plans, and discusses principles for effectively managing the plans. This course also examines the importance of testing, documentation, and how to physically prepare recovery sites and related offsite resources. This course prepares you for the Certified Information Security Manager (CISM) exam.

Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise's information security

Expected Duration (hours)
2.0

Lesson Objectives

CISM 2012: Information Security Incident Management (Part 2)

  • determine the appropriate method for identifying the current state of response capability for a given company
  • identify the factors that determine incident response capability
  • match phases of an incident response plan with their corresponding descriptions
  • match members of response and recovery teams with their corresponding responsibilities
  • recognize examples of individuals who may require notification in case of a serious security incident
  • recognize the types of insurance coverage that an organization may have
  • label descriptions of different types of recovery sites
  • determine the appropriate type of recovery site given examples of requirements
  • recognize methods for recovering communication and computing systems
  • distinguish between the characteristics of an incident response plan and a recovery plan
  • recognize the method being used to test incident response and recovery plans
  • recognize examples of metrics used for testing incident response and recovery plans
  • identify important aspects of executing incident response and recovery plans
  • recognize key concepts related to testing and incident management
  • Course Number:
    sp_cisn_a12_it_enus