SubscribeCISMP Course Duration: 5 Days
CISMP Fee: Contact us for current prices
CISMP Course Prerequisites:
The CISMP Training course requires a minimum of 12 months experience within any IT job. No technical skill or Security background is required to enrol on our CISMP training course.
CISMP Training Description
The CISMP course is accredited by ISEB/BCS to provide CISMP training for their examination. The CISMP training will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. The CISMP training course will also prepare individuals who are thinking of moving into information security or related functions.
The CISMP examination is part of the CISMP course package. The qualification achieved on our CISMP training course will prove that the holder has a good knowledge and basic understanding of the wide range of subject areas that make up information security management.
CISMP Training course Objectives
Our CISMP training course aims to provide students with the skills and knowledge required to pass the “The Certificate in Information Security Management Principles” (CISMP) examination by demonstrating the following:
Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
Understanding of the current business and technical environments in which information security management has to operate;
Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
CISMP Training course Methodology
The CISMP Training course is an instructor-led course.We are keen to ensure you get the best CISMP learning experience possible. That is why all CISMP students are given reading material in the form a CISMP e-book to help them prepare for the course. This CISMP eBook forms part of the CISMP course and is vital both for home work and CISMP practice exams.
CISMP Training Course Content
A. Information Security Principles (10%)
Information security (confidentiality, integrity, availability)
Asset and asset types (information, physical, software); asset value
Threat, vulnerability, risk, impact
Information security policy concepts
The purpose of controls
Importance of information security as part of the general issue of protection of business assets and of the creation of new business models.
Different business models and their impact on security (e.g. on-line business vs. traditional manufacturing vs. financial services vs. retail).
Effect of rapidly changing information and business environment.
B.1. Threats to, and Vulnerabilities of information systems
Threat categorisation (accidental vs. deliberate, internal vs. external, etc)
Types of accidental threats (e.g. human error, malfunctions, fire, flood, etc)
Types of deliberate threats (e.g. hacking, malicious software, sabotage, cyber terrorism, hi-tech crime, etc)
Sources of accidental threat (e.g. internal employee, trusted partner, poor
Risk management process (identification, analysis, mitigation, monitoring of risks)
Options for dealing with risks (e.g. eliminate, reduce, transfer, accept)
The purpose of risk assessment/analysis – strategic and tactical options
Approaches to risk analysis/assessment – qualitative, quantitative, software tools, questionnaires.
Identifying and accounting for the value of information assets
C.1. Information Security Management
C.1.1 Organisation & responsibilities
Information security roles in an enterprise
Placement in the organisation structure
Board/Director responsibility
Responsibilities across the organisation
Need to take account of statutory (e.g. data protection, health and safety)
C.1.2 Policy, standards & procedures
C.1.3 Information Security Governance
C.1.4 Security Incident Management including Investigations and Forensics
C.1.5 Information Security Implementation
C.2. Legal Framework
C.3. Security Standards and Procedures
D.1. Protection from Malicious Software
Types of malicious software – trojans, viruses, worms, active content (e.g. Java, Active-X), etc.
Different ways systems can get infected
Methods of control – common approaches, need for regular updates, etc.
D.2.People Organisational culture of security
Employee, contractor and business partner awareness of the need for security
Role of contracts of employment
Need for and topics within service contracts and security undertakings
Rights, responsibilities and duties of individuals – codes of conduct
D.3. User Access Controls
D.4. Networks and Communications
D.5. External Services
D.6. IT Infrastructure
D.7. Testing, Audit & Review
D.8. Systems Development and Support
D.9. Role of Cryptography
D.10. Training
D.11. Physical & Environmental Security
D.12. Business Continuity Management
BOOKING YOUR CISMP TRAINING
Booking your CISMP training couldn’t be easier. Fill the online enquiry form using the link to the right and we’d be in touch to provide all the information you need.
Booking your CISMP training course in good time will ensure that you’re able to take the CISMP exam at the next available opportunity.
