Proper IT governance starts with aligning IT solutions with business processes. In this course, you'll explore how to identify the relationship between IT security and business objectives. You'll examine in detail how various regulations and security standards, such as HIPAA, GDPR, and PCI DSS, can influence an organization's IT security decisions, going through seven of such regulations one-by-one. Next, you'll examine the cloud services, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) to determine how responsibility is divided between provider and consumer. Lastly, you'll investigate several public cloud providers' security accreditations. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 14 videos | 1h 13m  assessment  certificate

Securing data at rest and in transit over a network is accomplished through the use of cryptography. In this course, you'll explore the concepts of hashing and encryption. You'll start by studying how cryptography addresses IT security before gaining hands-on experience generating file hashes and encrypting data at rest. Some of the methods you'll practice will be using Microsoft EFS and AxCrypt to protect files, Microsoft BitLocker to protect disk volumes, PuTTYgen to generate key pairs, and wiping disk data. Moving along, you'll examine and work with PKI certificate authorities, deploying and requesting both Microsoft and AWS certificate authorities. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 14 videos | 1h  assessment  certificate

Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register. Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and Microsoft FSRM. Moving on, you'll learn how to tag cloud resources and carry out cloud risk assessments. You'll explore how to determine if specific security controls are worth implementing to protect assets. Lastly, you'll investigate how to establish a security awareness program through the organization. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 14 videos | 1h 20m  assessment  certificate

Securing data at rest and in transit over a network is accomplished through the use of cryptography. In this course, you'll explore the concepts of hashing and encryption. You'll start by studying how cryptography addresses IT security before gaining hands-on experience generating file hashes and encrypting data at rest. Some of the methods you'll practice will be using Microsoft EFS and AxCrypt to protect files, Microsoft BitLocker to protect disk volumes, PuTTYgen to generate key pairs, and wiping disk data. Moving along, you'll examine and work with PKI certificate authorities, deploying and requesting both Microsoft and AWS certificate authorities. This course is part of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 14 videos | 1h  assessment  certificate

Modern computing uses IPv4, and increasingly IPv6. In this course, you'll explore IPv4 and IPv6 configuration details in preparation for configuring IT services to support business processes. You'll work with DNS name resolution and DHCP. You'll identify the role played by various network infrastructure devices, such as routers and switches. Furthermore, you'll capture and analyze network traffic using Wireshark. By the end of this course, some of the skills you'll acquire will be to recognize the connection between OSI model layers from TCP/IP protocols, set up TCP/IP both manually and with DHCP, and configure DNS using Azure, AWS, and GoDaddy. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 13 videos | 1h 14m  assessment  certificate

Various laws, regulations, and security best practices require network traffic coming in and out of IT services to be controlled. In this course, you'll learn how to implement techniques to ensure the precious IT assets within your organization's network are secure. You'll begin by exploring what the IPsec network security protocol does and how it's employed. You'll then examine various types of firewalls and decipher when they should be used. Next, you'll work with correctly setting up Windows Defender Firewall, Linux firewall settings, and cloud-based packet filtering rules. Lastly, you'll practice hardening a Wi-Fi network and forging network traffic. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 12 videos | 1h 11m  assessment  certificate

Information security managers must consider the security risks and potential impact of user access to resources. In this course, you'll explore how to manage and assign user authentication and authorization to use resources for various cloud and local services. You'll start by distinguishing between authentication and authorization. Next, you'll assign file system permissions in Windows and Linux. You'll then practice assigning permissions policies to AWS users. Lastly, you'll enable multifactor authentication and single sign-on for AWS users. By the end of this course, you'll be able to create and manage Microsoft AD, Linux, and AWS users and groups and set up various types of permissions for them. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 13 videos | 1h 18m  assessment  certificate

Servers provide many different types of functionality that must be adequately secured. To qualify as a Certified Information Security Manager, you'll need to know how to securely manage and deploy Windows and Linux cloud-based servers both on-premises and remotely in addition to encrypting a virtual machine. In this course, you'll begin by examining various server roles, when they should be used, and how to secure them. Next, you'll deploy Windows and Linux servers in the cloud and manage them from an on-premises environment. Lastly, you'll assign SQL Server roles and encrypt an on-premises VMware workstation virtual machine. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 8 videos | 41m  assessment  certificate

IT security policies guide how IT services are deployed and managed in an organization. To achieve certification in information security management, you'll need to demonstrate a clear understanding of what policies exist and where and how to implement them. In this course, you'll explore various types of security policies, starting with those for securing change and patch management. You'll then investigate some network and host security hardening techniques. You'll move on to practice hardening Windows and Linux servers as well as a network printer and passwords. You'll then examine how to detect social engineering scams and deal with malware infections. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 14 videos | 1h 21m  assessment  certificate

Information security managers must have the most efficient tools to detect potential security incidents at their disposal. In this course, you'll explore several tools that can be used to detect anomalies and learn how to take action to mitigate these anomalies. You'll learn to differentiate intrusion detection from intrusion prevention, before using Snort for network anomaly detection. You'll then examine how honeypots provide insight related to malicious user techniques. Next, you'll analyze various types of Windows logs, before working with logging in Linux. Lastly, you'll configure data loss prevention in the cloud, view compliance reports, and outline how SIEM and SOAR can be used for incident detection and response. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 10 videos | 56m  assessment  certificate

Periodic security testing sheds light on an organization's current security posture. As an information security manager, you should know how to accurately and thoroughly assess the condition of an organization's IT security. In this course, you'll learn the concepts and practices involved in this process. You'll start by examining how physical security can influence IT services. Next, you'll explore the benefits and techniques involved in network scanning, vulnerability assessments, and penetration testing. You'll round off the course by analyzing cloud-based security recommendations. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 7 videos | 30m  assessment  certificate

Information security managers may be called upon to aid in the gathering and preservation of digital evidence. To achieve certification-level knowledge, you should be savvy in terms of the techniques, requirements, and potential hurdles involved in gathering digital evidence. In this course, you'll explore several digital forensic techniques, such as order of volatility, chain of custody, and data immutability. You'll also examine common digital forensic hardware and software tools. To round off the course, you'll gain hands-on experience using steganography, hard disk image creation, and data recovery using Autopsy in Kali Linux. You'll then investigate common web application attacks and secure coding practices. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 12 videos | 1h 7m  assessment  certificate

Information security managers must plan for inevitable business disruptions, knowing how best to minimize the impact of these disruptions on business processes and learn from them to prepare for future incidents. In this course, you'll explore techniques to reduce the chances of disruptions, plan for the inevitable, and learn from past occurrences. You'll start by examining personnel hiring and skills management and how this relates to IT governance. Next, you'll investigate the concept of high availability configurations before delving into data replication, load balancing, and data backups. You'll also practice some associated techniques. Lastly, you'll learn how to craft disaster recovery and incident response plans, along with post-incident reviews. This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

 13 videos | 1h 15m  assessment  certificate