Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "The CISM Prep Guide", Ronald L. Krutz/Russell Dean Vi

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "The CISM Prep Guide", Ronald L. Krutz/Russell Dean Vines
Date: Mon, 13 Mar 2006 08:12:46 -0800 
BKCISMPG.RVW   20051204

"The CISM Prep Guide", Ronald L. Krutz/Russell Dean Vines, 2003,
0-471-45598-9, U$60.00/C$92.95/UK#41,95
%A   Ronald L. Krutz
%A   Russell Dean Vines
%C   5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8
%D   2003
%G   0-471-45598-9
%I   John Wiley & Sons, Inc.
%O   U$60.00/C$92.95/UK#41,95 416-236-4433 fax: 416-236-4448
%O  http://www.amazon.com/exec/obidos/ASIN/0471455989/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0471455989/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0471455989/robsladesin03-20
%O   Audience i Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   433 p. + CD-ROM
%T   "The CISM Prep Guide"

The CISM (Certified Information Systems Manager) is ISACA's
(Information Systems Audit and Control Association) extension to its
more widely known CISA (Certified Information Systems Auditor) (cf.
BKCISAPG.RVW) designation.  It basically covers the material addressed
in the CISSP (Certified Information Systems Security Professional)
security management domain, with additional material on incident
response.

The chapters in this book follow the five domains of the CISM. 
Chapter one deals with information security governance, also passing
quickly over some of the areas of technical security controls.  Risk
management is addressed in chapter two, with a concentration on the
NIST (US National Institute of Standards and Technology) risk
assessment framework: an indication of the concentration on US
standards in this work and certification.  Information security
program management, in chapter three, includes topics such as formal
models, project management, and the system development life cycle. 
(There is a lack of clarity in some of the explanations of specific
models that may lead readers into error.)  Information security
management, in chapter four, is even more of a grab bag, looking at US
regulations, contracts, auditing, and security reviews.  Chapter five
covers incident response, disaster recovery, and forensics.

The book also contains a set of questions.  They are quite vague, and,
if representative of the CISM itself, that certification is only
looking for familiarity with topics.

copyright Robert M. Slade, 2005   BKCISMPG.RVW   20051204


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
You can observe a lot by just watching.                 - Yogi Berra
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "The CISM Prep Guide", Ronald L. Krutz/Russell Dean Vines, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] Governing for Enterprise Security, Dan Swanson
Next by Date:  [CISSP-D] NIST has released four New Publications related to Computer Security, nadeem_rafi
Previous by Thread:  [CISSP-D] MS in InfoSec, Kalpesh Shah
Next by Thread:  [CISSP-D] NIST has released four New Publications related to Computer Security, nadeem_rafi
Indexes:  [Date] [Thread] [Top] [All Lists]