


Get Skill in Information Security Manager exam practice test (950+ QA)
This certification exam is a globally accepted standard of achievement in cybersecurity management, conveying that certification holders adapt technology to their enterprise and industry. The exam certification is mainly targeted to those candidates who want to build their career in IT Security domain. This exam has been designed for information security managers, supervisors and any other employees who have information security management responsibilities and need to ensure the continued safety of data storage and security.
Exam Domain :-
Domain 1 - Information Security Governance
This domain will provide you with a thorough insight into the culture, regulations and structure involved in enterprise governance, as well as enabling you to analyze, plan and develop information security strategies. Together, this will affirm high-level credibility in information security governance to stakeholders.
A–ENTERPRISE GOVERNANCE
Organizational Culture
Legal, Regulatory and Contractual Requirements
Organizational Structures, Roles and Responsibilities
B–INFORMATION SECURITY STRATEGY
Information Security Strategy Development
Information Governance Frameworks and Standards
Strategic Planning (e.g., Budgets, Resources, Business Case)
Domain 2 - Information Security Risk Management
This domain empowers you to analyze and identify potential information security risks, threats and vulnerabilities as well as giving you all the information about identifying and countering information security risks you will require to perform at management level.
A–INFORMATION SECURITY RISK ASSESSMENT
Emerging Risk and Threat Landscape
Vulnerability and Control Deficiency Analysis
Risk Assessment and Analysis
B–INFORMATION SECURITY RISK RESPONSE
Risk Treatment / Risk Response Options
Risk and Control Ownership
Risk Monitoring and Reporting
Domain 3 - Information Security Program
This domain covers the resources, asset classifications and frameworks for information security as well as empowering you to manage information security programs, including security control, testing, comms and reporting and implementation.
A–INFORMATION SECURITY PROGRAM DEVELOPMENT
Information Security Program Resources (e.g., People, Tools, Technologies)
Information Asset Identification and Classification
Industry Standards and Frameworks for Information Security
Information Security Policies, Procedures and Guidelines
Information Security Program Metrics
B–INFORMATION SECURITY PROGRAM MANAGEMENT
Information Security Control Design and Selection
Information Security Control Implementation and Integrations
Information Security Control Testing and Evaluation
Information Security Awareness and Training
Management of External Services (e.g., Providers, Suppliers, Third Parties, Fourth Parties)
Information Security Program Communications and Reporting
Domain 4 - Incident Management
This domain provides in-depth training in risk management and preparedness, including how to prepare a business to respond to incidents and guiding recovery. The second module covers the tools, evaluation and containment methods for incident management.
A–INCIDENT MANAGEMENT READINESS
Incident Response Plan
Business Impact Analysis (BIA)
Business Continuity Plan (BCP)
Disaster Recovery Plan (DRP)
Incident Classification/Categorization
Incident Management Training, Testing and Evaluation
B–INCIDENT MANAGEMENT OPERATIONS
Incident Management Tools and Techniques
Incident Investigation and Evaluation
Incident Containment Methods
Incident Response Communications (e.g., Reporting, Notification, Escalation)
Incident Eradication and Recovery
Post-Incident Review Practices
This is an Unofficial practice tests for exam practice and this course is not affiliated, licensed or trademarked with respective owners in any way.