3.6 NIST SP 800-34 | InfoSec4TC

Autoplay
Autocomplete

Previous Lesson Complete and Continue

2025 ISACA Certified Information Systems Manager | CISM

Introduction to CISM Certification

Introduction (1:45)
Your Instructor (2:22)
ISACA (2:04)
CISM Certificate (2:49)
Why this course is different ? (4:34)

Domain 1 - Information Security Governance

1.1 Guidance on next steps after completing the course
1.2 Final thoughts and encouragement for pursuing CISM certification
1.3 Recap of key concepts covered in the course
1.4 Understanding information security governance (8:09)
1.5 Roles and responsibilities of information security governance (3:02)
1.6 CISO JD (4:02)
1.7 Establishing an Information Steering Committee ISSC (3:27)
1.8 Policies and Procedures (8:57)
1.9 IS Policy Sample (7:34)
1.10 Policy Template Resources (1:35)
1.11 Compliance and Legal Requirements (3:04)
1.12 Implementing information security governance frameworks (7:26)
1.13 ISO 27001 Standards (8:56)
1.14 PCI-DSS (9:31)
1.15 Mapping between standards (2:47)
1.16 NIST 800-53 (2:38)
1.17 SP NIST 800-53 (4:02)
1.18 HIPAA (3:02)
1.19 Security Governance (3:37)
1.20 Security Governance
1.21 Governance using AI Part 1 (9:24)
1.22 Governance using AI Part 2 (5:06)
1.23 Awareness and Education (7:47)
1.24 Security Models (2:18)
1.25 Security Models
1.26 Incident Report (5:33)
1.27 professional Ethics (4:32)
1.28 Professional Ethics
1.29 Security Documentation (2:47)
1.30 Security Documentation
1.31 Threat Modeling (5:16)
1.32 Threat Modeling
1.33 Acquisition Strategy and practice (5:11)
1.34 Acquisition Strategy and Practice
1.35 Information security policy (3:08)
1.36 information security policy
1.37 Security Awareness and Training (3:43)
1.38 Security Awareness and Training
1.39 Audits (4:18)
1.40 Audits

Domain 2 - Risk Management

2.1 Risk Managment (10:49)
2.2 Qualitative vs Quantitively Assessment (8:20)
2.3 Risk Formula (11:38)
2.4 Risk Management Strategies (10:08)
2.5 Data Security Controls (4:02)
2.6 Data Security Controls
2.7 Security Controls (6:23)
2.8 NIST 800-37 (2:15)
2.9 NIST 800-37 (2:14)
2.10 Risk Register (1:12)
2.11 Risk Management (4:32)
2.12 Risk management
2.13 Information Asset Management (4:05)
2.14 information asset management
2.15 Privacy Protection (4:06)
2.16 Privacy Protection
2.17 Asset Retention (5:17)
2.18 Asset Retention
2.19 Asset Classification (4:14)
2.20 Asset Classification
2.21 Secure Data Handling (5:04)
2.22 Secure Data Handling

Domain 3 - Information Security Program Development

3.1 Security Policy Framework (24:53)
3.2 The Relationship Between Security Document Types (3:42)
3.3 Identify, analyze, and prioritize Business Continuity (BC) requirements (8:17)
3.4 BCP Phases (12:00)
3.5 Business Impact Analysis - BIA (10:41)
3.6 NIST SP 800-34 (8:06)
3.7 MTD-RTO-RPO- (11:29)
3.8 Business Continuity Controls (9:41)
3.9 High availability and Fault Tolerance (11:28)
3.10 Resources CIS (4:17)
3.11 Security in the Engineering Lifecycle (5:49)
3.12 Security in the Engineering Lifecycle
3.13 Symmetric vs. Asymmetric Cryptography (2:34)
3.14 Symmetric vs. Asymmetric Cryptography
3.15 Cryptography Applications (Digital Rights Management, Hishing) (6:55)
3.16 Cryptography Applications (Digital Rights Management, Hishing)
3.17 Cryptography Applications (PKI,Digital Certificates and Signature)
3.18 Cryptography Applications (PKI,Digital Certificates and Signature) (4:52)
3.19 Physical Security (5:48)
3.20 Physical Security
3.21 System Component Security - Part 2 (3:44)
3.22 System Component Security - Part 2
3.23 System Component security - part 3 (4:18)
3.24 System Component Security - Part 3
3.25 System Component Security- Part 1 (5:15)
3.26 System Component Security- Part 1
3.27 Security Models (3:33)
3.28 Security Models
3.29 Controls and Countermeasures in Enterprise Security (8:59)
3.30 Controls and Countermeasures in Enterprise Security
3.31 Information System Security Capabilities (7:09)
3.32 Information System Security Capabilities
3.33 Design and Architecture Vulnerability Mitigation- Part 1
3.34 Design and Architecture Vulnerability Mitigation- Part 1 (5:27)
3.35 Design and Architecture Vulnerability Mitigation - Part 2 (5:29)
3.37 Design and Architecture Vulnerability Mitigation - Part 2
3.38 Design and Architecture Vulnerability Mitigation - Part 3 (5:44)
3.39 Design and Architecture Vulnerability Mitigation - Part 3
3.40 Patch and Vulnerability Management (8:04)
3.41 Patch and Vulnerability Management
3.42 Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems (6:52)
3.43 Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
3.44 Cryptography Basics - Part 1 (3:05)
3.45 Cryptography Basics - Part 1
3.46 Cryptography Basics - Part 2 (0:53)
3.47 Cryptography Basics - Part 2
3.48 Cryptography Basics - Part 3 (1:55)
3.49 Cryptography Basics - Part 3

Domain 4 - Information Security Incident Management

4.1 Incident Management (5:24)
4.2 Incident Response (5:37)
4.3 Incident Response
4.4 Incident Classification and Prioritization (5:52)
4.5 Incident Classification and Prioritization
4.6 Forensics and Evidence Collection (6:19)
4.7 Forensics and Evidence Collection
4.8 BCP (5:48)
4.9 BCP
4.10 Disaster Recovery Planning (5:40)
4.11 Disaster Recovery Planning
4.12 Disaster Recovery Implementation (4:47)
4.13 Disaster Recovery Implementation
4.14 Change Management (5:24)
4.15 Change Management
4.16 Recovery Site Strategies (4:52)
4.17 Recovery Site Strategies
4.18 Logging and Monitoring (4:18)
4.19 Logging and Monitoring
4.20 Backup (5:59)
4.21 Alternative Sites (8:09)

Emerging Technologies in Information Security

Understanding the impact of AI and machine learning on information security
Blockchain technology and its applications in information security
Incorporating emerging technologies into information security strategies

Preparation for the CISM Exam

Exam format and structure
Study tips and resources for CISM exam preparation
Practice exams and simulations to build readiness

Career Opportunities and Advancement with CISM Certification

Job roles and responsibilities for CISM holders
Salary potential and career growth opportunities with CISM
Continuing education and staying updated in the field of information security

Conclusion and Next Steps

3.1 Security in the Engineering Lifecycle (5:49)
3.1 Security in the Engineering Lifecycle
3.10 Symmetric vs. Asymmetric Cryptography (2:34)
3.10 Symmetric vs. Asymmetric Cryptography
3.11 Cryptography Applications (Digital Rights Management, Hishing) (6:55)
3.11 Cryptography Applications (Digital Rights Management, Hishing)
3.12 Cryptography Applications (PKI,Digital Certificates and Signature)
3.12 Cryptography Applications (PKI,Digital Certificates and Signature) (4:52)
3.13 Physcial Security (5:48)
3.13 Physcial Security
3.2 System Component Security - Part 2 (3:44)
3.2 System Component Security - Part 2
3.2 System Component security - part 3 (4:18)
3.2 System Component Security - Part 3
3.2 System Component Security- Part 1 (5:15)
3.2 System Component Security- Part 1
3.3 Security Models (3:33)
3.3 Security Models
3.4 Controls and Countermeasures in Enterprise Security (8:59)
3.4 Controls and Countermeasures in Enterprise Security
3.5 Information System Security Capabilities (7:09)
3.5 Information System Security Capabilities
3.6 Design and Architecture Vulnerability Mitigation - Part 2 (5:29)
3.6 Design and Architecture Vulnerability Mitigation - Part 2
3.6 Design and Architecture Vulnerability Mitigation - Part 3 (5:44)
3.6 Design and Architecture Vulnerability Mitigation - Part 3
3.6 Design and Architecture Vulnerability Mitigation- Part 1 (5:27)
3.6 Design and Architecture Vulnerability Mitigation- Part 1
3.7 Patch and Vulnerability Management (8:04)
3.7 Patch and Vulnerability Management
3.8 Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems (6:52)
3.8 Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
3.9 Cryptography Basics - Part 1 (3:05)
3.9 Cryptography Basics - Part 1
3.9 Cryptography Basics - Part 2 (0:53)
3.9 Cryptography Basics - Part 2
3.9 Cryptography Basics - Part 3 (1:55)
3.9 Cryptography Basics - Part 3

Teach online with

3.6 NIST SP 800-34

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock