Professional Documents
Culture Documents
Cybrary Cism Study Notes
Cybrary Cism Study Notes
Information Security
Governance
General Manager/
Board Secretary Board of Directors
Chief Executive Officer
Senior Management
Board Committees
Cyber
Governance
Committee
Governance
Tailored to
Distinct End-to-End
Enterprise Needs
from Governance
Management System
Based on
Open and Flexible
Conceptual
Model
Aligned to
Major Standards
Enterprise
Goals
Alignment
Goals
Governance and
Management
Objectives
© 2022 Proprietary and Confidential. All Rights Reserved.
Five Domains of COBIT
Goal is to achieve objectives across five domains:
Risk
Assessment Safeguard
and Treatment Implementation
4 Support
5 Operation
6 Performance Evaluation
7 Improvement
© 2022 Proprietary and Confidential. All Rights Reserved.
Annex A 27001
Overconfidence Herding
Anchoring False Consensus/Confirmation Bias
Optimism Selective Recall
Status Quo Groupthink
Mental Accounting
Incentives
Working
Leadership
Relations
Organizational
Culture
Human
Capability
Behavior
Determine Desired
Outcome
Risk Management
Determine Current State Activities
Non-Repudiation
Digital Signatures: Hash (integrity) encrypted with
the sender’s private key (authenticity)
Data traversing unsecured networks can have end-
to-end security through the use of VPNs
© 2022 Proprietary and Confidential. All Rights Reserved.
Endpoint Protection
Includes desktops, laptops, tablets, etc. Hardening systems includes:
Prepare
Respond
Protect
Triage Detect
Reactive Detection
Conducted when reports from users or organizations notice unusual or
suspicious activity
Requires multiple communications pathways for users to report incidents
Categorizing
DoS
Malicious code
Unauthorized access
Inappropriate usage
Multiple components
Correlation: Evaluates an event and determine if other relevant information
relates to the event or is necessary for proper handling
Prioritization: Allows for efficient use of resources
Assignment: An incident or potential incident is assigned to the IMT, which
begins the Incident Response Process
© 2022 Proprietary and Confidential. All Rights Reserved.
Process Flow: Respond
Determines the steps needed to address, resolve or mitigate an incident
Technical Response:
Collection and analysis of information from various technical sources
Implementation or modification of technical controls
Legal Response: Activities that relate to laws and regulations and may result in an
investigation, prosecution, liability, copyright, etc.
Preparation
Lessons Identification
Learned
Containment
Recovery
Eradication
Systems owners review and test the system and declare normal operations
Man-made
Strikes, riots, fires, terrorism, hackers, vandals
Natural
Tornado, flood, earthquake
Technical
Power outage, device failure, loss of a T1 line
Simulation Test
Go through a disaster scenario.
Continues up to the actual relocation to an offsite facility.
Parallel Test
Systems moved to an alternative site where processing takes place.