ISACA Certified in Risk and Information Systems Control (CRISC(R)) Exam Guide: A primer on GRC and an exam guide for the most recent and rigorous IT r
            
暫譯: ISACA 風險與資訊系統控制認證 (CRISC(R)) 考試指南:GRC 入門與最新最嚴格的 IT 風險考試指南
        
        Mehta, Shobhit
- 出版商: Packt Publishing
- 出版日期: 2023-09-08
- 售價: $1,950
- 貴賓價: 9.5 折 $1,853
- 語言: 英文
- 頁數: 316
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1803236906
- ISBN-13: 9781803236902
- 
    相關分類:
    
      Penetration-test
 
海外代購書籍(需單獨結帳)
相關主題
商品描述
Pass the ISACA CRISC exam, gain high-value skills, and propel yourself toward IT risk management mastery
Key Features
- Get end-to-end coverage of all the topics likely to be assessed in the ISACA CRISC exam
- Apply and embed your learning with the help of mock exams and self-assessment questions
- Have an in-depth guide handy as you progress in your enterprise IT risk management career
Book Description
For beginners and experienced IT risk professionals alike, acing the ISACA CRISC exam is no mean feat, and neither is the application of this advanced skillset in your daily work even after you’ve achieved the certification. ISACA Certified in Risk and Information Systems Control (CRISC) Certification Guide is a comprehensive guide to CRISC certification and beyond. This book will help you approach these daunting challenges with its step-by-step coverage of all aspects of the exam content and gain a highly sought-after skillset in the process.
This book is divided into six sections, each section equipped with everything you need to get to grips with the domains covered in the exam. There’ll be no surprises on exam day – from GRC to ethical risk management, third-party security concerns to the ins and outs of control design, and IDS/IPS to the SDLC, no stone is left unturned in this book’s systematic design covering all the topics so that you can sit for the exam with confidence. What’s more, there are chapter-end self-assessment questions for you to test all that you’ve learned, as well as two book-end mock exams to really give you a leg up.
By the end of this CRISC exam study guide, you’ll not just have what it takes to breeze through the certification process, but will also be equipped with an invaluable resource to accompany you on your career path.
What you will learn
- Adopt the ISACA mindset and learn to apply it when attempting the CRISC exam
- Grasp the Three Lines of Defense model and understand risk capacity
- Explore the threat landscape and figure out vulnerability management
- Familiarize yourself with the concepts of BIA, RPO, MTTD, and more
- Get to grips with the four stages of risk response
- Manage third-party security risks and secure your systems with ease
- Use a full arsenal of InfoSec tools to protect your organization
- Test your knowledge with self-assessment questions and mock exams
Who This Book Is For
If you are a risk management professional who is experienced in the management of IT audits or in the design, implementation, monitoring, and maintenance of IS controls, or are gearing up to take the CRISC exam, then this CRISC book is for you. Business analysts, PMs, and other management professionals and executives will also benefit from this book.
商品描述(中文翻譯)
通過 ISACA CRISC 考試,獲得高價值技能,並推動自己邁向 IT 風險管理的精通
主要特點
- 全面涵蓋 ISACA CRISC 考試中可能評估的所有主題
- 透過模擬考試和自我評估問題來應用和鞏固您的學習
- 在您進步於企業 IT 風險管理職業生涯時,隨時擁有深入的指南
書籍描述
對於初學者和經驗豐富的 IT 風險專業人士來說,通過 ISACA CRISC 考試並非易事,即使在獲得認證後,將這一高級技能應用於日常工作中也同樣具有挑戰性。《ISACA 風險與資訊系統控制 (CRISC) 認證指南》是一本全面的 CRISC 認證指南,幫助您應對這些艱巨的挑戰,提供逐步涵蓋考試內容各個方面的內容,並在此過程中獲得極具需求的技能組合。
本書分為六個部分,每個部分都配備了您需要掌握考試所涵蓋領域的所有內容。考試當天不會有驚喜——從 GRC 到道德風險管理,從第三方安全問題到控制設計的方方面面,從 IDS/IPS 到 SDLC,本書的系統設計涵蓋所有主題,讓您能夠自信地參加考試。此外,每章結尾都有自我評估問題,讓您測試所學的知識,還有兩個書末的模擬考試,真正幫助您提升實力。
在這本 CRISC 考試學習指南的結尾,您不僅具備輕鬆通過認證過程的能力,還將擁有一個無價的資源,伴隨您在職業道路上的發展。
您將學到什麼
- 採用 ISACA 的思維方式,並學會在參加 CRISC 考試時應用它
- 掌握三道防線模型,理解風險承受能力
- 探索威脅環境,了解漏洞管理
- 熟悉 BIA、RPO、MTTD 等概念
- 掌握風險應對的四個階段
- 輕鬆管理第三方安全風險並保護您的系統
- 使用全套資訊安全工具來保護您的組織
- 透過自我評估問題和模擬考試來測試您的知識
本書適合誰
如果您是一位在 IT 審計管理或 IS 控制的設計、實施、監控和維護方面有經驗的風險管理專業人士,或是準備參加 CRISC 考試,那麼這本 CRISC 書籍適合您。商業分析師、專案經理及其他管理專業人士和高管也將從本書中受益。
目錄大綱
- Privacy & IT Risk Management
- Governance, Risk, and Compliance
- CRISC Practice Areas and the ISACA Mindset
- Organizational Governance, Policies, and Risk Management
- The Three Lines of Defense and Cybersecurity
- Legal Requirements and the Ethics of Risk Management
- Risk Management Life Cycle
- Threat, Vulnerability, and Risk
- Risk Assessment Concepts, Standards, and Frameworks
- Business Impact Analysis, Inherent and Residual Risk
- Risk Response and Control Ownership
- Third-Party Risk Management
- Control Design and Implementation
- Data Collection, Aggregation, Analysis, and Validation
- Information Technology and Enterprise Architecture
- Business Continuity, Disaster Recovery, and Incident response
- System Development Life Cycle (SDLC) and Emerging Technologies
目錄大綱(中文翻譯)
- Privacy & IT Risk Management
- Governance, Risk, and Compliance
- CRISC Practice Areas and the ISACA Mindset
- Organizational Governance, Policies, and Risk Management
- The Three Lines of Defense and Cybersecurity
- Legal Requirements and the Ethics of Risk Management
- Risk Management Life Cycle
- Threat, Vulnerability, and Risk
- Risk Assessment Concepts, Standards, and Frameworks
- Business Impact Analysis, Inherent and Residual Risk
- Risk Response and Control Ownership
- Third-Party Risk Management
- Control Design and Implementation
- Data Collection, Aggregation, Analysis, and Validation
- Information Technology and Enterprise Architecture
- Business Continuity, Disaster Recovery, and Incident response
- System Development Life Cycle (SDLC) and Emerging Technologies
 
 
 
     
     
     
     
     
     
     
     
    