Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Certified Information Security Manager Exam Prep Guide
Certified Information Security Manager Exam Prep Guide

Certified Information Security Manager Exam Prep Guide: Aligned with the latest edition of the CISM Review Manual to help you pass the exam with confidence

Arrow left icon
Profile Icon Hemang Doshi
Arrow right icon
Mex$1240.99 Mex$1378.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8 (25 Ratings)
eBook Nov 2021 616 pages 1st Edition
eBook
Mex$1240.99 Mex$1378.99
Paperback
Mex$1722.99
Subscription
Free Trial
Arrow left icon
Profile Icon Hemang Doshi
Arrow right icon
Mex$1240.99 Mex$1378.99
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8 (25 Ratings)
eBook Nov 2021 616 pages 1st Edition
eBook
Mex$1240.99 Mex$1378.99
Paperback
Mex$1722.99
Subscription
Free Trial
eBook
Mex$1240.99 Mex$1378.99
Paperback
Mex$1722.99
Subscription
Free Trial

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Certified Information Security Manager Exam Prep Guide

Chapter 1: Information Security Governance

Governance is an important aspect of the certified information security manager (CISM) exam.

In this chapter, we will cover an overview of information security governance and aim to understand the impact of good governance on the effectiveness of information security projects.

You will learn about assurance functions such as governance, risk, and compliance (GRC), and details about the various roles and responsibilities of the security function. You will also be introduced to the best practices for obtaining the commitment from the senior management of an organization toward information security.

The following topics will be covered in this chapter:

  • Introducing information security governance
  • Understanding GRC
  • Discovering the maturity model
  • Getting to know the information security roles and responsibilities
  • Finding out about the governance of third-party relationships
  • Obtaining commitment from senior management
  • Introducing the business case and the feasibility study
  • Understanding information security governance metrics

Let's dive in and discuss each one of these topics in detail.

Introducing information security governance

In simple terms, governance can be defined as a set of rules to direct, monitor, and control an organization's activities. Governance can be implemented by way of policies, standards, and procedures.

The information security governance model is primarily impacted by the complexity of an organization's structure. An organization's structure includes objectives, its vision and mission, different function units, different product lines, hierarchy structure, leadership structure, and other relevant factors. A review of organizational structure will help the security manager to understand the roles and responsibilities of information security governance, as discussed in our next topic.

The responsibility of information security governance

The responsibility for information security governance primarily resides with the board of directors and senior management. Information security governance is a subset of the overall enterprise governance. The board of directors is required to make security an important part of governance by way of monitoring key aspects of security. Senior management holds the responsibility to ensure that security aspects are integrated with business processes.

The involvement of senior management and the steering committee in discussions and in the approval of security projects indicates that the management is committed to aspects relating to security. Generally, a steering committee consists of senior officials from different departments. The role of an information security steering committee is to provide oversight on the security environment of the organization.

It is very important for a CISM aspirant to understand the steps for establishing the governance, as we will discuss in the next section.

Steps for establishing the governance

For effective governance, it should be established in a structured manner. A CISM aspirant should understand the following steps for establishing governance:

  1. First, determine the objectives of an information security program. Most often, these objectives are derived from risk management and the acceptable level of risk that you are willing to take. One example of an objective for a bank may be that the system should always be available for customers – that is, there should be zero downtime. Information security objectives must also align with and be guided by the organization's business objectives.
  2. The next step is that the information security manager develops a strategy and requirements based on these objectives. The security manager is required to conduct a gap analysis and identify the strategy to move to the desired state of security from its current state of security. The desired state of security is also termed as the security objectives. This gap analysis becomes the basis for the strategy.
  3. The final step is to create the road map and identify specific actionable steps to achieve the security objectives. The security manager needs to consider various factors such as time limits, resource availability, the security budget, laws and regulations, and other relevant factors.

These specific actions are implemented by way of security policies, standards, and procedures.

Governance framework

The governance framework is a structure or outline that supports the implementation of the information security strategy. They provide the best practices for a structured security program. Frameworks are a flexible structure that any organization can adopt as per their environment and its requirements. Governance frameworks such as COBIT and ISO 27000 are both examples of widely accepted and implemented frameworks for security governance.

Let's look a bit closer at an example of information security governance in the next section.

The aim of information security governance

Information security governance is a subset of the overall enterprise governance of an organization. The same framework should be used for both enterprise governance and information security governance for better integration between the two.

The following are the objectives of information security governance:

  • To ensure that security initiatives are aligned with the business's strategy and support organizational objectives.
  • To optimize security investments and ensure the high-value delivery of business processes.
  • To monitor the security processes to ensure that security objectives are achieved.
  • To integrate and align the activities of all assurance functions for effective and efficient security measures.
  • To ensure that residual risks are well within acceptable limits. This gives comfort to the management.

We will now go through the key aspects from the perspective of the CISM exam, and in our next topic, we will discuss important aspects of GRC. A CISM aspirant should understand why it is important to integrate all GRC functions.

Key aspects from the CISM exam perspective

The following are some of the key aspects from the CISM exam perspective:

Table 1.1 – Key aspects from the CISM exam perspective

Table 1.1 – Key aspects from the CISM exam perspective

Questions

  1. The effectiveness of information security governance is best indicated by which of the following?

    A. Security projects are discussed and approved by a steering committee.

    B. Security training is mandatory for all executive-level employees.

    C. A security training module is available on the intranet for all employees.

    D. Patches are tested before deployment.

    Answer: A. Security projects are discussed and approved by a steering committee.

    Explanation: The involvement of a steering committee in the discussion and approval of security projects indicates that the management is committed to security governance. The other options are not as significant as option A.

  2. An information security governance model is most likely to be impacted by which of the following?

    A. The number of workstations.

    B. The geographical spread of business units.

    C. The complexity of the organizational structure.

    D. The information security budget.

    Answer: C. The complexity of the organizational structure.

    Explanation: The information security governance model is primarily impacted by the complexity of the organizational structure. The organizational structure includes the organization's objectives, vision and mission, hierarchy structure, leadership structure, different function units, different product lines, and other relevant factors. The other options are not as significant as option C.

  3. Which of the following is the first step in implementing information security governance?

    A. Employee training.

    B. The development of security policies.

    C. The development of security architecture.

    D. The availability of an incident management team.

    Answer: B. The development of security policies.

    Explanation: Security policies indicate the intent of the management. Based on these policies, the security architecture and various procedures are designed.

  4. Which of the following factors primarily drives information security governance?

    A. Technology requirements.

    B. Compliance requirements.

    C. The business strategy.

    D. Financial constraints.

    Answer: C. The business strategy.

    Explanation: Information security governance should support the business strategy. Security must be aligned with business objectives. The other options are not a primary driver of information security governance.

  5. Which of the following is the responsibility of the information security governance steering committee?

    A. To manage the information security team.

    B. To design content for security training.

    C. To prioritize the information security projects.

    D. To provide access to critical systems.

    Answer: C. To prioritize the information security projects.

    Explanation: One of the important responsibilities of a steering committee is to discuss, approve, and prioritize information security projects and to ensure that they are aligned with the goals and objectives of the enterprise.

  6. Which of the following is the first step of information security governance?

    A. To design security procedures and guidelines.

    B. To develop a security baseline.

    C. To define the security strategy.

    D. To develop security policies.

    Answer: C. To define the security strategy.

    Explanation: The first step is to adopt the security strategy. The next step is to develop security policies based on this strategy. The step after this is to develop security procedures and guidelines based on the security policies.

  7. Which of the following is the most important factor for an information security governance program?

    A. To align with the organization's business strategy.

    B. To be derived from a globally accepted risk management framework.

    C. To be able to address regulatory compliance.

    D. To promote a risk-aware culture.

    Answer: A. To align with the organization's business strategy.

    Explanation. The most important objective of an information security governance program is to ensure that the information security strategy is in alignment with the strategic goals and objectives of the enterprise. The other options are secondary factors.

  8. Which of the following is effective governance best indicated by?

    A. An approved security architecture.

    B. A certification from an international body.

    C. Frequent audits.

    D. An established risk management program.

    Answer: D. An established risk management program.

    Explanation: An effective and efficient risk management program is a key element of effective governance. The other options are not as significant as an established risk management program.

  9. Which of the following is the effectiveness of governance best ensured by?

    A. The use of a bottom-up approach.

    B. Initiatives by the IT department.

    C. A compliance-oriented approach.

    D. The use of a top-down approach.

    Answer: D. The use of a top-down approach.

    Explanation: In a top-down approach, policies, procedures, and goals are set by senior management, and as a result, the policies and procedures are directly aligned with the business objectives. A bottom-up approach may not directly address management priorities. Initiatives by the IT department and a compliance-oriented approach are not as significant as the use of a top-down approach.

  10. What is the prime responsibility of the information security manager in the implementation of security governance?

    A. To design and develop the security strategy.

    B. To allocate a budget for the security strategy.

    C. To review and approve the security strategy.

    D. To train the end users.

    Answer: A. To design and develop the security strategy.

    Explanation: The prime responsibility of the information security manager is to develop the security strategy based on the business objectives in coordination with the business process owner. The review and approval of the security strategy is the responsibility of the steering committee and senior management. The security manager is not directly required to train the end users. The budget allocation is the responsibility of senior management.

  11. What is the most important factor when developing information security governance?

    A. To comply with industry benchmarks.

    B. To comply with the security budget.

    C. To obtain a consensus from the business functions.

    D. To align with organizational goals.

    Answer: D. To align with organizational goals.

    Explanation: The objective of the security governance is to support the objectives of the business. The most important factor is to align with organizational objectives and goals. The other options are secondary factors.

  12. What is the prime objective of GRC:

    A. To synchronize and align the organization's assurance functions.

    B. To address the requirements of the information security policy.

    C. To address the requirements of regulations.

    D. To design low-cost a security strategy.

    Answer: A. To synchronize and align the organization's assurance functions.

    Explanation: The concept of GRC is an effort to synchronize and align the assurance activities across the organization for greater efficiency and effectiveness. The other options can be considered secondary objectives.

  13. What organizational areas are the main focus for GRC?

    A. Marketing and risk management.

    B. IT, finance, and legal.

    C. Risk and audit.

    D. Compliance and information security.

    Answer: B. IT, finance, and legal.

    Explanation: Though a GRC program can be applied in any function of the organization, it is mostly focused on IT, finance, and legal areas. Financial GRC focuses on effective risk management and compliance for finance processes. IT GRC focuses on IT processes. Legal GRC focuses on the overall enterprise-level regulatory compliance. GRC is majorly focused on IT, finance, and legal processes to ensure that regulatory requirements are adhered to and risks are appropriately addressed.

  14. What is the most effective way to build an information security governance program?

    A. To align the requirements of the business with an information security framework.

    B. To understand the objectives of the business units.

    C. To address regulatory requirements.

    D. To arrange security training for all managers.

    Answer: B. To understand the objectives of the business units.

    Explanation: The information security governance program will not be effective if it is not able to address the requirements of the business units. The objective of the business units can be best understood by reviewing their processes and functions. Option A is not correct, as security requirements should be aligned with the business and not the other way round. Options C and D are not as significant as option B.

  15. What is the main objective of information security governance?

    A. To ensure the adequate protection of information assets.

    B. To provide assurance to the management about information security.

    C. To support complex IT infrastructure.

    D. To optimize the security strategy to support the business objectives.

    Answer: D. To optimize the security strategy to support the business objectives.

    Explanation: The objective of security governance is to set the direction to ensure that the business objectives are achieved. Unless the information security strategy is aligned with the business objectives, the other options will not offer any value.

  16. The security manager noticed inconsistencies in the system configuration. What is the most likely reason for this?

    A. Documented procedures are not available.

    B. Ineffective governance.

    C. Inadequate training.

    D. Inappropriate standards.

    Answer: B. Ineffective governance.

    Explanation: Governance is the process of oversight to ensure the availability of effective and efficient processes. A lack of procedures, training, and standards is a sign of ineffective governance.

  17. What is an information security framework best described as?

    A. A framework that provides detailed processes and methods.

    B. A framework that provides required outputs.

    C. A framework that provides structure and guidance.

    D. A framework that provides programming inputs.

    Answer: C. A framework that provides structure and guidance.

    Explanation: A framework is a structure intended to support the processes and methods. They provide outlines and basic structure rather than detailed processes and methods. Frameworks are generally not intended to provide programming inputs.

  18. What is the main reason for integrating information security governance into business activities?

    A. To allow the optimum utilization of security resources.

    B. To standardize the processes.

    C. To support operational processes.

    D. To address operational risks.

    Answer: D. To address operational risks.

    Explanation: The main objective of integrating the security aspect in business processes is to address operational risks. The other options may be considered secondary benefits.

  19. Which of the following is the most important attribute of an effective information security governance framework?

    A. A well-defined organizational structure with necessary resources and defined responsibilities.

    B. The availability of the organization's policies and guidelines.

    C. The business objectives support the information security strategy.

    D. Security guidelines supporting regulatory requirements.

    Answer: A. A well-defined organizational structure with necessary resources and defined responsibilities.

    Explanation: The most important attribute is a well-defined organizational structure that minimizes any conflicts of interest. This ensures better governance. Options B and D are important aspects, but option A is more critical. Option C is not correct, as the security strategy supports the business objectives, and not the other way round.

  20. What is the most effective method to use to develop an information security program?

    A. A standard.

    B. A framework.

    C. A process.

    D. A model.

    Answer: B. A framework.

    Explanation: A framework is the most suitable method for developing an information security program as they are more flexible in adoption. Some of the common frameworks include ISO 27001 and COBIT. Standards, processes, and models are not as flexible as frameworks.

Understanding governance, risk management, and compliance

GRC is a term used to align and integrate the processes of governance, risk management, and compliance. GRC emphasizes that governance should be in place for effective risk management and the enforcement of compliance.

Governance, risk management, and compliance are three related aspects that help to achieve the organization's objectives. GRC aims to lay down operations for more effective organizational processes and avoiding wasteful overlaps. Each of these three disciplines impacts the organizational technologies, people, processes, and information. If governance, risk management, and compliance activities are handled independently of each other, it may result in a considerable amount of duplication and a waste of resources. The integration of these three functions helps to streamline the assurance activities of an organization by addressing the overlapping and duplicated GRC activities.

Though a GRC program can be applied in any function of the organization, it is mostly focused on the financial, IT, and legal areas.

Financial GRC focuses on effective risk management and compliance for finance processes. IT GRC focuses on information technology processes. Legal GRC focuses on the overall enterprise-level regulatory compliance.

GRC is an ever-evolving concept, and a security manager should understand the current state of GRC in their organization and determine how to ensure its continuous improvement.

Key aspects from the CISM exam perspective

The following are some of the key aspects from a CISM exam perspective:

Table 1.2 – Key aspects from the CISM exam perspective

Table 1.2 – Key aspects from the CISM exam perspective

Questions

  1. Which of the following is the main objective of implementing GRC procedures?

    A. To minimize the governance cost.

    B. To improve risk management.

    C. To synchronize security initiatives.

    D. To ensure regulatory compliance.

    Answer: B. To improve risk management.

    Explanation: GRC is implemented by integrating interrelated control activities across the organization for improving risk management activities. The other options are secondary objectives.

  2. What is the prime objective of GRC?

    A. To synchronize and align the organization's assurance functions.

    B. To address the requirements of the information security policy.

    C. To address the requirements of regulations.

    D. To design a low-cost security strategy.

    Answer: A. To synchronize and align the organization's assurance functions.

    Explanation: The concept of GRC is an effort to synchronize and align the assurance activities across the organization for greater efficiency and effectiveness. The other options can be considered secondary objectives.

Left arrow icon Right arrow icon

Key benefits

  • Pass the CISM exam confidently with this step-by-step guide
  • Explore practical solutions that validate your knowledge and expertise in managing enterprise information security teams
  • Enhance your cybersecurity skills with practice questions and mock tests

Description

With cyber threats on the rise, IT professionals are now choosing cybersecurity as the next step to boost their career, and holding the relevant certification can prove to be a game-changer in this competitive market. CISM is one of the top-paying and most sought-after certifications by employers. This CISM Certification Guide comprises comprehensive self-study exam content for those who want to achieve CISM certification on the first attempt. This book is a great resource for information security leaders with a pragmatic approach to challenges related to real-world case scenarios. You'll learn about the practical aspects of information security governance and information security risk management. As you advance through the chapters, you'll get to grips with information security program development and management. The book will also help you to gain a clear understanding of the procedural aspects of information security incident management. By the end of this CISM exam book, you'll have covered everything needed to pass the CISM certification exam and have a handy, on-the-job desktop reference guide.

Who is this book for?

If you are an aspiring information security manager, IT auditor, chief information security officer (CISO), or risk management professional who wants to achieve certification in information security, then this book is for you. A minimum of two years' experience in the field of information technology is needed to make the most of this book. Experience in IT audit, information security, or related fields will be helpful.

What you will learn

  • Understand core exam objectives to pass the CISM exam with confidence
  • Create and manage your organization s information security policies and procedures with ease
  • Broaden your knowledge of the organization s security strategy designing
  • Manage information risk to an acceptable level based on risk appetite in order to meet organizational goals and objectives
  • Find out how to monitor and control incident management procedures
  • Discover how to monitor activity relating to data classification and data access

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 26, 2021
Length: 616 pages
Edition : 1st
Language : English
ISBN-13 : 9781801076227

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Nov 26, 2021
Length: 616 pages
Edition : 1st
Language : English
ISBN-13 : 9781801076227

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just Mex$85 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just Mex$85 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total Mex$ 3,754.97
CISSP (ISC)² Certification Practice Exams and Tests
Mex$902.99
Privilege Escalation Techniques
Mex$1128.99
Certified Information Security Manager Exam Prep Guide
Mex$1722.99
Total Mex$ 3,754.97 Stars icon

Table of Contents

16 Chapters
Section 1: Information Security Governance Chevron down icon Chevron up icon
Chapter 1: Information Security Governance Chevron down icon Chevron up icon
Chapter 2: Practical Aspects of Information Security Governance Chevron down icon Chevron up icon
Section 2: Information Risk Management Chevron down icon Chevron up icon
Chapter 3: Overview of Information Risk Management Chevron down icon Chevron up icon
Chapter 4: Practical Aspects of Information Risk Management Chevron down icon Chevron up icon
Chapter 5: Procedural Aspects of Information Risk Management Chevron down icon Chevron up icon
Section 3: Information Security Program Development Management Chevron down icon Chevron up icon
Chapter 6: Overview of Information Security Program Development Management Chevron down icon Chevron up icon
Chapter 7: Information Security Infrastructure and Architecture Chevron down icon Chevron up icon
Chapter 8: Practical Aspects of Information Security Program Development Management Chevron down icon Chevron up icon
Chapter 9: Information Security Monitoring Tools and Techniques Chevron down icon Chevron up icon
Section 4: Information Security Incident Management Chevron down icon Chevron up icon
Chapter 10: Overview of Information Security Incident Manager Chevron down icon Chevron up icon
Chapter 11: Practical Aspects of Information Security Incident Management Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8
(25 Ratings)
5 star 88%
4 star 8%
3 star 0%
2 star 0%
1 star 4%
Filter icon Filter
Top Reviews

Filter reviews by




Amazon Customer Mar 28, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Hemang makes awesome books and resources. This is the 2nd time I've used a resource that Hemang has created. Going through the book I was not sure what to expect. I find many study material out there seem to just teach the basics. But, this book is pretty in depth. I mean, just looking at the size and content. I knew right away there would be A LOT to learn and digest.Whether you plan on taking the CISM exam, or just want to learn more about being an awesome Security Leader. This book covers all the topics from IT Risk management, architecture and even incident response. I got a lot of value out of it especially more on the IT Risk side, as I work a bit less on that. And, I spend more time on IR as well as engineering. So I felt I definitely got the most out of this book.One of the things I really liked is the sample questions. It really re-enforces if you learned and understood the topics. And, also gives you some practice on the types of questions that may appear or be asked on the exam. My only recommendation would be that the answer be placed on a separate page. I felt seeing the answers on the questions page didn't help. I would have to manually place something over it so I do not accidentally see the answer before answering it myself. Overall, a great resource to purchase and add on to your CISM study materials.
Amazon Verified review Amazon
Tapashankar Dasgupta Jan 04, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Perfect resource to have while preparing for CISM It is written in a simple and lucid manner in line with the CRM and includes the relevant questions with explanation to test your concept.I recommend this book to each and every CISM aspirant. It helped me to clear CISM in first attempt and should be used as an add on to virtual training
Amazon Verified review Amazon
George McPherson Nov 30, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Hemang Doshi does it again!Time and time again Hemang have proven he is the leader in writing actionable, relevant exam information without any unneeded distracters or fillers.And this time is no different, Hemang paints a picture with his words, using humor, laymen's terms language, and great info graphics to guide his readers to CISM success!
Amazon Verified review Amazon
Fularam Nov 06, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I have gone through this book and udemy course of Hemang Doshi and they are awesome for preparing CISM certification.I passed mine 😊
Amazon Verified review Amazon
Hasan Apr 02, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Used this to prepare for the exam 3 weeks prior to the date. Was beautifully written and well explained. Kudos to the author for this along with the videos on CISM concepts. Thank you Hemang Doshi.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.