NIST Framework
Under the Protect Function, What is the Third Category?
Data Security (PR.DS)
Five Functions: (DE) - What is the Third Function?
Detect (DE)
What is the Purpose of the Recover : Recovery Planning (RC.RP) Related to the Entire Framework?
Recovery processes and procedures are executed and maintained to ensure timely restoration of systems or assets affected by cybersecurity incidents.
Five Functions: (RS) - What is Fourth Function?
Respond (RS)
Under the Respond Function, What is the First Category?
Respond Planning (RS.RP)
What is the Purpose of the Response : Communications (RS.CO) Related to the Entire Framework?
Response activities are coordinated with internal and external stakeholders, as appropriate, to include external support from law enforcement agencies.
What is the Purpose of the Response : Respond Planning (RS.RP) Related to the Entire Framework?
Response processes and procedures are executed and maintained, to ensure timely response to detected cybersecurity incidents.
Under the Identify Function, What is the Fourth Category?
Risk Assessment (ID.RA)
Under the Identify Function, What is the Fifth Category?
Risk Management Strategy (ID.RM)
What is the Purpose of the Protect : Identity Management, Authentication and Access Control (PR.AC) Related to the Entire Framework?
Access to physical and logical assets and associated facilities is limited to authorized users, processes, and devices, and is managed consistent with the assessed risk of unauthorized access to authorized activities and transactions.
What is the Purpose of the Response : Mitigation (RS.MI) Related to the Entire Framework?
Activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident.
Under the Response Function, What is the Third Category?
Analysis (RS.AN)
What is the Purpose of the Response : Analysis (RS.AN) Related to the Entire Framework?
Analysis is conducted to ensure adequate response and support recovery activities.
Under the Detect Function, What is the First Category?
Anomalies and Events (DE.AE)
What is the Purpose of the Detect : Anomalies and Events (DE.AE) Related to the Entire Framework?
Anomalous activity is detected in a timely manner and the potential impact of events is understood.
Under the Identify Function, What is the First Category (ID)?
Asset Management (ID.AM)
Under the Protect Function, What is the Second Category?
Awareness and Training (PR.AT)
Under the Identify Function, What is the Second Category?
Business Environment (ID.BE)
Under the Response Function, What is the Second Category?
Communications (RS.CO)
Under the Identify Function, What is the Third Category?
Governance (ID.GV)
Five Functions: (ID) - What is the First Function?
Identify (ID)
Under the Protect Function, What is the First Category?
Identity Management, Authentication and Access Control (PR.AC)
Under the Protect Function, What is the Fourth Category?
Information Protection Processes and Procedures (PR.IP)
What is the Purpose of the Protect : Data Security (PR.DS) Related to the Entire Framework?
Information and records (data) are managed consistent with the organization's risk strategy to protect the confidentiality, integrity, and availability of information.
Under the Response Function, What is the Fourth Category?
Mitigation (RS.MI)
Five Functions: (PR) - What is the Second Function?
Protect (PR)
Under the Protect Function, What is the Fifth Category?
Protective Technology (PR.PT)
Five Functions: (RC) - What is the Fifth Function?
Recover (RC)
Under the Recover Function, What is the First Category?
Recovery Planning (RC.RP)
Under the Detect Function, What is the Second Category?
Security Continuous Monitoring (DE.CM)
What is the Purpose of the Protect : Information Protection Processes and Procedures (PR.IP) Related to the Entire Framework?
Security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organizational entities), processes, and procedures are maintained and used to manage protection of information systems and assets.
Under the Identify Function, What is the Sixth Category?
Supply Chain Risk Management (ID.SC)
What is the Purpose of the Protect : Protective Technology (PR.PT) Related to the Entire Framework?
Technical security solutions are managed to ensure the security and resilience of systems and assets, consistent with related policies, procedures, and agreements.
What is the Purpose of the Identify : Asset Management (ID.AM) Related to the Entire Framework?
The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to business objectives and the organization's risk strategy
What is the Purpose of the Detect : Security Continuous Monitoring (DE.CM) Related to the Entire Framework?
The information system and assets are monitored at discrete intervals to identify cybersecurity events and verify the effectiveness of protective measures.
What is the Purpose of the Identify : Risk Assessment (ID.RA) Related to the Entire Framework?
The organization understands the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.
What is the Purpose of the Identify : Business Environment (ID.BE) Related to the Entire Framework?
The organization's mission, objectives, stakeholders, and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.
What is the Purpose of the Protect : Awareness and Training (PR.AT) Related to the Entire Framework?
The organization's personnel and partners are provided cybersecurity awareness education and are adequately trained to perform their information security-related duties and responsibilities consistent with related policies, procedures, and agreements.
What is the Purpose of the Identify : Risk Management Strategy (ID.RM) Related to the Entire Framework?
The organization's priorities, constraints, risk tolerances, and assumptions are established and used to support operational risk decisions.
What is the Purpose of the Identify : Supply Chain Risk Management (ID.SC) Related to the Entire Framework?
The organization's priorities, constraints, risk tolerances, and assumptions are established and used to support risk decisions associated with managing supply chain risk. The organization has established and implemented the processes to identify, assess and manage supply chain risks.
What is the Purpose of the Identify : Governance (ID.GV) Related to the Entire Framework?
The policies, procedures, and processes to manage and monitor the organization's regulatory, legal, risk, environmental, and operational requirements are understood and inform the management of cybersecurity risk.