CSS 1008 Chapter 16

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which function defined in the NIST Cybersecurity Framework Core includes the categories and subcategories that define what processes and assets need protection? A: Detect B: Identify C: Protect D: Respond

Identify

Which of the following is the last step in NIST's recommended steps to establish or improve a cybersecurity program? A: Implement the action plan B: Orient your strategy C: Determine, analyze, and prioritize any gaps D: Create a target profile

Implement the action plan

Which of the following statements about the NIST Cybersecurity Framework is not true? A: One of the main goals is to address and manage cybersecurity risk in a cost-effective way to protect critical infrastructure. B: It is aimed to replace an existing risk management process and cybersecurity program in an organization. C: An organization that doesn't have an existing cybersecurity program can use the NIST Cybersecurity Framework as a reference to develop such a program. D: The NIST Cybersecurity Framework is developed with a common taxonomy.

It is aimed to replace an existing risk management process and cybersecurity program in an organization.

Which of the following statements about the NIST Cybersecurity Framework is true? A: It was created in the U.S. and is used exclusively within the U.S. B: It was created in the U.S. and is also used outside of the U.S. C: It was created outside of the U.S. and is used worldwide. D: None of the above

It was created in the U.S. and is also used outside of the U.S.

Which of the following is not one of the three levels NIST defines within an organization that should coordinate the framework implementation and a common flow of information? A: Management B: Implementation/Operations C: Executive D: Business/Process

Management

The NIST Cybersecurity Framework (CSF) Reference Tool can run in which of the following operating systems? A: Microsoft Windows and Linux B: Apple Mac OS-X and Linux C: Microsoft Windows and Apple Mac OS-X D: Microsoft Windows, Apple Mac OS-X, and Linux

Microsoft Windows and Apple Mac OS-X

Which of the following is the first step in NIST's recommended steps to establish or improve a cybersecurity program? A: Create a current profile B: Prioritize and scope C: Create a target profile D: Conduct a risk assessment

Prioritize and scope

Which function defined in the NIST Cybersecurity Framework Core provides guidance on how to recover normal operations after a cybersecurity incident? A: Respond B: Detect C: Identify D: Recover

Recover

In the NIST Cybersecurity Framework Tiers, which of the following Framework Implementation Tiers is labeled Tier 2? A: Adaptive B: Repeatable C: Risk-Informed D: Partial

Risk-Informed

In the NIST Cybersecurity Framework Tiers, which of the following Framework Implementation Tiers is labeled Tier 4? A: Risk-Informed B: Partial C: Adaptive D: Repeatable

Adaptive

Which of the following is not a supported export file format for current viewed data in the NIST CSF Reference Tool? A: XML files B: Adobe PDF files C: Tab-separated text files D: Comma-separated text files

Adobe PDF files

The NIST CSF Reference Tool provides a way for you to browse the Framework Core by which of the following? A: Categories B: Functions C: Informative references D: All of the above

All of the above

The NIST Cybersecurity Framework was developed by which of the following? A: U.S. government B: Corporations C: Individuals D: All of the above

All of the above

Which category in the Identify function of the NIST Cybersecurity Framework Core addresses the need for an organization's mission, objectives, stakeholders, and activities to be comprehended and prioritized? A: Business Environment B: Governance C: Risk Assessment D: Asset Management

Business Environment

Which category in the Protect function of the NIST Cybersecurity Framework Core provides guidance around data management practices in order to protect the confidentiality, integrity, and availability of such data? A: Awareness and Training B: Protective Technology C: Maintenance D: Data Security

Data Security

NIST's Cybersecurity Framework is divided into three parts, including all but which of the following? A: The Framework Tiers B: The Framework Core C: The Framework Outcomes D: The Framework Profiles

The Framework Outcomes

Which part of the NIST Cybersecurity Framework is designed to help an organization align its cybersecurity undertakings with business requirements, risk tolerances, and resources? A: The Framework Tiers B: The Framework Core C: The Framework Profiles D: The Framework Outcomes

The Framework Profiles

Which part of the NIST Cybersecurity Framework is designed to help organizations view and understand the characteristics of their approach to managing cybersecurity risk? A: The Framework Tiers B: The Framework Core C: The Framework Outcomes D: The Framework Profiles

The Framework Tiers

Which part of the NIST Cybersecurity Framework provide guidance to allow organizations to analyze cybersecurity risk and to enhance their processes to manage such risk? A: The Framework Tiers B: The Framework Core C: The Framework Outcomes D: The Framework Profiles

The Framework Tiers

NIST created a(n) __________ that allows you to start reviewing and documenting each of the framework's functions, categories, subcategories, and informative references. A: spreadsheet B: database C: presentation D: XML file

spreadsheet


Ensembles d'études connexes

ATI Gastrointestinal learning system 3.0

View Set

Possible Quiz Questions for A Man For All Seasons

View Set

Chapter 1 : Life Skills (Standard Foundations)

View Set

4.04 Quiz: Buying Clothes and Shopping 2

View Set

Ch 14: Collective Bargaining and Unions in Today's Workplace

View Set

Musculoskeletal/Integument Ch.38, 39, 40, 41, 42

View Set

Language of Medicine -Ch 21 -Review Sheet

View Set