- All Exams Instant Download
Which control should be used for the audit?
A security audit of the systems on a network must be performed to determine their compliance with security policies. Which control should be used for the audit?A . PR.DSB . DE.CMC . RS.MID . ID.AMView AnswerAnswer: A
Match the following components of the Identify Function with their main purpose.
Match the following components of the Identify Function with their main purpose. Component Asset Inventory Risk Assessment Classification Controls Business Impact Analysis Purpose A) Listing and updating assets needing cybersecurity B) Determining likelihood and impact of cybersecurity risks C) Categorizing assets based on criticality D) Identifying essential business functions for...
Match each Respond Function component with its primary purpose.
Match each Respond Function component with its primary purpose. Component Containment Communications Plan Incident Analysis After-Action Review Purpose A) Limiting the spread of the incident B) Guidelines for internal and external updates C) Identifying the root cause of the incident D) Evaluating response effectivenessA . Containment - A Communications Plan...
A key consideration in implementing a Disaster Recovery Plan (DRP) is the __________, which defines how quickly systems need to be restored.
A key consideration in implementing a Disaster Recovery Plan (DRP) is the __________, which defines how quickly systems need to be restored.A . Recovery Time Objective (RTO)B . Business Impact Assessment (BIA)C . Cyber Resilience ProtocolD . Security Control EvaluationView AnswerAnswer: A
Which of the following is NOT one of the five core functions of the NIST Cybersecurity Framework?
Which of the following is NOT one of the five core functions of the NIST Cybersecurity Framework?A . ProtectB . DetectC . ValidateD . IdentifyView AnswerAnswer: C
Which Respond Function subcategories are directly addressed in this response?
A retail company experiences a data breach affecting customer records. The Incident Response Plan calls for immediate containment and communication with affected customers. Which Respond Function subcategories are directly addressed in this response?A . Detection and AnalysisB . Containment and CommunicationC . Recovery and DocumentationD . Risk Assessment and TrainingView...
The __________ component of the Respond Function involves ensuring that all affected parties, both internal and external, receive timely updates during an incident.
The __________ component of the Respond Function involves ensuring that all affected parties, both internal and external, receive timely updates during an incident.A . Communications PlanB . Recovery StrategyC . Incident AnalysisD . Continuous MonitoringView AnswerAnswer: A
What is part of the Pre-Recovery phase?
What is part of the Pre-Recovery phase?A . Backup validationB . Validate functionalityC . Restore assetsD . Monitor assetsView AnswerAnswer: B
Which of the following best describes the purpose of the Detect Function within the NIST Cybersecurity Framework?
Which of the following best describes the purpose of the Detect Function within the NIST Cybersecurity Framework?A . To identify potential security incidentsB . To develop disaster recovery plansC . To create security awareness among employeesD . To restrict access to critical systemsView AnswerAnswer: A
What is the purpose of a baseline assessment?
What is the purpose of a baseline assessment?A . Enhance data integrityB . Determine costsC . Reduce deployment timeD . Determine riskView AnswerAnswer: D
