What does a CSF Informative Reference within the CSF Core provide?

NIST-COBIT-2019 0 Comments

What does a CSF Informative Reference within the CSF Core provide?
A . A high-level strategic view of the life cycle of an organization’s management of cybersecurity risk
B . A group of cybersecurity outcomes tied to programmatic needs and particular activities
C . Specific sections of standards, guidelines, and practices that illustrate a method to achieve an associated outcome

Answer: C

Explanation:

A CSF Informative Reference within the CSF Core provides a citation to a related activity from another standard or guideline that can help an organization achieve the outcome described in a CSF Subcategory12. For example, the Informative Reference for ID.AM-1 (Physical devices and systems within the organization are inventoried) is COBIT 5 APO01.01, which states "Maintain an inventory of IT assets"3.

Reference: 1: Informative

Reference: What are they, and how are they used? | NIST 2: Everything to Know About NIST CSF Informative Reference | Axio 3: NIST Cybersecurity Framework v1.1 – CSF Tools – Identity Digital

Latest NIST-COBIT-2019 Dumps Valid Version with 50 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download NIST-COBIT-2019 PDF     NIST-COBIT-2019 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments