Your organization has tasked you with collecting information on all the data, personnel, devices, systems, and facilities that enable the organization to achieve its business purposes.
Which part of the NIST Cybersecurity Framework would you consult first?
Answer : D
Reference:
https://www.phe.gov/Preparedness/planning/405d/Documents/resources-templates-508.pdf
(27)
What is concerned with availability, reliability, and recoverability of business processes and functions?
Answer : B
A security engineer is responsible for monitoring company software, firmware, system OS, and applications for known vulnerabilities. How should they stay current on exploits and information security?
Answer : D
DRAG DROP -
Match the security event to its description.
Select and Place:
Answer :
The project manager of a data center has a budget of $1,500,000 to install critical infrastructure systems. The project will take 24 months to complete.
The project manager is working with the project management team, security experts, and stakeholders to identify cyber risks. After reviewing the project plan, the
CIO wants to know why so many risk identification meetings are requested.
What a valid reason for the repeated risk identification meetings?
Answer : B
A company suffers a data breach and determines that the threat actors stole or compromised 10,000 user profiles. The company had planned for such a breach and determined the loss would be around $2 million. Soon after restoration, the company stock suffered a 30% drop and the loss was nearly $20 million. In addition, the company received negative press.
Which area of risk did the business forget to account for?
Answer : A
A company implemented an intrusion detection system. They notice the system generates a very large number of false alarms.
What steps should the company take to rectify this situation?
Answer : A
Assume that a DDoS attack has been occurring for 72 minutes. What determines who talks to external stakeholders?
Answer : B
What is considered outside the scope of a BIA?
Answer : B
What are the five functions of the NIST Framework Core?
Answer : A
Reference -
https://www.nist.gov/cyberframework/online-learning/five-functions
Which NIST Cybersecurity Framework category ensures that organizational communication and data flows are mapped?
Answer : A
Reference -
https://1path.com/blog/overview-of-the-nist-cybersecurity-framework/
The Backup Recovery Plan is dependent on what effort?
Answer : B
Reference -
https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-34r1.pdf
What must be done before returning a compromised laptop to normal operations in the environment?
Answer : C
An incident has occurred. You restore backups onto mission/business critical assets. After restoration of the backups your services are still inaccessible on numerous assets.
What could be the cause of the issue?
Answer : B
A new employee is starting work at your company. When should they be informed of the company"™s security policy?
Answer : D
Have any questions or issues ? Please dont hesitate to contact us