D-CSF-SC-01 Exam Questions

Which of the following are components of the Protect Function in the NIST Framework? (Select two)

The COBIT 2019 framework provides guidance on establishing governance structures to ensure that ___ align with the organization's strategic goals.

What is a result of an incomplete organizational asset identification process?

An incident has occurred. You restore backups onto mission/business critical assets. After restoration of the backups your services are still inaccessible on numerous assets. What...

Which of the following is the most important first step when starting a cybersecurity framework implementation in alignment with COBIT 2019?

After a ransomware attack, an organization's IT team begins restoring systems and recovering data using cloud backups. Which Recover Function subcategory does this activity best al...

What are the five functions of the NIST Framework Core?

Which NIST Cybersecurity Framework function helps organizations restore normal operations after a cybersecurity incident?

How does the COBIT 2019 framework support the implementation of the NIST Cybersecurity Framework?

A company failed to detect a breach of their production system. The breach originated from a legacy system that was originally thought to be decommissioned. It turned out that syst...

The primary purpose of a Communications Plan within the Respond Function is to:

In accordance with PR.MA, an organization has just truncated all log files that are more than 12 months old. This has freed up 25 TB per logging server. What must be updated once t...

What specifically addresses cyber-attacks against an organization's IT systems?

You need to review your current security baseline policy for your company and determine which security controls need to be applied to the baseline and what changes have occurred si...

The information security manager for a major web based retailer has determined that the product catalog database is corrupt. The business can still accept orders online but the pro...

Which element is essential in the Protect Function to ensure systems remain secure and maintain operational integrity?

The ___ function in the NIST Cybersecurity Framework aims to mitigate the consequences of a cybersecurity incident.

A financial institution has deployed Intrusion Detection Systems (IDS) to monitor network traffic for unusual activity. This aligns with which Detect Function subcategory?

What is the purpose of the Identify function in the NIST Cybersecurity Framework?

You have completed a review of your current security baseline policy. In order to minimize financial, legal, and reputational damage, the baseline configuration requires that infra...

What constitutes the main objectives of the Recovery function?

The CSIRT team is following the existing recovery plans on non-production systems in a PRE- BREACH scenario. This action is being executed in which function?

The ___ core function in the NIST Cybersecurity Framework focuses on identifying cybersecurity events in a timely manner.

One of the key categories in the Cybersecurity Framework is ___, which focuses on protecting critical infrastructure services.

An Internet-connected file server compromised by a threat that leaked all data. The data was destroyed to cover all tracks. The file server has high availability capabilities to ha...

What term refers to a partially equipped, environmentally conditioned work space used to relocate operations in the event of a significant disruption?

A company opened eight new offices. To save money, the CFO outsourced support of the eight offices to a 3rd party IT group. In a rushed demand that was out of process, local admin...

What is the function of the "Identify" core in the NIST Cybersecurity Framework?

What supports an organization in making risk management decisions to address their security posture in real time?

The project manager of a data center has a budget of $1,500,000 to install critical infrastructure systems. The project will take 24 months to complete. The project manager is work...

What is the key purpose of the "Profile" component in the NIST Cybersecurity Framework?

In the NIST Identify Function, what is the main purpose of maintaining an asset inventory?

Which of the following is a primary goal of COBIT 2019 when implementing the NIST Cybersecurity Framework?

Within the Identify Function, the Business Impact Analysis helps determine ___________ in case of a cybersecurity incident.

What three steps are required to complete a Business Impact Analysis?

What is the purpose of the Asset Management category?

Which of the following is NOT a component of the NIST Cybersecurity Framework?

What is highlighted by the Cyber Resilient Lifecycle?

What corporate strategy is used to guide efforts after a catastrophic event and is implemented to ensure the return to normal business activity?

The structure of the NIST Cybersecurity Framework is built around how many core functions?

A company suffers a data breach and determines that the threat actors stole or compromised 10,000 user profiles. The company had planned for such a breach and determined the loss w...

What type of system processes information, the loss of which would have a debilitating impact to an organization?

A small company is just beginning to adopt the NIST Cybersecurity Framework. They are reviewing their processes and categorizing their data and infrastructure according to their im...

What helps an organization compare an "as-is, to-be" document and identify opportunities for improving cybersecurity posture useful for capturing organizational baselines of today...

The warranty on your organization's air conditioning system has expired. No alert was sent to anyone within the organization. During an extended number of days of record heat, the...

What should be inventoried within an organization using an asset inventory software application?

What is concerned with availability, reliability, and recoverability of business processes and functions?

What must be included in the CMDB?

Which type of risk has the potential for the largest monetary impact to an organization?

The ___ function in the NIST Cybersecurity Framework involves creating policies and controls to safeguard assets.