Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. NIST-COBIT-2019

ISACA NIST-COBIT-2019 Exam (page: 2)
ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019
Updated on: 12-Feb-2026

Viewing Page 2 of 11
NIST-COBIT-2019 PDF 50 Questions

What does a CSF Informative Reference within the CSF Core provide?

  1. A high-level strategic view of the life cycle of an organization's management of cybersecurity risk
  2. A group of cybersecurity outcomes tied to programmatic needs and particular activities
  3. Specific sections of standards, guidelines, and practices that illustrate a method to achieve an associated outcome

Answer(s): C

Explanation:

A CSF Informative Reference within the CSF Core provides a citation to a related activity from another standard or guideline that can help an organization achieve the outcome described in a CSF Subcategory12. For example, the Informative Reference for ID.AM-1 (Physical devices and systems within the organization are inventoried) is COBIT 5 APO01.01, which states "Maintain an inventory of

IT assets"3.


Reference:

1: Informative

What are they, and how are they used? | NIST 2: Everything to Know About NIST CSF Informative Reference | Axio 3: NIST Cybersecurity Framework v1.1 - CSF Tools
- Identity Digital



Analysis is one of the categories within which of the following Core Functions?

  1. Detect
  2. Respond
  3. Recover

Answer(s): A

Explanation:

Analysis is one of the six categories within the Detect function of the NIST Cybersecurity Framework. The Analysis category aims to identify the occurrence of a cybersecurity event by performing data aggregation, correlation, and analysis12.


Reference:

1: The Five Functions | NIST 2: Cybersecurity Framework Components | NIST



Which of the following is associated with the "Detect" core function of the NIST Cybersecurity Framework?

  1. Information Protection Processes and Procedures
  2. Anomalies and Events
  3. Risk Assessment

Answer(s): B

Explanation:

Anomalies and Events is one of the six categories within the Detect function of the NIST

Cybersecurity Framework. The Anomalies and Events category aims to ensure that anomalous activity is detected in a timely manner and the potential impact of events is understood12.


Reference:

1: The Five Functions | NIST 2: Detect | NIST



Within the CSF Core structure, which type of capability can be implemented to help practitioners recognize potential or realized risk to enterprise assets?

  1. Protection capability
  2. Response capability
  3. Detection capability

Answer(s): C

Explanation:

The Detection capability is the type of capability within the CSF Core structure that can help practitioners recognize potential or realized risk to enterprise assets. The Detection capability consists of six categories that enable timely discovery of cybersecurity events, such as Anomalies and Events, Security Continuous Monitoring, and Detection Processes12.


Reference:

1: The Five Functions | NIST 2: Cybersecurity Framework | NIST



The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate which of the following?

  1. Cybersecurity posture
  2. Cybersecurity threats
  3. Cybersecurity landscape

Answer(s): A

Explanation:

The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate their cybersecurity posture, which is the alignment of their cybersecurity activities and outcomes with their business objectives and risk appetite12. The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe the degree of rigor, integration, and collaboration of the organization's cybersecurity risk management practices12.


Reference:

1: Cybersecurity Framework Components | NIST 2: Cybersecurity Framework FAQs Framework Components | NIST



Viewing Page 2 of 11



Share your comments for ISACA NIST-COBIT-2019 exam with other users:

Jaro 12/18/2023 3:12:00 PM

i think in question 7 the first answer should be power bi portal (not power bi)
Anonymous


9eagles 4/7/2023 10:04:00 AM

on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous


Tai 8/28/2023 5:28:00 AM

wonderful material
SOUTH AFRICA


VoiceofMidnight 12/29/2023 4:48:00 PM

i passed!! ...but barely! got 728, but needed 720 to pass. the exam hit me with labs right out of the gate! then it went to multiple choice. protip: study the labs!
UNITED STATES


A K 8/3/2023 11:56:00 AM

correct answer for question 92 is c -aws shield
Anonymous


Nitin Mindhe 11/27/2023 6:12:00 AM

great !! it is really good
IRELAND


BailleyOne 11/22/2023 1:45:00 AM

explanations for the answers are to the point.
Anonymous


patel 10/25/2023 8:17:00 AM

how can rea next
INDIA


MortonG 10/19/2023 6:32:00 PM

question: 128 d is the wrong answer...should be c
EUROPEAN UNION


Jayant 11/2/2023 3:15:00 AM

thanks for az 700 dumps
Anonymous


Bipul Mishra 12/14/2023 7:12:00 AM

thank you for this tableau dumps . it will helpfull for tableau certification
UNITED STATES


hello 10/31/2023 12:07:00 PM

good content
Anonymous


Matheus 9/3/2023 2:14:00 PM

just testing if the comments are real
UNITED STATES


yenvti2@gmail.com 8/12/2023 7:56:00 PM

very helpful for exam preparation
Anonymous


Miguel 10/5/2023 12:16:00 PM

question 11: https://help.salesforce.com/s/articleview?id=sf.admin_lead_to_patient_setup_overview.htm&type=5
SPAIN


Noushin 11/28/2023 4:52:00 PM

i think the answer to question 42 is b not c
CANADA


susan sandivore 8/28/2023 1:00:00 AM

thanks for the dump
Anonymous


Aderonke 10/31/2023 12:51:00 AM

fantastic assessments
Anonymous


Priscila 7/22/2022 9:59:00 AM

i find the xengine test engine simulator to be more fun than reading from pdf.
GERMANY


suresh 12/16/2023 10:54:00 PM

nice document
Anonymous


Wali 6/4/2023 10:07:00 PM

thank you for making the questions and answers intractive and selectable.
UNITED STATES


Nawaz 7/18/2023 1:10:00 AM

answers are correct?
UNITED STATES


das 6/23/2023 7:57:00 AM

can i belive this dump
INDIA


Sanjay 10/15/2023 1:34:00 PM

great site to practice for sitecore exam
INDIA


jaya 12/17/2023 8:36:00 AM

good for students
UNITED STATES


Bsmaind 8/20/2023 9:23:00 AM

nice practice dumps
Anonymous


kumar 11/15/2023 11:24:00 AM

nokia 4a0-114 dumps
Anonymous


Vetri 10/3/2023 12:59:00 AM

great content and wonderful to have the answers with explanation
UNITED STATES


Ranjith 8/21/2023 3:39:00 PM

for question #118, the answer is option c. the screen shot is showing the drop down, but the answer is marked incorrectly please update . thanks for sharing such nice questions.
Anonymous


Eduardo Ramírez 12/11/2023 9:55:00 PM

the correct answer for the question 29 is d.
Anonymous


Dass 11/2/2023 7:43:00 AM

question no 22: correct answers: bc, 1 per session 1 per page 1 per component always
UNITED STATES


Reddy 12/14/2023 2:42:00 AM

these are pretty useful
Anonymous


Daisy Delgado 1/9/2023 1:05:00 PM

awesome
UNITED STATES


Atif 6/13/2023 4:09:00 AM

yes please upload
UNITED STATES