What does a CSF Informative Reference within the CSF Core provide?
Answer(s): C
A CSF Informative Reference within the CSF Core provides a citation to a related activity from another standard or guideline that can help an organization achieve the outcome described in a CSF Subcategory12. For example, the Informative Reference for ID.AM-1 (Physical devices and systems within the organization are inventoried) is COBIT 5 APO01.01, which states "Maintain an inventory ofIT assets"3.
1: InformativeWhat are they, and how are they used? | NIST 2: Everything to Know About NIST CSF Informative Reference | Axio 3: NIST Cybersecurity Framework v1.1 - CSF Tools- Identity Digital
Analysis is one of the categories within which of the following Core Functions?
Answer(s): A
Analysis is one of the six categories within the Detect function of the NIST Cybersecurity Framework. The Analysis category aims to identify the occurrence of a cybersecurity event by performing data aggregation, correlation, and analysis12.
1: The Five Functions | NIST 2: Cybersecurity Framework Components | NIST
Which of the following is associated with the "Detect" core function of the NIST Cybersecurity Framework?
Answer(s): B
Anomalies and Events is one of the six categories within the Detect function of the NISTCybersecurity Framework. The Anomalies and Events category aims to ensure that anomalous activity is detected in a timely manner and the potential impact of events is understood12.
1: The Five Functions | NIST 2: Detect | NIST
Within the CSF Core structure, which type of capability can be implemented to help practitioners recognize potential or realized risk to enterprise assets?
The Detection capability is the type of capability within the CSF Core structure that can help practitioners recognize potential or realized risk to enterprise assets. The Detection capability consists of six categories that enable timely discovery of cybersecurity events, such as Anomalies and Events, Security Continuous Monitoring, and Detection Processes12.
1: The Five Functions | NIST 2: Cybersecurity Framework | NIST
The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate which of the following?
The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate their cybersecurity posture, which is the alignment of their cybersecurity activities and outcomes with their business objectives and risk appetite12. The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe the degree of rigor, integration, and collaboration of the organization's cybersecurity risk management practices12.
1: Cybersecurity Framework Components | NIST 2: Cybersecurity Framework FAQs Framework Components | NIST
Share your comments for ISACA NIST-COBIT-2019 exam with other users:
Finally got a change to write this exam and pass it! Valid and accurate!
Upload this exam please!
Thank you for providing these questions. It helped me a lot with passing my exam.
my first attempt
very explainable
i think answer of q 462 is variance analysis
hi i need see questions
best study material for exam
very interesting repository
american history 1
good level of questions
i need this dump kindly upload it
do we need c# coding to be az204 certified
excellent topics covered
are these really financial cloud questions and answers, seems these are basic admin question and answers
are these comments real
please upload the latest dumps
a company runs its workloads on premises. the company wants to forecast the cost of running a large application on aws. which aws service or tool can the company use to obtain this information? pricing calculator ... the aws pricing calculator is primarily used for estimating future costs
looks interesting
thanks! that’s amazing
the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
q 14 should be dmz sever1 and notepad.exe why does note pad have a 443 connection
question # 108, correct answers are business growth and risk reduction.
are these valid chfi questions
question: 162 should be dlp (b)
good exam questions
I have to say this is really close to real exam. Passed my exam with this.
good analytics question
this looks accurate
question 46, the answer should be data "virtualization" (not visualization).
its useful.
Pass this exam 3 days ago. The PDF version and the Xengine App is quite useful.
informative for me.
question 134s answer shoule be "dlp"
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your NIST-COBIT-2019, please sign in or create a free account.