What does a CSF Informative Reference within the CSF Core provide?
Answer(s): C
A CSF Informative Reference within the CSF Core provides a citation to a related activity from another standard or guideline that can help an organization achieve the outcome described in a CSF Subcategory12. For example, the Informative Reference for ID.AM-1 (Physical devices and systems within the organization are inventoried) is COBIT 5 APO01.01, which states "Maintain an inventory ofIT assets"3.
1: InformativeWhat are they, and how are they used? | NIST 2: Everything to Know About NIST CSF Informative Reference | Axio 3: NIST Cybersecurity Framework v1.1 - CSF Tools- Identity Digital
Analysis is one of the categories within which of the following Core Functions?
Answer(s): A
Analysis is one of the six categories within the Detect function of the NIST Cybersecurity Framework. The Analysis category aims to identify the occurrence of a cybersecurity event by performing data aggregation, correlation, and analysis12.
1: The Five Functions | NIST 2: Cybersecurity Framework Components | NIST
Which of the following is associated with the "Detect" core function of the NIST Cybersecurity Framework?
Answer(s): B
Anomalies and Events is one of the six categories within the Detect function of the NISTCybersecurity Framework. The Anomalies and Events category aims to ensure that anomalous activity is detected in a timely manner and the potential impact of events is understood12.
1: The Five Functions | NIST 2: Detect | NIST
Within the CSF Core structure, which type of capability can be implemented to help practitioners recognize potential or realized risk to enterprise assets?
The Detection capability is the type of capability within the CSF Core structure that can help practitioners recognize potential or realized risk to enterprise assets. The Detection capability consists of six categories that enable timely discovery of cybersecurity events, such as Anomalies and Events, Security Continuous Monitoring, and Detection Processes12.
1: The Five Functions | NIST 2: Cybersecurity Framework | NIST
The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate which of the following?
The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate their cybersecurity posture, which is the alignment of their cybersecurity activities and outcomes with their business objectives and risk appetite12. The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe the degree of rigor, integration, and collaboration of the organization's cybersecurity risk management practices12.
1: Cybersecurity Framework Components | NIST 2: Cybersecurity Framework FAQs Framework Components | NIST
Share your comments for ISACA NIST-COBIT-2019 exam with other users:
nice document
thank you for making the questions and answers intractive and selectable.
answers are correct?
can i belive this dump
great site to practice for sitecore exam
good for students
nice practice dumps
nokia 4a0-114 dumps
great content and wonderful to have the answers with explanation
for question #118, the answer is option c. the screen shot is showing the drop down, but the answer is marked incorrectly please update . thanks for sharing such nice questions.
the correct answer for the question 29 is d.
question no 22: correct answers: bc, 1 per session 1 per page 1 per component always
these are pretty useful
awesome
yes please upload
great job whoever put this together, for the greater good! thanks!
just started to view all questions for the exam
helpful material
hope for the best
will post exam has finished
really correct and good analyze!
excellent thanks a lot
will post once pass the cka exam
good content
q:32 answer has to be option c
nice questions
i really like the support team in this website. they are fast in communication and very helpful.
a good contemporary exam review
q23, its an array, isnt it? starts with [ and end with ]. its an array of objects, not object.
cool very helpfull
i just passed. this exam dumps is the same one from prepaway and examcollection. it has all the real test questions.
is this a valid prince2 practitioner dumps?
all are relatable questions
might help me to prepare for the exam
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your NIST-COBIT-2019, please sign in or create a free account.