NIST Cybersecurity Framework (CSF) Overview: Key Concepts and Functions, Exams of Business Administration

A concise overview of the nist cybersecurity framework (csf), privacy framework, and nist security and privacy controls (nist sp 800-53). It outlines the core components of the nist csf, including the framework core, implementation tiers, and profiles. The document details the five key functions of the csf core: identify, protect, detect, respond, and recover, along with their associated categories. It also explains the four tiers of the csf framework and the three types of csf framework profiles: current, target, and gap analysis. Furthermore, the document covers the functions and control implementation approaches of the privacy framework and nist sp 800-53, respectively, offering a structured understanding of these cybersecurity standards and guidelines. Useful for students and professionals in cybersecurity, information technology, and risk management, providing a foundational understanding of key frameworks and controls for managing cybersecurity risks and protecting data.

Typology: Exams

2024/2025

Available from 05/22/2025

locaz-turus-1
locaz-turus-1 🇺🇸

5

(1)

13K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Module 1 ISC CPA Exam
What are the three framework that were created by NIST correct answer - NIST Cybersecurity
framework
- Privacy Framework
- Privacy and Security Controls
The three components used to manage cybersecurity risks in the NIST CSF correct answer 1.
Framework core
2. Framework implementation Tiers
3. Framework profile
The 5 areas of focus for NIST CSF framework core correct answer 1. identify
2. protect
3. detect
4. respond
5. recover
Choose one of the 5 functions based on the categories:
- asset management
- business environment
- governance
- risk assessment
- risk management strategy
- supply chain risk management correct answer identify
Choose one of the 5 functions based on the categories:
- identify management and access control
pf3
pf4
pf5

Partial preview of the text

Download NIST Cybersecurity Framework (CSF) Overview: Key Concepts and Functions and more Exams Business Administration in PDF only on Docsity!

Module 1 ISC CPA Exam

What are the three framework that were created by NIST correct answer - NIST Cybersecurity framework

  • Privacy Framework
  • Privacy and Security Controls The three components used to manage cybersecurity risks in the NIST CSF correct answer 1. Framework core
  1. Framework implementation Tiers
  2. Framework profile The 5 areas of focus for NIST CSF framework core correct answer 1. identify
  3. protect
  4. detect
  5. respond
  6. recover Choose one of the 5 functions based on the categories:
  • asset management
  • business environment
  • governance
  • risk assessment
  • risk management strategy
  • supply chain risk management correct answer identify Choose one of the 5 functions based on the categories:
  • identify management and access control
  • awareness and training
  • data security
  • information protection processes and procedures
  • maintenance
  • protective technology correct answer protect Choose one of the 5 functions based on the categories:
  • anomalies and events
  • security continuous monitoring
  • detection processes correct answer detect Choose one of the 5 functions based on the categories:
  • response planning
  • communications
  • analysis
  • mitigation
  • improvements correct answer response Choose one of the 5 functions based on the categories:
  • recovery planning
  • improvements
  • communications correct answer recover How many tiers are there correct answer 4 What is tier one of CSF framework? correct answer Tier one (Partial)
  1. communicate Choose one of the 3 added functions for privacy framework:
  • governance policies, processes, and procedures
  • awareness and training
  • risk management strategy
  • monitoring review correct answer govern Choose one of the 3 added functions for privacy framework:
  • data processing policies, processes, and procedures
  • data processing management
  • disassociated processing correct answer control Choose one of the 3 added functions for privacy framework:
  • communication policies, processes
  • data processing awareness correct answer communicate Which framework is used for more sophisticated threats? correct answer NIST Security and privacy controls (NIST SP 800-53) Which framework establishes controls for systems and organizations that can be implemented within organizations or systems that process, store, or transmit information correct answer NIST 800- Requires the controls for federal information systems correct answer Office of Management and Budget (OMB) Circular A-

Requires the implementation of minimum controls to protect Federal information and information systems correct answer The federal Information Security Modernization Act (FISMA) How many control families does NIST 800-53 divide into? correct answer 20 What are the three control implementation approaches for NIST SP 800-53 correct answer 1. Common (inheritable)

  1. System-specific
  2. Hybrid Implement controls at the organizational level which are adopted by information systems (part of NIST SP 800-53 Framework) correct answer Common (Inheritable) Implement controls at the information system level (part of NIST SP 800-53 Framework) correct answer System-specific Implement controls at the organization level where appropriate and the remainder at the information system level (part of NIST SP 800-53 Framework) correct answer Hybrid