The "recover" function of the NISI cybersecurity framework is concerned with:
Correct Answer: A
Explanation:
The “recover” function of the NIST cybersecurity framework is concerned with planning for resilience
and timely repair of compromised capacities and service. This is because the recover function helps
organizations to restore normal operations as quickly as possible after a cybersecurity incident, while
also learning from the incident and improving their security posture. The other options are not part of
the recover function, but rather belong to the identify (B), respond C, or protect (D) functions.
Question 2
Which of the following backup procedure would only copy files that have changed since the last backup was made?
Correct Answer: A
Explanation:
The backup procedure that would only copy files that have changed since the last backup was made is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup helps to reduce the backup time and storage space, as well as the recovery time, as only the changed files need to be restored. The other options are not backup procedures that would only copy files that have changed since the last backup was made, but rather different types of backup procedures that copy files based on different criteria, such as daily backup (B), differential backup C, or full backup (D).
Question 3
Which of the following provides an early signal of increasing risk exposures for an organization?
Correct Answer: C
Explanation:
Key risk indicators (KRIs) are metrics that can provide an early signal of increasing risk exposures for an organization. KRIs are designed to measure and predict potential losses, and they help in identifying trends that could lead to future risks. They are different from Key Performance Indicators (KPIs), which measure the performance related to the achievement of strategic goals. KRIs, on the other hand, are specifically focused on risk and are used to monitor changes in the level of risk exposure. References: The information is supported by ISACA’s resources, which state that KRIs with thresholds and corresponding trigger actions can enable companies to gain visibility into risks before they occur. These metrics best position enterprises to deal with substantial cyber risks associated with digital transformation and implementing emerging technologies 1 .
Demo Practice Mode
You are viewing only the questions marked as Demo.