NIST-COBIT-2019 ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019 Free Demo Questions – Try Before You Buy

Question 1

When aligning to the NIST Cybersecurity Framework, what should occur after tier levels and framework core outcomes are determined?

A

Report discovered issues to senior management.

B

Assign mitigating control development.

C

Compare current and target profiles.

Correct Answer: C

Explanation:

According to the NIST Cybersecurity Framework, after determining the tier levels and framework core outcomes, the next step is to compare the current and target profiles, which describe the organization’s current and desired cybersecurity posture based on the framework core functions, categories, and subcategories 1 . This comparison helps to identify the gaps and prioritize the actions for improvement 2 .
References Cybersecurity Framework Components | NIST What is the NIST Cybersecurity Framework? | IBM

Question 2

Analysis is one of the categories within which of the following Core Functions?

A

Detect

B

Respond

C

Recover

Correct Answer: B

Explanation:

Anomalies and Events is one of the six categories within the Detect function of the NIST Cybersecurity Framework. The Anomalies and Events category aims to ensure that anomalous activity is detected in a timely manner and the potential impact of events is understood 1 2 .
References: 1 : The Five Functions | NIST 2 : Detect | NIST

Question 3

During CSF implementation, when is an information security manager MOST likely to identify key enterprise and supporting alignment goals as
previously understood?

A

CSF Steps 5: Create a Target Profile and 6: Determine, Analyze, and Prioritize Gaps

B

CSF Step 1: Prioritize and Scope

C

CSF Steps 2: Orient and 3: Create a Current Profile

Correct Answer: B

Explanation:

This CSF step corresponds to the COBIT objective of knowledge and understanding of enterprise goals, because it involves identifying the business drivers, mission, objectives, and risk appetite of the organization, as well as the scope and boundaries of the cybersecurity program 1 2 . This step helps to ensure that the cybersecurity activities and outcomes are aligned with the enterprise goals and strategy 3 4 .

References: 1 : Cybersecurity Framework Components | NIST 2 : Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 3 : COBIT 2019 Design and Implementation COBIT Implementation 4 : COBIT® 2019 Foundation | Skillsoft Global Knowledge

Demo ISACA NIST-COBIT-2019 Exam Questions

When aligning to the NIST Cybersecurity Framework, what should occur after tier levels and framework core outcomes are determined?

Report discovered issues to senior management.

Assign mitigating control development.

Compare current and target profiles.

Correct Answer: C

Analysis is one of the categories within which of the following Core Functions?

Detect

Respond

Recover

Correct Answer: B

During CSF implementation, when is an information security manager MOST likely to identify key enterprise and supporting alignment goals as
previously understood?

CSF Steps 5: Create a Target Profile and 6: Determine, Analyze, and Prioritize Gaps

CSF Step 1: Prioritize and Scope

CSF Steps 2: Orient and 3: Create a Current Profile

Correct Answer: B

References: 1 : Cybersecurity Framework Components | NIST 2 : Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 3 : COBIT 2019 Design and Implementation COBIT Implementation 4 : COBIT® 2019 Foundation | Skillsoft Global Knowledge

Demo Practice Mode

Demo ISACA NIST-COBIT-2019 Exam Questions

When aligning to the NIST Cybersecurity Framework, what should occur after tier levels and framework core outcomes are determined?

Report discovered issues to senior management.

Assign mitigating control development.

Compare current and target profiles.

Correct Answer: C

Analysis is one of the categories within which of the following Core Functions?

Detect

Respond

Recover

Correct Answer: B

During CSF implementation, when is an information security manager MOST likely to identify key enterprise and supporting alignment goals aspreviously understood?

CSF Steps 5: Create a Target Profile and 6: Determine, Analyze, and Prioritize Gaps

CSF Step 1: Prioritize and Scope

CSF Steps 2: Orient and 3: Create a Current Profile

Correct Answer: B

References: 1 : Cybersecurity Framework Components | NIST 2 : Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 3 : COBIT 2019 Design and Implementation COBIT Implementation 4 : COBIT® 2019 Foundation | Skillsoft Global Knowledge

Demo Practice Mode

During CSF implementation, when is an information security manager MOST likely to identify key enterprise and supporting alignment goals as
previously understood?