CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. NIST-COBIT-2019

Free NIST-COBIT-2019 Exam Braindumps (page: 2)

Page 1 of 14
PDF with 50 Questions

Which of the following is a framework principle established by NIST as an initial framework consideration?

  1. Avoiding business risks
  2. Impact on global operations
  3. Ensuring regulatory compliance

Answer(s): C

Explanation:

One of the framework principles established by NIST is to ensure that the framework is consistent and aligned with existing regulatory and legal requirements that are relevant to cybersecurity12.


Reference:

1: Cybersecurity Framework | NIST 2: Framework Documents | NIST



Which role will benefit MOST from a better understanding of the current cybersecurity posture by applying the CSF?

  1. Executives
  2. Acquisition specialists
  3. Legal experts

Answer(s): A

Explanation:

Executives are the role that will benefit most from a better understanding of the current cybersecurity posture by applying the CSF. This is because executives are responsible for setting the strategic direction, objectives, and priorities for the organization, as well as overseeing the allocation of resources and the management of risks1. By applying the CSF, executives can gain a comprehensive and consistent view of the cybersecurity risks and capabilities of the organization, and align them with the business goals and requirements2. The CSF can also help executives communicate and collaborate with other stakeholders, such as regulators, customers, suppliers, and partners, on cybersecurity issues3.


Reference:

1: Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 2:
Cybersecurity Framework | NIST 3: Framework Documents | NIST



When coordinating framework implementation, the business/process level collaborates with the implementation/operations level to:

  1. develop the risk management framework.
  2. assess changes in current and future risks.
  3. create the framework profile.

Answer(s): B

Explanation:

According to the TM Forum's Business Process Framework (eTOM), the business/process level is responsible for defining the business strategy, objectives, and requirements, as well as monitoring and controlling the performance and quality of the processes1. The implementation/operations level is responsible for designing, developing, and executing the processes that deliver and support the services1.
When coordinating framework implementation, these two levels collaborate to assess changes in current and future risks, such as market trends, customer expectations, regulatory compliance, security threats, and operational issues2. This helps them to align the processes with the business goals and outcomes, and to identify and mitigate any potential gaps or challenges3.


Reference:

1: Process Framework (eTOM) - TM Forum 2: Implement Dynamics 365 with a process- focused approach 3: Operations Management Implementation - Smarter Solutions, Inc.



Which of the following COBIT 2019 governance principles corresponds to the CSF application stating that CSF profiles support flexibility in content and structure?

  1. A governance system should be customized to the enterprise needs, using a set of design factors as parameters.
  2. A governance system should focus primarily on the enterprise's IT function and information processing.
  3. A governance system should clearly distinguish between governance and management activities and structures.

Answer(s): A

Explanation:

This principle corresponds to the CSF application stating that CSF profiles support flexibility in content and structure, because both emphasize the need for tailoring the governance system to the specific context and requirements of the enterprise12. The CSF profiles are based on the enterprise's business drivers, risk appetite, and current and target cybersecurity posture3. The COBIT 2019 design factors are a set of parameters that influence the design and operation of the governance system, such as enterprise strategy, size, culture, and regulatory environment4.


Reference:

1: COBIT | Control Objectives for Information Technologies | ISACA 2: COBIT 2019 Framework ­ ITSM Docs - ITSM Documents & Templates 3: Framework Documents | NIST 4:
Introduction to COBIT Principles - Testprep Training Tutorials






Post your Comments and Discuss ISACA NIST-COBIT-2019 exam with other Community members:

NIST-COBIT-2019 Exam Discussions & Posts