CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. NIST-COBIT-2019

Free NIST-COBIT-2019 Exam Braindumps (page: 4)

Page 3 of 14
PDF with 50 Questions

Within the CSF Core structure, which type of capability can be implemented to help practitioners recognize potential or realized risk to enterprise assets?

  1. Protection capability
  2. Response capability
  3. Detection capability

Answer(s): C

Explanation:

The Detection capability is the type of capability within the CSF Core structure that can help practitioners recognize potential or realized risk to enterprise assets. The Detection capability consists of six categories that enable timely discovery of cybersecurity events, such as Anomalies and Events, Security Continuous Monitoring, and Detection Processes12.


Reference:

1: The Five Functions | NIST 2: Cybersecurity Framework | NIST



The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate which of the following?

  1. Cybersecurity posture
  2. Cybersecurity threats
  3. Cybersecurity landscape

Answer(s): A

Explanation:

The CSF Implementation Tiers distinguish three fundamental dimensions of risk management to help enterprises evaluate their cybersecurity posture, which is the alignment of their cybersecurity activities and outcomes with their business objectives and risk appetite12. The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe the degree of rigor, integration, and collaboration of the organization's cybersecurity risk management practices12.


Reference:

1: Cybersecurity Framework Components | NIST 2: Cybersecurity Framework FAQs Framework Components | NIST



What is the MOST important reason to compare framework profiles?

  1. To improve security posture
  2. To conduct a risk assessment
  3. To identify gaps

Answer(s): C

Explanation:

The most important reason to compare framework profiles is to identify gaps between the current and target state of cybersecurity activities and outcomes, and to prioritize the actions needed to address them12. Framework profiles are the alignment of the functions, categories, and subcategories of the NIST Cybersecurity Framework with the business requirements, risk tolerance, and resources of the organization3. By comparing the current profile (what is being achieved) and the target profile (what is needed), an organization can assess its cybersecurity posture and develop a roadmap for improvement4.


Reference:

1: Cybersecurity Framework Components | NIST 2: Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 3: Examples of Framework Profiles | NIST 4: Connecting COBIT 2019 to the NIST Cybersecurity Framework - ISACA



The goals cascade supports prioritization of management objectives based on:

  1. the prioritization of enterprise goals.
  2. the prioritization of business objectives.
  3. the prioritization of stakeholder needs.

Answer(s): C

Explanation:

The goals cascade is a mechanism that translates the stakeholder needs into specific, actionable, and customized goals at different levels of the enterprise12. The stakeholder needs are the drivers of the governance system and reflect the expectations and requirements of the internal and external parties that have an interest or influence on the enterprise34. The goals cascade supports the prioritization of management objectives based on the stakeholder needs, as well as the alignment of the enterprise goals, the alignment goals, and the governance and management objectives12.


Reference:

1: COBIT 2019 Goals Cascade: A Blueprint for Success 2: COBIT 2019 Framework ­ ITSM Docs - ITSM Documents & Templates 3: COBIT | Control Objectives for Information Technologies | ISACA 4: Aligning IT goals using the COBIT5 Goals Cascade






Post your Comments and Discuss ISACA NIST-COBIT-2019 exam with other Community members:

NIST-COBIT-2019 Exam Discussions & Posts