What are the five functions of the NIST Framework Core?
Your organization has tasked you with collecting information on all the data, personnel, devices, systems, and facilities that enable the organization to achieve its business purposes.
Which part of the NIST Cybersecurity Framework would you consult first?
What is the purpose of separation of duties?
Refer to the exhibit.
Your organization’s security team has been working with various business units to understand their business requirements, risk tolerance, and resources used to create a Framework Profile.
Based on the Profile provided, what entries correspond to labels A, B, and C?
Your firewall blocked several machines on your network from connecting to a malicious IP address. After
reviewing the logs, the CSIRT discovers all Microsoft Windows machines on the network have been affected based on a newly published CVE.
Based on the IRP, what should be done immediately?
A new employee is starting work at your company. When should they be informed of the company’s security policy?
What is a consideration when performing data collection in Information Security Continuous Monitoring?
Which mechanism within the NIST Cybersecurity Framework describes a method to capture the current state and define the target state for understanding gaps, exposure, and prioritize changes to mitigate risk?
What contains a predefined set of efforts that describes an organization’s mission/business critical processes, and defines how they will be sustained during and after a significant disruption?
What type of system processes information, the loss of which would have a debilitating impact to an
organization?
TESTED 31 Oct 2025