Module 1

Question 1

what are the NIST CSF (cybersecurity framework) tiers?

Answer 1

tier 1 -Partial
Tier 2 - risk informed
tier 3 - Repeatable
tier 4 - Adaptable

Question 2

list the 2 NIST profiles and describe them

Answer 2

current profile - “as is “ state of system cybersecurity

Target profile - the desired outcome “to be” state of cybersecurity

Question 3

what could you gain by comparing current profile with target profile

Answer 3

gaps in your cybersecurity that need to be addressed

Question 4

NIST cybersecurity framework Tier 3 explain

Answer 4

Repeatable -

• – risk management practices are formally approved and expressed as policy
• – cybersecurity practices are regularly updated based on risk management processes and changing threat landscape
• – organization-wide approach to manage cybersecurity
• – risk informed policies, processes, and procedures are defined implemented as intended and reviewed.
• –senior executives ensure consideration of cybersecurity through all lines of operation
• – the organization understands its role, dependencies, and dependents in the larger ecosystem.

Question 5

NIST cybersecurity framework tier 4, explain

Answer 5

Adaptive -

• – Risk Management process
• – org adapts its cyvbersecrui9ty practices based on previous and current cybersecurity activities, including lessons learned and predictive indicators
• – organization actively adapts to a changing threat and technology landscape and response in a timely and effective manner.
• – integrated risk management -
• – organization wide approach to managing cybersecurity risk that uses risk-informed policies, processes, and procedures to address potential cybersecurity events.

Question 6

what are the 4 NIST framework core elements

Answer 6

Functions
Categories
subcategories
Informative References

Question 7

explain the role of functions within the NIST framework

Answer 7

Functions - organize basic cyber security activities at their highest level

Question 8

explain the role of categories within the NIST framework

Answer 8

categories - are the subdivisions of a function into groups of cybersecurity outcomes closely tied to programmatic needs and particular activities

Question 9

what is: further divide a category into specific outcomes of technical and/or management activities

1. function
2. category
3. sub-category
4. informative references

Answer 9

subcategories

Question 10

explain the role of informational references within the NIST framework

Answer 10

informative references - are specific sections of standards, guidelines, and practices common among critical infrastructure associated with each subcategory

Question 11

what are the 5 functions in the NIST cybersecurity framework

Answer 11

1. Identify
2. protect
3. detect - in a timely manner… 72hrs or less per GDPR
4. respond
5. recover

Question 12

what NIST Cybersecurity framework function would this describe:
develop an organizational understanding to manage cybersecurity risk to system, people, assets, data and capabilities

Answer 12

1. Identify

Question 13

what NIST cybersecurity framework function would be: develop and implement appropriate safeguards to ensure deliver of critical infrastructure services

Answer 13

2. Protect

Question 14

what NIST Cybersecurity Framework function would be defined as:
Develop and implement appropriate activities to identify the occurrence of a cybersecurity event

Answer 14

3. Detect

Question 15

what cybersecurity framework function would be: develop and implement appropriate activities to take action regarding a detected cybersecurity incident

Answer 15

4. Respond

Question 16

what NIST CSF function would be: develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to the cybersecurity incident

Answer 16

5. Recovery

Question 17

list the 4 NIST framework core features

Answer 17

1, functions

2. categories
3. subcategories
4. informative references

Question 18

what function would these categories belong to?
asset management
business environment
governance 
risk assessment
risk management strategy
supply chain risk management

Answer 18

Identity

Question 19

what function would these categories belong to?
identify management and access control
awareness training
data security
information protection processes and procedures
maintenance
protective technology

Answer 19

Protect

Question 20

what function would these categories belong to?
anomalies and events
security continuous monitoring
detection processes

Answer 20

Detect

Question 21

what function would these categories belong to?
response planning
communications
analysis
mitigation 
improvements

Answer 21

Respond

Question 22

what function would these categories belong to?
recovery planning
improvements
communication

Answer 22

Recover

Question 23

who controls the CMMC 2.0 model?

Answer 23

DoD

Question 24

security incident response lifecycle includes these four areas

Answer 24

1. Preparation
2. detection and analysis
3. containment, eradication & recovery
4. post incident activity

Question 25

what clause/section in the ISO 27001 standard addresses encryption

Answer 25

cryptography

Question 26

what is the purpose of the NIST cybersecurity framework

Answer 26

to help organizations understand their cybersecurity risks and how to reduce risks with customized measures

Question 27

define federal contract information (FCI)

Answer 27

information, not intended for public release, provided by or generated for the government under a contract to develop or deliver a product or service to the government

Question 28

4 steps in Incident security

Answer 28

1. Preparation 2. detection and analysis 3. containment, eradication, and recovery 4. post-incident activity

Question 29

this NIST publication is titled "guide to storage encryption technologies for end user devices" and describes valid encryption processes for data at rest

Answer 29

NIST publication 800-111

Question 30

when NIST cybersecurity framework moved from 1.1 to 1.2 what was added under Identify

Answer 30

supply chain risk management

Question 31

NIST cybersecurity framework how many functions, categories and sub-categories

Answer 31

``` functions = 5 categories = 23 sub-categories = 108 ```

Question 32

NIST cybersecurity framework how many tiers and profiles

Answer 32

``` tiers = 4 profiles = 2 ```

Question 33

additional definition to NIST profile

Answer 33

a framework profile represents the outcomes based on the business needs an organization has selected from the framework categories and subcategories

Question 34

define tier 3 - repeatable

Answer 34

repeatable processes are in place to counter threats. formal risk-management processes and clearly defined security policies - cybersecurity practices are regularly updated - organization wide approach

Question 35

define the NIST tier 4 - adaptable

Answer 35

continuous improvements and adaptation - regularly conduct risk assessments and adapt security policies and procedures to counter the latest threats - advanced analytics and best practices - organization wide approach - actively adapts to a changing threat and technology landscape

Question 36

define the NIST tier 2 - risk informed

Answer 36

risk management practices are approved by management - might not be an organization wide policy on risk management - key stakeholders are aware of the main risks - few controls and policies in place

Question 37

define the NIST tier 1 - partial

Answer 37

lowest tier, cybersecurity risk management has not been formalized and documented - threats are encountered on an ad hoc basis - the organization does not understand its role in the larger ecosystem - limited cybersecurity awareness

Question 38

A framework implementation tier is a rating that provides what?

Answer 38

context on how an organization views cybersecurity risks and the processes they have in place to mange that risk

Question 39

CMMC 2.0 level 1 is focused on what

Answer 39

federal contract information (FCI)

Question 40

preservation is defined as

Answer 40

process to maintain and safeguard the integrity and original condition of potential evidence

Question 41

a framework implementation tier is a rating that provides what

Answer 41

context on how an organization views cybersecurity risk and the processes they have in place to manage that risks

Question 42

what is CMMC level 1 focus on

Answer 42

FCI (federal contract information)

Question 43

what is CMMC level 2 focus on

Answer 43

CUI (controlled unclassified information)

Question 44

what NIST CSF function would be: develop the organization understanding to manage cybersecurity risk to system , assets, data and capabilities

Answer 44

1. identify

Question 45

what NIST CSF function would be: develop and implement the appropriate safeguards to ensure deliver of critical infrastructure services

Answer 45

2. Protect

Question 46

what NIST CSF function would be: develop and implement the appropriate activities to take action regarding a detected cybersecurity event

Answer 46

4. Respond

Question 47

what NIST CSF function would be: Develop and implement that appropriate activities to maintain plan for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event

Answer 47

5: Recover

Question 48

what function would have the following categories: recovery planning improvements communication

Answer 48

5. Recover