NIST (CSF) Flashcards
(32 cards)
Used to develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.
Identify (ID)
Used by organizations to develop and implement safeguards to ensure delivery of critical services.
Protect (PR)
Used by an organization to develop and implement appropriate activities identify the occurrence of a cybersecurity event.
Detect (DE)
Used by an organization to develop and implement appropriate activities to take action regarding a detected cybersecurity incident.
Respond (RS)
Develops and implements appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impairs due to a cybersecurity incident.
Recover (RC)
Five Functions of Core
Identify
Protect
Detect
Respond
Recover
The identification of data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes.
Asset Management (ID.AM)
Focused on the understanding and prioritization of the organization’s mission, objectives, stakeholders, and activities.
Business Environment (ID.BE)
The policies, procedures, and processes used to manage and monitor the organization’s regulatory, legal, risk, environmental, and operational requirements.
Governance (ID.GV)
Ensure that the organization understands the cybersecurity risk to its organizational operations, organizational assets, and individuals.
Risk Assessment (ID.RA)
Establishing and implementing the processes to identify, assess and manage supply chain risks within modern enterprises and organizations.
Supply Chain Risk Management (ID.SC)
Used to establish the organization’s priorities, constraints risk tolerances, and assumptions in order to support operational risk decisions.
Risk Management Strategy (ID.RM)
Focused on the access to physical and logical assets and associated facilities.
Identity Management Authentication and Access Control. (PR.AC)
Focuses in the organization’s personnel and partners being provided with cybersecurity awareness education to perform cybersecurity duties and responsibilities.
Awareness and Training (PR.AT)
Ensure that security policies, processes, and procedures are maintained and used to mange protection of information systems and assets.
Information Protection Processes and Procedures (PR.IP)
Refers to the consistent management of information and records with organization’s risk strategy to protect the confidentiality, integrity, and availability of the data.
Data Security (PR.DS)
Ensures that maintenance and repairs of industrial control and information system components are performed consistent with policies and procedures.
Maintenance (PR.MA)
Manages technical security solutions to ensure the security and resilience of systems and assets is consistent with related policies, procedures, and agreements.
Protective Technology (PR.PT)
Ensure that anomalous activity is detected and the potential impact of events is understood.
Anomalies and Events (DE.AE)
Ensure that the information system and assets are continually monitored to identify cybersecurity events and verify the effectiveness of protective measures.
Security Continuous Monitoring (DE.CM)
Maintained and tested to ensure that processes and procedures create awareness of anomalous events.
Detection Processes (DE. DP)
Executes and maintains response processes and procedures to ensure appropriate responses to detected cybersecurity incidents.
Response Planning (RS.RP)
Ensure that all response activities are coordinated with internal and external stakeholders.
Communication (RS.CO)
Ensure proper analysis is conducted to ensure effective response and support recovery activities.
Analysis (RS.AN)
