최신EMC NIST Cybersecurity Framework 2023 - D-CSF-SC-23무료샘플문제
문제1
What constitutes the main objectives of the Recovery function?
What constitutes the main objectives of the Recovery function?
정답: A
문제2
What is highlighted by the Cyber Resilient Lifecycle?
What is highlighted by the Cyber Resilient Lifecycle?
정답: C
문제3
What is the main goal of a gap analysis in the Identify function?
What is the main goal of a gap analysis in the Identify function?
정답: D
문제4
Which NIST Cybersecurity Framework component defines activities and references for a specific cybersecurity approach?
Which NIST Cybersecurity Framework component defines activities and references for a specific cybersecurity approach?
정답: B
문제5
A company suffers a data breach and determines that the threat actors stole or compromised 10,000 user profiles. The company had planned for such a breach and determined the loss would be around $2 million. Soon after restoration, the company stock suffered a 30% drop and the loss was nearly $20 million. In addition, the company received negative press.
Which area of risk did the business forget to account for?
A company suffers a data breach and determines that the threat actors stole or compromised 10,000 user profiles. The company had planned for such a breach and determined the loss would be around $2 million. Soon after restoration, the company stock suffered a 30% drop and the loss was nearly $20 million. In addition, the company received negative press.
Which area of risk did the business forget to account for?
정답: B
문제6
A security audit of the systems on a network must be performed to determine their compliance with security policies.
Which control should be used for the audit?
A security audit of the systems on a network must be performed to determine their compliance with security policies.
Which control should be used for the audit?
정답: C
문제7
What is the primary objective of establishing governance and risk management processes for an organization?
What is the primary objective of establishing governance and risk management processes for an organization?
정답: A
문제8
Your organization has been breached. The attacker has sent an email demanding $100,000 in cryptocurrency in exchange for not dumping all your customer information onto the dark web. Following the RACI Matrix model outlined in your IRP, you have informed all parties, contained the breach, and eradicated the threat.
What needs to be done next?
Your organization has been breached. The attacker has sent an email demanding $100,000 in cryptocurrency in exchange for not dumping all your customer information onto the dark web. Following the RACI Matrix model outlined in your IRP, you have informed all parties, contained the breach, and eradicated the threat.
What needs to be done next?
정답: D