NIST CSF Chapter 4 Quiz Questions &
answers rated A+
executive level - correct answer ✔✔ According to the NIST Cybersecurity Framework
description of the "common flow of information and decisions", which level of the organization
focuses on organizational risk, and actions include risk decisions and priorities?
Identify, Protect, Detect, Respond, Recover - correct answer ✔✔ What are the five core
functions of the NIST Cybersecurity Framework?
Framework Implementation Tiers - correct answer ✔✔ Describes how cybersecurity risk is
managed by an organization and degree the risk management practices exhibit key
characteristics
EO 13636 was issued by President Obama to improve security for critical infrastructure - correct
answer ✔✔ Which of the following is describes Executive Order 13636
Understand how security controls and IT safeguards mitigate risk - correct answer ✔✔ Which of
the following descriptions match the key area of focus at the Executive / Risk Level of the
Organization?
Cybersecurity activities and informative references, organized around particular outcomes. -
correct answer ✔✔ The NIST Cybersecurity Framework Components includes three
components; the Framework Core, the Framework Implementation Tiers, and the Framework
Profile. Which of the following responses best represents the Framework Core?
Tier 2: Risk Informed - correct answer ✔✔ Which Implementation Tier is defined as follows:
some risk management practices; increased awareness but no formal risk program; informal
external participation
answers rated A+
executive level - correct answer ✔✔ According to the NIST Cybersecurity Framework
description of the "common flow of information and decisions", which level of the organization
focuses on organizational risk, and actions include risk decisions and priorities?
Identify, Protect, Detect, Respond, Recover - correct answer ✔✔ What are the five core
functions of the NIST Cybersecurity Framework?
Framework Implementation Tiers - correct answer ✔✔ Describes how cybersecurity risk is
managed by an organization and degree the risk management practices exhibit key
characteristics
EO 13636 was issued by President Obama to improve security for critical infrastructure - correct
answer ✔✔ Which of the following is describes Executive Order 13636
Understand how security controls and IT safeguards mitigate risk - correct answer ✔✔ Which of
the following descriptions match the key area of focus at the Executive / Risk Level of the
Organization?
Cybersecurity activities and informative references, organized around particular outcomes. -
correct answer ✔✔ The NIST Cybersecurity Framework Components includes three
components; the Framework Core, the Framework Implementation Tiers, and the Framework
Profile. Which of the following responses best represents the Framework Core?
Tier 2: Risk Informed - correct answer ✔✔ Which Implementation Tier is defined as follows:
some risk management practices; increased awareness but no formal risk program; informal
external participation
