Lesson 1: Comparing Security Roles &
Security Controls questions well
answered
The National Institute of Standards and Technology (NIST) provides a framework that classifies
security-related functions. Which description aligns with the "respond" function? - correct
answer ✔✔ identify, analyze, and eradicate threats.
An engineer looks to implement security measures by following the five functions in the
National Institute of Standards and Technology (NIST) Cybersecurity Framework. When
documenting the "detect" function, what does the engineer focus on? - correct answer ✔✔
Ongoing proactive monitoring
Which of the following has a cyber security framework (CSF) that focuses exclusively on IT
security, rather than IT service provisioning? - correct answer ✔✔ National Institute of
Standards and Technology (NIST)
Which security related phrase relates to the integrity of data? - correct answer ✔✔
Modification is authorized
The IT department head returns from an industry conference feeling inspired by a presentation
on the topic of defense in depth. A meeting is scheduled with IT staff to brainstorm ideas for
implementing defense in depth throughout the organization. Which of the following ideas are
consistent with this industry best practice? (Select all that apply.) - correct answer ✔✔ 1. Align
managerial and technical controls with control functions.
2. Provide user training on identifying cyber threats.
Security Controls questions well
answered
The National Institute of Standards and Technology (NIST) provides a framework that classifies
security-related functions. Which description aligns with the "respond" function? - correct
answer ✔✔ identify, analyze, and eradicate threats.
An engineer looks to implement security measures by following the five functions in the
National Institute of Standards and Technology (NIST) Cybersecurity Framework. When
documenting the "detect" function, what does the engineer focus on? - correct answer ✔✔
Ongoing proactive monitoring
Which of the following has a cyber security framework (CSF) that focuses exclusively on IT
security, rather than IT service provisioning? - correct answer ✔✔ National Institute of
Standards and Technology (NIST)
Which security related phrase relates to the integrity of data? - correct answer ✔✔
Modification is authorized
The IT department head returns from an industry conference feeling inspired by a presentation
on the topic of defense in depth. A meeting is scheduled with IT staff to brainstorm ideas for
implementing defense in depth throughout the organization. Which of the following ideas are
consistent with this industry best practice? (Select all that apply.) - correct answer ✔✔ 1. Align
managerial and technical controls with control functions.
2. Provide user training on identifying cyber threats.
