NIST CSF 2.0 Pearson Practice Exam 1
questions well answered (updated)
Which of the following correctly specifies the goals of the NIST Cybersecurity Framework (CSF)
2.0 in providing guidance to manage cybersecurity risks? - correct answer ✔✔ They offer high-
level cybersecurity outcomes to understand, assess, prioritize, and communicate their
cybersecurity efforts
What CSF Core Functions occur after the security team notices a possible cybersecurity attack
and compromise are found and analyzed? - correct answer ✔✔ Response (RS) and Recover (RC)
When the Detect function of CSF enables timely discover and analysis of anomalies and other
adverse events, what does that indicate to a security team? - correct answer ✔✔ Cybersecurity
attacks and incidents are occurring
The CSF Core Function Govern (GV) indicates how an organization's cybersecurity risk
management strategy, expectations, and policy are established, communicated, and monitored.
Why are these functions considered critical? - correct answer ✔✔ They integrate cybersecurity
into Enterprise Risk Management (ERM) strategy
Which CSF Core Function addresses the understanding of organizational context, establishment
of cybersecurity strategy, cybersecurity supply chain risk management, and roles and
responsibilities? - correct answer ✔✔ Govern (GV)
Which CSF Core Function enables you to clearly understand an organization's assets and the
associated cybersecurity risks? - correct answer ✔✔ Identify (ID)
questions well answered (updated)
Which of the following correctly specifies the goals of the NIST Cybersecurity Framework (CSF)
2.0 in providing guidance to manage cybersecurity risks? - correct answer ✔✔ They offer high-
level cybersecurity outcomes to understand, assess, prioritize, and communicate their
cybersecurity efforts
What CSF Core Functions occur after the security team notices a possible cybersecurity attack
and compromise are found and analyzed? - correct answer ✔✔ Response (RS) and Recover (RC)
When the Detect function of CSF enables timely discover and analysis of anomalies and other
adverse events, what does that indicate to a security team? - correct answer ✔✔ Cybersecurity
attacks and incidents are occurring
The CSF Core Function Govern (GV) indicates how an organization's cybersecurity risk
management strategy, expectations, and policy are established, communicated, and monitored.
Why are these functions considered critical? - correct answer ✔✔ They integrate cybersecurity
into Enterprise Risk Management (ERM) strategy
Which CSF Core Function addresses the understanding of organizational context, establishment
of cybersecurity strategy, cybersecurity supply chain risk management, and roles and
responsibilities? - correct answer ✔✔ Govern (GV)
Which CSF Core Function enables you to clearly understand an organization's assets and the
associated cybersecurity risks? - correct answer ✔✔ Identify (ID)
