EMC NIST Cybersecurity Framework 2023 - D-CSF-SC-23 FREE EXAM DUMPS QUESTIONS & ANSWERS
A security engineer is responsible for monitoring company software, firmware, system OS, and applications for known vulnerabilities.
How should they stay current on exploits and information security?
How should they stay current on exploits and information security?
Correct Answer: B
Vote an answer
What three steps are required to complete a Business Impact Analysis?
Correct Answer: A
Vote an answer
The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?
Correct Answer: A
Vote an answer
You have been asked by your organization to:
- Assist in developing an organizational understanding for managing cybersecurity risk to systems, people, assets, data, and capabilities
- Outline appropriate safeguards to ensure delivery of critical infrastructure services to limit or contain the impact of a potential cybersecurity event
- Define the appropriate activities to identify the occurrence of a cybersecurity event by enabling timely discovery
- Determine the appropriate business outcome by planning, communicating, analyzing, mitigating, and improving the process
- Identify the appropriate activities to maintain plans for resilience and restore capabilities or services impaired due to a cybersecurity incident Based on these details, what would be the correct sequence of steps to take?
- Assist in developing an organizational understanding for managing cybersecurity risk to systems, people, assets, data, and capabilities
- Outline appropriate safeguards to ensure delivery of critical infrastructure services to limit or contain the impact of a potential cybersecurity event
- Define the appropriate activities to identify the occurrence of a cybersecurity event by enabling timely discovery
- Determine the appropriate business outcome by planning, communicating, analyzing, mitigating, and improving the process
- Identify the appropriate activities to maintain plans for resilience and restore capabilities or services impaired due to a cybersecurity incident Based on these details, what would be the correct sequence of steps to take?
Correct Answer: C
Vote an answer
What are the five functions of the NIST Framework Core?
Correct Answer: A
Vote an answer
The CSIRT discovers that an attacker changed some non-encrypted values on a database, causing an e-commerce application to show incorrect prices.
Which part(s) of the CIA Triad was affected on the database?
Which part(s) of the CIA Triad was affected on the database?
Correct Answer: D
Vote an answer
Your organization has been breached. The attacker has sent an email demanding $100,000 in cryptocurrency in exchange for not dumping all your customer information onto the dark web. Following the RACI Matrix model outlined in your IRP, you have informed all parties, contained the breach, and eradicated the threat.
What needs to be done next?
What needs to be done next?
Correct Answer: B
Vote an answer
What helps an organization compare an "as-is, to-be" document and identify opportunities for improving cybersecurity posture useful for capturing organizational baselines of today and their desired state of tomorrow so that a gap analysis can be conducted?
Correct Answer: D
Vote an answer
An Internet-connected file server compromised by a threat that leaked all data. The data was destroyed to cover all tracks. The file server has high availability capabilities to handle critical workloads.
The operations team took only 15 minutes to restore workload routing to a different node.
What part(s) of the CIA Triad was affected?
The operations team took only 15 minutes to restore workload routing to a different node.
What part(s) of the CIA Triad was affected?
Correct Answer: D
Vote an answer