Exam (elaborations)
Final Exam MISY 5325 Fall 2024 QUESTIONS AND ANSWERS 2024
- Course
- Institution
Final Exam MISY 5325 Fall 2024
[Show more]
Content preview
Final Exam MISY 5325 Fall 2024Informative references - answer__________ point to industry standards, guidelines, and
practices that are beneficial for an organization trying to achieve outcomes.
FALSE - answerNIST is very clear that their framework is aimed to replace existing risk
management processes and cybersecurity programs of your organization.
Internal Participation - answerThe NIST Cybersecurity Framework Tiers include all of
these categories EXCEPT:
implementation/operations - answerIn the NIST s Cybersecurity Framework
Coordination model, the business/process level obtains the executive level inputs into
the risk management process, and then collaborates with the __________ level.
TRUE - answerThe NIST Cybersecurity Framework was created through collaboration
between industry and government.
Tiers - answerThe NIST Cybersecurity Framework __________ provide guidance to
allow organizations to analyze cybersecurity risk and to enhance their processes to
manage such risk.
partial
risk-informed
repeatable
adaptive - answerThe four (4) NIST Cybersecurity Framework Tiers are:
Tiers - answerThe NIST Cybersecurity Framework __________ is/are designed to help
organizations to view and understand the characteristics of their approach to managing
cybersecurity risk.
Subcategories - answer__________ are a list of specific outcomes of technical and/or
management activities.
framework - answerNIST s Cybersecurity __________ is a living document and will
continue to be updated and improved as participants provide feedback on
implementation.
profile - answerThe work product of cybersecurity requirements management using the
NIST Cybersecurity Framework is referred to as a(n) __________.
,identify, protect, detect, respond, recover - answerThe NIST Cybersecurity Framework
Core consist of these functions:
business/process - answerIn the NIST s Cybersecurity Framework Coordination model,
the executive level communicates the mission priorities, available resources, and overall
risk tolerance to the __________ level.
TRUE - answerNIST s Cybersecurity Framework provides a common language to
communicate requirements with all the stakeholders within or outside your organization
that are responsible for the delivery of essential critical infrastructure services.
guidance - answerNIST Cybersecurity Framework is built from standards, guidelines,
and practices to provide a common __________ for organizations.
business/process - answerIn the NIST s Cybersecurity Framework Coordination model,
the implementation/operations level is where the stakeholders are in charge of
implementing the framework and communicating the implementation progress to the
__________ level.
FALSE - answerThe NIST Cybersecurity Framework cannot be used to translate among
a variety of risk management practices.
Identify - answerThe NIST Cybersecurity Framework __________ function includes the
categories and subcategories that define what processes and assets need protection.
The NIST Cybersecurity Framework Core functions are broken down in to all of these
EXCEPT: - answerGuidelines
Standards - answerNIST s Cybersecurity Framework is divided into three parts
including all EXCEPT
Maturity - answerThe Implementation Tiers in the NIST Cybersecurity Framework are
designed as an overarching measurement of cybersecurity risk management
_________.
Core - answerThe NIST Cybersecurity Framework __________ is/are a collection of
cybersecurity activities, outcomes, and informative references that are common across
critical infrastructure sectors.
FALSE - answerThe NIST Cybersecurity Framework is never used by organizations of
differing sizes.
Categories - answer__________ group the elements of a function into collections of
cybersecurity outcomes.
, - answerIn the NIST Cybersecurity Framework Cyber Supply Chain Relationship,
companies have communication with all EXCEPT:
TRUE - answerThe NIST Cybersecurity Framework Core subcategory outcomes are
meaningful for multiple requirements.
TRUE - answerThe Implementation Tiers in the NIST Cybersecurity Framework are not
prescriptive like you may find in other maturity models.
PROFILES - answerThe NIST Cybersecurity Framework __________ is/are designed
to help the underlying organization align its cybersecurity undertakings with business
requirements, risk tolerances, and resources.
IT Department - answerNIST defines three levels within an organization that should be
engaged to coordinate the framework implementation and a common flow of information
including all of these EXCEPT:
FALSE - answerUsing specially crafted phone calls during a corporate account
takeover, criminals capture a business s online banking credentials or compromise the
workstation used for online banking. This is a form of Malware.
FALSE - answerThe NIST Cybersecurity Framework consists of standards, guidelines,
and practices to protect the promotion of critical infrastructure.
TRUE - answerNIST s Cybersecurity Framework provides a common language to
communicate requirements with all the stakeholders within or outside your organization
that are responsible for the delivery of essential critical infrastructure services.
Internal Participation - answerThe NIST Cybersecurity Framework Tiers include all of
these categories EXCEPT:
Maturity - answerThe Implementation Tiers in the NIST Cybersecurity Framework are
designed as an overarching measurement of cybersecurity risk management
_________.
Operational Process (OP) partners - answerIn the NIST Cybersecurity Framework
Cyber Supply Chain Relationship, companies have communication with all EXCEPT:
Implementation/operation - answerIn the NIST s Cybersecurity Framework Coordination
model, the business/process level obtains the executive level inputs into the risk
management process, and then collaborates with the __________ level.
Informative references - answer__________ point to industry standards, guidelines, and
practices that are beneficial for an organization trying to achieve outcomes.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
80435 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now