Practice Free D-CSF-SC-01 Exam Online Questions
What helps an organization compare an "as-is, to-be" document and identify opportunities for improving cybersecurity posture useful for capturing organizational baselines of today and their desired state of tomorrow so that a gap analysis can be conducted?
- A . Framework
- B . Core
- C . Assessment
- D . Profile
What is the primary focus of the BIA?
- A . Prevents threats to the environment
- B . Determines criticality of assets to the business
- C . Identifies roles and responsibilities for asset recovery
- D . Maintains controls for recovery
Match each Recover Function component with its primary activity.
Component
Disaster Recovery
Business Continuity
Data Restoration
Impact Analysis
Primary Activity
A) Implementing backup solutions
B) Ensuring minimum disruption to operations
C) Recovering data post-incident
D) Assessing the effect on business and finances
- A . Disaster Recovery – A
Business Continuity – B
Data Restoration – C
Impact Analysis – D - B . Disaster Recovery – A
Business Continuity – B
Data Restoration – D
Impact Analysis – C - C . Disaster Recovery – A
Business Continuity – C
Data Restoration – B
Impact Analysis – D - D . Disaster Recovery – B
Business Continuity – A
Data Restoration – C
Impact Analysis – D
The CSF recommends that the Communication Plan for an IRP include audience, method of communication, frequency, and what other element?
- A . Incident category
- B . Message criteria
- C . Incident severity
- D . Templates to use
Which of the following are benefits of implementing continuous monitoring within the Detect Function? (Select two)
- A . Early detection of security incidents
- B . Improved access control management
- C . Enhanced visibility of network activity
- D . Reduction in hardware costs
In the context of the Detect Function, which element helps organizations identify patterns of anomalous activity?
- A . Threat intelligence
- B . Endpoint protection
- C . Data encryption
- D . Asset management
What is considered outside the scope of a BIA?
- A . Estimated probability of the identified threats actually occurring
- B . Selection of full, incremental, or differential backups
- C . Efficiency and effectiveness of existing risk mitigation controls
- D . Determination of capacity requirements for backups
What is the purpose of a baseline assessment?
- A . Enhance data integrity
- B . Determine costs
- C . Reduce deployment time
- D . Determine risk
What is highlighted by the Cyber Resilient Lifecycle?
- A . Disaster Recovery Plan
- B . Security Reference Architecture
- C . Incident Response Plan
- D . Business Intelligence Analysis
The ___ profile in the NIST Cybersecurity Framework represents the desired cybersecurity outcomes aligned with the organization’s risk tolerance.
- A . Current
- B . Target
- C . Risk
- D . Maturity