Practice Free D-CSF-SC-01 Exam Online Questions
Which NIST Cybersecurity Framework tier describes an organization that adapts its cybersecurity practices based on evolving threats?
- A . Tier 1: Partial
- B . Tier 2: Risk-Informed
- C . Tier 3: Repeatable
- D . Tier 4: Adaptive
What is the effect of changing the Baseline defined in the NIST Cybersecurity Framework?
- A . Negative impact on recovery
- B . Does not result in changes to the BIA
- C . Positive impact on detection
- D . Review of previously generated alerts
In the NIST Identify Function, what is the main purpose of maintaining an asset inventory?
- A . To determine the cost of each asset
- B . To identify and prioritize resources that need cybersecurity protection
- C . To categorize assets by owner
- D . To assign assets to departments
What constitutes the main objectives of the Recovery function?
- A . Restore workloads, assets, and audit logs
- B . Restore services, mitigate risks, and improve
- C . Restore backups, analyze threats, and monitor backup integrity
- D . Restore assets, workloads, and services
How does the COBIT 2019 Framework assist organizations in managing cybersecurity risks?
- A . By providing technical control implementation guidance
- B . By defining roles and responsibilities for governance and risk management
- C . By conducting vulnerability scans
- D . By developing encryption standards
Which of the following are included in the Identify Function’s goal to support Business Impact Analysis (BIA) efforts? (Select two)
- A . Asset categorization
- B . Risk assessment processes
- C . Encryption strategies
- D . Baseline configurations
The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT. Service disruption is not a concern because this server is used only to store files and does not hold any critical workload.
Your company security policy required that all forensic information must be preserved.
Which actions should you take to stop data leakage and comply with requirements of the company security policy?
- A . Disconnect the file server from the network to stop data leakage and keep it powered on for further analysis.
- B . Shut down the server to stop the data leakage and power it up only for further forensic analysis.
- C . Restart the server to purge all malicious connections and keep it powered on for further analysis.
- D . Create a firewall rule to block all external connections for this file server and keep it powered on for further analysis.
Which of the following best describes the purpose of the Detect Function within the NIST Cybersecurity Framework?
- A . To identify potential security incidents
- B . To develop disaster recovery plans
- C . To create security awareness among employees
- D . To restrict access to critical systems
What is a consideration when developing a Disaster Recovery Plan?
- A . Define scenarios by type and scope of impact
- B . Develop termination strategies
- C . Exchange essential information between stakeholders
- D . Method to terminate incident responses
The primary purpose of a Communications Plan within the Respond Function is to:
- A . Develop risk assessment criteria
- B . Define recovery strategies
- C . Establish guidelines for internal and external communication
- D . Train employees on security protocols
