NIST CSF 2.0 Resource & Overview Guide Quiz

Questions and Answers

What is the purpose of executing a developed and tested response plan?

• To create chaos
• To ignore the incident
• To contain the effects of an incident (correct)
• To make the incident worse

Why is communication with stakeholders important during incident response?

• To result in a more effective response (correct)
• To confuse stakeholders
• To hide information
• To complicate the recovery process

What should be ensured before using backups to resume regular business operations?

• Integrity of backups and recovery assets (correct)
• Corruption of backups
• Sharing backups with unauthorized parties
• Loss of backups

Why should communication be carefully managed with stakeholders?

To ensure all interested parties receive necessary information (B)

What is recommended after communicating lessons learned and process revisions to staff?

Train or retrain staff on cybersecurity best practices (A)

Why is it important to prioritize and perform recovery tasks during incident response?

To ensure operational availability of affected systems and services (A)

What is a key aspect to ensure when sharing information with stakeholders?

Accounting for what, how, and when information will be shared (C)

Why should recovery assets like backups be checked before use?

To ensure they are intact and usable (D)

What should be done following the execution of a recovery plan?

"Double-check your work" (C)

"This is a good time to train, or retrain, staff on cybersecurity best practices" - Why is this important?

"To improve staff's understanding of cybersecurity best practices" (A)

Flashcards are hidden until you start studying