NIST CSF 2.0 Resource & Overview Guide Quiz

Questions and Answers

What is the purpose of executing a developed and tested response plan?

To create chaos

To ignore the incident

To contain the effects of an incident (correct)

To make the incident worse

Why is communication with stakeholders important during incident response?

To result in a more effective response (correct)

To confuse stakeholders

To hide information

To complicate the recovery process

What should be ensured before using backups to resume regular business operations?

Integrity of backups and recovery assets (correct)

Corruption of backups

Sharing backups with unauthorized parties

Loss of backups

Why should communication be carefully managed with stakeholders?

To ensure all interested parties receive necessary information

What is recommended after communicating lessons learned and process revisions to staff?

Train or retrain staff on cybersecurity best practices

Why is it important to prioritize and perform recovery tasks during incident response?

To ensure operational availability of affected systems and services

What is a key aspect to ensure when sharing information with stakeholders?

Accounting for what, how, and when information will be shared

Why should recovery assets like backups be checked before use?

To ensure they are intact and usable

What should be done following the execution of a recovery plan?

"Double-check your work"

"This is a good time to train, or retrain, staff on cybersecurity best practices" - Why is this important?

"To improve staff's understanding of cybersecurity best practices"