Module 2 - 02-3 Flashcards
NIST frameworks
What does NIST stand for?
National Institute of Standards and Technology (NIST)
What does CSF stand for?
Cybersecurity Framework (CSF)
What does NIST CSF stand for?
National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)
Define National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)
A voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk
What NIST CSF expands into the protection of the United States federal government?
NIST special publication, or S.P. 800-53
Define NIST S.P. 800-53
A unified framework for protecting the security of information systems within the federal government
(including the systems provided by private companies for federal government use)
The security controls provided by this framework are used to maintain the CIA triad for those systems used by the government.
What are the five core functions of the NIST CSF?
1) Identify
2) Protect
3) Detect
4) Respond
5) Recover
How do the five core functions of the NIST CSF help organizations?
These core functions help organizations manage cybersecurity risks, implement risk management strategies, and learn from previous mistakes.
They are key for making sure an organization is protected against potential threats, risks, and vulnerabilities.
What is the first (1st) core function of the NIST CSF?
1) Identify
Define Identify
The management of cybersecurity risk and its effect on an organization’s people and assets
What is the second (2nd) core function of the NIST CSF?
2) Protect
Define Protect
The strategy used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats
What is the third (3rd) core function of the NIST CSF?
3) Detect
Define Detect
Identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections
What is the fourth (4th) core function of the NIST CSF?
4) Respond
Define Respond
Making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process
What is the fifth (5th) core function of the NIST CSF?
5) Recover
Define Recover
The process of returning affected systems back to normal operation
What is the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)?
- A required business framework for ensuring security updates and repairs are successful
- Standards, guidelines, and best practices that organizations follow voluntarily in order to manage cybersecurity risk
- A collection of security principles focused on maintaining confidentiality, integrity, and availability
- A set of security controls that help analysts determine what to do if a data breach occurs
Standards, guidelines, and best practices that organizations follow voluntarily in order to manage cybersecurity risk
The NIST CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
The five core functions that make up the CSF are: identify, protect, detect, _____, and recover.
- regulate
- reevaluate
- reflect
- respond
respond
The CSF _____ function relates to monitoring systems and devices in an organization’s internal network to help security teams manage potential cybersecurity risks and their effects.
- respond
- protect
- identify
- recover
identify
What does a security analyst’s work involve during the CSF recover function?
- Protect an organization through the implementation of employee training
- Return affected systems back to normal operation
- Pinpoint threats and improve monitoring capabilities
- Contain, neutralize, and analyze security incidents
Return affected systems back to normal operation