Recall & Review
beginner
What is the main purpose of the NIST Cybersecurity Framework?
The NIST Cybersecurity Framework helps organizations manage and reduce cybersecurity risks by providing guidelines and best practices for identifying, protecting, detecting, responding to, and recovering from cyber threats.
Click to reveal answer
beginner
What does ISO 27001 focus on in an organization?
ISO 27001 focuses on establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS) to protect sensitive information systematically.
Click to reveal answer
intermediate
Name the five core functions of the NIST Cybersecurity Framework.
The five core functions are: Identify, Protect, Detect, Respond, and Recover. These help organizations structure their cybersecurity efforts.
Click to reveal answer
intermediate
How does ISO 27001 certification benefit an organization?
ISO 27001 certification shows that an organization follows international standards for managing information security, which can build trust with customers, reduce risks, and meet legal or regulatory requirements.
Click to reveal answer
advanced
What is a key difference between NIST and ISO 27001 frameworks?
NIST provides a flexible framework mainly used in the US with detailed cybersecurity guidelines, while ISO 27001 is an international standard focused on creating a formal management system for information security.
Click to reveal answer
Which of the following is NOT one of the NIST Cybersecurity Framework core functions?
✗ Incorrect
The five core functions are Identify, Protect, Detect, Respond, and Recover. 'Analyze' is not one of them.
ISO 27001 is primarily concerned with:
✗ Incorrect
ISO 27001 focuses on establishing and maintaining an Information Security Management System (ISMS).
Which framework is widely used in the United States for cybersecurity risk management?
✗ Incorrect
The NIST Cybersecurity Framework is widely adopted in the US for managing cybersecurity risks.
What does achieving ISO 27001 certification demonstrate?
✗ Incorrect
ISO 27001 certification shows an organization has a formal system to manage information security risks.
Which NIST function involves detecting cybersecurity events quickly?
✗ Incorrect
The 'Detect' function focuses on identifying cybersecurity incidents as soon as possible.
Explain the main goals and structure of the NIST Cybersecurity Framework.
Think about how NIST helps organizations handle cybersecurity risks step-by-step.
You got /3 concepts.
Describe what ISO 27001 certification means for an organization and why it is important.
Consider how ISO 27001 helps protect information and builds confidence.
You got /3 concepts.