Home
Vendors
FAQs
Login / Register

Popular Vendors

Microsoft

HP

Amazon

PeopleCert

Fortinet

Nutanix

Palo Alto Networks

Dell EMC

CheckPoint

Isaca

NetApp

Pegasystems

CompTIA

SAP

IBM

View All Vendors

Home
Isaca
NIST-COBIT-2019

Isaca NIST-COBIT-2019 ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019 Exam Practice Test

Page: 1 / 14
Total 50 questions

Want more questions? Get Premium Access.
()

Question 1

Combining CSF principles with COBIT 2019 practices helps to ensure value, manage risk, and support mission drivers through support and direction of:

Athe chief information officer and IT management.

Bthe board of directors and executive management.

Cthe chief information security manager and the data protection officer.

Answer : B

Combining CSF principles with COBIT 2019 practices helps to ensure value, manage risk, and support mission drivers through support and direction of the board of directors and executive management, as they are responsible for setting the vision, strategy, and objectives of the organization, and for overseeing the governance and management of IT-related operations12.

Reference Connecting COBIT 2019 to the NIST Cybersecurity Framework - ISACA COBIT 2019 (With Principles, Components, Users and Benefits)

Question 2

The PRIMARY function of COBIT Implementation Phase 7: How Do We Keep the Momentum Going is to provide an opportunity for which of the

following?

AClosing the loop for communication workflow

BDocumenting improvements in a prioritized action plan

CEnsuring frequent stakeholder communication

Answer : A

The primary function of COBIT Implementation Phase 7 is to provide an opportunity for closing the loop for communication workflow, which means to ensure that the results and feedback of the implementation are reported and communicated to the relevant stakeholders, and that the lessons learned and best practices are captured and shared for future reference12.

Reference 7 Phases in COBIT Implementation | COBIT Certification - Simplilearn COBIT 2019 Design and Implementation COBIT Implementation, page 31.

Question 3

During CSF life cycle action plan review, which of the following tasks is associated with realizing benefits?

ADeveloping business cases indicating success factors

BMonitoring performance against objectives

CDocumenting risk issues and remediation plans

Answer : B

According to the ISACA guide, monitoring performance against objectives is one of the tasks associated with realizing benefits, as it helps to measure the outcomes and value of the CSF implementation, and to identify and address any issues or gaps that may arise1. This task also involves reporting and communicating the results and feedback to the relevant stakeholders and ensuring continuous improvement2.

Reference Connecting COBIT 2019 to the NIST Cybersecurity Framework - ISACA Manage Enterprise Cyberrisk by Applying the NIST CSF With COBIT ... - ISACA

Question 4

Which of the following is the PRIMARY reason for establishing open communication between all participants and stakeholders as part of the implementation phase?

ATo describe the high-level roadmap for achieving the vision

BTo ensure issues can be identified and resolved

CTo establish the sharing of information with external partners

Answer : B

The primary reason for establishing open communication between all participants and stakeholders as part of the implementation phase is to ensure issues can be identified and resolved, as this can facilitate the collaboration, coordination, and feedback among the involved parties, and help to overcome the challenges and risks that may arise during the implementation12.

Reference Connecting COBIT 2019 to the NIST Cybersecurity Framework - ISACA Questions and Answers | NIST

Question 5

Which of the following is the MOST beneficial result of an effective CSF implementation plan?

ACybersecurity risk management practices are formalized and institutionalized.

BKey stakeholders understand the quick wins of the cybersecurity program.

CKey stakeholders understand the cybersecurity requirements of the chosen vendors.

Answer : A

The most beneficial result of an effective CSF implementation plan is that cybersecurity risk management practices are formalized and institutionalized, which means that the organization has established and maintained a consistent and comprehensive approach to managing cybersecurity risks across its systems, processes, and people. This result can help the organization to reduce the likelihood and impact of cybersecurity events, improve its resilience and compliance, and enhance its reputation and trust12.

Reference Public Draft: The NIST Cybersecurity Framework 2, page 1. Cybersecurity Framework | NIST

Question 6

Which function of the CSF is addressed by incorporating governance, risk, and compliance (GRC) elements into the implementation plan?

AProtect

BDetect

CIdentify

Answer : C

The function of the CSF that is addressed by incorporating governance, risk, and compliance (GRC) elements into the implementation plan is Identify, which assists in developing an organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities. GRC elements help to define the governance program, the legal and regulatory requirements, the risk management strategy, and the supply chain risk management strategy of the organization12.

Reference The Five Functions | NIST NIST Cybersecurity Framework 2.0: Understanding the 'Govern' Function

Question 7

Which of the following is MOST likely to cause an organization's NIST Cybersecurity Framework (CSF) implementation to fail?

AOrganizational training on the CSF is not provided.

BPotential benefits of proposed improvements are not considered.

CThe implementation timeline is too long.

Answer : B

One of the most likely causes of an organization's NIST CSF implementation failure is that the potential benefits of proposed improvements are not considered, which means that the organization does not conduct a cost-benefit analysis of the solutions to address the gaps between the current and target profiles. This can result in a lack of justification, prioritization, and alignment of the implementation plan with the organization's mission drivers, risk appetite, and resource constraints12.

Reference 7 Steps to Implement & Improve Cybersecurity with NIST 3 Security Issues Overlooked By the NIST Framework

Page: 1 / 14
Total 50 questions

Unlock Full
NIST-COBIT-2019 Exam Features

In Just $59 You can Access

All Official Question Types
Interactive Web-Based Practice Test Software
No Installation or 3rd Party Software Required
Customize your practice sessions (Free Demo)
24/7 Customer Support

Get Full Access Now

Unlock Full
NIST-COBIT-2019 Exam Features

In Just $59 You can Access

All Official Question Types
Interactive Web-Based Practice Test Software
No Installation or 3rd Party Software Required
Customize your practice sessions (Free Demo)
24/7 Customer Support

Get Full Access Now

Login First To Buy This Product

Email

Password

Download PDF File Demo

Try Web-Based Exam Practice Software Demo

Desktop Practice Test

2025 certshero.com. All rights reserved.

All Products
Guarantee
Privacy Policy
F.A.Q.
DMCA
Contact Us
About Us