DELL EMC D-CSF-SC-01 시험

Question No : 1

The network security team in your company has discovered a threat that leaked partial data on a compromised file server that handles sensitive information. Containment must be initiated and addresses by the CSIRT. Service disruption is not a concern because this server is used only to store files and does not hold any critical workload.
Your company security policy required that all forensic information must be preserved.
Which actions should you take to stop data leakage and comply with requirements of the company security policy?

• A.Disconnect the file server from the network to stop data leakage and keep it powered on for further analysis.
• B.Shut down the server to stop the data leakage and power it up only for further forensic analysis.
• C.Restart the server to purge all malicious connections and keep it powered on for further analysis.
• D.Create a firewall rule to block all external connections for this file server and keep it powered on for further analysis.

답을 확인하기

정답:

Question No : 2

In COBIT 2019, which design factor is essential for tailoring the implementation of the NIST Cybersecurity Framework to an organization's needs?

• A.Organizational culture
• B.Compliance regulations
• C.External threats
• D.Budget limitations

답을 확인하기

정답:

Question No : 3

Match each Protect Function subcategory with its main focus.
Subcategory
Data Security
Awareness Training
Protective Technology
Baseline Configuration
Focus
A) Ensuring only authorized personnel have access
B) Educating employees on cybersecurity practices
C) Implementing tools to safeguard systems and networks
D) Establishing a secure starting point for systems

• A.Data Security - A Awareness Training - B Protective Technology - C Baseline Configuration - D
• B.Data Security - A Awareness Training - D Protective Technology - C Baseline Configuration - B
• C.Data Security - A Awareness Training - B Protective Technology - D Baseline Configuration - C
• D.Data Security - B Awareness Training - A Protective Technology - C Baseline Configuration - D

답을 확인하기

정답:

Question No : 4

Which function of the NIST Cybersecurity Framework should be prioritized first in building a cybersecurity strategy?

• A.Identify
• B.Protect
• C.Detect
• D.Recover

답을 확인하기

정답:

Question No : 5

In which function is the SDLC implemented?

• A.Respond
• B.Protect
• C.Detect
• D.Recover

답을 확인하기

정답:

Question No : 6

What process is used to identify an organization’s physical, digital, and human resource, as required in their Business Impact Analysis?

• A.Risk Management Strategy
• B.Risk Assessment
• C.Risk Treatment
• D.Asset Inventory

답을 확인하기

정답:

Question No : 7

Within the Protect Function, ___________ involves limiting access to only those individuals who need it for their work.

• A.Awareness Training
• B.Threat Detection
• C.Access Control
• D.Disaster Recovery

답을 확인하기

정답:

Question No : 8

A key consideration in implementing a Disaster Recovery Plan (DRP) is the __________, which defines how quickly systems need to be restored.

• A.Recovery Time Objective (RTO)
• B.Business Impact Assessment (BIA)
• C.Cyber Resilience Protocol
• D.Security Control Evaluation

답을 확인하기

정답:

Question No : 9

Which function of the NIST Cybersecurity Framework focuses on ensuring the organization is able to identify and contain the impact of cybersecurity incidents?

• A.Recover
• B.Respond
• C.Detect
• D.Identify

답을 확인하기

정답:

Question No : 10

One of the five core functions in the NIST Cybersecurity Framework is ___, which focuses on minimizing the impact of cybersecurity events.

• A.Recover
• B.Detect
• C.Protect
• D.Respond

답을 확인하기

정답:

Question No : 11

An organization has a policy to respond “ASAP” to security incidents. The security team is having a difficult time prioritizing events because they are responding to all of them, in order of receipt.
Which part of the IRP does the team need to implement or update?

• A.Scheduling of incident responses
• B.‘Post mortem’ documentation
• C.Classification of incidents
• D.Containment of incidents

답을 확인하기

정답:

Question No : 12

Which NIST Cybersecurity Framework function should be executed before any others?

• A.Respond
• B.Protect
• C.Recover
• D.Identify

답을 확인하기

정답:

Question No : 13

COBIT 2019 complements the NIST Cybersecurity Framework by focusing on what aspect of cybersecurity risk management?

• A.Monitoring technical network controls
• B.Governance and oversight
• C.Ensuring incident response
• D.Increasing encryption strength

답을 확인하기

정답:

Question No : 14

Match the following components of the Identify Function with their main purpose.
Component
Asset Inventory
Risk Assessment
Classification Controls
Business Impact Analysis
Purpose
A) Listing and updating assets needing cybersecurity
B) Determining likelihood and impact of cybersecurity risks
C) Categorizing assets based on criticality
D) Identifying essential business functions for recovery

• A.Asset Inventory - A Risk Assessment - B Classification Controls - C Business Impact Analysis - D
• B.Asset Inventory - A Risk Assessment - B Classification Controls - D Business Impact Analysis - C
• C.Asset Inventory - A Risk Assessment - C Classification Controls - B Business Impact Analysis - D
• D.Asset Inventory - D Risk Assessment - C Classification Controls - B Business Impact Analysis - A

답을 확인하기

정답:

Question No : 15

The NIST Cybersecurity Framework relies on which of the following to guide organizations through effective cybersecurity risk management?

• A.Tiers and Profiles
• B.Incident Response Plans
• C.Vendor Management Frameworks
• D.Network Architecture Policies

답을 확인하기

정답: