
Explanation:
The 'Identify' guideline provided by NIST is primarily concerned with the identification of all the resources that a company uses. This includes equipment, software, and data. In addition to this, the 'Identify' guideline also involves the creation and sharing of a company's cybersecurity policy. This policy is crucial as it outlines the roles and responsibilities of the employees in relation to cybersecurity. It helps in ensuring that all employees are aware of their duties and responsibilities in maintaining the security of the company's digital assets. This guideline is the first step in a company's cybersecurity strategy as it helps in identifying the resources that need to be protected and the roles that employees will play in this protection.
Choice A is incorrect. The 'Recover' guideline by NIST refers to the development and implementation of appropriate activities necessary to restore any capabilities or services that were impaired due to a cybersecurity event. It does not involve the creation and dissemination of a company's cybersecurity policy.
Choice B is incorrect. The 'Protect' guideline by NIST involves developing and implementing safeguards to ensure delivery of critical infrastructure services, rather than outlining roles and responsibilities in a cybersecurity policy.
Choice D is incorrect. The 'Detect' guideline by NIST involves developing and implementing the appropriate activities to identify the occurrence of a cybersecurity event, not creating and sharing a cybersecurity policy.
Ultimate access to all questions.
No comments yet.
Q.5118 Which of the following five guidelines offered by The National Institute of Standards and Technology (NIST) on cybersecurity standards involves creating and sharing a company cybersecurity policy that covers roles and responsibilities of employees?
A
Recover
B
Protect
C
Identify
D
Detect