Home › BCA Cyber Security › cybersecurity › Cybersecurity Fundamentals › Implementing access controls, awareness training…
Implementing access controls, awareness training, and data security falls under which NIST CSF function?
AIdentify
BDetect
CProtect
DRecover
Answer & Solution
Correct answer: C. Protect
1. The PROTECT function (PR) covers SAFEGUARDS to ensure delivery of services.
2. Categories include: Identity Management & Access Control (PR.AC), Awareness & Training (PR.AT), Data Security (PR.DS), Information Protection Processes (PR.IP), Maintenance (PR.MA), Protective Technology (PR.PT).
3. Protect implementations include: encryption, MFA, role-based access, security training, secure configurations.
4. Goal: limit or contain the impact of a potential cybersecurity event.
_Source: NIST Cybersecurity Framework v1.1, §2.1 — Protect Function, p. 7._
Related questions
A HASH FUNCTION (e.g. SHA-256) used for password storage should beWhich of the following is a TYPE of MALWARE that encrypts files and demands payment for thA SECURITY INCIDENT is BEST defined asDEFENSE IN DEPTH is a strategy thatWhich authentication method requires the user to present at least TWO different categoriesPRINCIPLE OF LEAST PRIVILEGE states thatRisk is commonly expressed as a function ofWithin the RESPOND function, ANALYSIS of detected incidents and COMMUNICATIONS with stakeh