Module 9 Questions
a. Identify (function)—Slide 136 - answer Develop the organizational understanding to
manage cybersecurity risk to systems, assets, data, and capabilities.
Protect (function) - answer Develop and implement the appropriate safeguards to
ensure delivery of critical infrastructure services.
Recover (function) - answer Develop and implement the appropriate activities to
maintain plans for resilience and to restore any capabilities or services that were
impaired due to a cybersecurity event
Respond (function) - answer Develop and implement the appropriate activities to take
action regarding a detected cybersecurity event.
Detect (function) - answer Develop and implement the appropriate activities to identify
the occurrence of a cybersecurity event.
Deter or Deterrent - answer Controls that are intended to discourage individuals from
intentionally violating information security policies or procedures. These usually take the
form of constraints that make it difficult or undesirable to perform unauthorized activities
or threats of consequences that influence a potential intruder to not violate security
(e.g., threats ranging from embarrassment to severe punishment).
Prevention - answerControls attempt to avoid the occurrence of unwanted events,
whereas detective controls attempt to identify unwanted events after they have occurred
Containment - answerControls that attempt to isolate the occurrence of a cybersecurity
event.
i. Architecture Framework—Slide 27 - answer•Five concurrent and continuous
Functions
— Identify
— Protect
— Detect
— Respond
— Recover
•(Altogether) the functions provide a high-level, strategic view of the lifecycle of an
organization's management of cybersecurity risk.
2. What two security architecture frameworks are discussed in Module 9? Slide 12 -
answerSherwood Applied Business Security Architecture (SABSA)
a. Identify (function)—Slide 136 - answer Develop the organizational understanding to
manage cybersecurity risk to systems, assets, data, and capabilities.
Protect (function) - answer Develop and implement the appropriate safeguards to
ensure delivery of critical infrastructure services.
Recover (function) - answer Develop and implement the appropriate activities to
maintain plans for resilience and to restore any capabilities or services that were
impaired due to a cybersecurity event
Respond (function) - answer Develop and implement the appropriate activities to take
action regarding a detected cybersecurity event.
Detect (function) - answer Develop and implement the appropriate activities to identify
the occurrence of a cybersecurity event.
Deter or Deterrent - answer Controls that are intended to discourage individuals from
intentionally violating information security policies or procedures. These usually take the
form of constraints that make it difficult or undesirable to perform unauthorized activities
or threats of consequences that influence a potential intruder to not violate security
(e.g., threats ranging from embarrassment to severe punishment).
Prevention - answerControls attempt to avoid the occurrence of unwanted events,
whereas detective controls attempt to identify unwanted events after they have occurred
Containment - answerControls that attempt to isolate the occurrence of a cybersecurity
event.
i. Architecture Framework—Slide 27 - answer•Five concurrent and continuous
Functions
— Identify
— Protect
— Detect
— Respond
— Recover
•(Altogether) the functions provide a high-level, strategic view of the lifecycle of an
organization's management of cybersecurity risk.
2. What two security architecture frameworks are discussed in Module 9? Slide 12 -
answerSherwood Applied Business Security Architecture (SABSA)
