CarlsCloud™ The NIST Know-How Challenge: Test Your CISSP Publication Smarts

Get ready to flex your CISSP knowledge! The National Institute of Standards and Technology (NIST) produces tons of guidelines and frameworks directly relevant to many CISSP domains.

10 months ago   •   3 min read

By Carl Ballenger, CISSP
CarlsCloud™ The NIST Know-How Challenge: Test Your CISSP Publication Smarts
Table of contents

Get ready to flex your CISSP knowledge!

The National Institute of Standards and Technology (NIST) produces tons of guidelines and frameworks directly relevant to many CISSP domains. Let's see how well you can match the situations to the right NIST resource.

The NIST Know-How Challenge Quiz

Instructions: Each scenario describes a security challenge. Your task is to select the MOST relevant NIST publication or series to help address it. (There may be more than one valid answer, but select the best fit).

Scenario 1:  You're implementing a new risk management program for your organization. You need a clear structure, process guidelines, and well-defined terminology.  Which NIST publication is your go-to?

  • A. NIST SP 800-160
  • B. NIST SP 800-37
  • C. NISTIR 8286

Scenario 2: After a series of incidents, your company wants to build a robust incident response program, including response plans, training, and coordination across teams. Where do you turn for detailed guidance?

  • A. NIST SP 800-39
  • B. NIST Cybersecurity Framework
  • C. NIST SP 800-61

Scenario 3:  You're designing a system involving highly sensitive financial data and need to prioritize encryption and secure cryptographic key management.  What NIST resource is essential?

  • A. NIST SP 800-57
  • B. NIST SP 800-88
  • C. NIST SP 800-30

Scenario 4:  New government regulations require specific controls to demonstrate compliance within your cloud-based system. Which NIST publication helps you get started?

  • A. NIST SP 800-145
  • B. NIST SP 800-53
  • C. NIST SP 800-12

Let's break down the answers after you try the quiz above!

Why This Matters

The CISSP exam isn't just about memorizing acronyms.  It's about knowing where to find authoritative, real-world guidance when you need it.  NIST publications are a goldmine, but using them effectively depends on understanding what each addresses.

Ready for the answer key?

Ready to check your answers from our NIST publication quiz? Let's break down each scenario and why the selected publications are the best tools for the job.

Answer Key & Explanations - NIST Know-How Challenge Quiz

Scenario 1 Answer:  B.

NIST SP 800-37 - Risk Management Framework (RMF)

Scenario 2 Answer: C.

NIST SP 800-61 - Computer Security Incident Handling Guide

Scenario 3 Answer:  A.

NIST SP 800-57 - Recommendation for Key Management

Scenario 4 Answer: B.

NIST SP 800-53 - Security and Privacy Controls for Information Systems and Organizations

Beyond the Answers

Understanding when to reach for each NIST resource makes you a more effective CISSP.

Here's a tip: the NIST Computer Security Resource Center (https://csrc.nist.gov/) has a great search function by keyword or publication number.

While you are here:  Did you enjoy CarlsCloud™ CISSP content today?

If so, buy me a coffee or just shoot me a note via LinkedIn to say thanks!

Spread the word

Keep reading