Which of the following statements accurately describe the NIST CSF? Select all that apply.
- It is only effective at managing long-term risk.
- Its purpose is to help manage cybersecurity risk.
- It is a voluntary framework.
- It consists of standards, guidelines, and best practices.
or
- It is a voluntary framework.
- Security teams use it as a baseline to manage risk.
- It is only effective at managing short-term risk.
- Its purpose is to help manage cybersecurity risk.