There are generally two skill levels among hackers: expert and ____.

Disaster recovery personnel must know their roles without supporting documentation.

Every member of the organization needs a formal degree or certificate in information security.

Which of the following is a valid type of data ownership?

Strategic planning is the process of moving the organization towards its ____.

A buffer against outside attacks is frequently referred to as a(n) ____.

A policy should state that if employees violate a company policy or any law using company technologies, the company will protect them, and the company is liable for the employee’s actions.

Security ____ are the areas of trust within which users can freely communicate.

NNIST Special Publication 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems, includes templates for major application security plans.

The bottom-up approach to information security has a higher probability of success than the top-down approach.