The __________ certification, considered to be one of the most prestigious certifications for security managers and CISOs, recognizes mastery of an internationally identified common body of knowledge (CBK) in InfoSec and is considered to be vendor neutral.

The goal of a security __________ program is to keep information security at the forefront of users’ minds on a daily basis.

A specialized security administrator responsible for performing systems development life cycle (SDLC) activities in the development of a security system is known as __________.

Establishing performance measures and creating project __________  simplifies project monitoring.

This person would be responsible for some aspect of information security and report to the CISO; in smaller organizations, this title may be assigned to the only or senior security administrator.

As noted by Kosutic, options for placing the CISO (and his or her security group) in the organization are generally driven by organizational size and include all of the following EXCEPT:

The voluntary breaking of established laws based on one’s moral beliefs is called:

What recent research has led to the indication that the “blue curtain of secrecy” is breaking down?

An organization’s information security __________ refers to the entire set of activities, resources, personnel, and technologies used to manage risks to the organization’s information assets.

Match the statement with the correct Id/term.