1. As an information security analyst, you are asked by the Chief Privacy Officer to review server logs to determine if personal customer information may have been copied and leaked to a business competitor. If this theft of information occurred, customers may need to be notified of the risk to their identity information. Which security objective may have been violated?

		Connectivity
		Integrity
		Availability
		None of the above

2. When dealing with information security risks, the act of ignoring the risk is considered the least professional option of all.

True

False

3. Most users need just one "impression" of a security awareness concept to internalize it into their belief system.

True

False

4. Information security was initially seen as an organization-wide, holistic discipline, but it is increasingly seen as an IT-specific function best managed by software programmers.

True

False

5. As a member of a new information security department, you have been asked to set up various governance documents. Which document type will contain recommended controls that employees should consider implementing on their home wireless networks, which may contribute to safer computing in each employee's home?

		Policy
		Standards
		Procedures
		Guidelines

6. There are three objectives that information security professionals must focus on, often abbreviated as "CIA." What does the "A" stand for?

		Attack
		Anonymous
		Adversary
		Availability