$1.$ How do the InfoSec management team$$s goals and objectives differ from those of the IT and general management communities?

o$$ Answer:

$2.$ What is included in the InfoSec planning model?

o$$ Answer:

$3.$ List and briefly describe the general categories of information security policy.

o$$ Answer:

$4.$ Briefly describe strategic planning.

o$$ Answer:

$5.$ List and briefly describe the levels of planning.

o$$ Answer:

$6.$ What is governance in the context of information security management?

o$$ Answer:

$7.$ Describe the critical characteristics of information. How are they used in the study of computer security?

o$$ Answer:

$8.$ What are the differences between a policy, a standard, and a practice? Where would each be used?

o$$ Answer:

$9.$ What is an EISP, and what purpose does it serve?

o$$ Answer:

$10.$ Who is ultimately responsible for managing a technology? Who is responsible for enforcing policy that affects the use of a technology?

o$$ Answer:

$11.$ What is needed for an information security policy to remain viable?

o$$ Answer:

$12.$ How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it$?$

o$$ Answer:

$13.$ Where can a security administrator find information on established security frameworks?

o$$ Answer:

$14.$ What is the ISO $27000$ series of standards? Which individual standards make up the series?

o$$ Answer:

$15.$ What documents are available from the NIST Computer Security Resource Center $($CSRC$),$ and how can they support the development of a security framework?

o$$ Answer:

$16.$ What Web resources can aid an organization in developing best practices as part of a security framework?

o$$ Answer:

$17.$ Briefly describe management, operational, and technical controls, and explain when each would be applied as part of a security framework.

o$$ Answer:

$18.$ What is defense in depth?

o$$ Answer:

$19.$ Define and briefly explain the SETA program and what it is used for.

o$$ Answer:

$20.$ What is the purpose of the SETA program?

o$$ Answer:

$21.$ What is security training?

o$$ Answer:

$22.$ What is a security awareness program?

o$$ Answer: