( 15 ) Incident reporting , incident management , and user ID addition / removal are examples of which of the following ?
( 16 ) Which of the following are written instructions on how to comply with standards ?
( 17 ) What is something you can measure against to demonstrate value , such as gauging if you ’ ve reasonably covered risks in your organization ?
( 18 ) Which personality type tends to be best suited for delivering security awareness training ?
( 19 ) In Kotter ’ s change model , which step is generally part of informal discussions rather than part of the formal implementation process ?
( 20 ) A primary reason why security policies often fail is ___________.
( 21 ) Which of the following is not true of security policy enforcement ?