( 6) Which of the following is optional, and sets the parameters within which the others can be used?( 7) Which of the following is not true of segmented networks?( 8) You are on the West Coast but want to connect to your company’ s intranet on the East Coast. You use a program to“ tunnel” through the Internet to reach the intranet. Which technology are you using?( 9) A policy that addresses the use of personal mobile devices, such as a smartphone, to access an internal business network is an issue of which IT domain?( 10) After entering your user name and password, you enter a number displayed on a security token to gain access to your company’ s network. Which type of authentication method does the security token represent?( 11) In the Workstation Domain, ____________ is the best method of reducing the risk of information leakage.( 12) Authentication and encryption of intranet traffic is a _______ Domain issue.( 13) __________ is the ability to reasonably ensure conformity and adherence to both internal and external policies, standards, procedures, laws, and regulations.( 14) What is included in an IT policy framework?( 15) Incident reporting, incident management, and user ID addition / removal are examples of which of the following?( 16) Which of the following are written instructions on how to comply with standards?( 17) What is something you can measure against to demonstrate value, such as gauging if you’ ve reasonably covered risks in your organization?( 18) Which personality type tends to be best suited for delivering security awareness training?( 19) In Kotter’ s change model, which step is generally part of informal discussions rather than part of the formal implementation process?( 20) A primary reason why security policies often fail is ___________.( 21) Which of the following is not true of security policy enforcement?