1) In a(n) ______________ there are policies,standards,baselines,procedures,guidelines and taxonomy .

(A) asset management policy (B)IT policy frame work (C)control standard (D)risk assessment policy

2) In the ISO/IEC 27002 framework _________ describes the use and controls related to encryption .

(A) cryptography (B)operation security(C) communication security (D)access control

3) Before publishing major policy changes , it can be beneficial to a conduct a ____________ in order to offer a employees an explanations of the upcoming changed and create a space for dialogue .

(A) Road show (B) town hall meeting (C) presentation (D) lunch and learn

4) Security controls are measure taken to protect systems from attack on the integrity ,confidentiality and arability of the system ,if a potential employees have to undergo a drug screening , which of the following controls is being conducted ?

(A) Preventing security control ,(B) technical security control (C) physical security control (D) administrative control