The implementation of access control lists at the router would be considered a minimization strategy for controlling information security risks.

True

False

Contracting with a company such as Sunguard to warehouse your companys critical information would be considered both a mitigation and transference risk management strategy provided Sunguard guarantees data availability.

True

False

A defense in depth strategy is no longer an acceptable security mantra because of the mobility of the workforce, the distribution of information throughout the cloud, and because of the expanded use of cloud based solutions.

True

False