Which of the following is NOT part of the design of an organizational security architecture?
Over time, policies and procedures may become inadequate because of _____.
| a. changes in the agency's mission and operational requirements, threats, or the environment | | |
| b. deterioration in the degree of compliance | | |
| c. changes in technology, infrastructure, or business processes | | |
|
The principle of limiting users access privileges to the specific information required to perform their assigned tasks is known as _____.
Security industry certifications are often used to help filter applicants for jobs, but suffer from which of the following challenges?
| a. Most certifications are very easy to get, so they have limited value. | | |
| b. The certifying organizations are not well-respected in the industry. | | |
| c. Many existing certifications are relatively new and not fully understood by hiring organizations. | | |
|
Which of these is NOT a part of the organizational change model used to support change management for Information security requirements.