Blog

Susan works for a U.S. investment firm that is required to be registered with the Securities and Exchange Commission. Susan is responsible for implementing access controls on the organization’s database servers. Which one of the following laws must her organization comply with?

In most cases, should a computer incident response team (CIRT) plan include pursuing the attacker?

True or False? In regards to system recovery, RTO stands for recovery time objective.

System logs and audit trails are a type of __________ control.

Some controls are identified based on the function they perform. What are the broad classes of controls based on function?

True or False? During a business impact analysis (BIA), the highest priorities are assigned based on the shortest maximum acceptable outages (MAOs).

True or False? Distributed denial of service (DDoS) attacks involve a command-and-control center.

Globally, access to abortion has increased over the past 25 years. Also, in the U.S., roughly 4 out of 5 people think that abortion should be legal, at least under certain circumstances. 

Complete the equation for the relationship between risk, vulnerabilities, and threats: Risk equals:

As of 2025, marijuana is legal 39 states and Washington D.C., yet it remains a “Schedule 1” drug according to the federal government. This helps illustrate how _________.