Question 53 At Stanford University, data is labeled according to a classification scheme that identifies information in the following way: prohibited, restricted, confidential, and unrestricted. Which of the following schemes has Stanford adopted? customized classification business classification legal classificationmilitary classification Question 54 The policy statement you wrote in the lab outlined how you would expect to address a(n):

Question 55 Because risk management is a both a governance process and a model that seeks consistent improvement, there is a series of steps to be followed every time a new risk emerges. Which of the following is notone of these steps? Question 56 Microsoft domains offer _______________ in order to enhance security for certain departments or users in an organization. This method allows security gaps to close and security settings to be increased for some computers or users. Question 57 During the process of developing a communications plan, it is necessary toask the question, __________________.

“Who is communicating?” “What is the intended message?” “What is the target audience?” “How is it communicated?” Question 58 Of all the needs that an organization might have to classify data, there are three that are most prevalent. Which of the following is notone of the reasons? Question 59 A risk exposure is defined as the impact to the organization when a situation transpires. The widely accepted formula for calculating exposure is as follows: Risk exposure =________________ the event will occur + ____________ if the event occurs where, outcomelikelihood, impact how, impact likelihood, cost