Both the SEC and the PCAOB require management to use the COBIT framework for assessing internal control adequacy.

What is the main distinction between an incident response plan and a disaster response plan?

A. One is used to recover from intrusions, while the other is used to recover from malicious code infections. B. One prevents harm, while the other deters harm. C. One seeks to detect attacks, while the other seeks to record details of an attack. D. One focuses on protecting assets from being harmed, while the other focuses on restoring assets after harm has occurred.

For online shopping, signing up for free offers, product registration, and other activities that typically lead to junk e-mail, use a disposable or ____.

A. encrypted e-mail address B. throw-away e-mail address C. non-recyclable e-mail address D. second-hand e-mail address