When developing metrics to measure and monitor information security programs, the information security manager should ensure that the metrics reflect the:
Which of the following is the MOST appropriate method of ensuring password strength in a large organization?
Which of the following is the MAIN objective in contracting with an external company to perform penetration testing?