1. What is information security? What essential protections must be in place to protect information systems from danger? 2. What is the importance of the C.I.A. triad? Define each of its components. 3. What are the three levels of planning? Define each. List the types of InfoSec plans and planning functions. 4. What is a policy? How does it differ from a law? 5. What is digital forensics, and when is it used in a business setting? 6. What is a values statement? What is a vision statement? What is a mission statement? Why are they important? What do they contain? 7. What is a systems development life cycle methodology? 8. What is information security policy? Why is it critical to the success of the InfoSec program? 9. In what way are policies different from standards? 10. List and describe four elements that should be present in the EISP .