1. Question : (TCO 1) What are the three kinds of security policy clauses called? Student Answer: Shalls (mandatory), shall nots (prohibitive), and may (permissive) Mandatory, discretionary, and role based Mandatory, tentative, and optional Responsibilities, compliance, and roles Access control, identification, and authentication Instructor Explanation: Policy clauses are mandatory (shall), permissive (may), and prohibitive (shall not). (Week 1 Lecture) Points Received: 0 of 5 Comments: Question 2 . Question : (TCO 1) Threat and vulnerability are used to _____. Student Answer: calculate cost choose controls manage security sell security estimate consequences Instructor Explanation: Week 1 Lecture Points Received: 5 of 5 Comments: Question 3 . Question : (TCO 1) Which of the following is NOT an activity designed to preserve information system availability? Student Answer: Authorization Encryption