Which of the following is generally considered a fundamental component of an information security program?
A.
Role-based access control systems
B.
Automated access provisioning
C.
Security awareness training
D.
Intrusion prevention systems (IPSs)
Explanation:
Without security awareness training, many components of the security program may not be effectively implemented. The other options may or may not be necessary, but are discretionary.