2. Compare the ISO/IEC 27001 outline with the NIST documents discussed in this chapter. Which areas, if any, are missing from the NIST documents? Identify the strengths and weaknesses of the NIST programs compared to the ISO standard.
3. Search the Internet for the term security best practices. Compare your findings to the recommended practices outlined in the NIST documents.