var quiz = {
	questions : [
		{
			text : 'Of the following, which is not one of the primary benefits of compliance training?',
			img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
			responses : [
				'a. Better user understanding of risks and controls',
				'b. Lower risk of inadvertent exposure',
				'c. Better technology selection',
				'd. Better and more efficient training'
			],
			answer : 2,
			score : 1,
			expandedAnswer : '<br>Training does not help drive technology selection; it helps make up for lack of technical controls.',
			moreInfo : 'Tom Bowers reveals which <a href="http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1237804,00.html" target="_blank">IAM tools and technology can help with compliance</a>.'
		},
		{
			text : 'ISO 27002 provides guidance in the following area:',
			img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
			responses : [
				'a. PCI environment scoping',
				'b. Information handling recommendations',
				'c. Framework for an overall security and compliance program ',
				'd. Detailed lists of required policies and procedures'
			],
			answer : 2,
			score : 1,
			expandedAnswer : '<br>ISO is simply a framework and lacks specific guidance to meet business requirements or particular regulatory requirements. ',
			moreInfo : 'For more <a href="http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax300008,00.html" target="_blank">details, tips and resources on ISO 17799 and ISO/IEC 27002</a>, visit SearchSecurity.com\'s resource center.'
		},
		{
			text : 'Companies use 27002 for which of the following compliance reasons:',
			img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
			responses : [
				'a. Structured program that helps with security and compliance ',
				'b. Explicit requirements for all regulations',
				'c. Compliance with ISO 27002 is sufficient to comply with all regulations'
			],
			answer : 0,
			score : 1,
			expandedAnswer : '<br>The structure of 27002 helps organizations build programs to manage security and compliance according to the requirements specified in each regulation or contract.',
			moreInfo : ''
		},
		{
			text : 'Of the following, which is the best organization or set of organizations to contribute to compliance?',
			img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
			responses : [
				'a. IT only',
				'b. IT, business management, HR and legal',
				'c. IT and management',
				'd. IT and legal'
			],
			answer : 1,
			score : 1,
			expandedAnswer : '<br>Security and compliance require coordination with all parts of the company to ensure that business, technical, legal and training requirements are addressed.',
			moreInfo : 'Don\'t forget to check out Dick Mackey\'s Security School podcast. The instructor reviews how <a href="http://www.bitpipe.com/data/document.do?res_id=1200677480_795" target="_blank">all parts of an organization need to come together to achieve compliance</a>.'
		},
		{
			text : 'True or false: Users don\'t need to know why they are required to use particular procedures.',
			img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
			responses : [
				'a. True',
				'b. False'
			],
			answer : 1,
			score : 1,
			expandedAnswer : '<br>If users are trusted to understand the spirit of the law, they may be able to deal with unanticipated problems and may be able to suggest better approaches to solve a problem.',
			moreInfo : 'Make sure you understand the "spirit" of compliance laws. Check out all of the other lessons in <a href="http://searchsecurity.techtarget.com/guide/securitySchool/0,296293,sid14_gci1261778,00.html" "target_blank">SearchSecurity.com\'s Compliance School</a>.'
		}
	]
};