EDI makes it more difficult to tie an individual to transactions since EDI involves computer-to-computer data interchanges and this makes it more difficult to trace the originator of some transactions. *Answer "It may be difficult to prove criminal intent" is a valid legal issue since it may be very difficult to prove criminal intent by a person perusing computer files and then causing damage to the files. The damage may have not been intentional. *Answer "It may be difficult to obtain a trail of evidence of activities performed on the computer" describes the situation of trying to track activities on a computer where the information is volatile and may have been destroyed.
* In answer "It may be difficult to show causation", common law refers to causation of the criminal act. Causation is particularly difficult to show in instances where a virus or other malicious code erases itself after causing damage to vital information.

Administrators that leave systems with apparent flaws are performing an act of enticement. This is sometimes called a honeypot.

Explanation/Reference:
Explanation:
A polyalphabetic cipher makes use of more than one alphabet to conquer frequency analysis.
Incorrect Answers:
A, C: Substitution and transposition ciphers are susceptible to attacks that perform frequency analysis.
D: The Ceasar Cipher is a type of substitution cipher.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 780, 781, 871

Reference: https://books.google.com.pk/books?id=9gCn86CmsNQC&pg=PA570&lpg=PA570& dq=CISSP+Directive+controls+are+a+form+of+change+management+policy+and+procedures.+Which+o
&source=bl&ots=riGvVpSS3E&sig=ACfU3U3dLYheW_GfTZcAYfN97fnDFlMmZg&hl=en&sa=X& ved=2ahUKEwjukoqK96npAhULtRoKHZEpBmcQ6AEwAHoECBQQAQ#v=onepage& q=CISSP%20Directive%20controls%20are%20a%20form%20of%20change%20management%20policy
&f=false