RAID Level 5 :- The spare drives that replace the failed drives are usually hot swappable, meaning they can be replaced on the server while the system is up and running.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 66.

Discussion: Implicit Deny is a method of controlling access to data by denying access to ALL data then granting only to what the user needs to do their jobs. The converse being Explicit Deny where you only deny access for users for a smaller set of data and permit access to all other data. (Worst practice) Similar to the term of least privilege where users are only given access to data the must have in order to carry out their job duties, Implicit Deny principle denies by default access to information. More simply put, access to ALL data is denied by default and only necessary access is given to data so they employee can carry out their job duties. This term is common to firewalls or other filtering devices where, unless traffic is specifically permitted it is denied by default to enhance security.
The following answers are incorrect:
-Explicit Deny: Sorry, this is incorrect. Explicit Deny means users are given access to ALL data and only denied to a smaller subset of data. This a dangerous practice for information security.
-Implied Permissions: Sorry, incorrect answer. This isn't a commonly used term in risk reduction methodology.
-Explicit Permit: Sorry, also incorrect. Explicit means users are specifically given access but isn't used normally with the permit rule.
The following reference(s) was used to create this question: 2013. Official Security+ Curriculum.

The individuals who are ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them are the data/information/business owners. Data/information/business owners are the individuals who have the authority or accountability for the information assets of an organization, such as data, systems, or processes. Data/information/business owners are ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them, which means that they have to define and implement the rules and guidelines for classifying and securing the information assets according to their sensitivity, value, or criticality. Data/information/business owners also have to assign and oversee the roles and responsibilities of the data custodians and users, who are the individuals who have the duty or privilege to maintain or access the information assets of the organization.
The other options are not the individuals who are ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them, but rather different or subordinate roles. A data custodian is an individual who has the duty to maintain or safeguard the information assets of an organization, such as backup, restore, or encryption. A data custodian is responsible to follow the instructions or directions of the data/information/business owner, but not to make the decisions or policies for the information assets.
Executive management is the group of individuals who have the highest level of authority or leadership in an organization, such as board of directors, chief executive officer, or chief financial officer. Executive management is responsible to provide the support or approval for the information security strategy, policies, and programs of the organization, but not to directly manage or control the information assets. A chief information security officer is an individual who has the senior executive responsibility for overseeing and managing the information security strategy, policies, and programs of an organization. A chief information security officer is responsible to advise and assist the data/information/business owners, executive management, and other stakeholders on the information security matters, but not to own or operate the information assets. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 1, p. 28; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 5, p. 286.