• Question 35 Which of the following is not true of the Sarbanes- Oxley Act ?
• Question 36 Which of the following is not a key component that must be covered in an organization ' s security policy for CIPA compliance ?
• Question 37 Which law was challenged by the American Library Association and the American Civil Liberties Union claiming it violated free speech rights of adults ?
• Question 38 Which law applies to educational institutions and protects students ' records ?
• Question 39 Which of the following focuses on the payment card industry ?
• Question 40 Which of the following generally merits a change to a security policy that should be reviewed by a policy change board ?
• Question 41 What is a potential disadvantage of using consecutive numbers in a policy library ?
• Question 42 Antivirus systems , cryptographic systems , and firewalls are examples of which type of security control ?
• Question 43 Which of the following is not a valid reason for using a taxonomy to organize an IT policy library ?