• Question 40 Which of the following is least likely to indicate the effectiveness of an organization ' s security policies?
• Question 41 What is the name of a common control that is used across a significant population of systems, applications, and operations?
• Question 42 Which employee role is directly accountable to ensure that employees are implementing security policies consistently?
• Question 43 Your company wants to minimize the risk of its employees sharing confidential company information via e- mail. What is the best tool to use to minimize this risk?
• Question 44 An employee used her company-owned computer to e-mail invitations to friends for her upcoming party, which violated the company ' s acceptable use policy. Who is responsible for correcting the employee ' s behavior?
• Question 45 What is a disadvantage of hard-coding a user name and password into an application to simplify guest access?
• Question 46 What is an example of " hardening "?
• Question 47 Which type of agreement would you have a contract system administrator( temporary worker) sign?
• Question 48 Which of the following is a policy that prohibits access or storage of offensive content?
• Question 49 What is pretexting associated with?
• Question 50 Who evaluates an organization ' s technology controls and risks for compliance with internal security policies or regulations?