CompTIA Security Plus Mock Test Q214

Joe, a newly hired employee, has a corporate workstation that has been compromised due to several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such web sites. Which of the following is the BEST method to deter employees from the improper use of the company’s information systems?

A. Acceptable Use Policy
B. Privacy Policy
C. Security Policy
D. Human Resource Policy


Correct Answer: A
Section: Compliance and Operational Security

Explanation:
Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.

Incorrect Answers:
B: Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment.
C: Security policies define what controls are required to implement and maintain the security of systems, users, and networks.
D: Human resources policy does not address issues regarding which website are prohibited.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 24
http://en.wikipedia.org/wiki/Acceptable_use_policy