nerdexam
(ISC)2

CISSP · Question #145

Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child

The correct answer is B. Acceptable use policy. The document that explains the proper use of the organization's assets is the acceptable use policy. An acceptable use policy is a document that defines the rules and guidelines for the appropriate and responsible use of the organization's information systems and resources, such

Submitted by deeparc· Mar 5, 2026Security and Risk Management

Question

Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization's Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. Which of the following documents explains the proper use of the organization's assets?

Options

  • AHuman resources policy
  • BAcceptable use policy
  • CCode of ethics
  • DAccess control policy

How the community answered

(26 responses)
  • B
    92% (24)
  • C
    4% (1)
  • D
    4% (1)

Explanation

The document that explains the proper use of the organization's assets is the acceptable use policy. An acceptable use policy is a document that defines the rules and guidelines for the appropriate and responsible use of the organization's information systems and resources, such as computers, networks, or devices. An acceptable use policy can help to prevent or reduce the misuse, abuse, or damage of the organization's assets, and to protect the security, privacy, and reputation of the organization and its users. An acceptable use policy can also specify the consequences or penalties for violating the policy, such as disciplinary actions, termination, or legal actions. A human resources policy, a code of ethics, and an access control policy are not the documents that explain the proper use of the organization's assets, as they are related to the management, values, or authorization of the organization's employees or users, not the usage or responsibility of the organization's information systems or resources.

Topics

#acceptable use policy#security policies#asset use

Community Discussion

No community discussion yet for this question.

Full CISSP Practice