nerdexam
(ISC)2

CISSP · Question #458

Which of the following is critical if an empolyee is dismissed due to violation of an organization's acceptable use policy (Aup)?

The correct answer is A. Appropriate documentation. When dismissing an employee for AUP violations, proper documentation is critical to protect the organization legally and support any disciplinary or legal proceedings that may follow.

Submitted by helene.fr· Mar 5, 2026Security and Risk Management

Question

Which of the following is critical if an empolyee is dismissed due to violation of an organization's acceptable use policy (Aup)?

Options

  • AAppropriate documentation
  • Bprivilege suspension
  • Cproxy records
  • DInternet access logs

How the community answered

(30 responses)
  • A
    80% (24)
  • B
    10% (3)
  • C
    3% (1)
  • D
    7% (2)

Why each option

When dismissing an employee for AUP violations, proper documentation is critical to protect the organization legally and support any disciplinary or legal proceedings that may follow.

AAppropriate documentationCorrect

Appropriate documentation is critical because it creates a defensible, auditable record of the policy violation, the investigation process, and the disciplinary actions taken. Without thorough documentation, the organization exposes itself to legal liability such as wrongful termination claims. Documentation ensures due process was followed and provides evidence if the matter escalates to litigation or regulatory review.

Bprivilege suspension

Privilege suspension is an important remediation step but is a technical action taken after the decision to dismiss, not the critical element that makes the dismissal legally defensible.

Cproxy records

Proxy records are a type of evidence that may support an investigation, but they alone are not sufficient or universally critical - documentation encompasses and contextualizes all such evidence within the formal disciplinary process.

DInternet access logs

Internet access logs are a potential source of evidence for the violation but are only one data point; they do not replace the comprehensive documentation required to justify and defend the termination decision.

Concept tested: Employee termination procedures and AUP enforcement documentation

Source: https://www.nist.gov/publications/guide-protecting-confidentiality-personally-identifiable-information-pii

Topics

#acceptable use policy#employee termination#HR security#legal compliance

Community Discussion

No community discussion yet for this question.

Full CISSP Practice