CompTIA Security+ (SY0-601) — Question 219

A security team discovered a large number of company-issued devices with non-work-related software installed. Which of the following policies would MOST likely contain language that would prohibit this activity?

Answer options

• A. NDA
• B. BPA
• C. AUP
• D. SLA

Correct answer: C

Explanation

The correct answer is C, AUP (Acceptable Use Policy), which outlines permissible uses of company resources, including devices. An NDA (Non-Disclosure Agreement) focuses on confidentiality, a BPA (Business Partnership Agreement) relates to business collaborations, and an SLA (Service Level Agreement) deals with service commitments, none of which would specifically address software installation on devices.