CompTIA Security+ (SY0-601) — Question 389

A marketing coordinator is trying to access a social media application on a company laptop but is getting blocked. The coordinator opens a help desk ticket to report the issue. Which of the following documents should a security analyst review to determine whether accessing social media applications on a company device is permitted?

Answer options

• A. Incident response policy
• B. Business continuity policy
• C. Change management policy
• D. Acceptable use policy

Correct answer: D

Explanation

The correct answer is D, the Acceptable Use Policy, as it outlines the permissible use of company resources, including social media access. The Incident Response Policy (A) deals with how to respond to security incidents, the Business Continuity Policy (B) focuses on maintaining business operations during disruptions, and the Change Management Policy (C) relates to managing changes in IT systems, none of which specifically address social media usage.