Final answer:
Default policies for workstations and servers are typically created upon deployment of security systems, but the inclusion of default denys is contingent on the system used. It is vital to review and tailor these policies to meet specific organization needs for adequate security.
Step-by-step explanation:
When deploying network security measures, it is typical for systems to automatically generate default policies for workstations and servers. However, whether these default policies include default denys for both groups is dependent on the specific security system or firewall being used. Some systems may have a default deny stance, which means that unless a specific rule exists allowing traffic, it would be denied by default.
In other cases, there might be some predefined rules that allow certain types of traffic, with the option to customize the policies further as needed. To ensure the security policy meets the specific requirements of an organization, it is essential to review and modify these default policies after deployment.