Answer:
Correct Answer is (d) Information sensitivity policy
Step-by-step explanation:
Information sensitivity policy establishes the criteria for classifying and securing the organization's information in a manner that is appropriate to its level of security.
However, other options are incorrect. Server security can be established only on servers and on information/data that is in the server from unauthorized access. While VPN security is used for protecting network and encryption is used to encrypt data from illegal access.
However, only information sensitivity policy is used for classifying and securing organization information to the outside world.
The intention of information sensitivity policy:
The intention of using any information sensitivity policy is to help the employee to determine what information can be disclosed to non-employee, as well as the relative sensitivity of the information that should not be disclosed outside of the company without proper permission or authorization from supreme leadership of an organization.