Which of the following control types is AUP an example of?

Physical controls are measures that protect physical assets and environments, such as locks on doors or security guards. While these controls are essential for security, they do not encompass policies that dictate user behavior, which is the primary focus of an AUP. Hence, AUP does not fit within the realm of physical controls.

Technical controls refer to the use of technology to safeguard information systems, such as firewalls, encryption, and antivirus software. While technical controls play a vital role in security, they do not address user behavior in the way that an AUP does, which focuses on user responsibilities rather than technological safeguards.

Operational controls are day-to-day procedures and processes that help ensure the effectiveness of an organization's operations. Although AUP may influence operational activities, it is more aligned with the overarching managerial framework rather than the specific operational tasks and procedures.