Which of the following prevents unauthorized modifications to internal processes, assets, and security controls?

Playbooks serve as guidelines or procedures for specific tasks, often in response to particular scenarios, such as incidents or operational tasks. While they can help standardize responses, they do not inherently prevent unauthorized modifications; rather, they provide a framework for action once a situation arises, without directly controlling changes to processes or systems.

Incident response refers to the structured approach to addressing and managing the aftermath of a security breach or cyberattack. While effective incident response can help mitigate damage from unauthorized modifications after they occur, it does not prevent such modifications proactively. Instead, it focuses on reaction and recovery.

An acceptable use policy outlines the permissible use of organizational resources and defines user behavior. Although it establishes guidelines for users, it does not directly manage or control changes to internal processes, assets, or security controls, leaving a gap in preventing unauthorized modifications.