What kind of control involves using administrative measures to enforce security policies?

Management control involves using administrative measures to enforce security policies because it encompasses the overarching strategies, guidelines, and procedures that organizations establish to govern their security practices. This type of control is focused on ensuring that security policies align with the organization's goals and regulatory requirements. It includes activities like risk assessments, security awareness training, policy formulation, and compliance audits, which are all crucial for creating a secure environment and promoting a culture of security within the organization.

In contrast, technical controls refer to specific technological solutions, such as firewalls and intrusion detection systems, that enforce security policies through hardware or software mechanisms. Physical controls focus on tangible measures, such as locks, access control systems, and environmental controls that physically secure assets. Operational controls involve the day-to-day activities and procedures that support the implementation of security policies but are not strictly administrative in nature. Thus, management control represents the authoritative and strategic aspect of security policy enforcement, making it the correct choice.