Which three elements should an enterprise security policy specify? (Choose three.)
A.
contingency plan in case of compromise
B.
network inventory
C.
risks and how to manage the risks
D.
software versions of the security products
E.
user roles and responsibilities
F.
funds allocated to security projects