What are two important approaches to communicate when identifying a customer’s security risks?
(Choose two.)
A.
Security should be a continuous process.
B.
Security solutions should come from multiple vendors to make it easier to coordinate security
events from the point of origin.
C.
The designated security expert should report to the IT department, since that is where the
solution will be implemented.
D.
Business strategy should directly relate to the security policy and budget.
E.
Smaller companies are at less risk than larger enterprises, so their security needs are not as
great.