A security consultant is called into a small advertising business to recommend which security
policies and procedures would be most helpful to the business. The business is comprised of 20
employees, operating off of two shared servers. One server houses employee data and the other
houses client data. All machines are on the same local network. Often these employees must work
remotely from client sites, but do not access either of the servers remotely. Assuming no security
policies or procedures are in place right now, which of the following would be the MOST applicable
for implementation? (Select TWO).
A.
Password Policy
B.
Data Classification Policy
C.
Wireless Access Procedure
D.
VPN Policy
E.
Database Administrative Procedure