When assessing the risk to a machine or network, what step should you take first?
A.
Evaluating the existing perimeter and internal security
B.
Analyzing the use of existing management and control architecture
C.
Checking for a written security policy
D.
Analyzing, categorizing and prioritizing resources