A security analyst is assessing a small company’s internal servers against recommended security practices.
Which of the following should the analyst do to conduct the assessment? (Select TWO).
A . Compare configurations against platform benchmarks,
B . Confirm adherence to the company’s industry-specific regulations.
C . Review the company’s current security baseline,
D . Verify alignment with policy related to regulatory compliance
E . Run an exploitation framework to confirm vulnerabilities
Answer: C,E