What are the two most common methods that security auditors use to assess an
organization’s security processes? (Choose two)
A.
social engineering attempts
B.
interviews
C.
policy assessment
D.
penetration testing
E.
document review
F.
physical observation