Which three must a security administrator first identify and clearly understand before securing a new server? (Choose three.)

A.
intended use of the system

B.
disaster recovery procedures

C.
security policies and standards

D.
user account issuance processes

E.
business and support requirements