You are hired by a small business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 15 employees, operating off of two shared servers. One server houses employee data, and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not remotely

access either of the servers. Assuming no security policies or procedures are in place right now, which two policies are most applicable for implementation?

A. password policies and data classification policies
B. wireless access policies and virtual private network policies
C. wireless access policies and password policies
D. virtual private network policies and data classification policies

A
Explanation: Password policies and data classification policies are most applicable for this implementation. Password policies ensure that users authenticate using a username/password combination. Data classification policies categorize data to ensure that users only access data they should.
Wireless access policies and virtual private network policies are not as important as password policies and data classification policies. Wireless access policies control who accesses the wireless network. Virtual private network (VPN) policies control who accesses the VPN.