1. Concerning security assessment, discuss the aspect of internal, external, and third-party testing minimum requirements.
2. Regarding online managing security operations, discuss the elements of asset inventory, asset management, configuration management, and explaining the need-to-know privileges and service level agreement.