Which domain involves defining security goals and objectives, risk mitigation, compliance, business continuity, and the law?
- Security assessment and testing
- Security architecture and engineering
- Identity and access management
- Security and risk management