A security-conscious organization requires all new hires to complete training on security policies and conducts annual armed intruder drills for all employees. Which risk management strategies are being used by this organization?
1. Avoidance and enhancement
2. Sharing and optimizing
3. Prevention and mitigation
4. Detection and prevention