An IS auditor performing detailed network assessments and access control reviews should FIRST:
A、determine the points of entry.
B、evaluate users' access authorization.
C、assess users' identification and authorization.
D、evaluate the domain-controlling server configuration.