Which set best describes the core objectives of a security program in a 24-hour operation?

The main idea being tested is that a 24-hour security program should combine deterrence, detection, and response with the protection of people, property, and information, and it should pursue ongoing risk reduction. Deterrence lowers the chance a threat will occur, detection enables rapid awareness of incidents, and a prompt response contains and mitigates harm. Together with protecting people, property, and information and continually reducing risk, this framework provides prevention, timely action, and resilience across a continuous operation. The other sets fall short because they miss one or more essential elements: one emphasizes surveillance and maintenance and coaching but neglects proactive protection and ongoing risk reduction; another focuses only on guarding people and excludes information protection and risk reduction; and the last omits how to act after a threat is detected, leaving out response and information protection.