Three common ways to organize policies are by functional area, by layers of security, or by domain. Each comes with challenges. Creating policies by functional area of responsibility is a challenge. The advantage of this method is that the policies can be tailored for a specific audience. The disadvantage is that functional areas may change due to organizational realignment, which means policies may have to change, too. With layered security, simple security controls may be placed, for example, within the network perimeter (a firewall), in an operating system (a server), in code (an application), and in secure storage (a database). The challenge in creating policies by layers of security is that technology is constantly changing and evolving. The third approach is to organize policies by the seven domains of a typical IT infrastructure. The problem with organizing policies by domain is that many issues pertain to multiple domains. For example, virus control is a concern for workstations and servers. 1. Of the three approaches listed here, which would be most suitable for a small college with an underfunded IT department. Why?