The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day
exploits. The CISO is concerned that an unrecognized threat could compromise corporate data
and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with
split staff/guest wireless functionality. Which of the following equipment MUST be deployed to
guard against unknown threats?
A.
Cloud-based antivirus solution, running as local admin, with push technology for definition
updates.
B.
Implementation of an offsite data center hosting all company data, as well as deployment of
VDI for all client computing needs.
C.
Host based heuristic IPS, segregated on a management VLAN, with direct control of the
perimeter firewall ACLs.
D.
Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.