A security architect is implementing security measures in response to an external audit that found vu

lnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BES

T mitigate the identified vulnerability?

A. Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME

B. Federate with an existing PKI provider, and reject all non-signed emails

C. Implement two-factor email authentic

ation, and require users to hash all email messages upon receipt

D. Provide digital certificates to all systems, and eliminate the user group or shared mailboxes