A security analyst observes the following events in the logs of an employee workstation:
A. Application whitelisting controls blocked an exploit payload from executing.
B. Antivirus software found and quarantined three malware files.
C. Automatic updates were initiated but failed because the y had not been approved.
D. The SIEM log agent was not turned properly and reported a false positive.