A small IT security form has an internal network composed of laptops, servers, and printers. The network
has both wired and wireless segments and supports VPN access from remote sites. To protect the
network from internal and external threats, including social engineering attacks, the company decides to
implement stringent security controls. Which of the following lists is the BEST combination of security
controls to implement?

A.
Disable SSID broadcast, require full disk encryption on servers, laptop, and personally owned electronic
devices, enable MAC filtering on WAPs, require photographic ID to enter the building.

B.
Enable port security; divide the network into segments for servers, laptops, public and remote users;
apply ACLs to all network equipment; enable MAC filtering on WAPs; and require two-factor
authentication for network access.

C.
Divide the network into segments for servers, laptops, public and remote users; require the use of one
time pads for network key exchange and access; enable MAC filtering ACLs on all servers.

D.
Enable SSID broadcast on a honeynet; install monitoring software on all corporate equipment’ install
CCTVs to deter social engineering; enable SE Linux in permissive mode.