A small IT security form has an internal network composed of laptops, servers, and printers. The
network has both wired and wireless segments and supports VPN access from remote sites. To
protect the network from internal and external threats, including social engineering attacks, the
company decides to implement stringent security controls. Which of the following lists is the BEST
combination of security controls to implement?

A.
Disable SSID broadcast, require full disk encryption on servers, laptop, and personally owned
electronic devices, enable MAC filtering on WAPs, require photographic ID to enter the building.

B.
Enable port security; divide the network into segments for servers, laptops, public and remote
users; apply ACLs to all network equipment; enable MAC filtering on WAPs; and require two-factor
authentication for network access.

C.
Divide the network into segments for servers, laptops, public and remote users; require the use
of one time pads for network key exchange and access; enable MAC filtering ACLs on all servers.

D.
Enable SSID broadcast on a honeynet; install monitoring software on all corporate equipment’
install CCTVs to deter social engineering; enable SE Linux in permissive mode.