Which of the following should a company implement to BEST mitigate from zero-day malicious code executing
on employees’ computers?

A.
Least privilege accounts

B.
Host-based firewalls

C.
Intrusion Detection Systems

D.
Application white listing

Explanation:
Application whitelisting is a security stance that prohibits unauthorized software from being able to execute
unless it is on the preapproved exception list: the whitelist. This prevents any and all software, including
malware, from executing unless it is on the whitelist. This can help block zero-day attacks, which are new
attacks that exploit flaws or vulnerabilities in targeted systems and applications that are unknown or
undisclosed to the world in general.