Joe the system administrator has noticed an increase in network activity from outside sources. He wishes to
direct traffic to avoid possible penetration while heavily monitoring the traffic with little to no impact on the
current server load. Which of the following would be BEST course of action?
Apply an additional firewall ruleset on the user PCs.
Configure several servers into a honeynet
Implement an IDS to protect against intrusion
Enable DNS logging to capture abnormal traffic