A server was compromised recently, and two unauthorized daemons were set up to listen for incoming connections. In addition, CPU cycles were being used by an additional unauthorized cron job. Which of the following would have prevented the breach if it was properly configured?

A. Set up log forwarding and utilize a SIEM for centralized management and alerting

B. Use a patch management system to close the vulnerabilities in a shorter time frame

C. Implement a NIDS / NIPS

D. Deploy SELInux using the system baseline as the starting point

E. Configure the host firewall to block unauthorized inbound connections