A small, local company experienced a ransomware attack. The company has one web-facing server and a few workstations. Everything is behind an ISP firewall. A single web-facing server is set up on the router to forward all ports so that the server is viewable from the internet. The company uses an older version of third-party software to manage the website. The assets were never patched. Which of the following should be done to prevent an attack like this from happening again? (Select THREE).

A. Install DLP software to prevent data loss.

B. Use the latest version of software.

C. Install a SIEM device.

D. Implement MDM.

E Implement a screened subnet for the web server.

F Install an endpoint security solution.

G Update the website certificate and revoke the existing ones.

H. Deploy additional network sensors.