Sifers$-$Grayson's ability to perform forensics investigations is limited due to a lack of knowledge $($no trained personnel$),$ lack of forensic analysis tools, and a limited number of log files on the servers and firewall. Sifers$-$Grayson's managers have decided to begin correcting this situation by implementing forensic readiness procedures for host monitoring. The first priority will be securing the hosts in the Headquarters Building. Which of the following responses is the most effective way to secure those hosts?

Monitor the integrity of critical files by creating a database of cryptographic checksums of critical files that will help in checking the integrity of files after an incident.

Use the operating system's inbuilt backup and recovery utilities or any commercial tool to perform regular backups of critical data.

Implement best practices including installing all patches, hot fixes and updates, disabling unnecessary services and ports, and installing antivirus systems.

Increase the number of $log$ files and enable event and security audit logging to capture security events such as login attempts, changes to security configurations, registry edits, system startups and shutdowns, and elevated privileges.