You're the security administrator for a small consulting firm whose network has been the victim of a ransomware attack. The firm decided to pay the ransom to regain their data, but you've been tasked with investigating the attack so that the vulnerabilities can be patched to hopefully prevent scenarios like this one in the future.

During your investigation, you discover that the hacker gained initial access to the network through a user account. From there, they were able to gain access to a domain service account. From this account, the hacker ran some custom scripts that exploited vulnerabilities in the network, which gave them access to a domain administrator account. With this privileged account, the attacker was able to execute their ransomware attack.

You've decided to implement a zero$-$trust policy to help prevent this type of attack from occurring in the future.

Which of the following security measures should you implement for the identities across the network?

answer

Device health enforcement

Multi$-$factor authentication

Abnormal behavior monitoring

End$-$to$-$end encryption