Which of the following countermeasures should the security administrator apply to MOST effectively mitigate Bootkit-level infections of the organization’s workstation devices?
A. Remove local administrator privileges.
B. Configure a BIOS-level password on the device.
C. Install a secondary virus protection application.
D. Enforce a system state recovery after each device reboot.