Answer:
a. Install a web application firewall.
Explanation:
In this scenario, an organization is building a new customer services team, and the manager needs to keep the team focused on customer issues and minimize distractions. The users (employees) are provided with a specific set of tools (software applications) installed, which they must use to perform their duties. However, other tools (software applications) are not permitted for compliance and tracking purposes of employees who flouted the rules made by the management. Also, team members are able to access the internet for purposes such as, product lookups and to research customer issues.
In order to keep the team focused on customer issues and minimize distractions, the security engineer should install a web application firewall.
A web application firewall is an application firewall that can be used for monitoring, filtering, blocking or denial of bidirectional packets (http traffics); to and from websites or web applications.
When a web application firewall is properly implemented and configured by the security engineer, it inspects all http traffics and provides adequate protection against cookie poisoning, security misconfigurations, SQL injection, broken authentication, cross-site scripting (XSS), file inclusion, sensitive data leaks, buffer overflow etc.
Basically, the web application firewall primarily prevents an application layer (layer 7 of the OSI model) attacks.
Hence, to fulfil the manager's requirements, the security engineer should install a web application firewall which basically works as a reverse proxy protecting the web server from vulnerabilities or potential attacks.
