An organization notices a large amount of malware and virus incidents at one satellite office, but hardly any at another. All users at both sites are running the same company image and receive the same group policies. Which of the following has MOST likely been implemented at the site with the fewest security issues?
A. Consent to monitoring
B. Business continuity measures
C. Vulnerability scanning
D. End-user awareness training