A corporate fileshare holds files for multiple departments. Individual users in each department create reports that are meant to be read by the rest of the company. Recently, a user ran a malicious executable that encrypted all of the documents on the fileshare. The software asked for money to be transferred via cryptocurrency in order to decrypt the files; however, the files were not decrypted after the company paid the ransom. Which of the following would MOST likely minimize the damage to a fileshare in this type of situation? 

Answer options:

A. Enable System Restore on the file server and make frequent restore points.
B. Disable full disk encryption on the file server.
C. Install a next-generation firewall at the network edge.
D. Use a host-based intrusion detection system and continuously monitor filesystem changes.
E. Use granular file permissions on the share and follow the principle of least privilege.

D