A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements: ✑ Only users with corporate-owned devices can directly access servers hosted by the cloud provider. ✑ The company can control what SaaS applications each individual user can access. ✑ User browser activity can be monitored. Which of the following solutions would BEST meet these requirements? 

Answer options:

A. IAM gateway, MDM, and reverse proxy
B. VPN, CASB, and secure web gateway
C. SSL tunnel, DLP, and host-based firewall
D. API gateway, UEM, and forward proxy

B