The correct answer is A. Remove account administrative rights , because unauthorized software installation is most commonly possible when users have local administrator privileges . In Windows environments, installing most applications requires elevated permissions. If users are members of the local Administrators group, they can bypass many built-in security controls and install software without IT approval.
According to the Quentin Docter – CompTIA A+ Complete Study Guide , the principle of least privilege is fundamental to endpoint security. Users should only be granted the minimum permissions necessary to perform their job functions. Removing administrative rights prevents users from installing unapproved applications and significantly reduces malware risk.
The Travis Everett & Andrew Hutz – All-in-One Exam Guide explains that while technologies like firewalls, SmartScreen, and Endpoint Detection and Response (EDR) provide important layers of protection, they do not directly stop users from installing software if they already have administrative access. EDR detects and responds to threats, but it does not prevent intentional installation by privileged users.
The Mike Meyers / Mark Soper Lab Manual reinforces that controlling user permissions is the most effective preventive control against unauthorized changes to a system. Removing admin rights stops the root cause rather than reacting after installation occurs.
Therefore, to prevent future unauthorized software installations, removing account administrative rights is the most direct and effective solution, making A the correct answer.
