Kathleen wants to implement a zero-trust network design and knows that she should segment the network. She remains worried about east/west traffic inside the network segments. What is the first security tool she should implement to ensure hosts remain secure from network threats?

Host-based firewalls are typically the initial line of defense in protecting against network-based threats. They are capable of preventing unwanted traffic from entering or exiting the host, thereby reducing the volume of traffic that other tools, such as a host-based intrusion prevention system (HIPS), need to analyze. It's worth noting that full-disk encryption (FDE) is not an effective solution for countering network-based threats. Additionally, antivirus software is primarily used to prevent malware infections and may not be effective against network threats like denial of service attacks or exploitation of vulnerable services.