A company has recently implemented a wireless network for their guests to provide internet access without compromising internal resources. Which of the following configurations ensures that guests cannot access the company's private internal network resources while connected to the guest network?
Implement separate VLANs for the guest network and the internal network
Modify firewall rules to include an explicit deny rule for guest IPs to internal resources
Configure Quality of Service (QoS) profiles to keep guest network traffic at a lower priority
Enforce a complex Wi-Fi Protected Setup (WPS) PIN for the guest network