When considering the security implications within a network design, what is the BEST method for reducing the risk of lateral movement if a host is compromised in a datacenter environment?
Deploying a Network Intrusion Prevention System (NIPS) at the datacenter perimeter
Using Network Address Translation (NAT) between network segments
Implementing VLANs for each department
Applying network segmentation with strict Access Control Lists (ACLs)