In the context of cybersecurity, what does the concept of 'Threat Scope Reduction' primarily involve?
Minimizing the number of potential threats to an information system by limiting the attack surface and properly segmenting the network.
Encrypting all data in transit and at rest to ensure confidentiality and integrity.
Responding to security incidents after they occur by developing a comprehensive incident response plan.
Utilizing a security model that trusts all internal systems and requires strict verification for external entities only.