A small company has a network with 37 workstations, 3 printers, a 48 port switch, an enterprise class router, and a firewall at the boundary to the ISP. The workstations have the latest patches and all have up-to-date anti-virus software. User authentication is a two-factor system with fingerprint scanners and passwords. Sensitive data on each workstation is encrypted. The network is configured to use IPv4 and is a standard Ethernet network. The network also has a captive portal based wireless hot-spot to accommodate visitors.
Which of the following is a problem with the security posture of this company?
A . No effective controls in place
B . No transport security controls are implemented
C . Insufficient user authentication controls are implemented
D . IPv6 is not incorporated in the network