An IT administrator is configuring the firewall for a company's internal network to prevent access to known malicious websites while allowing employees unrestricted access to legitimate business-related sites. The company has a dynamic list of URLs and IP addresses identified as sources of malware and phishing attacks. Which firewall configuration approach should the administrator employ to best protect the network from these threats?
A. Implement a block list/deny list firewall rule to explicitly block traffic to and from the identified malicious URLs and IP addresses.
B. Set up an allow list firewall rule that only permits traffic to a pre-approved list of business-related websites and blocks all other internet traffic.
C. Configure the firewall to redirect all web traffic through a proxy server that performs real-time content filtering and threat analysis.
D. Enable deep packet inspection on the firewall to automatically detect and block traffic to any website not using HTTPS.