A security engineer has found that an industrial control system used in one of his company's manufacturing plants has a vulnerability that could halt production in the entire plant if exploited. The ICS doesn't need to be accessible from the Internet-it should only be accessed from the control room located within the same building. Which of the following could be implemented as the most effective way to prevent this systern from being discovered and exploited?
O Next-generation firewall
O Proxy server
O Air gapping
O Secure admin workstation