Consider the following scenario. A team within your organization has brought in a WiFi access point and connected it to mobile phone to share its Internet connection with the team, bypassing

all controls your security personnel have put in place for devices attached to your network. The team insists that this connection is business critical and can't shut it down without a workable alternative. They've asked you to come in and help them figure out how to conduct their business tasks while maintaining compliance to cybersecurity policies. Identify what controls you would recommend that implement the principles of defense in depth while permitting the work the team needs to complete. Classify those recommended controls according to their objective (prevent, deter, correct, etc.). Justify these choices with reference to the risks they're intended to mitigate.