A company needs a cloud-based, managed desktop solution for its workforce of remote employees.The company wants to ensure that the employees can access the desktops only by using company-provided devices.A security engineer must design a solution that will minimize cost and management overhead.
Which solution will meet these requirements?
Deploy a custom virtual desktop infrastructure (VDI) solution with a restriction policy to allow access only from corporate devices.
Deploy a fleet of Amazon EC2 instances. Assign an instance to each employee with certificate-based device authentication that uses Windows Active Directory.
Deploy Amazon WorkSpaces. Set up a trusted device policy with IP blocking on the authentication gateway by using AWS Identity and Access Management (IAM).
Deploy Amazon WorkSpaces. Create client certificates, and deploy them to trusted devices. Enable restricted access at the directory level.