What should a security administrator implement to prevent unauthorized program installations by users with administrative access?

Application whitelisting is the correct method for preventing unauthorized program installations by users with administrative access. This approach involves creating a list of approved applications that are authorized to run on a system. Only the programs that are explicitly included in this list can be executed. This means that even if a user has administrative rights, they will not be able to install or run any software that has not been pre-approved and entered into the whitelist.

This technique is particularly effective in environments where security needs to be tightly controlled, as it minimizes the risk posed by malicious software or unauthorized applications, which can lead to security breaches or system vulnerabilities. By enforcing that only whitelisted applications can be installed or executed, the security administrator significantly reduces the attack surface available to potential threats.

While application code signing can validate the authenticity and integrity of applications, it does not inherently prevent installation. Data loss prevention focuses on protecting sensitive data rather than controlling software installations, and web application firewalls are designed to protect web applications from various attack vectors but do not restrict the installation of software on a system.