The best solution is to use a non-persistent virtual desktop infrastructure (VDI) with thin clients (B). Thin clients are inexpensive, easy to replace, and resilient in harsh environments where traditional endpoints may be damaged. With non-persistent VDI, employee desktops are virtualized and reset to a clean state after logout, reducing risks from turnover, malware persistence, or user misconfiguration. Centralized management ensures consistent patching and security updates while minimizing downtime, since damaged thin clients can be swapped quickly with minimal disruption.

Option A (environmental controls) may reduce equipment damage but does not address turnover or regulatory retention requirements. Option C (redundant servers and journaling) improves data integrity but does not solve endpoint-related risks or staffing issues. Option D (maintaining spare endpoints) mitigates hardware failures but still relies on managing and configuring full systems, which is inefficient for high-turnover environments.

CAS-005 emphasizes virtualization and centralization strategies in environments where operational resilience, rapid recovery, and compliance are critical. Non-persistent VDI with thin clients provides the most comprehensive solution here.