Your company has a Microsoft 365 E5 subscription and is planning to deploy 45 mobile self-service kiosks that will run Windows 10. As part of the deployment strategy, it is crucial to provide recommendations to secure these kiosks. The security solution must fulfill the following criteria:

1. Ensure that only authorized applications can run on the kiosks.
2. Regularly harden the kiosks against new threats.

Considering these requirements, which two actions should be included in the recommendations? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.