A company's network is experiencing high levels of suspicious network traffic. The security team finds that the traffic is coming from an unknown, foreign IP address. Which of the following is the most cost-efficient way to mitigate this threat?

An Intrusion Detection System (IDS) monitors network traffic for suspicious activity but does not actively prevent it. While useful for identifying threats, implementing an IDS can be costly and may not provide immediate mitigation against the current threat posed by the foreign IP address.

Network Address Translation (NAT) is primarily used for mapping private IP addresses to a public IP address and is not designed for traffic filtering based on IP reputation. While it helps in hiding internal IP addresses, it does not mitigate threats from suspicious traffic directly and does not provide a cost-effective solution for addressing the immediate concern.

Denial of Service (DoS) prevention methods focus on mitigating attacks aimed at overwhelming the network, rather than blocking specific suspicious traffic. While essential for network security, these solutions can be complex and costly, making them less suitable for addressing the specific issue of unauthorized access from a foreign IP.