Apple - Is it possible to disable auto mount of external devices?
You should be able to use Disk Arbitrator to do most of what you want. Certainly requirement 1 is met and you should be able to achieve most of 2 with it too.
As far as I know, such attacks rely on the auto-run feature, not the auto-mount feature, meaning that even manually mounting a disk will trigger the auto-run program.
However, OS X doesn't support auto-run at all, so even if a volume auto-mounts and it does have a trojan on it, the trojan will not start automatically.