CompTIA Security+ (SY0-601) — Question 157
The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO's concerns? (Choose two.)
Answer options
- A. Geolocation
- B. Time-of-day restrictions
- C. Certificates
- D. Tokens
- E. Geotagging
- F. Role-based access controls
Correct answer: A, B
Explanation
Geolocation can help track the physical location of employees to ensure they are not working from high-risk areas, while time-of-day restrictions can prevent work from being done outside of standard business hours, thereby reducing the risk of abuse. The other options, such as Certificates, Tokens, and Role-based access controls, do not directly address the specific concerns of location and timing that the CEO has.