CompTIA Security+ (SY0-701) — Question 497

A security engineer at a large company needs to enhance IAM in order to ensure that employees can only access corporate systems during their shifts. Which of the following access controls should the security engineer implement?

Answer options

• A. Role-based
• B. Time-of-day restrictions
• C. Least privilege
• D. Biometric authentication

Correct answer: B

Explanation

The correct answer is B, Time-of-day restrictions, because it specifically allows access based on the time frame of an employee's shift. Role-based access, least privilege, and biometric authentication do not directly address the requirement of limiting access based on specific times.