CompTIA Security+ (SY0-701) — Question 563

A program manager wants to ensure contract employees can only access the company's computers Monday through Friday from 9 a m. to 5 p.m. Which of the following would best enforce this access control?

Answer options

• A. Creating a GPO for all contract employees and setting time-of-day log-in restrictions
• B. Creating a discretionary access policy and setting rule-based access for contract employees
• C. Implementing an OAuth server and then setting least privilege for contract employees
• D. Implementing SAML with federation to the contract employees’ authentication server

Correct answer: A

Explanation

The correct answer is A because creating a Group Policy Object (GPO) allows for specific time-of-day log-in restrictions, effectively controlling access as required. Options B, C, and D do not specifically address time-based access controls, making them unsuitable for this particular requirement.