A company suspects that some corporate accounts were compromised. The number of suspicious logins from
locations not recognized by the users is increasing. Employees who travel need their accounts protected
without the risk of blocking legitimate login requests that may be made over new sign-in properties. Which of
the following security controls can be implemented?
A. Enforce MFA when an account request reaches a risk threshold.
B. Implement geofencing to only allow access from headquarters.
C. Enforce time-based login requests that align with business hours.
D. Shift the access control scheme to a discretionary access control.
locations not recognized by the users is increasing. Employees who travel need their accounts protected
without the risk of blocking legitimate login requests that may be made over new sign-in properties. Which of
the following security controls can be implemented?
A. Enforce MFA when an account request reaches a risk threshold.
B. Implement geofencing to only allow access from headquarters.
C. Enforce time-based login requests that align with business hours.
D. Shift the access control scheme to a discretionary access control.