Assignment task: A company suspects that some corporate accounts were compromised. The number of suspicious logins from locations not recognized by the users is increasing Employees who travel need their accounts protected without the nsk of blocking legitimate login requests that may be made over new sign-in properties. Which of the following security controls can be implemented?
A. Enforce MFA when an account request reaches a nsk threshold
B. Implement geofencing to only allow access from headquarters
C. Enforce time-based login requests that align with business hours
D. Shift the access control scheme to a discretionary access control