During a quarterly review of user accounts and activity, a security analyst noticed that after a password reset the head of human resources has been logging in from multiple locations, including several overseas. Further review of the account showed access rights to a number of corporate applications, including a sensitive accounting application used for employee bonuses. Which of the following security methods could be used to mitigate this risk?
A. RADIUS identity management
B. Context-based authentication
C. Privilege escalation restrictions
D. Elimination of self-service password resets