Free CompTIA Security+ SY0-601 Practice Question

Your company has given you the responsibility to implement an appropriate access control scheme. The company wants to control access and permissions for employees based on job function. Which of the following should you use?