A corporation employs external auditors who require access to the company's server infrastructure for a limited duration. The security policy enforces minimum necessary privileges and mandates that access credentials should expire immediately after the auditing task is completed. Which of the following practices should be implemented to comply with the security policy?
Allocating time-restricted access tokens for server access
Issuing a set of shared credentials that the audit team can use
Creating permanent accounts with privileged access for each auditor
Generating non-expiring API keys for auditors to use during their review