Which Master Policy settings must be active for an account to be checked out by a user for a specific time?

For a user to check out an account for a specific time, the settings that must be active include enforcing check-in/check-out exclusive access along with enforcing one-time password access. This is because the check-in/check-out mechanism is designed to ensure that only one user can access or control the credentials of an account at any given time. This exclusivity is important for maintaining security and reducing the risk of unauthorized access.

By enforcing the check-in/check-out exclusive access, the system ensures that once a user checks out an account, all other users are restricted from accessing that account until it has been checked back in. This helps to safeguard sensitive information and manage access efficiently.

Additionally, enforcing one-time password access adds an extra layer of security by requiring the user to authenticate themselves with a one-time password each time they check out an account. This mitigates the risk of credential theft and ensures that only authorized users can check out the account.

In combination, these settings create a secure environment where account management is tightly controlled, thus making them essential for the check-out process.