An organization is implementing a new hybrid cloud deployment. Before granting access to any of the resources, the security team wants to ensure that all employees are checked against a database to see if any risk is posed to the organization by hiring them. Which type of security control is the organization leveraging for its employees?

Authentication verifies the identity of a user attempting to access resources, typically through credentials like usernames and passwords. While essential for securing systems, it does not assess the background or trustworthiness of employees prior to their employment, making it an ineffective measure for pre-hire risk assessment.

A WAF is a security measure designed to protect web applications by filtering and monitoring HTTP traffic. Although it plays a crucial role in safeguarding applications from web-based attacks, it does not pertain to evaluating employee backgrounds or assessing hiring risks, thus making it unrelated to the scenario presented.

Authorization determines what resources an authenticated user can access and what actions they can perform. While important for controlling access levels based on user roles, it does not involve pre-employment checks or risk assessments of individuals, which is the focus of the security team's intention in this scenario.