An organization's security architects determined that all authentication and authorization requests need to be validated before any employee can access corporate resources. Because of this, the organization needs to implement a system that stores and manages the employees' credential information and then validates any requests sent. Which system would allow the organization to meet the architects' requirements?

A Hardware Security Module (HSM) is primarily used for secure key management and cryptographic operations, such as encrypting data or signing transactions. While it provides a secure environment for managing cryptographic keys, it does not handle user authentication or authorization processes directly, making it unsuitable for the requirement of validating employee access requests.

Zero Trust is a security model that advocates for strict verification of all users and devices, regardless of their location relative to the network perimeter. Although it emphasizes continuous validation, it does not provide a specific system for credential storage or management; rather, it outlines a broad approach to security that requires additional systems like an IdP for practical implementation.

A Bastion Host is a server designed to withstand attacks and serve as a gateway to a more secure network. While it is important for network security, it does not manage or validate user credentials for authentication and authorization purposes. Its primary function is to facilitate access control, rather than to serve as a credential management system.