Yes, I'd expect so.
On my end, I have the following rules:
Pool 1: ((user.userId like "*"))
Pool 1: ((user.userId like "*" and user.name like "*"))
When simulating users, the users use tokens from Pool 1.
So something like Usergroup = Login access AND Dashboard != Employee seems like a valid strategy (may need to experiment with user.dashboard.Empty() potentially).
Hope that helps.