A small government agency would like to reduce the risk of exposing sensitive data via unauthorized access. As part of this initiative, they would like to improve existing authentication methods. Which of the following would best support this objective? A.Training employees on the basics of computer security B.Implementing a new IT infrastructure C.Implementing data-at-rest encryption D.Implementing password complexity controls