Policies and Procedures in IT Infrastructure

The purpose of a clear desk policy is primarily to reduce the risk of unauthorized access or visual hacking. By keeping workspaces tidy, sensitive information is less likely to be seen or accessed by unauthorized individuals.

Data encryption at rest refers to protecting stored data by converting it into unreadable formats. This ensures that even if unauthorized access occurs, the data remains secure and inaccessible without the proper decryption key.

Scanning a fingerprint to unlock a device is an example of authentication, as it verifies the identity of a user. The other options involve data management or security but do not confirm user identity.

HTTPS (HyperText Transfer Protocol Secure) ensures secure data transmission over the internet by encrypting the data exchanged between the user and the server, unlike HTTP, FTP, and SMTP which do not provide this level of security.

An authenticator app generates time-based one-time passwords (TOTPs) for multi-factor authentication (MFA), enhancing security by requiring a second form of verification beyond just a password.

The primary goal of confidentiality in the CIA Triad is to restrict access to authorized users, ensuring that sensitive information is protected from unauthorized access.

Hashing algorithms help maintain data integrity by generating a unique hash value for data. If the data changes, the hash value will also change, indicating potential tampering. This makes hashing essential for verifying data integrity.