A new intern was assigned to the system engineering department, which consists of the system
architect and system software developer’s teams. These two teams have separate privileges. The
intern requires privileges to view the system architectural drawings and comment on some
software development projects. Which of the following methods should the system administrator
implement?

A system security analyst using an enterprise monitoring tool notices an unknown internal host
exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate
mitigation technique?

One of the system administrators at a company is assigned to maintain a secure computer lab.
The administrator has rights to configure machines, install software, and perform user account
maintenance. However, the administrator cannot add new computers to the domain, because that
requires authorization from the Information Assurance Officer. This is an example of which of the
following?

Which of the following common access control models is commonly used on systems to ensure a
“need to know” based on classification levels?

A company’s security administrator wants to manage PKI for internal systems to help reduce
costs. Which of the following is the FIRST step the security administrator should take?

Public keys are used for which of the following?

Public keys are used for which of the following?

Which of the following is a requirement when implementing PKI if data loss is unacceptable?

Which of the following is a requirement when implementing PKI if data loss is unacceptable?

Which of the following is true about PKI? (Select TWO).