Domain 1 Flashcards
NETSTAT
Question 11: Correct
You are troubleshooting an issue with a Windows desktop and need to display the machine’s active TCP connections. Which of the following commands should you use?
a. netstat
b. ping
c. net use
d. ipconfig
Explanation
OBJ-1.4: The netstat command is used to display active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols) on a Windows machine. This is a useful command when determining if any malware has been installed on the system and maybe maintaining a remote connection with a command and control server. The ipconfig tool displays all current TCP/IP network configuration values on a given system. The ping command is used to test a host’s reachability on an Internet Protocol network. The net use command is used to connect to, remove, and configure connections to shared resources such as mapped drives and network printers.
ROBOCOPY VS. XCOPY
Your boss has asked you to write a script that will copy all of the files from one hard drive to another each evening. This script should mirror the directories from one drive to the other and ensure they are synchronized each evening. Which command-line tool should you use in your script?
a. copy
b. robocopy
c. cp
d. xcopy
Explanation
OBJ-1.4: The robocopy tool is used to mirror or synchronize directories and their contents. Robocopy will check the destination directory and remove files no longer in the main tree. It also checks the files in the destination directory against the files to be copied and doesn’t waste time copying unchanged files. The xcopy tool, on the other hand, copies all of the files from one directory to another. To meet your boss’s requirements to synchronize the two hard drive’s contents, you must use robocopy since it will also remove files from the second drive that were removed from the first drive, too. The copy command is used to copy one or more files from one location to another. The copy command cannot copy files that are 0 bytes long or for copying all of a directory’s files and subdirectories. The cp command is used in Linux to copy one or more files and directories from one location to another.
1.5 RegEdit/MMC/RDS/MSConfig definitions
Your company wants to ensure that users cannot access USB mass storage devices. You have conducted some research online and found that if you modify the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor key, it will prevent USB storage devices from being used. Which of the following tools should you use to modify this key?
Explanation
OBJ-1.5: The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn’t be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit. MSConfig is a system utility to troubleshoot the Microsoft Windows startup processes MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters. Remote desktop services (RDS) is used to connect to a remote desktop session host servers or other remote computers, edit an existing remote desktop connection (.rdp) configuration file, and migrate legacy connection files that were created with the client connection manager to the newer .rdp connection file type. The Microsoft management console (MMC) is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer.
