Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Dion CompTIA A+ Core 2 > Test 1 > Flashcards

Test 1 Flashcards

1
Q

Which of the following policies or plans would describe the access requirements for connecting a user’s laptop to the corporate network?

-Password Policy
-Onboarding Policy
-Remote Access Policy
-Bring your own Device Policy

A

Bring your own device policy

Explanation
OBJ-2.7: A bring your own device (BYOD) policy allows, and sometimes encourages, employees to access enterprise networks and systems using personal mobile devices such as smartphones, tablets, and laptops. A remote access policy is a document that outlines and defines acceptable methods of remotely connecting to the internal network. A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords. An onboarding policy is a documented policy that describes all the requirements for integrating a new employee into the company and its cultures, as well as getting that new hire all the tools and information they need to begin their job successfully.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following types of attacks occurs when an attacker specifically targets the CEO, CFO, CIO, and other board members during their attack?

-Phishing
-Whaling
-Vishing
-Spear Fishing

A

Whaling

Explanation
OBJ-2.4: Whaling is an email-based or web-based form of phishing that targets senior executives or wealthy individuals. Spear phishing is the fraudulent practice of sending emails from a seemingly known or trusted sender to induce targeted individuals to reveal confidential information. A spear phishing attack is focused on a targeted set of people, not just an indiscriminate large group of random people. Phishing is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim. Vishing is a social-engineering attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services (VoIP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which command-line tool is used on a Windows system to erase all the data on a hard disk and ensure it is ready to accept new Windows files?

  • format/fs:NTFS
  • chkdsk/f
  • sfc/now
  • diskpart list disk
A

format/fs:NTFS

Explanation
OBJ-1.2: The format command creates a new root directory and file system for the disk. It can check for bad areas on the disk, and it can delete all data on the disk. To use a new disk, you must first use the format command to format the disk. The chkdsk command is used to check the file system and file system metadata of a volume for logical and physical errors. If used without parameters, chkdsk displays only the status of the volume and does not fix any errors. If used with the /f, /r, /x, or /b parameters, it fixes errors on the volume. The diskpart command is a command-line disk-partitioning utility available for Windows that is used to view, create, delete, and modify a computer’s disk partitions. The system file checker (SFC) command is a utility in Windows that allows users to scan for and restore corrupted Windows system files from the command line.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following types of wireless encryption uses a 40-bit encryption key with an RC4 encryption cipher?

-WEP
-WPA
-WPA2
-Open

A

WEP

Explanation
OBJ-2.2: The Wired Equivalent Privacy (WEP) encryption system is based on the RC4 encryption cipher. WEP uses a 40-bit encryption key and a 24-bit initialization vector by default, creating a 64-bit key. Newer versions of WEP support a 128-bit key size. A larger encryption key creates stronger encryption and is more difficult to attack. WEP is considered weak by today’s standards and should be replaced by WPA2 or strong encryption schemes. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. An open network does not use an encryption key or preshared key to protect the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Your company wants to ensure that users cannot access USB mass storage devices. You have conducted some research online and found that if you modify the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor key, it will prevent USB storage devices from being used. Which of the following tools should you use to modify this key?

-RDS
-MMC
-RegEdit
-MSConfig

A

RegEdit

Explanation
OBJ-1.3: The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn’t be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit. MSConfig is a system utility to troubleshoot the Microsoft Windows startup processes MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters. Remote desktop services (RDS) is used to connect to a remote desktop session host servers or other remote computers, edit an existing remote desktop connection (.rdp) configuration file, and migrate legacy connection files that were created with the client connection manager to the newer .rdp connection file type. The Microsoft management console (MMC) is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which RAID solution will provide the BEST speed and redundancy for a backup and disaster recovery server?

-RAID 0
-RAID 1
-RAD 10
-RAID 5

A

RAID 10

Explanation
OBJ-4.3: RAID 10 provides the system with both speed and efficiency. With RAID 10, the system has a mirror of striped disks for full redundancy and double fault tolerance. RAID 10 configuration (also known as RAID 1+0) requires a minimum of four disks and mirrors data across a striped disk pair. This is not only the best option presented in this question but also the most expensive option. A RAID 0 provides disk striping (speed/performance) but not mirroring with a minimum of two disks. A RAID 1 provides mirroring (redundancy) but not disk striping with a minimum of two disks. A RAID 5 provides block-level striping with distributed parity to provide redundancy using a minimum of three disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A user is having an issue with a specific application on their Android device. The user works for DionTraining, and every employee has the exact same model of smartphone issued by the company. Whenever the user attempts to launch the application, the app fails and generates an error message. Which of the following should the technician attempt FIRST to solve this issue?

-Update the operating system of the two smartphones
-Clear the local application cache
-Reinstall the malfunctioning application
-rollback the application to the previous version

A

Clear the local application

Explanation
OBJ-3.4: To solve an issue with a mobile application, you should normally attempt the following steps. First, clear the application cache since this locally stored information can become glitchy and cause an app to crash. If you have two of the same smartphones having the same issue, it is unlikely to be the application cache causing the issue. In this case, the technician would then attempt to update the OS of the smartphones. Updating the operating system can minimize compatibility issues and fix crashing applications. Third, you can try reinstalling the application if the other two options don’t work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A home user brought their Windows 10 laptop to the electronics store where you work because they suspect it has a malware infection. You are in the process of remediating the infected system. Which of the following actions should you be performing?

-Remove, quarantine, or erase the infected files
-Enable System Restore and perform a backup
-Disable the laptop’s wired and wireless network cards
-Review the type, symptoms, purpose, and removal of the malware

A

Remove, quarantine, or erase the infected files

Explanation
OBJ-3.3: Based on the question, you are now in step four of the malware removal process: Remediate the infected system. If a file is infected with a virus, you can (hopefully) use antivirus software to try to remove the infection (cleaning), quarantine the file (the antivirus software blocks any attempt to open it), or erase the file. You might also choose to ignore a reported threat if it is a false positive. You could also configure the action that software should attempt when it discovers malware as part of a scan. Reviewing the information concerning the malware is step one of the process. Disabling the laptop’s network cards is step two of the process. Enabling system restore is step six of the process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the minimum amount of storage space required to install Windows 10 (x64) on a device?

-20GB
-64GB
-16GB
-32GB

A

32GB

Explanation
OBJ-1.7: For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 32 GB of hard drive space. For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 32 GB of hard drive space. For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

During the reconnaissance phase of a penetration test, you have determined that your client’s employees all use Android smartphones that connect back to the corporate network over a secure VPN connection. Which of the following methods would MOST likely be the best method for exploiting these?

-Use a tool like ICSSPLOIT to target specific vulnerabilities
-Identify a jailbroken device for easy exploitation
-Use web-based exploits against the devices web interfaces
-Use social engineering to trick the user into opening a malicious APK

A

-Use social engineering to trick the user into opening a malicious APK

Explanation
OBJ-3.5: When targeting mobile devices, you must first determine if the company uses iPhones or Android-based devices. If they are using Android-based devices, you can use social engineering to trick a user into installing a malicious APK. As a penetration tester, you can create a malicious APK using msfvenom in the Metasploit framework. The user can install it directly from your website instead of the Google Play store.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following tools in Windows 10 allows a technician to add different utilities, such as disk management, computer management, performance monitor, print management, and others to create a modular and customized tool kit for the technician to utilize?

-RDS
-PerfMon
-UAC
-MMC

A

MMC

Explanation
OBJ-1.3: The Microsoft management console (MMC) is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer. Remote desktop services (RDS) is used to connect to a remote desktop session host servers or other remote computers, edit an existing remote desktop connection (.rdp) configuration file, and migrate legacy connection files that were created with the client connection manager to the newer .rdp connection file type. User account control (UAC) is used to prevent malware from damaging a PC by blocking the automatic installation of unauthorized apps and preventing inadvertent changes to system settings. PerfMon is a performance monitoring and system monitoring utility in Windows that is used to monitor the activities on CPU and memory activity on a computer. Performance monitor is used for viewing performance data either in real-time or from a log file. The performance monitor can only monitor the resource utilization, but it cannot manage or terminate those processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You are configuring a SOHO network for a small coffee shop. They have found that certain customers will buy a single coffee cup and then sit at the coffee shop all day to use the WiFi. The owner has asked you to block this customer’s laptop from connecting by placing it on a blocklist. Which of the following configurations would you use to blocklist this customer’s device based on its unique hardware identifier?

-Port filtering
-Enforce a WPA2 password
-Port Forwarding
-MAC filtering

A

MAC filtering

Explanation
OBJ-2.9: MAC filtering is the application of an access control list to a switch or access point so that only clients with approved MAC addresses connect. Port forwarding allows a router to take requests from the Internet for a particular application and send them to a designated host on the LAN. An allow list is a form of protection where only the items identified specifically on the list are allowed, whereas all others are denied. For example, if you create an access control list that relies on an allow list, it would block every IP address that is not found in the allow list. A blocklist contains every address or port that is blocked from accessing the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Elizabeth was replacing a client’s security device that protects their screened subnet. The client has an application that allows external users to access the application remotely. After replacing the devices, the external users cannot connect remotely to the application anymore. Which of the following devices was MOST likely misconfigured and is now causing a problem?

-DHCP
-Firewall
-DNS
-Content filter

A

Firewall

Explanation
OBJ-2.9: A firewall is an integral part of creating a screened subnet. If configured correctly, it can regulate exactly what traffic and users are allowed to access the server. This is different from a content filter because a content filter denies traffic to a user based on content, but not access to a server. If the firewall ruleset was not configured to allow external users to access the application remotely, the default condition is to “deny by default”. Content filtering is the use of a program to screen and/or exclude access to web pages or emails deemed objectionable. The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A cybersecurity analyst from BigCorp contacts your company to notify them that several of your computers were seen attempting to create a denial of service condition against their servers. They believe your company has become infected with malware, and those machines were part of a larger botnet. Which of the following BEST describes your company’s infected computers?

-Bugs
-Zombies
-Zero-day
-Monsters

A

Zombie

Explanation
OBJ-2.4: A zombie is a computer connected to the internet that has been compromised by a hacker, computer virus, or trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread email spam and launch denial-of-service attacks (DoS attacks). A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence the term zero-day. A software bug is an error, flaw, or fault in an application. This error causes the application to produce an unintended or unexpected result, such as crashing or producing invalid results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You are renting space in another company’s data center. To protect your server from being physically accessed when you are not in the building, what device should you use?

-Server lock
-Smart card
-USB lock
-Entry control roster

A

Server lock

Explanation
OBJ-2.1: A server lock is a physical locking mechanism installed on a server cabinet to prevent unauthorized from accessing the servers. The server lock could be a cipher lock, biometric lock, or a simple keyed lock depending on the level of security needed. USB lock prevents unauthorized data transfer through USB ports, reducing the risk of data leakage, data theft, computer viruses, and malware by physically locking and blocking the USB Ports. A smart card, chip card, PIV card, or integrated circuit card is a physical, electronic authorization device used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit chip. In high-security environments, employee badges may contain a smart card embedded chip that must be inserted into a smart card reader to log in or access information on the system. An entry control roster is an administrative control used to log each person who enters or leaves a secure room.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which command-line tool is used on a Windows system to move upward in a directory within the system’s directory structure?

  • cd.
  • cd..
  • ls
  • dir
A

cd..

OBJ-1.2: The cd command is used to change the directory. If used with the “cd ..” option, it will move up one directory in the file system’s directory structure. If used with the “cd .” option, it will remain in the current directory. The cd command can be used to move directly to another directory or path if entered as “cd (some other directory or path)” into the command line. The dir command is used to list a directory’s files and subdirectories. The ls command is used on a Linux system to list a directory’s files and subdirectories. The ls command only works on a Windows system when you are using PowerShell, not the command line.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The server administrators have asked you to open the default port on the firewall for a new DNS server. Which of the following ports should you set to ALLOW in the ACL?

-3389
-53
-67
-110

A

53

OBJ-2.9: Port 53 is used for DNS. The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. Port 67 is used for DHCP. The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. Port 110 is used for POP3. Post Office Protocol version 3 (POP3) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Port 3389 is used for RDP. Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Dion Training is concerned with the possibility of employees accessing another user’s workstation in secured areas without their permission. Which of the following would BEST be able to prevent this from happening?

  • Require a username and password for user logins
  • Install security cameras in secure areas to monitor logins
  • Require biometric identification for user logins
  • Enforce a policy that requires passwords to be changed every 30 days
A

Require biometric identification for user logins

Explanation
OBJ-2.1: The BEST choice is to implement biometric identification for user logins, such as a fingerprint reader or a retina scanner. This would ensure that even if an employee could discover another employee’s username and password, they would be prevented from logging into the workstation without the employee’s finger or eye to scan. Enforcing short password retention can limit the possible damage when a password is disclosed, but it won’t prevent a login during the valid period. Security cameras may act as a deterrent or detective control, but they cannot prevent an employee from logging into the workstation as another employee. Security cameras could be used to determine who logged in after the fact, though.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Windows file servers commonly hold sensitive files, databases, passwords, and more. What common vulnerability is usually used against a Windows file server to expose sensitive files, databases, and passwords?

-Missing patches
-CRLF injection
-SQL injection
-Cross-site scripting

A

Missing patches

Explanation
OBJ-2.4: Missing patches are the most common vulnerability found on both Windows and Linux systems. When a security patch is released, attackers begin to reverse engineer the security patch to exploit the vulnerability. If your servers are not patched against the vulnerability, they can become victims of the exploit, and the server’s data can become compromised. Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. Cross-site scripting focuses on exploiting a user’s workstation, not a server. CRLF injection is a software application coding vulnerability that occurs when an attacker injects a CRLF character sequence where it is not expected. SQL injection is the placement of malicious code in SQL statements via web page input. SQL is commonly used against databases, but they are not useful when attacking file servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following backup rotation schemes requires at least one monthly full backup to be stored safely off-site?

-FIFO Backup
-Grandfather-father-son
-Tower of Hanoi
-3-2-1 Backup

A

3-2-1 Backup

Explanation
OBJ-4.3: The 3-2-1 backup rule states that an organization should create (3) one primary backup and two copies of the data, (2) save the backups to two different types of media, and (1) keep at least one backup copy off-site.

The grandfather-father-son (GFS) backup rotation scheme is widely used to combine full and incremental backups to reduce backup time and enhance storage security. Most often, the GFS is paired with the 3-2-1 rule to create a backup system with the best of both techniques. For example, the grandfather can be a full backup that is stored off-site once per month, the father is a full backup that is conducted weekly, and the son is an incremental or differential backup conducted each day. For example, each Monday a full backup can be conducted which becomes the father. Then, each day of the week a son is created by performing an incremental or differential backup. Once per month, a full backup is conducted to become the grandfather and could be moved off-site.

The Tower of Hanoi is a backup rotation scheme that rotates backup media sets throughout the backup process to minimize wear and failure of tape backup media. For example, when using this method with four backup tapes labeled A, B, C, and D, a total of 16 days of backups can be maintained with just 4 tapes. Tape A is used every odd-numbered day for 16 days. Tape B is used on days 2, 6, 10, and 14. Tape C is used on days 4 and 12. Tape D is used on days 8 and 16. This allows Tape A to be overwritten every other day, while Tape B is overwritten every four days and Tapes C and D are overwritten every 8 days.

The First In First Out (FIFO) backup scheme uses a set number of tapes and overwrites the oldest tape with the newest information. For example, if there are 7 tapes in use, every evening a new backup is conducted over the previous week’s daily backup. To have a longer amount of days of backups, a technician simply needs to increase the number of tapes from 7 to 14 or 21.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following macOS features is used to backup and restore files to an external hard disk?

-Remote disc
-Time Machine
-Snapshot
-Boot Camp

A

Time Machine

Explanation
OBJ-1.10: Time Machine is the built-in backup feature of the macOS operating system. The Time Machine utility enables data to be backed up to an external drive. By default, Time Machine keeps hourly backups for the past 24 hours, daily backups for a month, and weekly backups for all previous months. When the drive used to store backups becomes full, Time Machine removes older backups to free up space. Time Machine automatically backs up all of the system’s files, including apps, music, photos, email, documents, and system files. Once a user has a valid backup in Time Machine, they can restore files from the backup if the original files are ever corrupted or deleted on their Mac or if the hard disk (or SSD) is erased or replaced. Remote disc is a feature in macOS that enables a user to access a CD/DVD on another Mac or Windows computer. This was created because Apple’s Mac computers have not been sold with an internal optical drive since 2016. Boot Camp is used to allow dual booting on a Macintosh computer. It allows the user to boot into either macOS (OS X) or Windows as the computer is rebooted. Boot Camp is only supported on Intel-based macOS systems, though. A snapshot is used to backup virtual machines by creating a state of the disk at a particular point in time. Snapshots allow a technician to roll back any changes made to a VM during a session if needed.

22
Q

A macOS user is browsing the internet in Google Chrome when they see a notification that says, “Windows Enterprise Defender: Your computer is infected with a virus, please click here to remove it!” What type of threat is this user experiencing?

-Worm
-Rogue anti-virus
-Pharming
-Phishing

A

Rogue anti-virus

Explanation
OBJ-3.2: Rogue anti-virus is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and to pay money for a fake malware removal tool (that actually introduces malware to the computer). It is a form of scareware that manipulates users through fear and a form of ransomware. Since the alert is being displayed on a macOS system but appears to be meant for a Windows system, it is obviously a scam or fake alert and most likely a rogue anti-virus attempting to infect the system. Phishing is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim. Phishing attacks target an indiscriminate large group of random people. A worm is a standalone malware computer program that replicates itself to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. A worm can spread on its own, whereas a virus needs a host program or user interaction to propagate itself. Pharming is a type of social engineering attack that redirects a request for a website, typically an e-commerce site, to a similar-looking, but fake, website. The attacker uses DNS spoofing to redirect the user to the fake site.

23
Q

Which version of Windows 10 does NOT support joining a domain or using Group Policy management?

-Education
-Pro
-Home
-Enterprise

A

Home

Explanation
OBJ-1.1: Windows 10 supports domains and Group Policy management in every version except the Home edition. If you are using the Pro, Education, and Enterprise edition, you can join a domain and use Group Policy management. Group Policy (GP) is a Windows management feature that allows you to control multiple users’ and computers’ configurations within an Active Directory environment. This feature helps network admins in large Windows environments to save time by not having to go through every computer to set a new configuration.

24
Q

Which of the following file types are commonly used by network administrators to perform repetitive tasks using a Microsoft proprietary programming language?

  • .py
  • .vbs
  • .js
  • .sh
A

.vbs

Explanation
OBJ-4.8: VBScript is a scripting language based on Microsoft’s Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files. Python is a general-purpose programming language that can develop many different kinds of applications. It is designed to be easy to read, and the programs use fewer lines of code compared to other programming languages. The code runs in an interpreter. Python is preinstalled on many Linux distributions and can be installed on Windows. Python scripts are saved using the .py extension. JavaScript is a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. JavaScript is stored in a .js file or as part of an HTML file.

25
Q

Which of the following types of backups generates the recovered files from a complete copy of a file created at some point in time and one or more partial backups created at later times to merge them into the recovered data?

  • Incremental
  • Differential
  • Full
  • Synthetic
A

Synthetic

Explanation
OBJ-4.3: Synthetic backup is the process of generating a file from a complete copy of a file created at some past time and one or more incremental copies created at later times. The expression synthetic in this context refers to the fact that the assembled file is not a direct copy of any single current or previously created file. Instead, a synthetic file is merged or synthesized by a specialized application program from the original file and one or more modifications to it. A full backup creates a copy of all the selected data regardless of when it was previously backed up. It takes the most time to complete a backup but is the fastest when conducting a restoral of all the data on a hard drive. A differential backup only creates a copy of the selected data that has been modified since the last full backup. It is a good compromise in speed between a full backup (which takes the longest to backup and the least to restore) and an incremental backup (which takes the least to backup and the longest to restore). An incremental backup only creates a copy of new files and files modified since the last full, incremental, or differential backup. Therefore, it takes the least amount of time to complete a backup. Unfortunately, it also takes the most time to restore since you have to first restore the full backup, then any differential and incremental backups until all your data is restored.

26
Q

Which of the following backup rotation schemes uses a three-tiered approach to ensure at least one monthly full backup is conducted?

-Tower of Hanoi
-FIFO Backup
- 3-2-1backup
- Grandfather-father-son

A

Grandfather-father-son

Explanation
OBJ-4.3: The grandfather-father-son (GFS) backup rotation scheme is widely used to combine full and incremental backups to reduce backup time and enhance storage security. The grandfather is a full backup that is stored off-site once per month. The father is a weekly full backup that is conducted. The son is an incremental or differential backup conducted each day. For example, each Monday a full backup can be conducted which becomes the father. Then, each day of the week a son is created by performing an incremental or differential backup. Once per month, a full backup is conducted to become the grandfather. The 3-2-1 backup rule states that an organization should create (3) one primary backup and two copies of the data, (2) save the backups to two different types of media, and (1) keep at least one backup copy off-site. The Tower of Hanoi is a backup rotation scheme that rotates backup media sets throughout the backup process to minimize wear and failure of tape backup media. For example, when using this method with four backup tapes labeled A, B, C, and D, a total of 16 days of backups can be maintained with just 4 tapes. Tape A is used every odd-numbered day for 16 days. Tape B is used on days 2, 6, 10, and 14. Tape C is used on days 4 and 12. Tape D is used on days 8 and 16. This allows Tape A to be overwritten every other day, while Tapes B is overwritten every four days and Tapes C and D are overwritten every 8 days. The First In First Out (FIFO) backup scheme uses a set number of tapes and overwrites the oldest tape with the newest information. For example, if there are 7 tapes in use, every evening a new backup is conducted over the previous week’s daily backup. To have a longer amount of days of backups, a technician simply needs to increase the number of tapes from 7 to 14 or 21.

27
Q

You are a member of a project team contracted to install twenty new wireless access points (WAPs) for a college campus. Your team has already determined the locations for the new WAPs and notated them in the physical and logical network diagrams. Your team is still finalizing the change request documents for the installation. The project cannot move forward with the installation until the change request is finalized and approved. Which of the following is the MOST important thing to add to the scope of work and change request before its approval?

-End-user acceptance
-Risk analysis
-Plan for change
-Rollback plan

A

Rollback plan

Explanation
OBJ-4.2: This is a difficult question because all of these items should be included in a Request for Change (RFC), but the most important is a proper backout plan. A rollback plan is an IT governance integration approach that specifies the processes required to restore a system to its original or earlier state in the event of failed or aborted implementation. Every change should be accompanied by a rollback plan so that the change can be reversed if it has harmful or unforeseen consequences. Changes should also be scheduled sensitively if they are likely to cause system downtime or other negative impacts on the workflow of the business units that depend on the IT system being modified. Most organizations have a scheduled maintenance window period for authorized downtime. By following this guidance, the team can back out and restore service on the legacy/previous system if something goes wrong with the installation. End-user acceptance is the process of verifying a change was successfully implemented and turned over to the end-user for future operation. A plan for change is the documented method for installing or modifying the asset as documented in the change request. While this is important, the most important thing is still a backout plan since many changes are routine changes that do not require a detailed plan of change. A risk analysis determines the severity level of a change and is used to help the change approval board (CAB) make an informed approval decision.

28
Q

Which Linux command is used to print the full contents of a file to the screen at once?

  • grep
  • ls
  • dig
  • cat
A

cat

Explanation
OBJ-1.11: The cat (short for “concatenate“) command is one of the most frequently used commands in Linux/Unix. The cat command allows the creation of single or multiple files, view file contents, concatenate files, and redirect output in the terminal to a file. The grep is a command-line utility for searching plain-text data sets for lines that match a regular expression. The grep command works on Unix, Linux, and macOS operating systems. Grep is an acronym that stands for Global Regular Expression Print. The dig command is used to query the domain name system (DNS) to obtain information about host addresses, mail exchanges, nameservers, and related information. The ls command lists the files or directories in the current path of a Unix, Linux, or Mac operating system. When invoked without any arguments, ls lists the files in the current working directory.

29
Q

A computer was recently infected with a piece of malware. Without any user intervention, the malware is now spreading throughout the corporate network and infecting other computers that it finds. Which type of malware MOST likely infected these computers?

-Trojan
-Worm
-Virus
-Ransomware

A

Worm

Explanation
OBJ-2.3: A worm is a standalone malware computer program that replicates itself to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. A worm can spread on its own, whereas a virus needs a host program or user interaction to propagate itself. A virus is malicious software designed to infect computer files or disks when it is activated. A virus may be programmed to carry out other malicious actions, such as deleting files or changing system settings. A trojan is a type of malware that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network. The most common form of a trojan is a Remote Access Trojan (RAT), which allows an attacker to control a workstation or steal information remotely. To operate, a trojan will create numerous processes that run in the background of the system. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Once infected, a system or its files are encrypted, and then the decryption key is withheld from the victim unless payment is received.

30
Q

What type of structure is “For Next” in scripting?

-Variable
-Constant
-Branch
-Loop

A

Loop

Explanation
OBJ-4.8: A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For, For Next, While, or Do While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9. A branch is used to control the flow within a computer program or script, usually based on some logic condition. Often, these are implemented with IF THEN ELSE statements. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself.

31
Q

A network administrator needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall?

-22
-25
-161
-21

A

22

Explanation
OBJ-4.9: To securely upload a file, the employees could use SFTP (Secure FTP) or SCP (Secure Copy). Both SFTP and SCP operate over port 22, therefore port 22 must be opened by the firewall so that the employees can reach the file servers. Port 21 is used by the File Transfer Protocol, but it is not a secure method of sending files. There is a more secure version of FTP known as FTPS, but that uses port 990. Port 25 is reserved for the simple mail transfer protocol (SMTP), which is an internet standard communication protocol for electronic mail transmission. Port 161 is reserved for simple network management protocol (SNMP), which is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks.

32
Q

You are troubleshooting a user’s laptop that is unable to print a document. You have verified the printer is working and properly connected to the workstation by USB. Which log in Windows 10 would you review to determine if the print spooler service is causing this issue?

-Security log
-System log
-Setup
-Application log

A

System log

Explanation
OBJ-3.1: The event viewer shows a log of application and system messages, including errors, information messages, and warnings. It’s a useful tool for troubleshooting all kinds of different Windows problems. The system log contains information about service load failures, hardware conflicts, driver load failures, and more. The file (system.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer. The security log contains information regarding audit data and security on a system. For example, the security log contains a list of every successful and failed login attempt. The file (security.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer. The application log contains information regarding application errors. The file (application.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer. The setup log contains a record of the events generated during the Windows installation or upgrade process. The file (setup.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer.

33
Q

Which version of Windows supports Virtual Desktops?

-Windows 10
-Windows 7
-Windows 8.1
-Windows 8

A

Windows 10

Explanation
OBJ-1.1: Windows 10 added support for Virtual Desktops like those long seen on Linux and Mac OS X. These allow users without multi-monitor setups to create multiple virtual desktops that are handy for splitting usage between work and leisure work into projects, or whatever you require. Older versions of Windows, such as Windows 7, Windows 8, and Windows 8.1 do not support Virtual Desktops and are currently considered end-of-life operating systems.

34
Q

While investigating a data breach, you discover that the account credentials used belonged to an employee who was fired several months ago for misusing company IT systems. The IT department never deactivated the employee’s account upon their termination. Which of the following categories would this breach be classified as?

-Insider Threat
-Advanced persistent threat
-known threat
-Zero-day

A

Insider Threat

Explanation
OBJ-2.4: An insider threat is any current or former employee, contractor, or business partner who has or had authorized access to an organization’s network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization’s information or information systems. Based on the details provided in the question, it appears the employee’s legitimate credentials were used to conduct the breach. This would be classified as an insider threat. A zero-day is a vulnerability in software unpatched by the developer or an attack that exploits such a vulnerability. A known threat is a threat that can be identified using a basic signature or pattern matching. An advanced persistent threat (APT) is an attacker with the ability to obtain, maintain, and diversify access to network systems using exploits and malware.

35
Q

You are trying to copy a 4.7 GB file from your Windows laptop to an external hard drive using USB 3. The external hard drive is formatted with FAT32. Every time you attempt this copy, you receive an error. What is MOST likely the issue?

-The laptop must be reformatted as FAT32 to support this transfer
-The external hard drive must be formatted as APFS to support this transfer
-Files over 4 GB cannot be stored on a FAT32 Formatted drive
-USB 3 is too slow to transfer a file this large

A

Files over 4gb cannot be stored on a FAT 32 formatted drive

Explanation
OBJ-1.8: Since this file is 4.7 GB in size, it cannot be stored as a single file on the FAT32 hard drive. The file allocation table 32-bit (FAT32) is the 32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB. The Apple file system (APFS) is the default file system for Mac computers using macOS 10.13 or later and features strong encryption, space sharing, snapshots, fast directory sizing, and improved file system fundamentals.

36
Q

Which of the tools should a technician NOT use with a solid-state device on a workstation?

-Disk defragmenter
-Disk cleanup
-Performance monitor
-Device manager

A

Disk defragmenter

Explanation
OBJ-1.3: The disk defragmenter utility is used to rearrange fragmented data so that disks and drives can operate more efficiently. Disk defragmenter runs on a schedule, but can also analyze and defragment disks and drives manually. Disk defragmentation should not be run on a solid-state device. Solid-state devices have a limited number of rewrites available before the drive will fail and using a defragmentation tool will use those rewrites without any benefit in performance. Solid-state devices have a 0.1ms seek time, so there is no need to defragment a solid-state device. The disk cleanup utility is used to free up disk space on the hard drive or solid-state drive by searching and analyzing the storage device for files that are no longer needed and removing them. PerfMon is a performance monitoring and system monitoring utility in Windows that is used to monitor the activities on CPU and memory activity on a computer. Performance monitor is used for viewing performance data either in real-time or from a log file. The performance monitor can only monitor the resource utilization, but it cannot manage or terminate those processes. Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.

37
Q

You are partitioning a 1 TB hard drive on a new workstation. The hard disk has been partitioned into four different partitions with 100 GB, 150 GB, 250 GB, and 500 GB. How many different file system types could you support on this 1 TB hard drive?

-4
-2
-3
-1

A

4

OBJ-1.9: Partitioning is the act of dividing a physical disk into logically separate storage areas, often referred to as drives. Each partition can be formatted with any file system type. Since there are 4 distinct partitions on this single hard drive, it can support up to 4 different file systems.

38
Q

A coworker is creating a file containing a script. You look over their shoulder and see “#!/bin/bash” as the first line in the file. Based on this, what type of file extension should this script use?

  • .bat
  • .sh
  • .py
  • .vbs
A

.sh

Explanation
OBJ-4.8: A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files. Python is a general-purpose programming language that can develop many different kinds of applications. It is designed to be easy to read, and the programs use fewer lines of code compared to other programming languages. The code runs in an interpreter. Python is preinstalled on many Linux distributions and can be installed on Windows. Python scripts are saved using the .py extension. VBScript is a scripting language based on Microsoft’s Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Batch scripts run on the Windows operating system and, in their simplest form, contain a list of several commands that are executed in a sequence. A .bat file is used for a batch script. You can run the file by calling its name from the command line or double-clicking the file in File Explorer. Generally, batch file scripts run from end to end and are limited in branching and user input.

39
Q

Question 69: Incorrect
An administrator arrives at work and is told that network users are unable to access the shared drive on a Windows server. The administrator logs into the server and sees that some Windows Updates were automatically installed last night successfully, but now the network connection shows “limited” with no availability. What rollback action should the technician perform?

-Sever’s IP address
-Antivirus updates
-Server’s NIC drivers
-Web browser

A

Server’s NIC drivers

Explanation
OBJ-3.1: When automatically receiving updates through the Windows Update service, your server can receive driver updates for its network interface card (NIC), graphics cards, and other peripherals. This can accidentally install an incompatible driver that causes network connectivity issues to occur. A best practice is to always set driver updates to “manual” so that you can download and test them in a lab before upgrading your production servers. If your drivers were updated and this is causing the connectivity issue, you can perform a driver rollback to the last known working version of the drivers. An IP address is bound to a network interface card using DHCP and there is no such thing as a “rollback” for a server’s IP address. The error of “limited” connectivity is associated with the network interface card and the network connection, not the antivirus or the web browser.

40
Q

Jason is working in Microsoft Word, but the application appears to have become frozen and unresponsive. Which of the following features in the Task Manager should he use to terminate the unresponsive program?

-Startup
-Services
-Performace
-Processes

A

Processes

Explanation
OBJ-1.3: The task manager is an advanced Windows tool that has 7 tabs that are used to monitor the Processes, Performance, App History, Startup, Users, Details, and Services on a computer. The Processes tab in the task manager is helpful to quickly see how system resources are utilized, help troubleshoot applications, or find out why the computer is performing slowly. The task manager can identify and stop processes that use excessive system resources and keep the computer operating at higher speeds. By clicking the Startup tab, the technician can see every program configured to start up when Windows is booted up. This can be used to disable unwanted programs from launching during the boot-up process. By clicking the Processes tab, the technician can manage and terminate running apps and services. By clicking the Services tab, the technician can list all of the services installed on the computer, display their status, and start/stop/restart those services.

41
Q

Which of the following types of attacks are usually used as part of an on-path attack?

-Tailgating
-Brute force
-DDOS
-Spoofing

A

Spoofing

42
Q

Jason has an old 2017 Dell Laptop that he uses to connect to his office network while traveling. The computer is slow and is running Windows 7. The laptop’s screen was recently cracked and needs replacement. Jason brings the laptop to the computer store you work at and asks for your assistance. Which of the following do you recommend?

-Purchase a new laptop as the cost to repair might be more than a new laptop
-Sell him an external 15” tablet/monitor to connect to the laptop as a workaround
-Replace the display and charge him for the parts/installation
-Replace the display and contact the manufacturer for reimbursement

A

Purchase a new laptop as the cost to repair might be more than a new laptop

Explanation
OBJ-4.7: In this scenario, you should recommend that he purchase a new laptop. Since the laptop is 5-7 years old, it is unlikely to be worth the cost of repair since he could buy a new laptop for $200 to $500. This new laptop would be faster, more secure, and last longer than repairing this old laptop. As a technician, you should weigh the benefits and drawbacks of a particular repair and provide a good recommendation to your customer.

43
Q

Which of the following data types would be used to store the user’s middle initial?

-String
-Integers
-Character
-Boolean

A

Character

Explanation
OBJ-4.8: A character stores a single character, such as J, D, or Z. A character data type usually consumes one byte (8 bits) of storage. A string stores a group of characters, such as Hello, PYTHON, or JasonDion. A string data type usually consumes as much storage as necessary. Each character in the string usually requires 1 byte of storage. A boolean stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one). An integer stores a whole number, such as 21, 143, or 1024. An integer data type usually consumes 8 bytes of storage.

44
Q

Dion Training uses DHCP to assign private Class C IP addresses to its Windows 10 workstations. Which of the following IP addresses is a Class C address?

-192.168.3.5
-169.254.1.52
-10.1.2.3
-172.18.21.252

A

192.168.3.5

Explanation
OBJ-1.6: Private IP addresses are any addresses in a specified range that are not allowed to be routed over the Internet. This allows companies to use these private IP addresses in their local area networks without having to purchase them from an internet registry. The class A private IP address range contains the addresses from 10.0.0.0 to 10.255.255.255.255. The class B private IP address range contains the addresses from 172.16.0.0 to 172.31.255.255. The class C private IP address range contains the addresses from 192.168.0.0 to 192.168.255.255. The APIPA/link-local autoconfiguration range is from 169.254.0.0 to 169.254.255.255.

45
Q

Which of the following should you use to remove any usernames and passwords that you no longer wish to store in Windows 10?

-Keychain
-Credential manager
-Internet options
-Device manager

A

Credential manager

Explanation
OBJ-1.4: Credential Manager lets you view and delete your saved credentials for signing in to websites, connected applications, and networks. To open Credential Manager, type credential manager in the search box on the taskbar and select the Credential Manager Control panel. You can remove any credentials that you no longer want to store. Removing a credential may also resolve an authentication or service problem. You can view the plaintext of a web credential but not of a Windows credential. The Internet Options section of the Control Panel allows a technician to manage the Internet settings for their computers, including the security settings, access settings, and add-on control settings. Using Internet Options, a technician can set the homepage of the browser, set up the proxy server connection details, and change the trust and security settings used by the system. The Device Manager is used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it. Keychain is a ​​macOS app for managing passwords cached by the OS and supported browser/web applications.

46
Q

Which of the following file system formatting types should be used with older recordable optical discs?

-UDF
-FAT32
-CDFS
-NTFS

A

CDFS

Explanation
OBJ-1.8: The CD File System (CDFS or ISO 9660) is a legacy file system used for CD optical disc media (CD-ROM and CD-R). CDFS supports two main data writing modes: mode 1 has better error correction, whereas mode 2 allows more data to be written to the disc. Joliet is an extension to CDFS that enables long filename support and Unicode characters in file names. The universal disk format (UDF or ISO 13346) is an updated file system for optical media supporting multisession writing. It is the standard used by Windows, referred to as the Live File System, for CD and DVD recordable and rewritable discs. There are several different versions of UDF, with 2.01 being the default in Windows. Blu-ray reading and writing requires version 2.5 and third-party software. The NT file system (NTFS) is a Windows file system that supports a 64-bit address space and can provide extra features such as file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas. NTFS can support a maximum volume size of up to 8 PB. The file allocation table 32-bit (FAT32) is the 32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.

47
Q

You have submitted an RFC to install a security patch on all of your company’s Windows 2019 servers during the weekly maintenance window. Which of the following change request documents would describe why the change will be installed during this maintenance window?

-Plan
-Scope
-Risk analysis
-Purpose

A

Purpose

Explanation
OBJ-4.2: The purpose of the change defines why the change or installation will occur. The change request documentation should define the 5 W’s (who, what, when, where, why, and how) to define the why behind the change. For example, the purpose might be “to remediate several category one vulnerabilities so that our security is improved.” The change’s scope defines the area, number, size, or scale of a particular change. The change request documentation should define the exact scope of the change. In this example, only some of the Windows 2019 servers will receive the patch. If 50% of them are listed by their asset tracking number will receive the patch, this would clearly define this change’s scope. The plan of the change defines how the change or installation will occur. The change request documentation should define the 5 W’s (who, what, when, where, why, and how), with the plan documentation covering how the change is implemented. For example, the plan might say that the installation will be performed manually or through an automated patching process. It may also dictate that all servers will receive the update simultaneously or that five servers will receive it first, then another ten, then the remaining twenty. The risk analysis portion of the change request documentation provides the risk levels of carrying out the change, or not performing the requested change at this time. Risk is the likelihood and impact (or consequence) of a given action. It is important to understand the risk involved with a change before deciding to proceed with implementing the change.

48
Q

Which of the following must be enabled to allow a video game console or VoIP handset to configure your firewall automatically by opening the IP addresses and ports needed for the device to function?

-DHCP
-NAT
-MDM
-UPnP

A

UPnP

Explanation
OBJ-2.9: Universal plug-and-play (UPnP) is a protocol framework allowing network devices to autoconfigure services, such as allowing a games console to request appropriate settings from a firewall. UPnP is associated with several security vulnerabilities and is best disabled if not required. You should ensure that the router does not accept UPnP configuration requests from the external (internet) interface. If using UPnP, keep up-to-date with any security advisories or firmware updates from the router manufacturer. A mobile device management (MDM) software suite is used to manage smartphones and tablets within an enterprise. The dynamic host control protocol (DHCP) is a protocol used to allocate IP addresses to a host when it joins a network. DHCP utilizes UDP ports 67 and 68. Network address translation (NAT) is a network service provided by the router or proxy server to map private local addresses to one or more publicly accessible IP addresses. NAT can use static mappings but is commonly implemented as network port address translation (PAT) or NAT overloading, where a few public IP addresses are mapped to multiple LAN hosts using port allocations.

49
Q

A company has had several virus infections over the past few months. The root cause was determined to be known vulnerabilities in the software applications in use by the company. What should an administrator implement to prevent future outbreaks?

-Host-based intrusion detection systems
-Incident response team
-Acceptable use policies
-Patch management

A

Patch management

Explanation
OBJ-1.11: Since the viruses exploited known vulnerabilities, there should be patches available from the manufacturer/vendor. Patch management is the process of distributing and applying updates to the software to prevent vulnerabilities from being exploited by an attacker or malware. Proper patch management is a technical control that would prevent future outbreaks. An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. While some items in the AUP might help prevent a malware infection (such as not allowing users to download and run programs from the internet), it is considered an administrative control, and choosing a technical control like patch management would better protect the network. An incident response team or emergency response team is a group of people who prepare for and respond to any emergency incident, such as a natural disaster or an interruption of business operations. An incident response team will respond to the virus infections, but they would not prevent them from occurring. Host-based intrusion detection systems (HIDS) help organizations to identify threats inside the network perimeter by monitoring host devices for malicious activity that, if left undetected, could lead to serious breaches. A HIDS may detect the effects of a virus infection, such as a client becoming a zombie in a botnet, but it will not prevent these outbreaks from occurring.

50
Q

Which of the following authentication protocols was developed by Cisco to provide authentication, authorization, and accounting services?

-CHAP
-Kerberos
-TACACS+
-Radius

A

TACACS+

Explanation
OBJ-2.2: TACACS+ is an extension to TACACS (Terminal Access Controller Access Control System) and was developed as a proprietary protocol by Cisco. The Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that operates on port 1812 and provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service, but Cisco did not develop it. Kerberos is a network authentication protocol designed to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT. Challenge-Handshake Authentication Protocol (CHAP) is used to authenticate a user or network host to an authenticating entity. CHAP is an authentication protocol but does not provide authorization or accounting services.

Dion CompTIA A+ Core 2 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions