220-1002 Flashcards

Question

Shows a list of services within each process

Answer 1

tasklist /svc /svc Lists all the service information for each process without truncation. Valid when the /fo parameter is set to table.

Answer 2

SSH (Secure Shell) SSH -\> 22H = SSH/Port 22

Answer 3

apt-get update

Answer 4

GPT (GUID Partition Table)

Answer 5

Drive Wiping

Answer 6

LocalSystem account {SYSTEM has unrestricted access, SERVICES does not} - One of the 3 Service User Accounts. \*NetworkService \*LocalService (Both have minimum privileges) -Operated by Service Control Manager

Answer 7

bootsect - Boot sector restoration tool Bootsect.exe updates the master boot code for hard disk partitions in order to switch between BOOTMGR and NTLDR (the boot loader for all Win NT systems). You can use this tool to restore the boot sector on your computer.

Answer 8

bootrec /rebuildbcd Common Usage: Failure to boot/invalid boot disk No OS found

Answer 9

Swap Partition

Answer 10

Time Machine

Answer 11

UPnP (Universal Plug and Play) Universal Plug and Play (UPnP) is a protocol framework allowing network devices to auto configure services such as allowing a game console to request appropriate settings from a firewall. Windows automatically detects new or changed hardware, finds drivers, and installs and configures the device. Minimal user input includes installing vendor drivers. Microsoft has a repository of generic drivers for many common devices, Mice, keyboards, webcams, etc. It will automatically install the closest match to the device detected, although this is not the same as the drivers from the device vendor, their drivers may include extra functionality especially for high-end devices and graphics cards, like programmable soft keys on a keyboard, or extra scroll settings on a mouse.

Answer 12

Low-level format

Answer 13

dir /p - Directory - /P \*Pauses after each screenful of information.

Answer 14

df and du The "disk free" command is a fantastic command-line tool that gives you a quick 30,000-foot view of your filesystem and all mounted disks. It tells you the total disk size, space used, space available, usage percentage, and what partition the disk is mounted on. I recommend pairing it with the -h flag to make the data human-readable. The "disk usage" command is excellent when applied in the correct context. This command is at its best when you need to see the size of a given directory or subdirectory. It runs at the object level and only reports on the specified stats at the time of execution. I like to pair this command with the -sh flags to give a human-readable summary of a specified object (the directory and all subdirectories). =============================================================================== In Windows, you can right click a drive/folder/file and select properties to find free space and usage

Answer 15

crontab –l

Answer 16

full backup

Answer 17

zero-day exploit

Answer 18

Credential Manager

Answer 19

HFS Plus (Extended Hierarchical File System) \*Replaced by APFS (Apple Filing System)

Answer 20

ifconfig/iwconfig - ifconfig (ip a) -Display network info (legacy, newer distros use ip a ) - May need to be installed - iwconfig -Display wireless adapter configurations/info.

Answer 21

sfc /scanboot -System File Checker

Answer 22

Useradd, Usermod, Userdel

Answer 23

dir \*.\* - dir = Directory - \*.\* = Show any file name with any extension.

Answer 24

netstat /? Or netstat /help

Answer 25

Computer Management Control Panel / Administrative Tools • mmc.exe

Answer 26

shutdown -h 17:30

Answer 27

CDFS (compact disc file system)

Answer 28

Security Group There are two forms of common security principals in Active Directory: user accounts and computer accounts. These accounts represent a physical entity (a person or a computer). Security groups are used to collect user accounts, computer accounts, and other groups into manageable units. Groups are used to collect user accounts, computer accounts, and other groups into manageable units. Working with groups instead of with individual users helps simplify network maintenance and administration. There are two types of groups in Active Directory: Distribution groups: Used to create email distribution lists. Security groups: Used to assign permissions to shared resources. Security groups can provide an efficient way to assign access to resources on your network. By using security groups, you can: - Assign user rights to security groups in Active Directory. - Assign permissions to security groups for resources.

Answer 29

dd AKA Duplicate Data (dd)

Answer 30

ps * View the current processes * And the process ID (PID) * Similar to the Windows Task Manager * View user processes * ps * View all processes * ps -e | more

Answer 31

PHI (Protected Health Information) • Health information associated with an individual • Health status, health care records, payments for health care, and much more • Data between providers • Must maintain similar security requirements • HIPAA regulations • Health Insurance Portability and Accountability Act of 1996

Answer 32

rm -r • Remove files or directories • Deletes the files • Does not remove directories by default • Directories must be empty to be removed or must be removed with –r (removes contents recursively)

Answer 33

Script File A text document containing OS commands or instructions from a scripting language. Scripting Language: A programming language that is not compiled, and must be run within a particular environment. You may need command interpreter to execute the scrips. You can open scripts in text editors or IDEs - IDEs are designed to support scripting - Autocomplete - Debugging tools Scripting Languages Types of Instruction Sets: - Compiled Programs (CPU performs instructions) \*C++ - Scripts (OS or command interpreter performs instructions) File extensions differ for each scripting language: - Windows batch file: .bat - PowerShell script: .ps1 - Linux shell script: .sh - VBScript file: .vbs - JavaScript file: .js - Python script: .py Scripts often used for smaller, repetitive tasks.

Answer 34

nslookup -Option Host Server * Lookup information from DNS servers * Canonical names, IP addresses, cache timers, etc. * Lookup names and IP addresses * Many different options

Answer 35

OU (Organizational Unit)

Answer 36

5 7 Read, Write, and Execute r w x 6 Read and Write r w - 5 Read and Execute r - x - 4 Read only r - - 3 Write and Execute - w x 2 Write only - w - - 1 Execute only - - x 0 none - - - \*\*REMEMBER 421 4 = R-- (Read) 2 = -W- (Write) 1 = --X (eXecute) The rest is just BASIC math.

Answer 37

bootrec Recovery Console: bootrec /rebuildbcd - bootrec /fixmbr - bootrec /fixboot

Answer 38

net user dmartin /active:no

Answer 39

Users folder. The Users folder is located in the Local Users and Groups folder in the local Computer Management (MMC). SAM (Security Accounts Manager)

Answer 40

control panel -\> system -\> remote desktop Settings -\> System -\> Remote Desktop CMD: C:\WINDOWS\System32\control.exe system -\> Remote Desktop

Answer 41

Transmit Power

Answer 42

ext (Extended File System)

Answer 43

sfc /scanboot

Answer 44

Start, restart ,stop and pause services.

Answer 45

trace logs

Answer 46

ICM (Information Content Management)

Answer 47

symmetric encryption

Answer 48

Event Viewer

Answer 49

WSUS -Windows Server Update Service WSUS, previously known as Software Update Services, is a computer program and network service that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment.

Answer 50

Event Viewer - (accessed through computer management, administrative tools, or eventvwr.msc)

Answer 51

This command line tool displays the Resultant Set of Policy (RSoP) information for a target user and computer. ================================================================== Displays the RSoP for a computer and user account /S system Specifies the remote system to connect to. /U [domain\]user Specifies the user context under which the command should run. Can not be used with /X, /H. /P [password] Specifies the password for the given user context. Prompts for input if omitted. Cannot be used with /X, /H. /SCOPE scope Specifies whether the user or the computer settings need to be displayed. Valid values: "USER", "COMPUTER". /USER [domain\]user Specifies the user name for which the RSoP data is to be displayed. /X Saves the report in XML format at the location and with the file name specified by the parameter. (valid in Windows Vista SP1 and later and Windows Server 2008 and later) /H Saves the report in HTML format at the location and with the file name specified by the parameter. (valid in Windows at least Vista SP1 and at least Windows Server 2008) /F Forces Gpresult to overwrite the file name specified in the /X or /H command. /R Displays RSoP summary data. /V Specifies that verbose information should be displayed. Verbose information provides additional detailed settings that have been applied with a precedence of 1. /Z Specifies that the super-verbose information should be displayed. Super- verbose information provides additional detailed settings that have been applied with a precedence of 1 and higher. This allows you to see if a setting was set in multiple places. See the Group Policy online help topic for more information.

Answer 52

Performance Monitor - (can be accessed through administrative tools, Computer Management or perfmon.exe command line)

Answer 53

ARP poisoning - Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets.

Answer 54

Confidentiality Integrity Availability {With CIA, all answers end in "ity" AAA does not! Authentication Authorization Accounting}

Answer 55

tasklist /svc

Answer 56

taskkill /im PID Example: End Notepad (14944) C:\User\> TaskKill /IM 14944 SUCCESS: Sent termination signal to the process with PID 14944.

Answer 57

network mapping

Answer 58

apt-get install (package name)

Answer 59

chkdsk C: /x - Check Disk - /x Forces the volume to dismount first if necessary. All opened handles to the volume would then be invalid (implies /F -fixes all errors on disk).

Answer 60

Sysprep - Microsoft's System Preparation Tool Sysprep Generalizes the image and removes computer-specific information such as installed drivers and the computer security identifier (SID).

Answer 61

boot partition {Boot Partition has the OS} {System Partition has the BCD} \*Boot Configuration Database

Answer 62

Disk Utility

Answer 63

Confidential * Top Secret = Highest level of restriction * Secret = Valuable Info, Severely restricted * Confidential = Highly sensitive info need approval before viewing * Classified = Restricted, Internal/official use only (3rd party NDA) * Unclassified = No restrictions ============================================================================ Top Secret Secret - Both have "Secret" "Top Secret" is on TOP Confidential -is Confidently in the MIDDLE Classified Unclassified - Both have "Classified" "Unclassified" is UNDER classified

Answer 64

Administrators

Answer 65

Task Manager

Answer 66

sfc /scannow

Answer 67

grep * Find text in a file * Search through many files at a time * grep PATTERN [FILE] * \> grep failed auth.log

Answer 68

Ext4 is functionally very similar to ext3, Both support journaling but Ext4 brings large filesystem support, improved resistance to fragmentation, higher performance, and improved timestamps.

Answer 69

Setup Logs

Answer 70

netstat -n -n Displays addresses and port numbers in numerical form. {N = numerical} ==================================================================== Example: Proto ___ Local Address _____ Foreign Address _______ State TCP ___ 10.32.9.109:49264 ___ 35.186.224.42:443 ___ ESTABLISHED TCP ___ 10.32.9.109:49501 ___ 149.96.232.187:443 ___ ESTABLISHED TCP ___ 10.32.9.109:49521 ___ 10.32.9.28:7337 _____ ESTABLISHED TCP ___ 10.32.9.109:49532 ___ 10.32.9.28:6336 ____ ESTABLISHED TCP ___ 10.32.9.109:51786 ___ 10.32.9.14:1611 _______ ESTABLISHED TCP ___ 10.32.9.109:52161 ___ 52.113.196.254:443 ____ CLOSE\_WAIT

Answer 71

Diskmgmt.msc

Answer 72

Authenticated Users Group The Authenticated Users group includes all users whose identities were authenticated when they logged on. This includes local user accounts as well as all domain user accounts from trusted domains and also users from other forests that access resources in the local forest using valid credentials and using a forest or external inter-forest trust relationship. The Everyone group is a superset of the Authenticated Users group. It includes the Authenticated Users group and the Guest account. An important difference between the Everyone and Authenticated Users groups lies in their Guest and Anonymous accounts’ membership

Answer 73

compmgmt.msc

Answer 74

boot sector virus

Answer 75

Defragmentation

Answer 76

Sleep/Standby Mode {Sleep/StandBy mode sends data to Memory} {Hibernate mode sends data to Disk}

Answer 77

%SYSTEMROOT%\System32\drivers\etc\hosts ========================================================= The hosts file is an operating system file on Windows PC that lets you map specific domain names to an IP address. Windows will use the hosts file each time when connecting over a network using a hostname. It’s used to translate hostnames into numeric protocol addresses that identify and locate a host in an IP network. This is similar to nslookup where a domain name is translated to IP.

Answer 78

gpupdate /force - Group Policy Update /force

Answer 79

environment variable

Answer 80

eavesdropping

Answer 81

Worm - Self-contained - Typically target network application vulnerability - Rapidly consumes network bandwidth.

Answer 82

Reliability and Performance Monitoring

Answer 83

NLA (Network Level Authentication) NLA is a feature of Remote Desktop Services (RDP Server) or Remote Desktop Connection (RDP Client) that requires the connecting user to authenticate themselves before a session is established with the server.

Answer 84

PCI-DSS (payment card industry data security standard) =============================================================================== Anything having to do with PAYMENT CARDS or there related INDUSTRY aka banking. Banks want there DATA secured with this STANDARD Payment Card Industry Data Security Standard PCIDSS

Answer 85

RADIUS -Remote Authentication Dial-In User Service RADIUS protocol implements AAA, Authentication, Authorization, and Accounting.

Answer 86

chkdsk C: /x /x Forces the volume to dismount first, if necessary. All open handles to the drive are invalidated. /x also includes the functionality of /f. /f Fixes errors on the disk. The disk must be locked. If chkdsk cannot lock the drive, a message appears that asks you if you want to check the drive the next time you restart the computer.

Answer 87

Power Users

Answer 88

Transmit Power

Answer 89

Replay attack

Answer 90

System Information

Answer 91

Event Viewer - (accessed through computer management, administrative tools, or eventvwr.msc)

Answer 92

dir /o:d /o (Order) how? :d (by Date) /o:d (Order:by date)

Answer 93

net user dmartin /active:no

Answer 94

Top Secret

Answer 95

DISM - Microsoft's Deployment Image Servicing and Management

Answer 96

Trojan Horse

Answer 97

Local Users and Groups (lusrmgr.msc) - The Local Users and Groups in Windows 10 is an area where you can secure and manage user accounts or groups. These user accounts or groups must be stored locally on Windows 10 for you to be able to manage them.

Answer 98

System Protection Tab

Answer 99

Asymmetric Encryption

Answer 100

Full Control

Answer 101

Active Directory

Answer 102

Copying files and folders on the same NTFS volume or different volumes - The only instance where the source folder has Read permissions, The rest are Modify. - As with Moving files/folders to a different NTFS volume, NTFS permissions are inherited from the destination folder and the user becomes the Creator/Owner.

Answer 103

ext3 vs ext4

Answer 104

EFS (Encrypting File System)

Answer 105

Creator Owner Group

Answer 106

Destination Host Unreachable -"Destination Host Unreachable" is one of the usual but unexpected errors that flow out while carrying a network ping test. It is a type of Troubleshooting IP Default Gateway Issues that induce incorrect default gateway, which further leads to halt in a network ping test.

Answer 107

Domain - An Active Directory Domain is a collection of objects within a Microsoft Active Directory network. An object can be a single user or a group or it can be a hardware component, such as a computer or printer.

Answer 108

system protection tab

Answer 109

Default Programs

Answer 110

sfc - System File Checker

Answer 111

shutdown /t 30

Answer 112

ping -a IPaddress -a Resolve addresses to hostnames.

Answer 113

Eavesdropping

Answer 114

man/ --help

Answer 115

Windows: shutdown /s /t 60 macOS/Linux: sudo shutdown -h (default is 1 minute) sudo shutdown -h +5 (5 minutes from now) sudo shutdown -h 00:05 (also works in hh:mm format)

Answer 116

Local Group Policy Editor (gpedit.msc) (LGPO or LocalGPO)

Answer 117

bootrec /fixmbr

Answer 118

apt-get install (package name)

Answer 119

NetworkService

Answer 120

Local Security Policy (secpol.msc) The Local Security Policy snap-in (Secpol.msc) restricts the view of local policy objects to the following policies and features: \*Account Policies \*Local Policies \*Windows Firewall with Advanced Security \*Network List Manager Policies \*Public Key Policies \*Software Restriction Policies \*Application Control Policies \*IP Security Policies on Local Computer \*Advanced Audit Policy Configuration Policies set locally might be overwritten if the computer is joined to the domain. The Local Security Policy snap-in is part of the Security Configuration Manager tool set.

Answer 121

Screen Sharing

Answer 122

format D: /v:E format Volume [/V:volume] /V:label -Specifies the volume label. - Change the name of D volume to E

Answer 123

dir \*.doc

Answer 124

Remote Disc

Answer 125

gpedit.msc

Answer 126

ps -Gets all process and there PIDs kill [PID] -Ends the PID entered

Answer 127

ipconfig /all

Answer 128

Active Directory

Answer 129

dir /t:c /t [List time fields] what time fields? :c [created] Other time fields: C Creation A Last Access W Last Written

Answer 130

Host Firewall

Answer 131

netstat -a -a Displays all connections and listening ports. {A for ALL}

Answer 132

dir /t:a /t [list by time field] what time field? :a [last accessed] C Creation A Last Access W Last Written

Answer 133

footprinting

Answer 134

chkdsk -Check Disk /f [fix all errors found]

Answer 135

Everyone Group

Answer 136

End-of-life System

Answer 137

6 7 -Read, Write, and Execute r w x 6 -Read and Write r w - 5 -Read and Execute r - x 4 -Read only r - - 3 -Write and Execute - w x 2 -Write only - w - 1 -Execute only - - x 4 -(letters in) READ 2 -write 1 -eXecute Read + Write = 6 (rw-)

Answer 138

RADIUS (Remote Authentication Dial-In User Service) {Think - RAAADIUS} - RADIUS is a networking protocol, operating on ports 1812 and 1813, that provides centralized Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a network service.

Answer 139

Windows Registry

Answer 140

Where the log files stored

Answer 141

Factory Recovery Partition

Answer 142

Wake on Wireless LAN

Answer 143

gpupdate /force

Answer 144

System Partition

Answer 145

DISM - Microsoft's Deployment Image Servicing and Management - .WIM Windows Image Format

Answer 146

printenv or env command

Answer 147

secure boot

Answer 148

VFAT (virtual file allocation table) - Uses the same data structures that Windows uses - Supports long (255) file names

Answer 149

PNAC - Port-based network access control

Answer 150

CA - Certificate Authority

Answer 151

apple menu items

Answer 152

System Preferences -\> Trackpad

Answer 153

ipconfig /flushdns netsh interface ip reset resetlog.txt (netsh i i r r) netsh winsock reset - /flushdns Reverts the DNS file to default. - netsh interface ip reset resetlog.txt Rewrites two registry keys that are used by TCP/IP - netsh winsock reset Winsock settings contain your computer's configuration for Internet connectivity. This reverts them to default. - netsh = Network Shell

Answer 154

clean install

Answer 155

taskkill /pid =============================================================================== To end a process by name: taskkill /IM Taskkill /IM notepad.exe

Answer 156

man/ --help

Answer 157

RDP (Remote Desktop Protocol)

Answer 158

Local Security Policy (secpol.msc) - The local security policy of a system is a set of information about the security of a local computer. The domains trusted to authenticate logon attempts. Which user accounts may access the system and how. For example, interactively, through a network, or as a service.

Answer 159

shutdown -h

Answer 160

rstrui.exe \*Restore Utility ReSToR UtIlity

Answer 161

dir /o:e =============================================================================== Other sort by orders: N By name (alphabetic) S By size (smallest first) E By extension (alphabetic) D By date/time (oldest first) G Group directories first - Prefix to reverse order

Answer 162

Windows Memory Diagnostic

Answer 163

Event Types

Answer 164

popular linux distros

Answer 165

compmgmt.msc

Answer 166

Scan engine/components

Answer 167

Resultant Set of Policies

Answer 168

answer file

Answer 169

Computer Management (compmgmt.msc) Computer Management is a Microsoft Windows MMC snap in that was first introduced with Windows XP. It allows access to admin tools, including the Event Viewer, Task Scheduler, local users and groups, performance logs and alerts, Device Manager, Disk Management, and the Services manager.

Answer 170

Settings--\>Network & Internet--\>Status--\>Network Reset

Answer 171

GPO - Group Policy Objects

Answer 172

dir /o:s ========================================================== Other Order options: N By name (alphabetic) S By size (smallest first) E By extension (alphabetic) D By date/time (oldest first) G Group directories first - Prefix to reverse order

Answer 173

No reply (request timed out)

Answer 174

mkfs ``` {MKFS = Makes (Formats the partition with) the file system} {FDISK = Creates the partition} ```

Answer 175

Interactive Group - The members of the Interactive group gain access to resources on the computer at which they are physically located or logged on. This group includes all users who log into a computer locally or are logged in via RDP.

Answer 176

dir/o:e ========================================================== sort order: N By name (alphabetic) S By size (smallest first) E By extension (alphabetic) D By date/time (oldest first) G Group directories first - Prefix to reverse order

Answer 177

net localgroup Administrators dmartin /add - Net localgroup command is used to manage local user groups on a computer. Using this command, administrators can add local/domain users to groups, delete users from groups, create new groups and delete existing groups.

Answer 178

Authenticated Users Group

Answer 179

crontab -r

Answer 180

Activity Monitor

Answer 181

WSUS -Windows Server Update Services

Answer 182

dir Let \*.doc /s /S Displays files in specified directory and all subdirectories.

Answer 183

ipconfig /displaydns /displaydns Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS Client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers. Common ipconfig switches: /all /flushdns /release /renew

Answer 184

IDV (Integrated Development Environment)

Answer 185

VMM - virtual memory monitor

Answer 186

Differential backup {Incremental Backup - only the files that changed since the last back up.} {Differential Backup - only the files that changed since the last FULL backup.} {Full Backup - Complete backup of all files}

Answer 187

Windows Settings

Answer 188

Macro viruses

Answer 189

Hibernate Mode

Answer 190

Trojan Horse

Answer 191

File Attributes

Answer 192

EFS - Encrypting File System -

Answer 193

chkdsk C: /r /r Locates bad sectors and recovers readable information. The disk must be locked. /r includes the functionality of /f, with the additional analysis of physical disk errors.

Answer 194

Procedural controls

Answer 195

chkdsk [volume] /i /c - /c Use with NTFS only. Does not check cycles within the folder structure, which reduces the amount of time required to run chkdsk. - /i Use with NTFS only. Performs a less vigorous check of index entries, which reduces the amount of time required to run chkdsk.

Answer 196

asymmetric encryption

Answer 197

bootrec /fixboot

Answer 198

nslookup -option host server - Name Server Lookup -nslookup is a DNS lookup query utility ========================================================== Usage: nslookup [-opt ...] [# interactive mode using default server] nslookup [-opt ...] - server [# interactive mode using 'server'] nslookup [-opt ...] host [# just look up 'host' using default server] nslookup [-opt ...] host server [# just look up 'host' using 'server']

Answer 199

Authentication, Authorization, and Accounting - AAA is a system for tracking user activities on an IP-based network and controlling their access to network resources. ========================================================== Authentication (Who are you?) Authorization (Do you have permission?) Accounting (Keeping track of who comes and goes)

Answer 200

DDoS Attack

Answer 201

privacy screen

Answer 202

PII (Personally Identifiable Information) \*Not to be confused with NPPI... (Non Public Personal Info)

Answer 203

devmgmt.msc ========================================================== Despite the name being Device Manager, the file name is devmgmt.msc

Answer 204

Logical controls

Answer 205

msinfo32.exe

Answer 206

ipconfig /renew AdapterName

Answer 207

Boot Configuration Database

Answer 208

regsvr32 -regsvr32 is a command-line tool in Windows that stands for Microsoft Register Server. It's used to register and unregister Object Linking and Embedding (OLE) controls like.DLL files and ActiveX Control.OCX files

Answer 209

UDF (Universal Disk Format)

Answer 210

RSSI (Received Signal Strength Indicator) - (RSSI) is an estimated measurement of how good a device can hear, detect and receive signals from any access point or from a specific router. - 30db - feet away from transmitter - 67db - Minimum signal strength for applications that require very reliable, timely delivery of data packets. (VoIP, Streaming) - 70db - Minimum signal strength for reliable packet delivery. (email, Web) - 80db - Minimum signal strength for basic connectivity. Packet delivery may be unreliable. - 90db - Approaching or drowning in the noise floor. Any functionality is highly unlikely.

Answer 211

Spotlight Search

Answer 212

format D: /fs:NTFS /x - /X Force the volume to dismount first if necessary. All opened handles to the volume would no longer be valid.

Answer 213

exFAT ( Extended File Allocation Table)

Answer 214

Copying files and folders on the same NTFS volume or different volume

Answer 215

Swap Partition

Answer 216

Mission Control

Answer 217

Print Management

Answer 218

format D: /q /fs:EXFAT - /q quick format. Does not scan for bad sectors. ========================================================== Format Syntax: FORMAT volume [/FS:file-system] [/V:label] [/Q] [/L[:state]] [/A:size] [/C] [/I:state] [/X] [/P:passes] [/S:state]

Answer 219

Differential backup

Answer 220

Full Control

Answer 221

Diagnostic start up -When you start the computer in Safe mode, Windows loads only the basic drivers and computer services that you need. The diagnostic startup option enables Windows to determine which basic device drivers and software to load when you start Windows.

Answer 222

virtual memory ========================================================== o Virtual Memory: Allows you to set the amount of storage space for the Page/Swap File which is the RAM overflow that gets written to the HDD. This is managed automatically by default but you can modify this to set the HDD its writes to, Say from a HDD to a SSD and also modify the size of the Page/Swap File.

Answer 223

crontab -e

Answer 224

mstsc -Microsoft Terminal Services Connection

Answer 225

Normal Startup

Answer 226

DDoS Attack

Answer 227

HOSTS file location in Linux

Answer 228

net user dmartin

Answer 229

ping -a (IP address) - Returns the host name of IP address - In certain instances the inverse can be done using: nslookup (hostname) - Returns the IP address of the host name

Answer 230

bootrec /fixboot

Answer 231

WWAN (Wireless Wide Area Network)

Answer 232

format D: /fs:EXFAT

Answer 233

Remote Settings Location

Answer 234

net user dmartin Pa$$w0rd /add /fullname: "David Martin" /Logonpasswordchg:yes

Answer 235

Power Users

Answer 236

Security Log

Answer 237

System Configuration Utility (msconfig) - Tabs found in msconfig: - General: Allows you to boot Windows in diagnostic or selective mode when necessary - Boot: Manage everything related to Windows boot, including Safe mode. - Services: Enable or disable Windows and other services - Startup: The startup section is now managed via Task Manager. - Tools: Launch popular System services from here

Answer 238

Drive wiping

Answer 239

MAC Flooding

Answer 240

APFS - Apple File System - also called Mac OS Extended - Current FS used by Apple - Successor to HFS+ Extended Hierarchical File System

Answer 241

shutdown -a (Linux) shutdown /a (Win)

Answer 242

MDM (Mobile Device Management )

Answer 243

Shredding, Incineration, Degaussing

Answer 244

in-place upgrade

Answer 245

GPO (Group Policy Object) -A Group Policy Object (GPO) is a virtual collection of policy settings.

Answer 246

classified

Answer 247

boot sector virus

Answer 248

Resource Monitor

Answer 249

System Preferences --\> Trackpad

Answer 250

LocalService

Answer 251

APFS - Apple File System

Answer 252

Moving files and folders to a different NTFS volume

Answer 253

Screen Sharing

Answer 254

Rainbow Table Attack

Answer 255

WoL Wake on LAN -

Answer 256

ipconfig /release AdapterName

Answer 257

dir \*.doc

Answer 258

Windows + Ctrl + Shift + B

Answer 259

Control Panel

Answer 260

Moving files and folders on the same NTFS volume

Answer 261

Remote Assistance

Answer 262

Local Service

Answer 263

UAC (User Account Control)

Answer 264

DoS attack (Denial of Service Attack)

Answer 265

bootrec /rebuildbcd

Answer 266

Reliability Monitor

Answer 267

shutdown now, +10

Answer 268

chkdsk C: /f - The intention is to check the Windows drive for damage and (with the /f switch) immediately perform a repair. - CHKDSK finds and fixes errors in the file system of your hard drive, SFC (System File Checker) specifically scans and repairs Windows system files.

Answer 269

Replay Attack

Answer 270

Incremental backup

Answer 271

NFS (Network File System)

Answer 272

Program Files

Answer 273

BITS - Background Intelligent Transfer Service -On Windows 10, Background Intelligent Transfer Service (BITS) is an essential component responsible for assisting the system and applications during foreground or background downloads and uploads between the device and a remote server, without impacting the network experience.

Answer 274

PSK - Pre-Shared Key -

Answer 275

Adapter Properties

Answer 276

"set" command -Linux set command is used to set and unset certain flags or settings within the shell environment. -In Windows, Set Displays, sets, or removes cmd.exe environment variables. If used without parameters, set displays the current environment variable settings.

Answer 277

format D: /fs:NTFS /c

Answer 278

Standby/Sleep Mode

Answer 279

Activation Lock/Device Protection

Answer 280

dir /t:w /t = Time :w = last witten to

Answer 281

linux group commands

Answer 282

crontab -e

Answer 283

taskkill /f /pid processid -taskkill ends one or more tasks or processes. /f Specifies that processes be forcefully ended. This parameter is ignored for remote processes; all remote processes are forcefully ended. /pid [processID] Specifies the process ID of the process to be terminated.

Answer 284

Boot Partition

Answer 285

adding a new account in MacOS

Answer 286

ACL (Access control list) ACLs come in different forms: - File System ACL - Active Directory ACL - Network ACL All perform a similar role, to attach permissions to an object (resource) that specify which users are granted access to that object (resource) and the operations it is allowed to perform.

Answer 287

System Log (syslog)

Answer 288

Moving files and folders on the same NTFS volume

Answer 289

remote settings location

Answer 290

VNC (Virtual Network Computing) - Screen Sharing is based on VNC

Answer 291

netstat -b -b Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached.

Answer 292

secpol.msc

Answer 293

Application Log

Answer 294

NAC (Network Access Control) - Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.

Answer 295

popular linux GUIs

Answer 296

shutdown -a shutdown /a

Answer 297

ipconfig /renew AdapterName

Answer 298

linux user commands

Answer 299

Hibernate mode

Answer 300

Moving files and folders to a FAT or FAT32 partition

Answer 301

legal and regulatory or compliance controls

Answer 302

Windows Memory Diagnostics

Answer 303

format D: /a:512 /A:size Overrides the default allocation unit size. Default settings are strongly recommended for general use.

Answer 304

NTFS - New Technology File System

Answer 305

LPL - Windows Logo'd Product List - Sometimes called Windows Compatible Products List

Answer 306

gpedit.msc

Answer 307

dir Let \*.doc

Answer 308

Network Group

Answer 309

Component Services (COM+)

Answer 310

PNAC - Port-based network access control

Answer 311

Resource Monitor

Answer 312

Win Key + R

Answer 313

Fragmentation

Answer 314

shutdown -r shutdown /r

Answer 315

ipconfig /all

Answer 316

counter logs

Answer 317

Footprinting (also known as reconnaissance) - generally refers to one of the pre-attack phases; tasks performed before doing the actual attack.

Answer 318

Port Scanning - Port scanning can be blocked by some Firewalls and IDS (Intrusion Detection System). -A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

Answer 319

Information, Warning, Error, Critical, Successful Audit, Failure Audit {Whales Eat Cats Instead of Salted Fish} \*Warning \*Error \*Critical \*Information \*Successful Audit \*Failure Audit

Answer 320

CHKDSK is designed to check the integrity of disk partition file system, scan and fix detected logical file system errors on the hard disk. ScanDisk can also check and repair disk file system errors. However, ScanDisk cannot scan NTFS disk drives, but only scan FAT drives like FAT32, FAT16, and FAT12.

Answer 321

(System File Checker) SFC /Scannow helps you scan and repair corruptions in Windows system files. (Deployment Image Servicing and Management Tool) DISM can be used to prepare, modify and repair Windows system images.

Answer 322

TACACS+ - Terminal Access Controller Access-Control System Plus - Developed by Cisco, Terminal Access Controller Access-Control System (TACACS,) refers to a family of related protocols handling remote authentication and related services for networked access control through a centralized server.

Answer 323

Use a cloud backup service - Using a cloud backup service such as Apple iCloud or Google Drive provides an automated method to constantly backup all user data on the smartphone. If the phone is lost or stolen, the user can purchase a new smartphone and restore all of the data from the cloud.

Answer 324

Modify the default permissions - Many system administrators configure their accounts to have full access to the network as their default setting. This means that malicious software would also have full access if the administrator's desktop was exploited. Changing the default permissions to have limited access would also limit the scope of a Trojan horse exploit.

Answer 325

Electrical ground - An electrical ground will divert any electrical faults away from people and into a copper grounding rod. An electrical ground is a critical part of any power system and equipment installation.

Answer 326

Enable System Protection - Before the malware was removed, System Protection was disabled to delete all potentially-infected restore points. Once the malware is removed and the anti-malware process is working again, System Protection can be re-enabled.

Answer 327

mv - The Linux mv (move) command will move a file from one location to another or move/rename a file from one name to another.

Answer 328

Print a test page from the printer console - It would be useful to know if the printer is working properly or if the issue occurred prior to the output reaching the printer. Printing a test page from the printer console circumvents the network, operating system, driver, and application to determine if the printer itself is working properly.

Answer 329

The battery capacity is decreased - Smartphone batteries have a lifespan of about 300 to 500 charge cycles, so smartphone that's three years old will not have the same capacity as the battery in a new smartphone.

Answer 330

Contact the company's security officer - A company's AUP (Acceptable Use Policy) is in place to limit the legal liability of an organization. If a person in the organization is not following the terms of the AUP, then the security officer's team should manage the results of that action.

Answer 331

.vbs - The .vbs extension is used for Microsoft Visual Basic Scripting Edition scripts. These scripts provide general purpose scripting in Windows, and are especially common inside of Microsoft Office applications.

Answer 332

FOSS - FOSS (Free and Open-Source) software is distributed without charge and includes a copy of the source code.

Answer 333

chkdsk /r (Implies /f)

Answer 334

* net view \\ [Server] * net view /[workgroup:]

Answer 335

net use [Drive Letter] \\[server] net use R: \\fs-main

Answer 336

General tab • Control the startup process Boot tab • Control the boot location Services tab • Enable and disable Windows services Startup tab • Manage which programs start with a Windows login Tools tab • Easy access to popular administrative tools

Answer 337

Processes Performance App History Startup Users Details Services

Answer 338

Windows HomeGroup (Win 7)

Answer 339

Windows WorkGroup

Answer 340

Windows Domain

Answer 341

Home • The network is trusted Work • You can see other devices, but can’t join a HomeGroup Public • Airport, coffee shop • You are invisible

Answer 342

Private • Sharing and connect to devices Public • No sharing or connectivity

Answer 343

Batch Scripts

Answer 344

PowerShell Scripts

Answer 345

Shell Scripts

Answer 346

JavaScript

Answer 347

Boot with a pre-installation environment (Windows PE) Windows Preinstallation Environment (also known as Windows PE and WinPE) is a lightweight version of Windows used for the deployment of PCs, workstations, and servers, or troubleshooting an operating system while it is offline. It is intended to replace MS-DOS boot disks and can be booted via USB flash drive, PXE, iPXE, CD-ROM, or hard disk.

Answer 348

Perform a Windows 10 reset - The Windows 10 reset can quickly remove all personal files, apps, and setting, and would reset the system to the factory defaults.

Answer 349

Remote wipe The remote wipe feature of a smartphone or tablet allows the administrator or owner of the device to delete all information on the device from a website or secure app. If the device is lost or stolen, all of the data on the device can be immediately erased and recovery of the data would not be possible unless the admin/owner also uses Cloud backup A cloud backup allows the smartphone owner to recover data if the phone were lost or stolen, but the cloud backup alone would not provide any additional protection of the smartphone data.

Answer 350

Image installation An image installation can install an operating system, applications, and customized system configurations to multiple devices in a single step. With a pre-built images, a large training room of systems can be updated with a specific configuration very efficiently.

Answer 351

Enable Bluetooth Most tablets use Bluetooth to connect wirelessly to external devices. If Bluetooth isn't enabled, then a stylus, wireless headphones, and other personal area network (PAN) devices will not be usable.

Answer 352

Push-Button Reset (System Reset) (Reset) Settings \> Update & Security \> Recovery \> Reset this PC \> Get started

Answer 353

Startup Repair Open Settings. Click on Update & Security. Click on Recovery. Under the "Advanced startup" section, click the Restart now button Issues that can be fixed with Startup Repair: * Your Registry becomes corrupted. * There are missing or damaged system and driver files. * You are experiencing Disk metadata corruption (MBR, partition table, and boot sector). * There is any File system metadata corruption. * You are facing installing issues or the drivers are incompatible. * Installation of Windows service packs and patches are coming back with incompatible errors. * Your boot configuration data is corrupt. * Startup Repair can detect bad memory and hard disk.

Answer 354

System Restore/System Protection

Answer 355

System Image Recovery

Answer 356

Users often need assistance when an OS version changes the desktop style or user interface. In Windows 10, the Start Menu and the All Programs submenu have been replaced by the Start Screen. The user can scroll in the Start Screen or use Instant Search to find any app. To use Instant Search, press the Windows key and type the app name.

Answer 357

Support for more than 4 GB RAM.

Answer 358

Without a domain, accounts must be configured on each computer individually. With over 30 computers to manage at two locations, this would be a substantial task so switching to a domain network, where the accounts can be configured on the server, is likely to save costs in the long term. The BranchCache feature would also allow computers at the second office to minimize bandwidth usage when downloading documents (Enterprise edition only) and updates from the main office. You can suggest either Windows 10 Pro or Windows 10 Enterprise for use on a domain. As Windows moves towards a service model, subscription-based licensing of the Enterprise edition is becoming the mainstream choice.

Answer 359

The issue here is compatibility between different operating systems. Even though both are produced by Apple, iOS and macOS use different environments so the iOS app cannot be installed directly. Your company might make a macOS version. Also (and do not worry if you did not include this in your answer), with the latest version of macOS (Mojave), support for native iOS apps is being provisioned so this might be something you can offer in the future.

Answer 360

The other main choice is one of the distributions of Linux. A company might also use some sort of UNIX. Finally, Chrome OS is installed on Chromebox PCs. These are often used by educational institutions and businesses who rely primarily on web applications, rather than locally installed desktop software.

Answer 361

This is an issue with update limitations. Android is quite a fragmented market, and customers must depend on the handset vendor to implement OS updates for a particular model. The customer can only check the handset vendor's website or helpline to find out if a version update will ever be supported for that model.

Answer 362

User-level features like this are configured via the Control Panel in Windows 7. In Windows 8 and Windows 10, there are Ease of Access settings in both the Control Panel and in the PC Settings/Windows Settings app but don't worry if you just answered "Settings app." It is also worth remembering that you can use Instant Search to return a list of user configuration options quickly.

Answer 363

There are several ways to disable User Account Control (UAC) but the simplest is via the User Accounts applet in Control Panel. You can also just search for "UAC" to open the dialog box. You should advise the customer that UAC is an important security feature and that by disabling it, his computer will be more vulnerable to malware.

Answer 364

True—the contents do vary from version to version though.

Answer 365

A Microsoft Management Console (MMC) is used for Windows administration. Running mmc opens an empty console. You would do this to create a custom toolkit of the snap-ins used to configure advanced features of Windows. You can save the custom console for future use.

Answer 366

Open a new command prompt window with sufficient privileges. You can right-click the Command Prompt icon and select Run as administrator or press Ctrl+Shift +Enter with the icon selected.

Answer 367

To specify a delay between running the command and shutdown starting. You might do this to give users a chance to save work or to ensure that a computer is restarted overnight.

Answer 368

This tool allows you to make manual changes to the Window Registry database. You can also use it to export and back up portions of the registry. You might also import registry files to apply a suggested fix.

Answer 369

The Windows folder (or system root) contains the files used to run Windows itself. Program Files contains the executable and settings files installed by desktop applications. You might also mention that the Users folder contains user settings files, user-specific application data, and user-generated data files. There are also some additional hidden folders (notably ProgramData) but do not worry if you have not included these.

Answer 370

False—this is one of the main reasons for using libraries. They can consolidate a "view" of files stored in different locations on different file systems. This includes shared folders on network servers and removable drives.

Answer 371

The user does not have "Write" or "Modify" permission to that folder. If there is no configuration issue, you should advise the user about the storage locations permitted for user-generated files. If there were a configuration issue, you would investigate why the user had not been granted the correct permissions for the target folder.

Answer 372

The user must first show file extensions, using the View tab in the Folder Options applet. In Windows 8/10, extensions can be shown through a check box on the View menu ribbon. The user can then right-click the file and select Rename or press F2 and overtype the extension part.

Answer 373

Change the directory focus to the parent directory (equivalent of Up One Folder).

Answer 374

The robocopy command offers more options than xcopy so will usually be the better choice. The copy command is quite basic and probably not suitable.

Answer 375

Three—each partition can use a different file system.

Answer 376

The system partition contains the boot files; the boot partition contains the system root (OS files).

Answer 377

GPT-style partitioning.

Answer 378

False—assigning a drive letter is common practice, but a partition can be mounted to any point in the file system.

Answer 379

The disk was configured as dynamic under a different computer then installed in this one. You need to import the disk to make it usable.

Answer 380

The customer is right to consider the risk and take steps to mitigate it. One option is to make a backup of the files so that they are always stored on at least two devices. You could also suggest configuring the RAID-like functionality available with the Storage Spaces feature of Windows 10. Note that you cannot recommend Dynamic Disks as that is not available with the Home edition. Using both Storage Spaces and an offsite backup method, such as copying to a cloud drive, will give the best protection.

Answer 381

Browse the graphics adapter vendor's website and use the card's model number in the driver search tool to look for the latest version. Compare the version information for the driver on the website to the installed version (use Device Manager to check the installed version number). If the website driver is newer, download and run the setup file to install and configure it. You should ensure that the setup file is digitally signed by the vendor. If the driver is only provided as a compressed archive, extract the driver files then use the Update Driver button in Device Manager to select it for use with the adapter.

Answer 382

Open Device Manager from the WinX menu, Instant Search, or the Computer Management console. Expand Keyboards then right-click the device and select Properties. On the Driver tab, select Rollback Driver.

Answer 383

There is an automated Windows Troubleshooting tool for diagnosing and correcting problems with audio playback. You should advise the customer to open the Troubleshooting applet in Control Panel and select the troubleshooter for audio playback.

Answer 384

The icon indicates that the device has been disabled. It could be that there was a fault or there may be a network configuration or security reason for disabling the adapter. In this sort of situation, use incident logs and device documentation to establish the reason behind the configuration change.

Answer 385

When a computer goes into a power saving mode, it will either maintain a small amount of power to the memory modules or write the contents of memory to a hibernation file on disk. Consequently, the user should be able to start the laptop again and the desktop will resume with the open file still there. You should advise the customer to save changes to files regularly however.

Answer 386

A version of ext (ext4 or ext3).

Answer 387

Either | more or | less.

Answer 388

rm -r /home/fred/junk

Answer 389

mv names.doc /mnt/usb

Answer 390

Read-only.

Answer 391

/etc/passwd.

Answer 392

shutdown -h 21:00

Answer 393

In the Status menu on the Menu bar, in the top-right of the screen.

Answer 394

Command+Spacebar.

Answer 395

Under System Preferences→Trackpad.

Answer 396

Mission Control.

Answer 397

The Finder.

Answer 398

Boot Camp Assistant lets you create a new partition and install a fresh version of Windows.

Answer 399

Spinning wait cursor

Answer 400

When using UEFI system firmware, the EFI system partition should be formatted with a FAT file system. Another scenario is when you are configuring a multiboot system with an older version of Windows or with Linux.

Answer 401

Network adapter/NIC and system firmware support.

Answer 402

You can install images larger than will fit on a DVD. This might be useful if you want to install multiple software applications at the same time as Windows itself.

Answer 403

A partition containing a backup of the system configuration at a particular point in time. These are often used on OEM PCs to enable the PC to be restored to its factory settings.

Answer 404

An answer file containing the setup configuration.

Answer 405

Cloning an installation from one PC to another.

Answer 406

Use an answer file with the appropriate settings, and ensure that a domain controller is available to the PC during setup. You cannot join a domain during attended setup (though you could immediately after setup finishes).

Answer 407

In the GUI tool, simply do not select an option to fix errors automatically. Alternatively, at a command prompt, run chkdsk without any switches.

Answer 408

Task Scheduler

Answer 409

Firmware updates.

Answer 410

Open the Mac App Store and select the Updates button.

Answer 411

File History. You could also consider OneDrive as a type of backup solution.

Answer 412

It only supports backing up to local drives or removable media, not to network shares.

Answer 413

Time Machine.

Answer 414

crontab -l

Answer 415

Open the application's property sheet and select the Compatibility tab to select the appropriate mode. You can also run the Program Compatibility Troubleshooter.

Answer 416

It shows user-initiated processes and resource utilization.

Answer 417

Open System properties, select Change settings, then select the Remote tab and check the Allow remote connections to this computer option on the Remote tab. You can also specify the user accounts permitted to connect to the server.

Answer 418

System Protection restore points are stored on the local disk and so would not allow recovery from the failure, loss, or destruction of the disk. System Protection is designed only to allow the rollback of configuration changes.

Answer 419

The pagefile will not become fragmented (assuming you defragmented the disk before doing this).

Answer 420

%SystemRoot%\System32\Winevt\Logs\System.evtx

Answer 421

General, Boot, Services, Startup, and Tools. In Windows 8/10, the functionality of the Startup tab has moved to Task Manager.

Answer 422

Defragment the hard disk, and ensure there is sufficient free space. Verify that the power management configuration is not throttling components such as the CPU or GPU. You can also use performance monitoring to check device utilization and determine whether upgrades are required.

Answer 423

Check the event log for more information.

Answer 424

Using Safe Mode boots with a minimal set of drivers and services. If Safe Mode boot is successful but normal boot is not, the issue is likely to be with driver software. Re-enable each driver in turn to identify the culprit. If the problem also manifests in Safe Mode, it is more likely to have an underlying hardware cause.

Answer 425

Run a Memory Diagnostic. This tests each RAM cell and so should uncover any fault.

Answer 426

GPT ``` The GPT (GUID Partition Table) partition style provides for very large partition sizes that would easily allow a single partition of 4 terabytes. ```

Answer 427

WPA2 ``` Enabling WPA2 (Wi-Fi Protected Access version 2) would require a password to connect and would prevent customers from connecting to the company wireless network. ```

Answer 428

1. Disable Bluetooth and cellular connections 2. Close apps that work in the background The two options that would have the largest power savings would disable wireless Bluetooth radios and close applications that use CPU power.

Answer 429

Schedule periodic anti-virus scans After removing malware and before educating the end-user, it's important to configure the system to find and prevent any future infections.

Answer 430

Disconnect from all power sources When working inside of a computer, it's always important to disconnect the system from the main power source. This should always be the first and most important step when working on the inside of a device.

Answer 431

Install the application to a network share The installed application files can be much larger than the installation utility, so using a network share with a larger available storage space can be a good alternative until free space is available on the local computer.

220-1002 Flashcards

Pass the CompTIA A+ 220-1002 test with complete mastery. (562 cards)