220-1002 Flashcards Preview

CompTIA A+ 220-1002 > 220-1002 > Flashcards

Flashcards in 220-1002 Deck (562)
Loading flashcards...
1
Q

When a new harddisk leaves the manufacturer, creates cylinders, tracks and sectors on the platters

A

Low Level Format

2
Q

halts any child processes

A

taskkill /t /pid processid

/t

Terminates the specified process and any child processes which were started by it.

/pid

Specifies the PID of the process to be terminated. Use TaskList to get the PID.

3
Q

bottom of screen gives one-click access to favorite apps and files in macOS

A

dock

4
Q

Opens device manager from runline

A

Devmgmt.msc

Despite the name being called “Device Manager”, the name used to call the application is short for Device Management.

5
Q

UGO stands for…

A

User, Group, Others

User
User is the owner of the file. When you create a file, you become the owner of the file. The ownership can be changed as well, but we’ll see that later.

Group
Every user is part of a certain group(s). A group consists of several users and this is one way to manage users in a multi-user environment.

Other
‘Other’ can be considered as a super group with all the users on the system. Basically, anyone with access to the system belongs to this group.

In other words, ‘User’ is a single user, Group is a collection of users and Other consists of all the users on the system.

*Even if you are the only user of the system, you’ll still be part of many groups. Distributions like Ubuntu also create a group with name same as the user’s name.

Tip: Run the command groups to see what user-groups you belong to.

6
Q

7 steps in the malware removal process are…

A
  1. Identify and research malware symptoms
  2. Quarantine infected systems
  3. Disable system restore
  4. Remediate infected systems:
    - update anti-malware software
    - scan and use removal techniques
  5. Schedule scans and run updates
  6. Enable system restore
  7. Educate end user

IQ DR SEE
I (Identify)
Quietly (Quarantine)
Draw (Disable Restore)
Red (Remediate/Remove)
Shoes (Schedule Scans/Updates)
Every (Enable Restore)
Evening (Educate User)

7
Q

How do you Force Quit in macOS?

A

in Apple menu or press command+option+esc

8
Q

specifies the hour in cron(0-23)

A

hh

9
Q

A collection of user accounts, computer accounts, and other groups that can be assigned permissions in the same way as a single user object.

A

Security Group

10
Q

Clears the DNS resolver cache

A

ipconfig /flushdns

11
Q

A ____ is a logical group of keys, subkeys, and values in the registry that has a set of supporting files loaded into memory when the operating system is started or a user logs in.

A

Hive

REGISTRY DATABASE FILES
The registry database is stored in binary files called hives. A hive comprises a single file (with no extension), a .LOG file (containing a transaction log), and a .SAV file (a copy of the key as it was at the end of setup). The system hive also has an .ALT backup file. Most of these files are stored in the %SystemRoot%\System32\Config folder, but hive files for user profiles are stored in the folder holding the user’s profile. The following table shows the standard hives.

HKEY_CURRENT_CONF
system, system.alt, system.log, system.sav

HKEY_CURRENT_USER
ntuser.dat, ntuser.dat.log

HKEY_LOCAL_MACHINE\SAM
ssam, sam.log, sam.savv

HKEY_LOCAL_MACHINE\SECURITY
security, security.log, security.sav

HKEY_LOCAL_MACHINE\SOFTWARE
software, software.log, software.sav

HKEY_LOCAL_MACHINE\SYSTEM
system, system.alt, system.log, system.sav

HKEY_USERS.DEFAUT
default, default.log, default.sav

HKEY_CLASSES_ROOT
Not stored in a hive but built from the \SOFTWARE\CLASSES keys in CURRENT_USER and LOCAL_MACHINE

12
Q

Location of Log files in WIndows

A

%SystemRoot%\System32\Winevt\Logs folder

13
Q

127.0.0.1

A

IPv4 Loop back address

The loopback address is used to test network software:

without physically installing a Network Interface Card (NIC),
and without having to physically connect the machine to a TCP/IP network.

14
Q

Allow you to collect statistics about resources such as memory, disk, and processor

A

Peformance Monitor
-perfmon.msc

-Performance Monitor provides a visual display of built-in Windows performance counters, either in real time or as a way to review historical data. You can add performance counters to Performance Monitor by dragging and dropping, or by creating custom Data Collector Sets. It features multiple graph views that enable you to visually review performance log data. You can create custom views in Performance Monitor that can be exported as Data Collector Sets for use with performance and logging features.

15
Q

32 bit application files location

A

Program Files(x86)

16
Q

Do most things with an object but not to change its permissions or owner.

A

Modify

17
Q

Stop a process using its unique ID (Windows)

A

taskkill /IM pid

18
Q

A new feature of Windows 7 that enables users to rapidly access data from remotely located file and web servers. This enables users at a small branch to cache copies of frequently accessed files from head office servers on a local computer.

A

BranchCache

19
Q

Bash shell script comment

A
#
{#BashCom}

Bash-Hash

Same as Powershell Comments #

20
Q

Linux shell scrips

A

.sh

21
Q

View the contents of a file or folder or start a program

A

Read/List/Execute

22
Q

quits a running program in command prompt

A

Control + C

23
Q

Control connection to databases set up on the local computer

A

ODBC Data Sources

(Open Database Connectivity )

24
Q

displays all files without an extension.

A

dir *.

25
Q

Shows a list of services within each process

A

tasklist /svc

/svc Lists all the service information for each process without truncation. Valid when the /fo parameter is set to table.

26
Q

An attack that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information

A

phishing

27
Q

A network protocol for secure transfer of data between computers on port 22

A

SSH (Secure Shell)

SSH -> 22H = SSH/Port 22

28
Q

refresh the local database with information about the packages available from the repository

A

apt-get update

29
Q

Part of UEFI, successor to MBR. Windows allows up to 128 partitions at 2TB each. It also has a back up copy for parition entries

A

GPT (GUID Partition Table)

30
Q

port 23

A

Telnet

31
Q

Ensures old data on a hard drive is destroyed by writing zeros or a random patter to each location on the drive. Makes disk suitable for re-use.

A

Drive Wiping

32
Q

change ownership in linux

A

chown

33
Q

An account in which if a process is executed it is unrestricted in terms of making changes to the system configuration and file system (better than administrator account)

A

LocalSystem account
{SYSTEM has unrestricted access, SERVICES does not}
- One of the 3 Service User Accounts.
*NetworkService
*LocalService
(Both have minimum privileges)

-Operated by Service Control Manager

34
Q

tool to copy code to make the partition bootable

A

bootsect
- Boot sector restoration tool

Bootsect.exe updates the master boot code for hard disk partitions in order to switch between BOOTMGR and NTLDR (the boot loader for all Win NT systems). You can use this tool to restore the boot sector on your computer.

35
Q

Adds missing Windows installations to the BCD

A

bootrec /rebuildbcd

Common Usage:
Failure to boot/invalid boot disk
No OS found

36
Q

A disk partition designated for swap space in linux.

A

Swap Partition

37
Q

Apple equivalent of system restore

A

Time Machine

38
Q

a file that contains all the contents of an optical disc

A

ISO File

39
Q

Enables network-ready devices to discover each other automatically. Also allows configurations for devices to work with firewalls

A

UPnP (Universal Plug and Play)

Universal Plug and Play (UPnP) is a protocol framework allowing network devices to auto configure services such as allowing a game console to request appropriate settings from a firewall.
Windows automatically detects new or changed hardware, finds drivers, and installs and configures the device.
Minimal user input includes installing vendor drivers.
Microsoft has a repository of generic drivers for many common devices, Mice, keyboards, webcams, etc.
It will automatically install the closest match to the device detected, although this is not the same as the drivers from the device vendor, their drivers may include extra functionality especially for high-end devices and graphics cards, like programmable soft keys on a keyboard, or extra scroll settings on a mouse.

40
Q

When a new hard drive leaves the manufacturer, creates cylinders, tracks and sectors on the platters

A

Low-level format

41
Q

In windows, lists result files one screen at a time

A

dir /p

  • Directory
  • /P *Pauses after each screenful of information.
42
Q

check free space and report usage by directories and files (linux)

A

df and du

The “disk free” command is a fantastic command-line tool that gives you a quick 30,000-foot view of your filesystem and all mounted disks. It tells you the total disk size, space used, space available, usage percentage, and what partition the disk is mounted on. I recommend pairing it with the -h flag to make the data human-readable.

The “disk usage” command is excellent when applied in the correct context. This command is at its best when you need to see the size of a given directory or subdirectory. It runs at the object level and only reports on the specified stats at the time of execution. I like to pair this command with the -sh flags to give a human-readable summary of a specified object (the directory and all subdirectories).

===============================================================================
In Windows, you can right click a drive/folder/file and select properties to find free space and usage

43
Q

In Linux, what command is used to view tasks scheduled by the
current user?

A

crontab –l

44
Q

All selected data regardless of when it was previously backed up (high backup, time low restore time uses one tape set)

A

full backup

45
Q

A vulnerability that is exploited before the software creator/vendor is even aware of its existence.

A

zero-day exploit

46
Q

Allows you to view cached passwords for websites and Windows/network accounts

A

Credential Manager

47
Q

The file system older macOS uses

A

HFS Plus (Extended Hierarchical File System)

*Replaced by APFS (Apple Filing System)

48
Q

displays the current state of network interfaces within linux

A

ifconfig/iwconfig

  • ifconfig (ip a) -Display network info (legacy, newer distros use ip a )
  • May need to be installed
  • iwconfig -Display wireless adapter configurations/info.
49
Q

schedules a system file scan whenever the PC boots

A

sfc /scanboot
-System File Checker

50
Q

Linux User commands

A

Useradd, Usermod, Userdel

51
Q

windows batch file escape character

A

%%

52
Q

displays all files and directories in the current directory

A

dir *.*

  • dir = Directory
  • *.* = Show any file name with any extension.
53
Q

lists all switches for the netstat command

A

netstat /? Or netstat /help

54
Q

Located in Control Panel in Windows 7, is a collection of predefined Microsoft Management Consoles

A

Computer Management

Control Panel / Administrative Tools
• mmc.exe

55
Q

(Linux) Shutdown at 5:30pm

A

shutdown -h 17:30

56
Q

change permission modifiers in linux

A

chmod

57
Q

Change ownership in linux.

A

chown

58
Q

legacy file system used for optical disc media

A

CDFS (compact disc file system)

59
Q

A collection of user accounts that can be assigned permissions in the same way as a single user object

A

Security Group

There are two forms of common security principals in Active Directory: user accounts and computer accounts. These accounts represent a physical entity (a person or a computer). Security groups are used to collect user accounts, computer accounts, and other groups into manageable units.

Groups are used to collect user accounts, computer accounts, and other groups into manageable units. Working with groups instead of with individual users helps simplify network maintenance and administration.

There are two types of groups in Active Directory:

Distribution groups: Used to create email distribution lists.

Security groups: Used to assign permissions to shared resources.

Security groups can provide an efficient way to assign access to resources on your network. By using security groups, you can:

  • Assign user rights to security groups in Active Directory.
  • Assign permissions to security groups for resources.
60
Q

linux command that makes a copy of an input file to an output file

A

dd

AKA Duplicate Data (dd)

61
Q

displays linux processes that are currently running

A

ps

  • View the current processes
  • And the process ID (PID)
  • Similar to the Windows Task Manager
  • View user processes
  • ps
  • View all processes
  • ps -e | more
62
Q

Medical and insurance records, plus hospital lab results

A

PHI (Protected Health Information)

• Health information associated with an individual
• Health status, health care records, payments
for health care, and much more
• Data between providers
• Must maintain similar security requirements
• HIPAA regulations
• Health Insurance Portability and Accountability Act of 1996

63
Q

Removes a directory and its contents recursively (Linux)

A

rm -r

• Remove files or directories
• Deletes the files
• Does not remove directories by default
• Directories must be empty to be removed or
must be removed with –r (removes contents recursively)

64
Q

is a text document containing commands for the operating system. The commands are run in the order they are listed

A

Script File

A text document containing OS commands or instructions from a scripting language.

Scripting Language:
A programming language that is not compiled, and must be run within a particular environment.
You may need command interpreter to execute the scrips.
You can open scripts in text editors or IDEs
- IDEs are designed to support scripting
- Autocomplete
- Debugging tools

Scripting Languages
Types of Instruction Sets:
- Compiled Programs (CPU performs instructions) *C++
- Scripts (OS or command interpreter performs instructions)

File extensions differ for each scripting language:

  • Windows batch file: .bat
  • PowerShell script: .ps1
  • Linux shell script: .sh
  • VBScript file: .vbs
  • JavaScript file: .js
  • Python script: .py

Scripts often used for smaller, repetitive tasks.

65
Q

PowerShell file extension

A

.ps1

66
Q

Queries a dns server about a host

A

nslookup -Option Host Server

  • Lookup information from DNS servers
  • Canonical names, IP addresses, cache timers, etc.
  • Lookup names and IP addresses
  • Many different options
67
Q

Provide a way of dividing up a domain into different administrative realms

A

OU (Organizational Unit)

68
Q

r-x

A

5

7 Read, Write, and Execute r w x
6 Read and Write r w -
5 Read and Execute r - x
- 4 Read only r - -
3 Write and Execute - w x
2 Write only - w -
- 1 Execute only - - x
0 none - - -

**REMEMBER 421
4 = R– (Read)
2 = -W- (Write)
1 = –X (eXecute)
The rest is just BASIC math.

69
Q

Attempts to fix startup problems.

A

bootrec

Recovery Console: bootrec /rebuildbcd

  • bootrec /fixmbr
  • bootrec /fixboot
70
Q

An interface between the user and computer and software.

A

shell

71
Q

A Windows command that is similar to and more powerful than the xcopy command, used to copy files and folders.

A

robocopy

72
Q

Disables dmartin account

A

net user dmartin /active:no

73
Q

Where the local user accounts created are stored?

The Windows local security account database where local system account information is stored.

A

Users folder. The Users folder is located in the Local Users and Groups folder in the local Computer Management (MMC).

SAM (Security Accounts Manager)

74
Q

Remote Settings location

A

control panel -> system -> remote desktop
Settings -> System -> Remote Desktop
CMD:
C:\WINDOWS\System32\control.exe system -> Remote Desktop

75
Q

Sets radio power level, typically set to the highest level by default

A

Transmit Power

76
Q

can be used to specify that date within the month(0-31) in cron

A

dd

77
Q

File system created specifically for the Linux kernel.

A

ext (Extended File System)

78
Q

schedules a scan when the computer is next restarted

A

sfc /scanboot

79
Q

Actions that can be had with Services.

A

Start, restart ,stop and pause services.

80
Q

linux command used to activate the partition swap space

A

swapon

81
Q

a set of software tools that enable an unauthorized user to gain control of a computer system without being detected.

A

Rootkits

82
Q

Windows log files that allow you to collect statistics about services, including extensions to Event Viewer to log data that would otherwise be inaccessible.

A

trace logs

83
Q

The process of managing information over its life cycle

A

ICM (Information Content Management)

84
Q

A mathematical function that converts an input of arbitrary length into an encrypted output of a fixed length

A

Hash

85
Q

a single key is used to encrypt and decrypt data

A

symmetric encryption

86
Q

Allows monitoring of Windows logs. System, security, application, and service events are recorded in these logs

A

Event Viewer

87
Q

a program on a server that allows the network admin to approve updates for certain groups

A

WSUS
-Windows Server Update Service

WSUS, previously known as Software Update Services, is a computer program and network service that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment.

88
Q

A management console snap in for viewing and managing system logs.

A

Event Viewer
- (accessed through computer management, administrative tools, or eventvwr.msc)

89
Q

What does gpresult do?

A

This command line tool displays the Resultant Set of Policy (RSoP) information for a target user and computer.

Displays the RSoP for a computer and user account
/S
system Specifies the remote system to connect to.

/U
[domain]user Specifies the user context under which the command should run. Can not be used with /X, /H.

/P
[password] Specifies the password for the given user context. Prompts for input if omitted. Cannot be used with /X, /H.

/SCOPE
scope Specifies whether the user or the computer settings need to be displayed. Valid values: “USER”, “COMPUTER”.

/USER
[domain]user Specifies the user name for which the RSoP data is to be displayed.

/X
Saves the report in XML format at the location and with the file name specified by the parameter. (valid in Windows Vista SP1 and later and Windows Server 2008 and later)

/H
Saves the report in HTML format at the location and with the file name specified by the parameter. (valid in Windows at least Vista SP1 and at least Windows Server 2008)

/F
Forces Gpresult to overwrite the file name specified in the /X or /H command.

/R
Displays RSoP summary data.

/V
Specifies that verbose information should be displayed. Verbose information provides additional detailed settings that have been applied with a precedence of 1.

/Z
Specifies that the super-verbose information should be displayed. Super- verbose information provides additional detailed settings that have been applied with a precedence of 1 and higher. This allows you to see if a setting was set in multiple places. See the Group Policy online help topic for more information.

90
Q

Configures detailed reports on different system statistics and log performance over time

A

Performance Monitor
- (can be accessed through administrative tools, Computer Management or perfmon.exe command line)

91
Q

an attack that convinces the network that the attacker’s MAC address is the one associated with an allowed address so that traffic is wrongly sent to the attacker’s machine

A

ARP poisoning
- Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets.

92
Q

utility that allows you to copy the contents of more than one directory at a time and retain the directory structure

A

xcopy

93
Q

CIA

A

Confidentiality
Integrity
Availability

{With CIA, all answers end in “ity”
AAA does not!
Authentication
Authorization
Accounting}

94
Q

shows a list of services within each process

A

tasklist /svc

95
Q

VBScript

A

.vbs

96
Q

specify image name to kill

A

taskkill /im PID

Example: End Notepad (14944)
C:\User> TaskKill /IM 14944
SUCCESS: Sent termination signal to the process with PID 14944.

97
Q

Tools used to gather information about the way the network is built and configured and the current status of hosts. (nmap, ZenMap)
Finding out the specific version of OSs, software, network services, and so on can tell attackers what the known vulnerabilities are for the version you use.

A

network mapping

98
Q

install new application in Linux

A

apt-get install (package name)

99
Q

Dismounts volume C:

A

chkdsk C: /x
- Check Disk
- /x Forces the volume to dismount first if necessary.
All opened handles to the volume would then be invalid
(implies /F -fixes all errors on disk).

100
Q

a utility to be ran before imaging a disk to solve possible configuration problems

A

Sysprep
- Microsoft’s System Preparation Tool

Sysprep Generalizes the image and removes computer-specific information such as installed drivers and the computer security identifier (SID).

101
Q

The hard drive partition where the Windows OS is stored. The system partition and the boot partition my be different partitions

A

boot partition

{Boot Partition has the OS}
{System Partition has the BCD}

*Boot Configuration Database

102
Q

App in macOS used to verify or repair a disk or file system

A

Disk Utility

103
Q

the information is highly sensitive, for viewing only by approved persons within the organization

A

Confidential

  • Top Secret = Highest level of restriction
  • Secret = Valuable Info, Severely restricted
  • Confidential = Highly sensitive info need approval before viewing
  • Classified = Restricted, Internal/official use only (3rd party NDA)
  • Unclassified = No restrictions

============================================================================
Top Secret
Secret
- Both have “Secret” “Top Secret” is on TOP

Confidential
-is Confidently in the MIDDLE

Classified
Unclassified
- Both have “Classified” “Unclassified” is UNDER classified

104
Q

Can perform all management tasks and generally has very high access to all files and objects

A

Administrators

105
Q

shows you the programs, processes, and services that are currently running on your computer (Ctrl + Alt + Del)

A

Task Manager

106
Q

Runs a scan immediately to repair system files

A

sfc /scannow

107
Q

Linux command used to search and filter contents of files displaying the lines that match the search string

A

grep

  • Find text in a file
  • Search through many files at a time
  • grep PATTERN [FILE]
  • > grep failed auth.log
108
Q

ext3 vs ext4

A

Ext4 is functionally very similar to ext3, Both support journaling but Ext4 brings large filesystem support, improved resistance to fragmentation, higher performance, and improved timestamps.

109
Q

a text file editor in linux

A

vi/vim

110
Q

Records events generated during installation

A

Setup Logs

111
Q

Displays ports and addresses in numerical format. Skipping name resolution speeds up each query

A

netstat -n
-n Displays addresses and port numbers in numerical form.
{N = numerical}

====================================================================
Example:
Proto ___ Local Address _____ Foreign Address _______ State
TCP ___ 10.32.9.109:49264 ___ 35.186.224.42:443 ___ ESTABLISHED
TCP ___ 10.32.9.109:49501 ___ 149.96.232.187:443 ___ ESTABLISHED
TCP ___ 10.32.9.109:49521 ___ 10.32.9.28:7337 _____ ESTABLISHED
TCP ___ 10.32.9.109:49532 ___ 10.32.9.28:6336 ____ ESTABLISHED
TCP ___ 10.32.9.109:51786 ___ 10.32.9.14:1611 _______ ESTABLISHED
TCP ___ 10.32.9.109:52161 ___ 52.113.196.254:443 ____ CLOSE_WAIT

112
Q

Opens disk management console from runline

A

Diskmgmt.msc

113
Q

All user accounts that have been authenticated to access the system would end up here.

A

Authenticated Users Group

The Authenticated Users group includes all users whose identities were authenticated when they logged on. This includes local user accounts as well as all domain user accounts from trusted domains and also users from other forests that access resources in the local forest using valid credentials and using a forest or external inter-forest trust relationship.

The Everyone group is a superset of the Authenticated Users group. It includes the Authenticated Users group and the Guest account. An important difference between the Everyone and Authenticated Users groups lies in their Guest and Anonymous accounts’ membership

114
Q

Opens the Computer Management console from runline

A

compmgmt.msc

115
Q

These attack the boot sector, partition table and file system

A

boot sector virus

116
Q

binary files that store the registry database

A

hive

117
Q

Files are rearanged into contiguous clusters inproving read performance

A

Defragmentation

118
Q

saves current session to memory and put the computer into a minimal power state

A

Sleep/Standby Mode

{Sleep/StandBy mode sends data to Memory}
{Hibernate mode sends data to Disk}

119
Q

HOSTS file location in Windows

A

%SYSTEMROOT%\System32\drivers\etc\hosts

=========================================================

The hosts file is an operating system file on Windows PC that lets you map specific domain names to an IP address. Windows will use the hosts file each time when connecting over a network using a hostname. It’s used to translate hostnames into numeric protocol addresses that identify and locate a host in an IP network.

This is similar to nslookup where a domain name is translated to IP.

120
Q

Causes all policies(new and old to be reapplied)

A

gpupdate /force
- Group Policy Update /force

121
Q

A storage location in the environment of the operating systems command shell.

Location to store information about the operating system environment. This information includes details such as the operating system path, the number of processors used by the operating system, and the location of temporary folders. It also stores data that is used by the operating system and other programs.

A

environment variable

122
Q

Microsoft peer to peer network model in which computers are grouped together with access to shared resources

A

Workgroup

123
Q

Capturing and reading data packets as they move over a network

A

eavesdropping

124
Q

The software component that provides the core set of operating system functions

A

kernel

125
Q

A type of virus that spreads through memory and network connections rather than infecting files. Autonomously spreads and/or self replicates without user interaction

A

Worm

  • Self-contained
  • Typically target network application vulnerability
  • Rapidly consumes network bandwidth.
126
Q

View the performance of the local computer

A

Reliability and Performance Monitoring

127
Q

Authenticates user before committing any resources to RDP session preventing denial of service attacks

A

NLA (Network Level Authentication)

NLA is a feature of Remote Desktop Services (RDP Server) or Remote Desktop Connection (RDP Client) that requires the connecting user to authenticate themselves before a session is established with the server.

128
Q

Governs the processing of credit card and other bank payments

A

PCI-DSS (payment card industry data security standard)

===============================================================================

Anything having to do with PAYMENT CARDS or there related INDUSTRY aka banking. Banks want there DATA secured with this STANDARD

Payment
Card
Industry
Data
Security
Standard

PCIDSS

129
Q

A type of authentication suitable for server and domain based networks

A

RADIUS
-Remote Authentication Dial-In User Service

RADIUS protocol implements AAA, Authentication, Authorization, and Accounting.

130
Q

Dismounts volume C:

A

chkdsk C: /x

/x Forces the volume to dismount first, if necessary. All open handles to the drive are invalidated. /x also includes the functionality of /f.
/f Fixes errors on the disk. The disk must be locked. If chkdsk cannot lock the drive, a message appears that asks you if you want to check the drive the next time you restart the computer.

131
Q

A group of sectors

A

Cluster

132
Q

Appears in legacy applications but is deprecated because the rights allocated to this account type can be abused to allow the user Administrative or System privileges

A

Power Users

133
Q

Sets radio power level, typically set to the highest level by default.

A

Transmit Power

134
Q

A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network

A

Replay attack

135
Q

An application used to provide detailed diagnostic information about your mac

A

System Information

136
Q

A management console snap in for viewing and managing system logs

A

Event Viewer
- (accessed through computer management, administrative tools, or eventvwr.msc)

137
Q

Directory listings in order by date

A

dir /o:d

/o (Order) how?
:d (by Date)
/o:d (Order:by date)

138
Q

Apple equivalent of Ctrl button

A

Command

139
Q

Disables dmartin account

A

net user dmartin /active:no

140
Q

The highest level of classification

A

Top Secret

141
Q

a tool that reads the contents of a drive and writes the output to a .WIM format file.

A

DISM
- Microsoft’s Deployment Image Servicing and Management

142
Q

Python comments

A

#

143
Q

A program that appears desirable but actually contains something harmful

A

Trojan Horse

144
Q

A management console that provides an interface for managing user and group accounts.(not available in Starter or Home editions)

A

Local Users and Groups (lusrmgr.msc)

  • The Local Users and Groups in Windows 10 is an area where you can secure and manage user accounts or groups. These user accounts or groups must be stored locally on Windows 10 for you to be able to manage them.
145
Q

Tab in system properties that provides option for system restore

A

System Protection Tab

146
Q

displays all files without an extension.

A

dir *.

147
Q

Used in public key encryption, its a scheme in which the key to encrypt the data is different from the key to decrypt ( uses an RSA cipher)

A

Asymmetric Encryption

148
Q

Do anything with the object, including change its permissions and its owner

A

Full Control

149
Q

The database that contains the users, groups, and computer accounts in a Windows Server Domain

A

Active Directory

150
Q

Write permission is required for the destination folder and read for the source folder. NTFS permissions are inherited from the destination folder and the user becomes the Creator/Owner

A

Copying files and folders on the same NTFS volume or different volumes

  • The only instance where the source folder has Read permissions, The rest are Modify.
  • As with Moving files/folders to a different NTFS volume, NTFS permissions are inherited from the destination folder and the user becomes the Creator/Owner.
151
Q

Both 64 bit file systems that support journaling but ext4 delivers better performance

A

ext3 vs ext4

152
Q

A feature within NTFS on Windows systems that supports encrypting individual files or folders for confidentiality.

A

EFS (Encrypting File System)

153
Q

The account that created or “owns” an object, usually a user account.

A

Creator Owner Group

154
Q

linux command that shows the default gateway because ifconfig does not

A

route

155
Q

Error message when you try to ping an IP

A

Destination Host Unreachable

-“Destination Host Unreachable” is one of the usual but unexpected errors that flow out while carrying a network ping test. It is a type of Troubleshooting IP Default Gateway Issues that induce incorrect default gateway, which further leads to halt in a network ping test.

156
Q

Microsoft client/server network model that groups computers together for security and to centralize administration

A

Domain

  • An Active Directory Domain is a collection of objects within a Microsoft Active Directory network. An object can be a single user or a group or it can be a hardware component, such as a computer or printer.
157
Q

tab in system properties that provides option for system restore

A

system protection tab

158
Q

An applet to set the programs you wish to use, or choosing which application is used to open files of a particular extension

A

Default Programs

159
Q

a utility that provides a manual interface for verifying system files and restoring them from cache if they are corrupt or damaged

A

sfc
- System File Checker

160
Q

Read a file and change it, or create a file within a folder, but not to delete it

A

Write

161
Q

Shuts the Windows computer down in 30 seconds

A

shutdown /t 30

162
Q

Resolves address to hostnames

A

ping -a IPaddress
-a Resolve addresses to hostnames.

163
Q

capturing and reading data packets as they move over a network

A

Eavesdropping

164
Q

specifies minutes past the hour in cron(0-59)

A

mm

165
Q

Either parameter will generate a detailed explanation of the command in Linux

A

man/ –help

166
Q

shuts the computer down in 1 minute

A

Windows:
shutdown /s /t 60

macOS/Linux:
sudo shutdown -h (default is 1 minute)
sudo shutdown -h +5 (5 minutes from now)
sudo shutdown -h 00:05 (also works in hh:mm format)

167
Q

Allows Group Policy Object management without Active Directory on standalone computers.

Exposes the whole registry configuration using a dialog-based interface(Offers a wider range of settings than Local Security Policy)

A

Local Group Policy Editor (gpedit.msc)

(LGPO or LocalGPO)

168
Q

attempts to repair MBR

A

bootrec /fixmbr

169
Q

Linux, install new application

A

apt-get install (package name)

170
Q

linux command-line program used to create and manage partitions on a hard disk

A

fdisk

171
Q

An account that has the same privileges as LocalService but can access the network using the computer’s machine account’s credentials

A

NetworkService

172
Q

In administrative tools. You would use this to configure password and account policies with out going into the registry

A

Local Security Policy (secpol.msc)

The Local Security Policy snap-in (Secpol.msc) restricts the view of local policy objects to the following policies and features:

*Account Policies
*Local Policies
*Windows Firewall with Advanced Security
*Network List Manager Policies
*Public Key Policies
*Software Restriction Policies
*Application Control Policies
*IP Security Policies on Local Computer
*Advanced Audit Policy Configuration

Policies set locally might be overwritten if the computer is joined to the domain.

The Local Security Policy snap-in is part of the Security Configuration Manager tool set.

173
Q

tool to setup partitions on a hard drive. Sets up active partition

A

Diskpart

174
Q

Questions

A

Answers

175
Q

In OS X, a utility to remotely view and control a Mac and is similar to Remote Assistance in Windows.

A

Screen Sharing

176
Q

changes the name of volume D to volume E

A

format D: /v:E
format Volume [/V:volume]
/V:label -Specifies the volume label.
- Change the name of D volume to E

177
Q

Not the apple equivalent of the Ctrl button

A

Control

178
Q

displays all files with the DOC extension in the current directory

A

dir *.doc

179
Q

A feature of OS X that gives other computers on the network access to the Mac’s optical drive. System Preferences -> Sharing

A

Remote Disc

180
Q

Group Policy Snap in

A

gpedit.msc

181
Q

(Linux)stops a process using its Process ID

A

ps
-Gets all process and there PIDs
kill [PID]
-Ends the PID entered

182
Q

Displays DHCP, DNS server, MAC address, and NetBIOS status

A

ipconfig /all

183
Q

The database that contains the users, groups, and computer accounts in a Windows Server Domain

A

Active Directory

184
Q

Time it takes for a signal to reach the recipient

A

Latency

185
Q

list by date created

A

dir /t:c

/t [List time fields] what time fields?
:c [created]

Other time fields:
C Creation
A Last Access
W Last Written

186
Q

firewall implemented as software on the individual host computer

A

Host Firewall

187
Q

Displays all connections and listening ports.

A

netstat -a
-a Displays all connections and listening ports.
{A for ALL}

188
Q

list by last time accessed

A

dir /t:a

/t [list by time field] what time field?
:a [last accessed]

C Creation
A Last Access
W Last Written

189
Q

Information gathering threat in which the attacker attempts to learn about the configuration of the network and security systems

A

footprinting

190
Q

Python file extension

A

.py

191
Q

checks the integrity of disks and can repair any problems detected

A

chkdsk
-Check Disk

/f [fix all errors found]

192
Q

acts as the emulator for allowing 32-bit applications to run seamlessly on a Windows 64-bit OS

A

WOW64

193
Q

Linux shell script

A

.sh

194
Q

Windows group that includes all users

A

Everyone Group

195
Q

System for which vendors have dropped all support for security updates due to the system’s age.

A

End-of-life System

196
Q

rw-

A

6

7 -Read, Write, and Execute r w x
6 -Read and Write r w -
5 -Read and Execute r - x
4 -Read only r - -
3 -Write and Execute - w x
2 -Write only - w -
1 -Execute only - - x

4 -(letters in) READ
2 -write
1 -eXecute

Read + Write = 6 (rw-)

197
Q

–x

A

1

198
Q

Under this protocol Authentication, Authorization, and Accounting are performed by a separate server

A

RADIUS (Remote Authentication Dial-In User Service)

{Think - RAAADIUS}

  • RADIUS is a networking protocol, operating on ports 1812 and 1813, that provides centralized Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a network service.
199
Q

Provides remotely accessible database for storing, operating system, device, and software application configuration information

A

Windows Registry

200
Q

%SystemRoot%\System32\Winevt\Logs

A

Where the log files stored

201
Q

a feature to secure access to shared folders and printers. (exists in windows 7 and 8 but not in later versions of windows 10)

A

Homegroup

202
Q

A utility on macOS that allows a full windows installation to be made on a Mac. Applications ->Utilities folder

A

Boot Camp

203
Q

A partition that contains an image of the bootable partition created when the computer was built.(Restores OS to factory settings)

A

Factory Recovery Partition

204
Q

WoWLAN

A

Wake on Wireless LAN

205
Q

Applies a new or changed policy to a computer immediately

A

gpupdate /force

206
Q

The active partition of the hard drive containing the boot record and the specific files required to start the Windows launch.

A

System Partition

207
Q

lists both wide format and one screen at a time

A

dir /w/p

208
Q

A tool that reads the contents of a drive and writes the output to a .WIM format file.

A

DISM

  • Microsoft’s Deployment Image Servicing and Management
  • .WIM Windows Image Format
209
Q

view and change environment variables in Linux

A

printenv or env command

210
Q

restricts OS installation to trusted software

A

secure boot

211
Q

virtual file system for linux

A

VFAT (virtual file allocation table)

  • Uses the same data structures that Windows uses
  • Supports long (255) file names
212
Q

The switch or router performs authentication of the attached device before activating the port

A

PNAC
- Port-based network access control

213
Q

A third party that vouches for certificates

A server that can issue digital certificates and associated public/private key pairs. A way of authenticating that the keys are authentic.

A

CA
- Certificate Authority

214
Q

Displays, Storage, Service

A

apple menu items

215
Q

to adjust settings of an apple track pad

A

System Preferences -> Trackpad

216
Q

Commands to reset the network adapter in Windows 7/8

A

ipconfig /flushdns
netsh interface ip reset resetlog.txt (netsh i i r r)
netsh winsock reset

  • /flushdns
    Reverts the DNS file to default.
  • netsh interface ip reset resetlog.txt
    Rewrites two registry keys that are used by TCP/IP
  • netsh winsock reset Winsock settings contain your computer’s configuration for Internet connectivity. This reverts them to default.
  • netsh = Network Shell
217
Q

installing an new OS that completely replaces the old one

A

clean install

218
Q

End a process using its unique ID

A

taskkill /pid

===============================================================================
To end a process by name:
taskkill /IM
Taskkill /IM notepad.exe

219
Q

Either parameter will generate a detailed explanation of the command in Linux

A

man/ –help

220
Q

An attack that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information

A

Phishing

221
Q

Runs on on TCP port 3389.

A

RDP (Remote Desktop Protocol)

222
Q

Allows you to view and edit current security policy

A

Local Security Policy (secpol.msc)

  • The local security policy of a system is a set of information about the security of a local computer. The domains trusted to authenticate logon attempts. Which user accounts may access the system and how. For example, interactively, through a network, or as a service.
223
Q

Halt or power off the system (Linux)

A

shutdown -h

224
Q

runline command for system restore

A

rstrui.exe
*Restore Utility
ReSToR UtIlity

225
Q

list in order by extension

A

dir /o:e

===============================================================================
Other sort by orders:
N By name (alphabetic) S By size (smallest first)
E By extension (alphabetic) D By date/time (oldest first)
G Group directories first - Prefix to reverse order

226
Q

tool to test the memory chips for errors

A

Windows Memory Diagnostic

227
Q

512 bytes on a disk

A

Sector

228
Q

Information, Warning, Error, Critical, Successful Audit, Failure Audit

A

Event Types

229
Q

redhat/CentOS, SUSE, Debian/Ubuntu, Knoppix

A

popular linux distros

230
Q

r–

A

4

231
Q

Opens the Computer Management console from runline.

A

compmgmt.msc

232
Q

A Windows command to manage hard drives, partitions, and volumes.

A

diskpart

233
Q

fixes problems and makes improvements to the scan software itself

A

Scan engine/components

234
Q

Limited rights such as browsing network and shutdown, but they cannot save changes made to the desktop

A

Guests

235
Q

Python

A

.py

236
Q

Renames a file or directory

A

ren

237
Q

RSoP

A

Resultant Set of Policies

238
Q

lists files using a wide format with no file details.

A

dir/w

239
Q

an xml text file that contains all the instructions a Windows Setup program would need to install and configure an OS with out any administrator intervention

A

answer file

240
Q

Management console with multiple snap-ins to configure local users and groups, disks, services, and devices

A

Computer Management (compmgmt.msc)

Computer Management is a Microsoft Windows MMC snap in that was first introduced with Windows XP. It allows access to admin tools, including the Event Viewer, Task Scheduler, local users and groups, performance logs and alerts, Device Manager, Disk Management, and the Services manager.

241
Q

Network reset in Windows 10

A

Settings–>Network & Internet–>Status–>Network Reset

242
Q

A windows policy in which a computer remotely installs an application from a network folder without any administrator intervention

A

GPO
- Group Policy Objects

243
Q

Order by size

A

dir /o:s

==========================================================
Other Order options:

N By name (alphabetic) S By size (smallest first)
E By extension (alphabetic) D By date/time (oldest first)
G Group directories first - Prefix to reverse order

244
Q

the standard that defines a Port-based Network Access Control mechanism

A

802.1x

245
Q

The host cannot route a reply back to your computer

A

No reply (request timed out)

246
Q

linux command-line program used to format a partition with a file system

A

mkfs

{MKFS = Makes (Formats the partition with) the file system}
{FDISK = Creates the partition}
247
Q

sets the day of the week in cron in either numerical or text format

A

weekday

248
Q

This group contains the user account of the person currently working at the computer

A

Interactive Group

  • The members of the Interactive group gain access to resources on the computer at which they are physically located or logged on. This group includes all users who log into a computer locally or are logged in via RDP.
249
Q

List by extension

A

dir/o:e

==========================================================
sort order:
N By name (alphabetic) S By size (smallest first)
E By extension (alphabetic) D By date/time (oldest first)
G Group directories first - Prefix to reverse order

250
Q

a set of tools designed to gain control of a computer without revealing its prescence

A

Rootkit

251
Q

Add dmartin to the Administrators local group

A

net localgroup Administrators dmartin /add

  • Net localgroup command is used to manage local user groups on a computer. Using this command, administrators can add local/domain users to groups, delete users from groups, create new groups and delete existing groups.
252
Q

All user accounts that have been authenticated to access the system

A

Authenticated Users Group

253
Q

Removes job from a scheduled list in cron

A

crontab -r

254
Q

Apple version of performance monitor

A

Activity Monitor

255
Q

A program on a server that allows the network administrator to approve updates for certain groups

A

WSUS
-Windows Server Update Services

256
Q

displays all files with the DOC extension that start with the letters LET and searches for subdirectories

A

dir Let *.doc /s

/S Displays files in specified directory and all subdirectories.

257
Q

specifies the month in numerical or text format in cron

A

MM

258
Q

Displays DNS resolver cache

A

ipconfig /displaydns

/displaydns Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS Client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers.

Common ipconfig switches:
/all
/flushdns
/release
/renew

259
Q

Programming environment that includes features to help you write and edit code as well as debugging tools

A

IDV (Integrated Development Environment)

260
Q

linux command-line program used to format a swap partition

A

mkswap

261
Q

Manages the memory mappings and assignments

A

VMM
- virtual memory monitor

262
Q

All data modified since last full backup(moderate backup time, moderate restore time uses no more than two tape sets)

A

Differential backup

{Incremental Backup - only the files that changed since the last back up.}
{Differential Backup - only the files that changed since the last FULL backup.}
{Full Backup - Complete backup of all files}

263
Q

Interface for managing a Windows 10 computer

The successor to Control Panel

A

Windows Settings

264
Q

Microsoft peer to peer network model in which computers are grouped together with access to shared resources

A

Workgroup

265
Q

A command-line version of the Task Manager

A

tasklist

266
Q

-wx

A

3

267
Q

Do most things with an object but not to change its permissions or owner

A

Modify

268
Q

Virus that takes advantage of the macro programming languages built into some software.(affect an Office Document)

A

Macro viruses

269
Q

saves the current session to disk before powering off the computer

A

Hibernate Mode

270
Q

a program that appears desirable but actually contains something harmful

A

Trojan Horse

271
Q

Windows RE program that attempts to fix startup problems.

A

Bootrec

272
Q

Acts as the emulator for allowing 32-bit applications to run seamlessly on a Windows 64-bit OS

A

WOW64

273
Q

R- read only, H - Hidden, S - System, cannot be deleted A- Archive, modified since last backup

A

File Attributes

274
Q

A windows feature that can encrypt a folder or a file

A

EFS
- Encrypting File System -

275
Q

scans and attempts to recover bad sectors on drive C

A

chkdsk C: /r
/r Locates bad sectors and recovers readable information. The disk must be locked. /r includes the functionality of /f, with the additional analysis of physical disk errors.

276
Q

incident response processes, management oversight, security awareness, and training

A

Procedural controls

277
Q

On NTFS volumes only skips part of the checking process

A

chkdsk [volume] /i /c

  • /c Use with NTFS only. Does not check cycles within the folder structure, which reduces the amount of time required to run chkdsk.
  • /i Use with NTFS only. Performs a less vigorous check of index entries, which reduces the amount of time required to run chkdsk.
278
Q

used in public key encryption, it is scheme in which the key to encrypt data is different from the key to decrypt.(uses an RSA cipher)

A

asymmetric encryption

279
Q

to attempt repair of the boot sector

A

bootrec /fixboot

280
Q

Queries a DNS server about a host.

A

nslookup -option host server
- Name Server Lookup
-nslookup is a DNS lookup query utility
==========================================================
Usage:
nslookup [-opt …] [# interactive mode using default server]
nslookup [-opt …] - server [# interactive mode using ‘server’]
nslookup [-opt …] host [# just look up ‘host’ using default server]
nslookup [-opt …] host server [# just look up ‘host’ using ‘server’]

281
Q

changes the group in linux

A

chgrp

282
Q

What does AAA stand for?

A

Authentication, Authorization, and Accounting
- AAA is a system for tracking user activities on an IP-based network and controlling their access to network resources.
==========================================================
Authentication (Who are you?)
Authorization (Do you have permission?)
Accounting (Keeping track of who comes and goes)

283
Q

Distributed denial of service attacks that overwhelm a web server and shut it down

A

DDoS Attack

284
Q

prevents anyone but the user from viewing the screen

A

privacy screen

285
Q

Data that is used to identify, contact, locate, or impersonate an individual

A

PII (Personally Identifiable Information)

*Not to be confused with NPPI… (Non Public Personal Info)

286
Q

Windows batch file

A

.bat

287
Q

the command or script to run along with the full path to the file

A

command

288
Q

Opens device manager from runline

A

devmgmt.msc

==========================================================
Despite the name being Device Manager, the file name is devmgmt.msc

289
Q

user authentication login, firewalls, anti-virus software

A

Logical controls

290
Q

Provides information about hardware resources, components, and the software environment. Also known as System Information.

A

msinfo32.exe

291
Q

Forced DHCP client to renew lease it has for an IP address(if AdapterName is omitted it releases or renews ALL adapters on the network)

A

ipconfig /renew AdapterName

292
Q

a text file editor in linux.

A

vi/vim

293
Q

What does BCD stand for?

A

Boot Configuration Database

294
Q

a windows peer-to-peer network found in Windows 10

A

workgroup

295
Q

A utility that is used to register component services used by an installed application.

A

regsvr32
-regsvr32 is a command-line tool in Windows that stands for Microsoft Register Server. It’s used to register and unregister Object Linking and Embedding (OLE) controls like.DLL files and ActiveX Control.OCX files

296
Q

Updated file system for optical media with support for multi-session writing

A

UDF (Universal Disk Format)

297
Q

An index level calculated from signal strength. If the connection speed is below the set minimum, the wireless adapter will drop the signal

A

RSSI (Received Signal Strength Indicator)

  • (RSSI) is an estimated measurement of how good a device can hear, detect and receive signals from any access point or from a specific router.
  • 30db - feet away from transmitter
  • 67db - Minimum signal strength for applications that require very reliable, timely delivery of data packets. (VoIP, Streaming)
  • 70db - Minimum signal strength for reliable packet delivery. (email, Web)
  • 80db - Minimum signal strength for basic connectivity. Packet delivery may be unreliable.
  • 90db - Approaching or drowning in the noise floor. Any functionality is highly unlikely.
298
Q

A search tool in the macOS

A

Spotlight Search

299
Q

Format D: drive with a NTFS file system and forces the drive to dismount.

A

format D: /fs:NTFS /x
- /X Force the volume to dismount first if necessary. All opened handles to the volume would no longer be valid.

300
Q

64 bit file system used for large capacity removable hard drives and flash media.

A

exFAT ( Extended File Allocation Table)

301
Q

Write permission is required for the destination folder and Read for the source folder. NTFS permissions are inherited from the destination folder and the user becomes the creator

A

Copying files and folders on the same NTFS volume or different volume

302
Q

A disk partition disignated for swap space in linux

A

Swap Partition

303
Q

a feature of macOS that enables a user to set up one or more desktops with different sets of apps and backgrounds

A

Mission Control

304
Q

Set properties and monitor local printers and manage print sharing on a network

A

Print Management

305
Q

performs a quick format on D: volume and use exFAT file system.

A

format D: /q /fs:EXFAT
- /q quick format. Does not scan for bad sectors.
==========================================================
Format Syntax:
FORMAT volume [/FS:file-system] [/V:label] [/Q] [/L[:state]] [/A:size] [/C] [/I:state] [/X] [/P:passes] [/S:state]

306
Q

All data modified since last full backup ( moderate backup time, moderate restore time uses no more than 2 tape sets)

A

Differential backup

307
Q

Do anything with the object, including change its permissions and its owner

A

Full Control

308
Q

Load basic devices and services only

A

Diagnostic start up
-When you start the computer in Safe mode, Windows loads only the basic drivers and computer services that you need. The diagnostic startup option enables Windows to determine which basic device drivers and software to load when you start Windows.

309
Q

process of optimizing RAM storage by borrowing hard drive space

A

virtual memory

o Virtual Memory: Allows you to set the amount of storage space for the Page/Swap File which is the RAM overflow that gets written to the HDD. This is managed automatically by default but you can modify this to set the HDD its writes to, Say from a HDD to a SSD and also modify the size of the Page/Swap File.

310
Q

enters the linux job schedualing editor

A

crontab -e

311
Q

specifies the month in numerical or text format in cron

A

MM

312
Q

opens a Remote Desktop connection from command line

A

mstsc
-Microsoft Terminal Services Connection

313
Q

Load all device drivers and services

A

Normal Startup

314
Q

Distributed denial of service attacks that overwhelm a web server and shut it down

A

DDoS Attack

315
Q

/etc/hosts

A

HOSTS file location in Linux

316
Q

shows the properties of the dmartin account

A

net user dmartin

317
Q

Resolves address to hostnames

A

ping -a (IP address)

  • Returns the host name of IP address
  • In certain instances the inverse can be done using:
    nslookup (hostname)
  • Returns the IP address of the host name
318
Q

to attempt repair of the boot sector

A

bootrec /fixboot

319
Q

rwx

A

7

320
Q

A computer network that enables users to wirelessly connect to their offices or the Internet via a cellular network. Sometimes referred to as wireless broadband.

A

WWAN (Wireless Wide Area Network)

321
Q

lists files using a wide format with no file details

A

dir /w

322
Q

formats D drive to an exfat file system

A

format D: /fs:EXFAT

323
Q

variation in delay

A

jitter

324
Q

Control Panel –> System Properties –> Remote Settings

A

Remote Settings Location

325
Q

Add user dmartin and require password change.

A

net user dmartin Pa$$w0rd /add /fullname: “David Martin” /Logonpasswordchg:yes

326
Q

the capability for choosing between two or more operating systems to boot from when a computer is turned on. A separate partition is required for each operating system. (Win)

A

Multiboot

327
Q

Appears in legacy applications but is deprecated because the rights allocated to this account type can be abused to allow the user Administrative or System privileges

A

Power Users

328
Q

This log holds the audit data for the system

A

Security Log

329
Q

Used to modify settings and files that effect the affect the way the computer boots in windows

A

System Configuration Utility (msconfig)

  • Tabs found in msconfig:
  • General:
    Allows you to boot Windows in diagnostic or selective mode when necessary
  • Boot:
    Manage everything related to Windows boot, including Safe mode.
  • Services:
    Enable or disable Windows and other services
  • Startup:
    The startup section is now managed via Task Manager.
  • Tools:
    Launch popular System services from here
330
Q

A set of tools designed to gain control of a computer without revealing its presence

A

Rootkit

331
Q

Ensures old data on a hard drive is destroyed by writing zereos or a random patter to each location on the drive. Makes disk suitable for re-use

A

Drive wiping

332
Q

overloading a switch’s MAC cache preventing genuine devices from connecting and forcing the switch into “hub” or “flooding” mode

A

MAC Flooding

333
Q

File system used in macOS High Sierra or later which supports native file encryption

A

APFS

  • Apple File System
  • also called Mac OS Extended
  • Current FS used by Apple
  • Successor to HFS+ Extended Hierarchical File System
334
Q

aborts command prompt shutdown

A

shutdown -a (Linux)
shutdown /a (Win)

335
Q

A class of enterprise software designed to apply security policies to the use of smartphones and tablets in a business network

A

MDM (Mobile Device Management )

336
Q

displays linux processes that are currently running

A

ps

337
Q

Three most effective types of physical data destruction?

A

Shredding, Incineration, Degaussing

338
Q

installing on top of an existing version of OS

A

in-place upgrade

339
Q

A means of applying security settings and other administrative settings across a range of computers and users

A

GPO (Group Policy Object)
-A Group Policy Object (GPO) is a virtual collection of policy settings.

340
Q

viewing is restricted to the owner organization or to third parties under a Non-disclosure Agreement

A

classified

341
Q

The info is too valuable to permit any risk of its capture. Viewing is severely restricted

A

Secret

342
Q

These attack the boot sector, partition table, and file system

A

boot sector virus

343
Q

shows an enhanced version of the sort of snapshot monitoring provided by task manager by showing detailed info on hardware usage.

A

Resource Monitor

344
Q

Reroutes requests for legitimate websites to false websites

A

pharming

345
Q

To adjust settings of an Apple trackpad

A

System Preferences –> Trackpad

346
Q

A group of sectors

A

Cluster

347
Q

A Windows process that does not require any sort of user interaction and so runs in the background.

A

Service

348
Q

The time it takes for a signal to reach the recipient

A

latency

349
Q

Apple equivalent of Alt

A

Option

350
Q

A limited account used to run services that cannot make system wide changes. Also it can access the network anonymously

A

LocalService

351
Q

Group is able to perform most common tasks such as shutdown, running applications, and using printers. They can also change time zone and install printers

A

Users

352
Q

File System used in macOS High Sierra or later which supports native file encryption

A

APFS
- Apple File System

353
Q

Write permission is required for the destination folder and Modify for the source folder. NTFS permissions are inherited from the destination folder and the user becomes the Creator/Owner

A

Moving files and folders to a different NTFS volume

354
Q

MacOS version of remote desktop functionality

A

Screen Sharing

355
Q

attempts to discover the password from the hash using databases of precomputed hashes

A

Rainbow Table Attack

356
Q

Allows you to start up the computer remotely

A

WoL Wake on LAN -

357
Q

Release the IP address obtained from a DHCP server so the network adapter will no longer have an IP address

A

ipconfig /release AdapterName

358
Q

In Linux, checks partition errors (partition should be unmounted before running this tool)

A

fsck

359
Q

In Linux, checks partition errors (partition should be unmounted before running this tool)

A

fsck

360
Q

clears the command prompt screen.

A

cls

361
Q

Specifies minutes past the hour in cron, the linux job scheduler. (0-59)

A

mm

362
Q

template containing the OS and required software

A

Image

363
Q

A microsoft utility to encrypt a drive

A

BitLocker

364
Q

Reroutes request for legitimate websites to false websites

A

Pharming

365
Q

displays all files with the DOC extension in the current directory.

A

dir *.doc

366
Q
  • tests whether or not a system is responsive
  • shortcut to restart the graphics driver
A

Windows + Ctrl + Shift + B

367
Q

Apple equivalent of file explorer in Windows

A

Finder

368
Q

Best place to configure your system in Windows 7

A

Control Panel

369
Q

Write permission is required for the destination folder and Modify for the source folder. NTFS permissions are retained.

A

Moving files and folders on the same NTFS volume

370
Q

-w-

A

2

371
Q

Allows a user to ask for help from a technician or co-worker

Assigns a port dynamically from an ephemeral range

A

Remote Assistance

372
Q

A limited account used to run services that cannot make system wide changes. Also it can access the network anonymously

A

Local Service

373
Q

clears the command prompt screen

A

cls

374
Q
A

0

375
Q

Informs you when a program makes a change that requires administrator-level permission, also adjusts the permission level of your user accounts

A

UAC (User Account Control)

376
Q

causes a service at a given host to fail or become unavailable to legitimate users, Typically, by overloading a service.

A

DoS attack (Denial of Service Attack)

377
Q

Adds missing Windows installations to the BCD

A

bootrec /rebuildbcd

378
Q

Displays a log of “system reliability” events

A

Reliability Monitor

379
Q

Reboot 10 minutes from now (Linux)

A

shutdown now, +10

380
Q

Fixes file system errors on the disk drive C

A

chkdsk C: /f
- The intention is to check the Windows drive for damage and (with the /f switch) immediately perform a repair.

  • CHKDSK finds and fixes errors in the file system of your hard drive, SFC (System File Checker) specifically scans and repairs Windows system files.
381
Q

A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.

A

Replay Attack

382
Q

New files and files modified since last backup(low backup time, high restore time uses multiple tape sets)

A

Incremental backup

383
Q

Used to mount storage devices into a local file system in linux

A

NFS (Network File System)

384
Q

64 bit application files location in Windows.

A

Program Files

385
Q

A protocol in which the computer is enabled to browse update.microsoft.com and select updates for download and installation

A

BITS
- Background Intelligent Transfer Service

-On Windows 10, Background Intelligent Transfer Service (BITS) is an essential component responsible for assisting the system and applications during foreground or background downloads and uploads between the device and a remote server, without impacting the network experience.

386
Q

256 bit cryptographic hash generated from a passphrase. This authentication method is suitable for SOHO networks

A

PSK
- Pre-Shared Key -

387
Q

Clients - Provides connections to types of file servers such as Linux, Unix, or Windows

Protocols - Provide the format for addressing and delivering data messages between systems.

Services - Allow your machine to provide network functionality to other machines

A

Adapter Properties

388
Q

A command used to view all variables in the shell, except special variables.

A

“set” command
-Linux set command is used to set and unset certain flags or settings within the shell environment.

-In Windows, Set Displays, sets, or removes cmd.exe environment variables. If used without parameters, set displays the current environment variable settings.

389
Q

Formats D: drive and enables file compression using NTFS

A

format D: /fs:NTFS /c

390
Q

linux task scheduler

A

cron

391
Q

Saves the current session to memory and put the computer into minimal power state

A

Standby/Sleep Mode

392
Q

services that work in the device firmware that prevents restores or the disabling of location services

A

Activation Lock/Device Protection

393
Q

a software program capable of reproducing itself that can spread from one computer to the next over a network

A

Worm

394
Q

list by time file was last written to

A

dir /t:w

/t = Time

:w = last witten to

395
Q

groupadd, groupmod, groupdel

A

linux group commands

396
Q

enters the editor in Linux task scheduler.

A

crontab -e

397
Q

terminates process without any user notification

A

taskkill /f /pid processid

-taskkill
ends one or more tasks or processes.

/f
Specifies that processes be forcefully ended. This parameter is ignored for remote processes; all remote processes are forcefully ended.

/pid [processID]
Specifies the process ID of the process to be terminated.

398
Q

The hard drive partition where the Windows OS is stored. The system partition and the boot partition may be different partitions.

A

Boot Partition

399
Q

System Preferences ->users and groups

A

adding a new account in MacOS

400
Q

A list of permissions associated with an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.

Rules applied by packet filter firewalls that filter data by IP address, Protocol ID, and Port Numbers

A

ACL (Access control list)

ACLs come in different forms:

  • File System ACL
  • Active Directory ACL
  • Network ACL

All perform a similar role, to attach permissions to an object (resource) that specify which users are granted access to that object (resource) and the operations it is allowed to perform.

401
Q

Contains information about service load failures, hardware conflicts, and driver load failures

A

System Log (syslog)

402
Q

Write permission is required for the destination folder and Modify for the source folder. NTFS permissions are retained

A

Moving files and folders on the same NTFS volume

403
Q

Control Panel ->System -> Advanced system settings ->System Properties->Remote Settings

A

remote settings location

404
Q

Freeware that works over TCP port 5900 with similar functionality to RDP.

A

VNC (Virtual Network Computing)
- Screen Sharing is based on VNC

405
Q

Shows the process that has opened the port

A

netstat -b
-b
Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached.

406
Q

Local Security Policy snap in

A

secpol.msc

407
Q

A Windows process that does not require any sort of user interaction and so runs in the background

A

service

408
Q

Contains information regarding the application errors

A

Application Log

409
Q

Allows administrators to devise policies or profiles defining the minimum security configuration required of devices for network access

A

NAC (Network Access Control)

  • Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.
410
Q

Gnome, KDE, Cinnamon, Xfce

A

popular linux GUIs

411
Q

Aborts command prompt shutdown

A

shutdown -a
shutdown /a

412
Q

Forced DHCP client to renew lease it has for an IP address (if AdapterName is omitted it releases or renews ALL adapters on the network)

A

ipconfig /renew AdapterName

413
Q

useradd, usermod, userdel

A

linux user commands

414
Q

Saves the current session to disk before powering off the computer

A

Hibernate mode

415
Q

Modify permission is required for the destination folder. All permissions and NTFS attributes(such as encryption) are lost, FAT does not support permissions or special attributes

A

Moving files and folders to a FAT or FAT32 partition

416
Q

privacy laws, policies, and clauses

A

legal and regulatory or compliance controls

417
Q

Tool to test the memory chips for errors

A

Windows Memory Diagnostics

418
Q

Formats D volume and specifies the size of allocation units 512

A

format D: /a:512

/A:size Overrides the default allocation unit size. Default settings
are strongly recommended for general use.

419
Q

Proprietary file system used exclusively in Windows.

A

NTFS
- New Technology File System

420
Q

catalog of Microsoft tested and approved devices and drivers

A

LPL

  • Windows Logo’d Product List
  • Sometimes called Windows Compatible Products List
421
Q

group policy snap in

A

gpedit.msc

422
Q

displays all files with the DOC extension that start with the letters LET

A

dir Let *.doc

423
Q

Contains user accounts of any users connected to a computer over the network

A

Network Group

424
Q

located in Administrative Tools, enables you to register new server applications or reconfigure security permissions for existing services

A

Component Services (COM+)

425
Q

JavaScript

A

.js

426
Q

**** means that the switch or router performs authentication of the attached device before activating the port

A

PNAC
- Port-based network access control

427
Q

shows an enhanced version of the sort of snapshot monitoring provided by task manager

A

Resource Monitor

428
Q

Opens the Run dialog box

A

Win Key + R

429
Q

Files written in non contiguous clusters reducing read performance

A

Fragmentation

430
Q

Reboot from command line

A

shutdown -r

shutdown /r

431
Q

Displays DHCP, DNS server, MAC address, and NetBIOS status

A

ipconfig /all

432
Q

Windows log files that allow you to collect statistics about resources and can be used to determine system health and performance.

A

counter logs

433
Q

An information gathering threat, in which the attacker attempts to learn about the configuration of the network and security systems through social engineering attacks or software based tools.

A

Footprinting (also known as reconnaissance)
- generally refers to one of the pre-attack phases; tasks performed before doing the actual attack.

434
Q

Software that enumerates (lists, in order) the status of TCP and UDP ports on a target system.

A

Port Scanning
- Port scanning can be blocked by some Firewalls and IDS (Intrusion Detection System).

-A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

435
Q

What are the types of Events seen in Event Viewer? (6)

A

Information, Warning, Error, Critical, Successful Audit, Failure Audit

{Whales Eat Cats Instead of Salted Fish}
*Warning
*Error
*Critical
*Information

*Successful Audit
*Failure Audit

436
Q

What does Chkdsk and Scandisk do?

A

CHKDSK is designed to check the integrity of disk partition file system, scan and fix detected logical file system errors on the hard disk.

ScanDisk can also check and repair disk file system errors. However, ScanDisk cannot scan NTFS disk drives, but only scan FAT drives like FAT32, FAT16, and FAT12.

437
Q

What does SFC /Scannow and DISM do?

A

(System File Checker)

SFC /Scannow helps you scan and repair corruptions in Windows system files.

(Deployment Image Servicing and Management Tool)

DISM can be used to prepare, modify and repair Windows system images.

438
Q

An alternative to RADIUS

A

TACACS+
- Terminal Access Controller Access-Control System Plus

  • Developed by Cisco, Terminal Access Controller Access-Control System (TACACS,) refers to a family of related protocols handling remote authentication and related services for networked access control through a centralized server.
439
Q

A mobile user has transitioned to using apps on their smartphone for all
business tasks. To ensure that no data will be lost, the smartphone will
need to have multiple backups each day. The user travels most of the time
and rarely visits the home office. What would be the
best way to provide these backups?

A

Use a cloud backup service

  • Using a cloud backup service such as Apple iCloud or Google Drive
    provides an automated method to constantly backup all user data on the
    smartphone. If the phone is lost or stolen, the user can purchase a new
    smartphone and restore all of the data from the cloud.
440
Q

A system administrator has inadvertently installed a Trojan horse that has
deleted a number of files across many Windows file shares. The Trojan
also had access to user documents and login credentials and transmitted
numerous documents to an off-site file storage system. What would limit the scope of future exploits?

A

Modify the default permissions

  • Many system administrators configure their accounts to have full access
    to the network as their default setting. This means that malicious software
    would also have full access if the administrator’s desktop was exploited.
    Changing the default permissions to have limited access would also limit
    the scope of a Trojan horse exploit.
441
Q

A data center manager would like to ensure that a power fault on a server
would not be harmful to employees. What would be the
BEST choice for this requirement?

A

Electrical ground

  • An electrical ground will divert any electrical faults away from people and
    into a copper grounding rod. An electrical ground is a critical part of any
    power system and equipment installation.
442
Q

A desktop administrator has just removed malware from a user’s desktop
computer and has configured the system to automatically update antivirus
signatures and perform a scan each night. What should be the NEXT step in the removal process?

A

Enable System Protection

  • Before the malware was removed, System Protection was disabled to
    delete all potentially-infected restore points. Once the malware is removed
    and the anti-malware process is working again, System Protection can
    be re-enabled.
443
Q

A Linux administrator is modifying a log file and needs to rename the
file. What should be used to make this change?

A

mv

  • The Linux mv (move) command will move a file from one location to
    another or move/rename a file from one name to another.
444
Q

Walter, a user in the accounting department, has opened a help desk
ticket that complains of garbled output from the local network printer.
Any spreadsheet sent to the printer results in a jumble of text and
graphics instead of the spreadsheet output. What
should be the FIRST troubleshooting step?

A

Print a test page from the printer console

  • It would be useful to know if the printer is working properly or if the issue
    occurred prior to the output reaching the printer. Printing a test page from
    the printer console circumvents the network, operating system, driver, and
    application to determine if the printer itself is working properly.
445
Q

A user has opened a help desk ticket regarding the battery life in her
three-year old smartphone. If a power source is not available, the phone
battery is usually depleted by the middle of the work day. She uses the
smartphone to access resources across the VPN, send and receive email,
and run company-related apps. Her average screen time during the day
usually exceeds ten hours. What would be the MOST
likely reason for this battery issue?

A

The battery capacity is decreased

  • Smartphone batteries have a lifespan of about 300 to 500 charge cycles,
    so smartphone that’s three years old will not have the same capacity as the
    battery in a new smartphone.
446
Q

network administrator has found that a daily report shows a single
user with numerous visits to a website that violates the company’s AUP.
What should the administrator do NEXT?

A

Contact the company’s security officer

  • A company’s AUP (Acceptable Use Policy) is in place to limit the legal
    liability of an organization. If a person in the organization is not following
    the terms of the AUP, then the security officer’s team should manage the
    results of that action.
447
Q

What script extensions would commonly be used inside
of a Microsoft Office application?

A

.vbs

  • The .vbs extension is used for Microsoft Visual Basic Scripting Edition
    scripts. These scripts provide general purpose scripting in Windows, and
    are especially common inside of Microsoft Office applications.
448
Q

A user would like to install an image and photo editing program on their
home computer, but they would prefer an application that did not require
a monthly subscription. What would be the BEST
licensing option for this requirement?

A

FOSS
- FOSS (Free and Open-Source) software is distributed without charge and
includes a copy of the source code.

449
Q

Windows command that fixes logical file system errors on the disk

A

chkdsk /f

450
Q

Windows command that locates bad sectors and recovers readable information

A

chkdsk /r (Implies /f)

451
Q

Windows network commands
view network resources

A
  • net view \ [Server]
  • net view /[workgroup:]
452
Q

Windows network command to map a network share to a drive letter

A

net use [Drive Letter] \[server]

net use R: \fs-main

453
Q

System Configuration Tabs (msconfig)

A

General tab
• Control the startup process

Boot tab
• Control the boot location

Services tab
• Enable and disable Windows services

Startup tab
• Manage which programs start with a Windows login

Tools tab
• Easy access to popular administrative tools

454
Q

Task Manager Tabs (Windows 10)

A

Processes
Performance
App History
Startup
Users
Details
Services

455
Q

Shares files, photos, video, etc. between all devices.
Works on a single private network only.

A

Windows HomeGroup (Win 7)

456
Q
  • Logical groups of network devices
  • Each device is a standalone system, everyone is a peer
A

Windows WorkGroup

457
Q
  • Business network
  • Centralized authentication and device access
  • Supports thousands of devices across many networks
A

Windows Domain

458
Q

Network locations in Windows 7

A

Home
• The network is trusted

Work
• You can see other devices, but can’t join a HomeGroup

Public
• Airport, coffee shop
• You are invisible

459
Q

Network locations in Windows 8/8.1/10

A

Private
• Sharing and connect to devices

Public
• No sharing or connectivity

460
Q

Scripting for Windows at the command line

A

Batch Scripts

461
Q
  • Command line for system administrators
  • Extend command-line functions
  • Automate and integrate
  • System administration
  • Active Domain administration
A

PowerShell Scripts

462
Q
  • Back-end web server scripting
  • Scripting on the Windows desktop
  • Scripting inside of
  • Microsoft Office applications
A

VBScripts

463
Q

Scripting the Unix/Linux shell

A

Shell Scripts

464
Q

General-purpose scripting language

A

Python

465
Q
  • Scripting inside of your browser
  • Adds interactivity to HTML and CSS
A

JavaScript

466
Q

The ****** command will report if a device on the network can respond to the request, but it does not provide any location details if the device does not respond.

A

ping

467
Q

The****** command will query a DNS server to identify IP addresses and fully qualified
domain names.

A

nslookup

468
Q

The ***** command will display connections, routes, and other network statistics associated with a single device. The command does not provide any information about the uptime and availability of a remote
network connection.

A

netstat

469
Q

The ***** utility will show the network routes between two devices. If the route is disrupted between those two devices, the last available router
will be identified.

A

tracert

470
Q

A desktop technician has received a complaint that a remotely-hosted application has stopped working. The technician believes that a network outage at the application provider is the root cause of the issue. Which tool would be the BEST choice to confirm the location of the outage?

A

tracert

471
Q

A desktop administrator has been tasked with removing malware from an executive’s laptop computer. The system has been removed from the network, but the Windows startup process shows a Stop Error before
rebooting into a repeating cycle. Which would be the best NEXT step in the malware removal process?

A

Boot with a pre-installation environment (Windows PE)

Windows Preinstallation Environment (also known as Windows PE and WinPE) is a lightweight version of Windows used for the deployment of PCs, workstations, and servers, or troubleshooting an operating system while it is offline. It is intended to replace MS-DOS boot disks and can be booted via USB flash drive, PXE, iPXE, CD-ROM, or hard disk.

472
Q

A member of the accounting department at headquarters is getting a new laptop and would like to reissue the older Windows 10 laptop to an accounting team member at a remote site. The headquarters user would like to remove all personal files, apps, and settings before sending the laptop to the remote site. Which would be the BEST way to accomplish this?

A

Perform a Windows 10 reset
- The Windows 10 reset can quickly remove all
personal files, apps, and setting, and would reset the system to the factory
defaults.

473
Q

A user’s smartphone contains company confidential information that should not be shared outside of the organization. Which would be the BEST way to limit access to this data if the smartphone was lost
or stolen?

A

Remote wipe
The remote wipe feature of a smartphone or tablet allows the administrator or owner of the device to delete all information on the device from a website or secure app. If the device is lost or stolen, all of the data on the device can be immediately erased and recovery of the data would not be possible unless the admin/owner also uses Cloud backup
A cloud backup allows the smartphone owner to recover data if the phone were lost or stolen, but the cloud backup alone would not provide any additional protection of the smartphone data.

474
Q

A workstation technician manages a training center that contains thirty student computers in each room. All of the computers have the same hardware configurations. Which installation method would be the BEST choice for quickly resetting the training rooms at the end of each week?

A

Image installation
An image installation can install an operating system, applications, and customized system configurations to multiple devices in a single step. With a pre-built images, a large training room of systems can be updated with a specific configuration very efficiently.

475
Q

Walter, a user, is trying to use a new stylus with his tablet. The screen on the tablet responds to a finger press or a swipe, but the stylus does not interact with the tablet screen. What would be the MOST likely fix for this?

A

Enable Bluetooth
Most tablets use Bluetooth to connect wirelessly to external devices. If Bluetooth isn’t enabled, then a stylus, wireless headphones, and other personal area network (PAN) devices will not be usable.

476
Q

(Windows 10 for desktop editions , Windows 8.1 and Windows 8 only). This tool enables your users to repair their own PCs quickly while preserving their data and important customizations, without having to back up data in advance or remove everything.

A

Push-Button Reset (System Reset) (Reset)

Settings > Update & Security > Recovery > Reset this PC > Get started

477
Q

Automatically fixes problems preventing Windows from starting

A

Startup Repair

Open Settings. Click on Update & Security. Click on Recovery. Under the “Advanced startup” section, click the Restart now button

Issues that can be fixed with Startup Repair:

  • Your Registry becomes corrupted.
  • There are missing or damaged system and driver files.
  • You are experiencing Disk metadata corruption (MBR, partition table, and boot sector).
  • There is any File system metadata corruption.
  • You are facing installing issues or the drivers are incompatible.
  • Installation of Windows service packs and patches are coming back with incompatible errors.
  • Your boot configuration data is corrupt.
  • Startup Repair can detect bad memory and hard disk.
478
Q

Brings Windows back to a earlier point in time

A

System Restore/System Protection

479
Q

Recover your PC using a system image created earlier

A

System Image Recovery

480
Q

You receive a call from a customer who is confused after upgrading his Windows 7
Home Premium edition computer to Windows 10. The user cannot find the All Programs menu.
What should you advise?

A

Users often need assistance when an OS version changes the desktop style or user interface. In Windows
10, the Start Menu and the All Programs submenu have been replaced by the Start Screen. The user can scroll in the Start Screen or use Instant Search to find any app. To use Instant Search, press the Windows key and type the app name.

481
Q

In terms of system hardware, what is the main advantage of a 64-bit version
of Windows?

A

Support for more than 4 GB RAM.

482
Q

You are advising a customer whose business is expanding. The business owner
needs to provision an additional 30 desktop computers, some of which will be
installed at a second office location. The business is currently run with a
workgroup network of five Windows 7 Home Premium desktop computers and one file server.
Why might you suggest licenses for an edition of Windows 10 that supports
corporate needs for the new computer and has upgrades for the old
computers? Which specific edition(s) could you recommend?

A

Without a domain, accounts must be configured on each computer individually. With over 30 computers to manage at two locations, this would be a substantial task so switching to a domain network, where the accounts can be configured on the server, is likely to save costs in the long term. The BranchCache feature would also allow computers at the second office to minimize bandwidth usage when downloading documents (Enterprise edition only) and updates from the main office. You can suggest either Windows 10
Pro or Windows 10 Enterprise for use on a domain. As Windows moves towards a service model,
subscription-based licensing of the Enterprise edition is becoming the mainstream choice.

483
Q

customer asks whether an iOS app that your company developed will also work
on her Apple macOS computer.
What issue does this raise and what answer might you give?

A

The issue here is compatibility between different operating systems. Even though both are produced by
Apple, iOS and macOS use different environments so the iOS app cannot be installed directly. Your
company might make a macOS version. Also (and do not worry if you did not include this in your answer),
with the latest version of macOS (Mojave), support for native iOS apps is being provisioned so this might
be something you can offer in the future.

484
Q

Apart from Windows and macOS, what operating system options are there
for client PCs?

A

The other main choice is one of the distributions of Linux. A company might also use some sort of UNIX.
Finally, Chrome OS is installed on Chromebox PCs. These are often used by educational institutions and
businesses who rely primarily on web applications, rather than locally installed desktop software.

485
Q

You are advising a customer with an older model Android smartphone. The
customer wants to update to the latest version of Android, but using the update
option results in a No updates available message.
What type of issue is this, and what advice can you provide?

A

This is an issue with update limitations. Android is quite a fragmented market, and customers must
depend on the handset vendor to implement OS updates for a particular model. The customer can only
check the handset vendor’s website or helpline to find out if a version update will ever be supported for
that model.

486
Q

A user asks you how they can change Ease of Access settings.
In which management interface(s) are these settings located in the different
versions of Windows?

A

User-level features like this are configured via the Control Panel in Windows 7. In
Windows 8 and Windows 10, there are Ease of Access settings in both the Control
Panel and in the PC Settings/Windows Settings app but don’t worry if you just
answered “Settings app.” It is also worth remembering that you can use Instant
Search to return a list of user configuration options quickly.

487
Q

You receive a call from a Windows 7 user who wants to “speed his computer up.”
After questioning him, you find that he is actually getting frustrated at having to
click through UAC authorizations. He asks how to turn them off.
Explain how this is done. Should you offer any other advice?

A

There are several ways to disable User Account Control (UAC) but the simplest is via
the User Accounts applet in Control Panel. You can also just search for “UAC” to
open the dialog box. You should advise the customer that UAC is an important
security feature and that by disabling it, his computer will be more vulnerable to
malware.

488
Q

True or false? Each version of Windows has an Administrative Tools shortcut
folder in Control Panel.

A

True—the contents do vary from version to version though.

489
Q

When would you use the mmc command?

A

A Microsoft Management Console (MMC) is used for Windows administration.
Running mmc opens an empty console. You would do this to create a custom toolkit
of the snap-ins used to configure advanced features of Windows. You can save the
custom console for future use.

490
Q

You are attempting to run a command but receive the message The requested
operation requires elevation.
What must you do to run the command?

A

Open a new command prompt window with sufficient privileges. You can right-click
the Command Prompt icon and select Run as administrator or press Ctrl+Shift
+Enter with the icon selected.

491
Q

Why might you run the shutdown command with the /t switch?

A

To specify a delay between running the command and shutdown starting. You might
do this to give users a chance to save work or to ensure that a computer is restarted
overnight.

492
Q

What tasks would you perform using the regedit tool?

A

This tool allows you to make manual changes to the Window Registry database. You
can also use it to export and back up portions of the registry. You might also import
registry files to apply a suggested fix.

493
Q

Which is or are the main location(s) for system files in Windows?

A

The Windows folder (or system root) contains the files used to run Windows itself.
Program Files contains the executable and settings files installed by desktop
applications. You might also mention that the Users folder contains user settings
files, user-specific application data, and user-generated data files. There are also
some additional hidden folders (notably ProgramData) but do not worry if you have
not included these.

494
Q

True or false? In Windows 7, libraries cannot contain network folders.

A

False—this is one of the main reasons for using libraries. They can consolidate a “view” of files
stored in different locations on different file systems. This includes shared folders on network
servers and removable drives.

495
Q

You receive a call from a user trying to save a file and receiving an “Access
Denied” error.
Assuming a normal configuration with no underlying file corruption,
encryption, or malware issue, what is the cause and what do you suggest?

A

The user does not have “Write” or “Modify” permission to that folder. If there is no configuration
issue, you should advise the user about the storage locations permitted for user-generated files. If
there were a configuration issue, you would investigate why the user had not been granted the
correct permissions for the target folder.

496
Q

You need to assist a user in changing the extension of a file.
Assuming default Explorer view settings, what steps must the user take?

A

The user must first show file extensions, using the View tab in the Folder Options applet. In
Windows 8/10, extensions can be shown through a check box on the View menu ribbon. The user
can then right-click the file and select Rename or press F2 and overtype the extension part.

497
Q

What is the effect of running the cd.. command?

A

Change the directory focus to the parent directory (equivalent of Up One Folder).

498
Q

Which Windows command is probably best suited for scripting file backup
operations?

A

The robocopy command offers more options than xcopy so will usually be the better
choice. The copy command is quite basic and probably not suitable.

499
Q

If a single physical disk is divided into three partitions, how many different
file systems can be supported?

A

Three—each partition can use a different file system.

500
Q

What is the difference between the boot partition and the system partition?

A

The system partition contains the boot files; the boot partition contains the system root (OS files).

501
Q

What type of partitioning scheme must a disk use if Windows is installed to
a 64-bit UEFI-based computer?

A

GPT-style partitioning.

502
Q

True or false? A volume or partition MUST be assigned a drive letter to
access it via Explorer.

A

False—assigning a drive letter is common practice, but a partition can be mounted to any point in
the file system.

503
Q

You are troubleshooting a problem and find a disk marked as “foreign” listed
under Drive Management.
What does this mean?

A

The disk was configured as dynamic under a different computer then installed in this one. You
need to import the disk to make it usable.

504
Q

customer with a Windows 10 Home computer contacts you. She stores family
photos on the computer’s hard disk, but says she has read about disk failure and
worries that they might be at risk.
Is she right to be concerned and what solutions can you suggest?

A

The customer is right to consider the risk and take steps to mitigate it. One option is
to make a backup of the files so that they are always stored on at least two devices.
You could also suggest configuring the RAID-like functionality available with the
Storage Spaces feature of Windows 10. Note that you cannot recommend Dynamic
Disks as that is not available with the Home edition. Using both Storage Spaces and
an offsite backup method, such as copying to a cloud drive, will give the best
protection.

505
Q

You are supporting a user with a Windows 10 Home PC. The user has installed a
computer game, but the game will not run. The computer is fitted with a
dedicated graphics adapter. You determine that the adapter driver should be
updated, but there is no newer driver available via Windows Update.
How should you proceed?

A

Browse the graphics adapter vendor’s website and use the card’s model number in the driver
search tool to look for the latest version. Compare the version information for the driver on the
website to the installed version (use Device Manager to check the installed version number). If
the website driver is newer, download and run the setup file to install and configure it. You should
ensure that the setup file is digitally signed by the vendor. If the driver is only provided as a
compressed archive, extract the driver files then use the Update Driver button in Device
Manager to select it for use with the adapter.

506
Q

You are supporting a user who has installed a vendor keyboard driver. The
keyboard no longer functions correctly.
Under Windows 10, what are the steps to revert to the previous driver?

A

Open Device Manager from the WinX menu, Instant Search, or the Computer Management
console. Expand Keyboards then right-click the device and select Properties. On the Driver tab,
select Rollback Driver.

507
Q

A Windows 7 Professional user is trying to join a video conference and cannot
hear any sound from her headset or the computer’s built-in speakers.
Which tool can you suggest using to try to remedy the fault?

A

There is an automated Windows Troubleshooting tool for diagnosing and correcting problems
with audio playback. You should advise the customer to open the Troubleshooting applet in
Control Panel and select the troubleshooter for audio playback.

508
Q

You are troubleshooting an issue with a wireless adapter. When you open Device
Manager, you find the device’s icon is shown with a down arrow superimposed.
What does this mean and why might this configuration have been imposed?

A

The icon indicates that the device has been disabled. It could be that there was a fault or there
may be a network configuration or security reason for disabling the adapter. In this sort of
situation, use incident logs and device documentation to establish the reason behind the
configuration change.

509
Q

You are assisting a laptop user. While she was away from her desk, the laptop has
powered off. The user was in the middle of working on a file and had forgotten to
save changes.
Can you reassure her and advise on the best course of action?

A

When a computer goes into a power saving mode, it will either maintain a small amount of power
to the memory modules or write the contents of memory to a hibernation file on disk.
Consequently, the user should be able to start the laptop again and the desktop will resume with
the open file still there. You should advise the customer to save changes to files regularly
however.

510
Q

What type of file system is usually used for the Linux boot partition?

A

A version of ext (ext4 or ext3).

511
Q

What command would you normally need to run in order to access the
contents of a USB memory stick inserted into Linux?

A

mount

512
Q

Which Linux command will display detailed information about all files and
directories in the current directory, including system files?

A

ls -la

513
Q

A command has generated a large amount of data on the screen.
What could you add to the command to make the output more readable?

A

Either | more or | less.

514
Q

What command would allow you to use delete the contents of the folder /
home/fred/junk and all its subdirectories?

A

rm -r /home/fred/junk

515
Q

What command could you use to move a file names.doc from your current
directory to the USB stick linked to folder /mnt/usb?

A

mv names.doc /mnt/usb

516
Q

A file is secured with the numeric permissions 0774.
What rights does another user account have over the file?

A

Read-only.

517
Q

What command allows file and directory permissions to be changed?

A

chmod

518
Q

Which Linux command allows a user to run a specific command or program
with superuser/root privileges?

A

sudo

519
Q

Which file contains the list of user accounts created on Linux?

A

/etc/passwd.

520
Q

You want your Linux PC to close gracefully at 9:00 p.m., as a scheduled power
outage is planned at 12:00 midnight.
How could you do this?

A

shutdown -h 21:00

521
Q

Where would you look for the option to view and configure wireless adapter
status in macOS?

A

In the Status menu on the Menu bar, in the top-right of the screen.

522
Q

How do you activate Spotlight Search using the keyboard?

A

Command+Spacebar.

523
Q

Where would you change the default gestures on a Magic Trackpad?

A

Under System Preferences→Trackpad.

524
Q

What is the name of Apple’s multiple desktop management feature?

A

Mission Control.

525
Q

What is the equivalent of Explorer in macOS?

A

The Finder.

526
Q

What app would you use to install Windows 10 on a Mac?

A

Boot Camp Assistant lets you create a new partition and install a fresh version of Windows.

527
Q

What is the correct name for the spinning beach ball of death?

A

Spinning wait cursor

528
Q

When should you use FAT32 for the system partition?

A

When using UEFI system firmware, the EFI system partition should be formatted with a FAT file
system. Another scenario is when you are configuring a multiboot system with an older version of
Windows or with Linux.

529
Q

If you want to use PXE as an installation method, what type of compatible
component would you require?

A

Network adapter/NIC and system firmware support.

530
Q

What is the advantage of using a USB thumb drive to install Windows?

A

You can install images larger than will fit on a DVD. This might be useful if you want to install
multiple software applications at the same time as Windows itself.

531
Q

What is a recovery partition?

A

A partition containing a backup of the system configuration at a particular point in time. These are
often used on OEM PCs to enable the PC to be restored to its factory settings.

532
Q

What should you configure in order to perform an unattended installation?

A

An answer file containing the setup configuration.

533
Q

What is meant by disk imaging?

A

Cloning an installation from one PC to another.

534
Q

How would you configure a PC to join a domain during installation of
Windows 7?

A

Use an answer file with the appropriate settings, and ensure that a domain controller is available
to the PC during setup. You cannot join a domain during attended setup (though you could
immediately after setup finishes).

535
Q

How do you run Check Disk in read-only mode?

A

In the GUI tool, simply do not select an option to fix errors automatically. Alternatively, at a
command prompt, run chkdsk without any switches.

536
Q

Which tool is used to verify file system integrity in Linux?

A

fsck.

537
Q

Which Windows tool would you use if you want the defragmenter to run
more frequently?

A

Task Scheduler

538
Q

Which of the following is not delivered via Windows Update?

  • Security patches.
  • Drivers.
  • Firmware updates.
  • Critical fixes.
A

Firmware updates.

539
Q

How would you update an app purchased from the Mac App Store?

A

Open the Mac App Store and select the Updates button.

540
Q

What Windows utility would you use to back up data files in Windows 10?

A

File History. You could also consider OneDrive as a type of backup solution.

541
Q

What principal restriction would you face if using the backup tool included
with Windows 7 Home Premium?

A

It only supports backing up to local drives or removable media, not to network
shares.

542
Q

What is the name of Apple’s backup software for macOS?

A

Time Machine.

543
Q

In Linux, what command is used to view tasks scheduled by the current
user?

A

crontab -l

544
Q

How would you configure a legacy Windows 98 application to work with Windows
10?

A

Open the application’s property sheet and select the Compatibility tab to select the appropriate
mode. You can also run the Program Compatibility Troubleshooter.

545
Q

What additional information is shown on the Users tab in Windows 10 Task
Manager compared to Windows 7?

A

It shows user-initiated processes and resource utilization.

546
Q

How do you enable a Windows 7 computer to function as a Remote Desktop
Server?

A

Open System properties, select Change settings, then select the Remote tab and check the
Allow remote connections to this computer option on the Remote tab. You can also specify
the user accounts permitted to connect to the server.

547
Q

Why isn’t the System Protection feature a substitute for making a backup?

A

System Protection restore points are stored on the local disk and so would not allow recovery
from the failure, loss, or destruction of the disk. System Protection is designed only to allow the
rollback of configuration changes.

548
Q

What is the advantage of setting the pagefile to the same minimum and
maximum sizes?

A

The pagefile will not become fragmented (assuming you defragmented the disk before doing
this).

549
Q

What is the full path to the Windows system log?

A

%SystemRoot%\System32\Winevt\Logs\System.evtx

550
Q

What are the tab headings in msconfig, and which tab is not in the
Windows 8/10 version?

A

General, Boot, Services, Startup, and Tools. In Windows 8/10, the functionality of
the Startup tab has moved to Task Manager.

551
Q

What device optimization settings could you check to mitigate slow
performance problems?

A

Defragment the hard disk, and ensure there is sufficient free space. Verify that the
power management configuration is not throttling components such as the CPU or
GPU. You can also use performance monitoring to check device utilization and
determine whether upgrades are required.

552
Q

Where would you start to investigate a “Service failed to start” error?

A

Check the event log for more information.

553
Q

Which troubleshooting tool is most likely to identify whether a
problem is related to a device driver or to a faulty system component?

A

Using Safe Mode boots with a minimal set of drivers and services. If Safe Mode
boot is successful but normal boot is not, the issue is likely to be with driver
software. Re-enable each driver in turn to identify the culprit. If the problem also
manifests in Safe Mode, it is more likely to have an underlying hardware cause.

554
Q

If you suspect improper handling during installation has caused damage to a RAM
module, how could you test that suspicion?

A

Run a Memory Diagnostic. This tests each RAM cell and so should uncover any fault.

555
Q

**** can be used to investigate open ports and connections on the local host. In
a troubleshooting context, you can use this tool to verify whether file sharing or email
ports are open on a server and whether other clients are connecting to them.

A

netstat

556
Q

The **** command-line utility is used to trace the route a packet of information
takes to get to its target. Like ping, it uses ICMP status messages. This command would return details
of the route taken to find the machine or device with the IP address and can also be used with a domain name or FQDN,

A

tracert

557
Q

A server administrator is installing a 4 TB drive in a database server and
would like to use the entire free space as a single partition. What partition technology should be used with this drive?

A

GPT

The GPT (GUID Partition Table) partition style provides for very large
partition sizes that would easily allow a single partition of 4 terabytes.
558
Q

A local coffee shop has a public wireless network for
customers and a private wireless network for company
devices. The shop owner wants to be sure that customers
can never connect to the company network. What type of security should be configured on this network?

A

WPA2

Enabling WPA2 (Wi-Fi Protected Access version 2) would require a
password to connect and would prevent customers from connecting to the
company wireless network.
559
Q

A user on the sales team has opened a help desk ticket
because of short battery times on a new companyprovided
tablet. When using the tablet, the battery
only lasts a few hours before shutting off. What would be the BEST choices for improving the
battery life? (Select TWO)

A
  1. Disable Bluetooth and cellular connections
  2. Close apps that work in the background

The two options that would have the largest power savings would disable
wireless Bluetooth radios and close applications that use CPU power.

560
Q

A desktop administrator has identified and removed malware on a
corporate desktop computer. What malware removal
steps should be performed NEXT?

A

Schedule periodic anti-virus scans

After removing malware and before educating the end-user, it’s important
to configure the system to find and prevent any future infections.

561
Q

A technician is upgrading the motherboard in a server. What should be the FIRST task when beginning this upgrade?

A

Disconnect from all power sources

When working inside of a computer, it’s always important to disconnect
the system from the main power source. This should always be the first and
most important step when working on the inside of a device.

562
Q

A system administrator is installing a new video editing application on
a user’s workstation from an installation DVD-ROM. However, the
installation process fails due to lack of available drive space. What would be the BEST way to complete the installation process?

A

Install the application to a network share

The installed application files can be much larger than the installation
utility, so using a network share with a larger available storage space can be
a good alternative until free space is available on the local computer.