SG: Practice Exam 1

Question 1

You were working at a customer site when an employee told you that a new product was going to be launched next week that would be in high demand. A co-worker is now discussing that they would like to invest in the same company. What should you do?

A. Invest in the company with your co-worker

B. Direct your fellow co-worker to the employee you were speaking to

C. Direct your co-worker to invest and disclose why

D. Nothing

Answer 1

D. Nothing

Doing nothing is the most appropriate answer, because you were privileged to sensitive information that should not be disclosed. Investing in the company with your co-worker could be considered insider trading because you are using privileged information. Directing your co-worker to the employee is inappropriate. Directing your co-worker to invest and disclosing the information is illegal and inappropriate.

Question 2

You purchased an adapter to mirror your Apple iOS device on a TV, but it is not displaying. What is most likely the problem?

A. The adapter does not support AirPlay.

B. Apple iOS does not support this function.

C. The adapter does not support Chromecast.

D. The adapter does not support HDMI.

Answer 2

A. The adapter does not support AirPlay.

Apple devices use a technology called AirPlay, which the adapter most likely does not support. Apple iOS supports the function of Airplay. Chromecast is an Android-only technology used to mirror devices. HDMI is a standard video interface for modern televisions.

Question 3

Your users report that when they attempt to visit a banking site, a page that looks like the site appears, but it isn’t right site. What is this an example of?

A. Pop-ups

B. Pop-unders

C. Pharming

D. JavaScript errors

Answer 3

C. Pharming

This is most likely pharming, which is a tactic used with browser redirection to phish for credentials. Pop-ups are advertisements that “pop up” when you visit a website. Pop-unders are advertisements that spawn under a web page. JavaScript is a language and the primary method of creating pop-ups and pop-unders.

Question 4

You have just successfully remediated the system from malware and want to make sure that Windows Defender’s definitions are up-to-date. Which utility should you use to manually update Windows Defender?

A. System Configuration

B. Windows Defender Security Center

C. Task Scheduler

D. System Startup

Answer 4

B. Windows Defender Security Center

The Windows Defender Security Center can be used to manually update Windows Defender. System Configuration is used to change the startup behavior of Windows. Task Scheduler is used to schedule tasks on the operating system, such as malware scanning. System Startup is used to change the operating system’s startup behavior.

Question 5

You have been called to fix an application issue, but you test the application and find it in working order. What should you do?

A. Leave, since the issue is fixed

B. Call your manager for guidance

C. Reinstall the application for good measure

D. Ask the user to reproduce the problem

Answer 5

D. Ask the user to reproduce the problem

You should ask the user to reproduce the problem, since you have not been able to reproduce the problem or the problem is not how it was originally reported. Leaving is not an appropriate action, because the application could still be a problem for the user. Calling your manager for guidance will not help the situation. Reinstalling the application could introduce new problems.

Question 6

You need to ship an electronic component that is potentially susceptible to ESD. What should you use?

A. An antistatic mat

B. An antistatic bag

C. An antistatic wrist strap

D. An antistatic spray

Answer 6

B. An antistatic bag

You should use an antistatic bag to ship an electronic component that is susceptible to ESD. An antistatic mat is used when working with electronic components. An antistatic wrist strap is used when handling electronic components. An antistatic spray is used in an area to eliminate a static charge.

Question 7

When you choose to boot to Safe Mode, which of the following are not loaded?

A. Keyboard drivers

B. Storage system services

C. Networking drivers

D. Standard VGA drivers

Answer 7

C. Networking drivers

Safe Mode does not load networking drivers. Safe Mode loads the standard keyboard driver, the storage system services, and the standard VGA driver.

Question 8

In Windows, which of the following contains a user’s login information, including their groups and privileges? (Choose the best answer.)

A. Access token

B. Kerberos

C. Single sign-on

D. Multifactor authentication

Answer 8

A. Access token

In Windows, the access token contains a user’s login information, including their groups and privileges. Kerberos is the authentication protocol used with Active Directory. Single sign-on (SSO) is a claims-based authentication method. Multifactor authentication requires two or more factors for authentication.

Question 9

Which of the following is a share permission? (Choose the best answer.)

A. Modify

B. Write

C. Read & Execute

D. Change

Answer 9

D. Change

Change is a share permission; the similar permission in NTFS is Modify. Modify is an NTFS permission. Write is an NTFS permission. Read & Execute is an NTFS permission.

Question 10

You work for an organization that works with information identifying citizens in the United States and Europe. Which regulations should you adhere to? (Choose two.)

A. PCI DSS

B. PII

C. GDPR

D. PHI

Answer 10

B. PII

C. GDPR

You should adhere to the regulations based on personally identifiable information (PII) and the General Data Protection Regulation (GDPR) for EU citizens. Payment Card Industry Data Security Standard (PCI DSS) is a standard of processes and procedures used to handle data related to transactions using payment cards. Protected health information (PHI) refers to any information used in the health-care industry to describe a patient or aliment.

Question 11

Which key sequence will send a wake-up signal to the monitor, if you have a black screen?

A. F5

B. Ctrl+F5

C. Windows key+Shift+Ctrl+B

D. Alt+Tab

Answer 11

C. Windows key+Shift+Ctrl+B

The key sequence of Windows key+Shift+Ctrl+B will send a wake-up signal to the monitor. The F5 key will perform a refresh in programs such as web browsers. The Ctrl+F5 key combination will perform a requested refresh in web browsers and can be used to override cache. Alt+Tab will switch between applications.

Question 12

You have created policies on the desktop operating system and want to make sure that no one circumvents the security. What should be done to assure security is not circumvented?

A. Require complex passwords

B. Require a BIOS/UEFI password

C. Disable autorun

D. Disable Guest

Answer 12

B. Require a BIOS/UEFI password

You can protect the desktop operating system by requiring a BIOS/UEFI password. This will prevent a user from circumventing the policies in place, by booting to a live operating system. Complex passwords will not prevent security from being circumvented. Disabling autorun will not assure security in not circumvented. Disabling Guest will not assure security in not circumvented.

Question 13

You need to install an update to your iPhone, but you want to make sure you have the latest backup. What is the quickest way to synchronize your iPhone?

A. Wi-Fi

B. USB

C. Bluetooth

D. MicroSD card

Answer 13

B. USB

Synchronizing via USB to iTunes is the fastest way to back up your iPhone. Wi-Fi would also work as an option, but it is not the quickest way to synchronize. Bluetooth is not an option to synchronize your iPhone. A MicroSD card is not an option to synchronize your iPhone.

Question 14

You notice a number of password attacks actively going on. What can you implement to mitigate the risk of a password being guessed? (Choose the best answer.)

A. Account lockout restrictions

B. Time restrictions

C. Complex passwords

D. Password expiration

Answer 14

A. Account lockout restrictions

Implementing account lockout restrictions is the best way to mitigate the risk of a password being guessed. Time restrictions will not mitigate the risk of a password being guessed. Complex passwords will help, but they will not completely mitigate the risk of a password being guessed. Password expiration will not mitigate the risk of a password being guessed.

Question 15

Which mobile device screen lock uses the factor of biometrics to secure your device?

A. Passcode lock

B. Swipe lock

C. Face lock

D. All of the above

Question 16

Jimmy just copied a folder on the same partition. What will happen with the permissions for the folder?

A. The permissions will be the same as they were before the move.

B. The permissions will be inherited from the new parent folder.

C. The permissions will be configured as the root folder for the drive letter.

D. The permissions will be blank until configured.

Answer 16

B. The permissions will be inherited from the new parent folder.

The permissions will be inherited from the new parent folder, because the copy is considered a new entity. The permission will not be the same as before the move. The permissions will not be configured the same as the root folder. The permissions will not be blank.

Question 17

You need Windows to load an unsigned driver. Which utility allows you to perform this action?

A. System Startup

B. Task Manager

C. Windows Preinstallation Environment

D. Device Manager

Answer 17

A. System Startup

System Startup allows you to disable driver signature enforcement during boot. Task Manager is used to view running processes. Windows Preinstallation Environment is used during installation of the operating system. Device Manager will not allow you to perform this function.

Question 18

What is the most common type of power protection for personal computers during a power outage?

A. A line-interactive UPS

B. A surge protector

C. A standby UPS

D. An online UPS

Answer 18

C. A standby UPS

A standby uninterruptable power supply (UPS) is the most common type of power protection used for personal computers. A line-interactive UPS is common in server racks to protect network equipment. A surge protector protects against power surges and voltage spikes. An online UPS is commonly found in datacenters.

Question 19

Which of the following operations rewrites files so that the data appears contiguously?

A. Analyzing

B. Defragmentation

C. Degaussing

D. ReadyBoost

Answer 19

B. Defragmentation

Defragmentation, also called drive optimization, is the process of rewriting data on the hard drive so that it appears contiguously for improved access. Analyzing is a function of the drive-optimization tool, but it does not rewrite the files; it only analyzes fragmentation. Degaussing is the act of using a large magnetic source to destroy a hard drive. Although ReadyBoost will speed up file access, it does not rewrite data to appear contiguously.

Question 20

Why would you want to lower power levels on wireless access points?

A. To increase the coverage area for clients

B. To increase security

C. To decrease the coverage area for clients

D. To decrease security

Answer 20

B. To increase security

You should lower power levels on wireless access points to increase security. Lowering power limits how far a signal will propagate outside of the organization’s physical perimeter. Lowering power levels will decrease the distance of clients. Lowering power levels will decrease coverage area for clients. Lowering power will not decrease security; it will increase security.

Question 21

Your mobile device has no wireless, cellular or Bluetooth. What should be checked first?

A. Time and date

B. Frozen applications

C. Nonresponsive touchscreen

D. Airplane mode

Answer 21

D. Airplane mode

Airplane mode is a function on mobile devices that turns off all radio communications, so it is the most likely problem. Time and date will have no effect on radio communications. A frozen application will not turn off radio communications. A nonresponsive touchscreen will not turn off radio communications.

Question 22

You installed a driver for a new drawing tablet but quickly find that the new driver breaks the tablet’s functionality. Which tool can be used to roll back the driver?

A. System Startup

B. Task Manager

C. Windows Recovery Environment

D. Device Manager

Answer 22

D. Device Manager

The Drivers tab in Device Manager allows you to roll back a driver to the originally detected driver. System Startup allows you to boot into Safe Mode and change the startup behavior of Windows, but not to roll back drivers. Task Manager is used to view running processes. Windows Recovery Environment allows you to perform a system restore, but this will affect the entire system.

Question 23

Which routine backup method requires the longest backup window?

A. Full

B. Copy

C. Incremental

D. Differential

Answer 23

A. Full

A full backup will make a full backup of the data set and will take the longest during a routine backup. A copy backup will take as long as a full backup, but should only be used only in specific circumstances and not routine backups. An incremental will copy only the files that have changed since the last backup and will leave the archive bits unchanged; this method will shorten the backup window. A differential backup will back up only the files that have changed since the last backup; therefore, differential backups will become increasing large until the next full backup.

Question 24

Which of the following is not a recommended best practice to secure a workstation?

A. Require passwords

B. Change default usernames

C. Degauss drives

D. Require a password-protected screensaver

Answer 24

C. Degauss drives

Degaussing uses a large magnetic field to destroy a drive—and is not a best practice to secure a workstation. All the other options are best practices to secure a workstation.

Question 25

Donna needs to heal missing or modified system files. Which of the following utilities can be used at the command line to do this?

A. msconfig

B. regedit

C. winresume

D. sfc

Answer 25

D. sfc

The sfc utility can be used to heal missing or modified system files. Msconfig, otherwise known as System Configuration, can be used to boot into Safe Mode and change startup services. Regedit is used to view and modify the Registry. Winresume is used during bootup to resume after a system has been suspended.

Question 26

You are responding to an incident in which a fellow employee has been exposed to battery acid. What should you do?

A. Call the OSHA hotline

B. Follow the procedure in the MSDS

C. Apply baking soda and water

D. Call the poison control center

Answer 26

B. Follow the procedure in the MSDS

The material safety data sheet (MSDS) for the batteries will outline how to care for the injury. OSHA does not have an injury hotline. Baking soda and water may cause further injuries. The poison control center will most likely have you check the MSDS sheet for the battery, since the employee is not poisoned.

Question 27

Which feature in Windows 10 version 1803 and later allows for password recovery with minimal effort?

A. System State restore

B. System Restore

C. Security questions

D. Reset This PC

Answer 27

C. Security questions

Windows 10 version 1803 and later allows users to reset their password by answering three security questions. A System State restore is used to recover Active Directory accounts. System Restore will restore the PC back to a date and time and requires booting into the Windows Recovery Environment. The Reset This PC option will reset the operating system back to its original settings.

Question 28

You have a number of company-owned mobile devices and want to mitigate the risk of leaked personal data. What can be implemented? (Choose the best answer.)

A. Antivirus software

B. Mobile firewalls

C. Encrypted wireless

D. Limited cellular plans

Answer 28

A. Antivirus software

Antivirus software can mitigate the risk of leaked personal data on a mobile device. Mobile firewalls will not mitigate the risk of leaked personal data if the device is physically lost or stolen. Encrypted wireless will not mitigate the risk of leaked personal data in the event of a virus or physical loss or theft of the device. Limited cellular plans will not mitigate the risk of leaked personal data, since many plans allow for normal usage and will transmit the personal data before an over-limit occurs.

Question 29

A mobile device has a nonresponsive touchscreen. What is the first thing you should try?

A. Soft reset

B. Hard reset

C. Factory reset

D. USB debugging

Answer 29

B. Hard reset

If a device has a nonresponsive touchscreen, a hard reset should be performed. A soft reset will not work if the device has a nonresponsive touchscreen. A factory reset will remove all your data. USB debugging in not turned on by default and will not help with a nonresponsive touchscreen.

Question 30

You need to protect files on a desktop operating system with encryption, but you do not have a TPM. What can you use to protect the files?

A. BitLocker

B. Encrypted File System

C. BitLocker to Go

D. Full device encryption

Answer 30

B. Encrypted File System

Encrypted File System (EFS) will encrypt and protect files on an NTFS filesystem without the need of a Trusted Platform Module (TPM). BitLocker requires a TPM and therefore will not work. BitLocker to Go is used with removable media. Full device encryption is used with mobile devices.

Question 31

What is the definition of the recovery point objective?

A. How long it will take to back up the data set

B. How current the data on backup media is

C. How long it will take to restore the data set

D. How big the current data set is

Answer 31

B. How current the data on backup media is

The recovery point objective (RPO) is how current the data is on the backup media and to what point you can recover to. How long it takes to back up the data set is the backup window. How long it takes to restore the data set is the recovery time objective (RTO). The RPO is unrelated to how big the current data set is.

Question 32

When you have an invalid certificate error on a web page, what is the first and easiest thing to check?

A. The date and time of your computer

B. Whether you are using SSL

C. The SSL version of the destination site

D. Whether the remote server is signing with your private certificate

Answer 32

A. The date and time of your computer

The first and easiest thing to check is your computer’s data and time, including the time zone. If your computer’s date and time are off, it can cause an invalid certificate error. If you are receiving an invalid certificate error, then you’re already running SSL. The SSL version of the destination site will have no bearing on an invalid certificate. Remote servers will not sign with your private certification; only you have access to the private certificate.

Question 33

What can you implement to protect files on the local operating system from accidentally being deleted? (Choose the best answer.)

A. Share permissions

B. Modify NTFS permissions

C. Read-only attribute

D. Hidden attribute

Answer 33

C. Read-only attribute

The Read-only attribute will protect files from accidentally being deleted. Share permissions are not effective if the users are local to the operating system. Modify NTFS permissions will allow the user to modify the files and possibly delete them. The Hidden attribute only hides file from the user and should not be considered the only level of protection.

Question 34

Which component is not considered a high-voltage hazard?

A. Laser printer

B. LCD inverter

C. Power supply

D. Computer case

Answer 34

D. Computer case

The computer case is not considered a high-voltage hazard. If left plugged in during service with the power off, it will be grounded. Laser printers have high-voltage power that drives the corona wire and laser. LCD inverters contain a high-voltage circuitry to drive the LCD panel. The power supply contains high voltage even when it is unplugged.

Question 35

Which of the following is an example of possible unauthorized account access? (Choose the best answer.)

A. A login during normal business hours.

B. A login to two different locations at the same time.

C. A login from a remote location during business hours.

D. A failed attempt at entering the password.

Answer 35

B. A login to two different locations at the same time.

A login to two different locations at the same time is an example of an unauthorized account. A login during normal business hours is normal. A login from a remote location during business hours is normal. A failed attempt at entering the proper password is not an example of possible unauthorized account access.

Question 36

The battery life of your mobile device is extremely short. What should you suspect? (Choose the best answer.)

A. Location-based services are off.

B. An application is frozen.

C. The device is experiencing high RAM usage.

D. The device’s display is too dim.

Answer 36

C. The device is experiencing high RAM usage.

The first suspect of extremely short battery life is high RAM usage. When RAM usage is high, swapping will occur and drain battery life. That location-based services are off will not affect battery life. An application being frozen means that it will not respond and generally is not processing to use battery life. A display that is too dim will not generally affect battery life.

Question 37

You have just disabled System Protection after identifying and quarantining a system with malware. What should be done next?

A. Run antivirus software to remove the malware

B. Schedule scans of antivirus software

C. Enable System Protection

D. Educate the end user

Answer 37

A. Run antivirus software to remove the malware

The next step is to run antivirus software to remove the malware infection. Scheduling scans of antivirus software should be done after you have remediated the infected system. Enabling System Protection should be done after you have scheduled scans and updated definitions. Educating the end user should be done last.

Question 38

You need to shorten your nightly backup windows. Which backup method should you choose to minimize backup time?

A. Full

B. Copy

C. Incremental

D. Differential

Answer 38

C. Incremental

An incremental will copy only the files that have changed since the last backup and will leave the archive bits unchanged. This method will shorten the backup window. A full backup will make a full backup of the data set and will take the longest. A copy backup will take as long as a full backup, but should be used only in specific circumstances and not routine backups. A differential backup will back up only the files that have changed since the last backup; therefore, differential backups will become increasing large until the next full backup.

Question 39

When an application is not loading on a mobile device, what is the first troubleshooting step?

A. Force quit the application

B. Clear the applications cache

C. Reinstall the application

D. Factory reset the phone

Answer 39

A. Force quit the application

Performing a force quit on the application is the first diagnostic step that should be performed on an application that is not loading. Clearing the application cache would be a secondary step to diagnosing the problem. Reinstalling the application will be disruptive to the user most of the time, because data is often deleted. A factory reset is an aggressive diagnostic step and should not be performed.

Question 40

Why might you need to connect a mobile device to iTunes via a USB cable? (Choose the best answer.)

A. Because USB is faster than Bluetooth

B. Because USB is always faster than Wi-Fi

C. To save money on cellular data

D. To collect application crash logs

Answer 40

D. To collect application crash logs

You would connect a mobile device to iTunes via a USB cable to collect application crash logs. Although USB can be faster than Bluetooth in some cases, you cannot synchronize over Bluetooth to iTunes. USB might be faster than Wi-Fi, but you cannot synchronize to iTunes over Wi-Fi. Connecting to iTunes via a USB cable would neither save nor cost you money.

Question 41

A mobile device is running slow. What could be the most likely problem?

A. The device is not charged to capacity.

B. The digitizer is not functioning properly.

C. The device is in DND mode.

D. The device has a bad certificate installed.

Answer 41

A. The device is not charged to capacity.

If a device is not fully charged and is running low on a charge, the system might throttle CPU and act poorly. A malfunctioning digitizer would result in inaccurate touchscreen responses. If the device is in Do Not Disturb (DND) mode, the speakers won’t work. A bad certificate will limit a device’s ability to decrypt emails.

Question 42

Which utility can be used to view event logs on the Windows operating system?

A. regedit

B. bootrec

C. msconfig

D. eventvwr

Answer 42

D. eventvwr

The eventvwr utility is used to view event logs on the Windows operating system. Regedit is used to view and modify the Registry. Msconfig, otherwise known as System Configuration, can be used to boot into Safe Mode. Bootrec is used to repair the bootup procedure.

Question 43

Which utility allows you to see how often applications crash and the overall health of the operating system?

A. Reliability Monitor

B. Resource Monitor

C. Services and Applications

D. Dr. Watson

Answer 43

A. Reliability Monitor

The Reliability Monitor is used to view how often applications crash and the overall health of the operating system. Resource Monitor allows you to see a more detailed view of processes and the resources they are using. Services and Applications is used to view services. Dr. Watson is no longer used; it was the original application crash notification system in Windows XP and prior operating systems.

Question 44

You manage the IT department for an organization and want to enforce restrictions so that company-owned devices do not record via their cameras and microphones. What can you implement?

A. Antivirus software

B. MDM software

C. Firewall software

D. BYOD policy

Answer 44

B. MDM software

Implementing mobile device management (MDM) software can help you to enforce restrictions of mobile device recordings. Antivirus software does not restrict camera and microphone usage. Firewall software does not restrict camera and microphone usage. A BYOD policy will not enforce restrictions of camera and microphone usage.

Question 45

Which regulation requires the privacy of consumer information?

A. GLBA

B. FERPA

C. SOX

D. HIPAA

Answer 45

A. GLBA

The Gramm-Leach-Bliley Act (GLBA) affects providers of financial services and safeguards customer information. The Family Educational Rights and Privacy Act (FERPA) affects education providers and organizations that process student records. The Sarbanes-Oxley Act (SOX) is enforced by the Securities and Exchange Commission (SEC) and regulates sensitive financial information and financial records. The Health Insurance Portability and Accountability Act (HIPAA) affects health-care providers and providers that process health records.

Question 46

Users are reporting that their wireless intermittently gets disconnected in the middle of the day. Which of the following is most likely notcausing the problem?

A. Microwave oven

B. The wrong SSID

C. Too many devices

D. Bluetooth devices

Answer 46

B. The wrong SSID

The wrong SSID is most likely not the problem, since users are reporting intermittent connection problems. Microwave ovens can cause intermittent connection problems because they operate at 2.4 GHz. Too many devices connected to an access point can cause congestion issues and signal drops. Bluetooth devices can create interference on 2.4 GHz wireless, as well as intermittent drops if the airspace is congested.

Question 47

You need to enforce the use of encryption on mobile devices. Which method will be the most effective?

A. BYOD policy

B. MDM

C. Group Policy

D. NDA

Answer 47

B. MDM

The use of mobile device management (MDM) software is the most effective way of enforcing the policy of encryption. A bring your own device (BYOD) policy is only effective as you make it, because it is a written policy. Group Policy is used to apply policies to users and computers in Active Directory domains. A non-disclosure agreement (NDA) is an agreement between an employee and an organization to not divulge intellectual property.

Question 48

You need to boot Windows 7 into Safe Mode. How can you achieve this?

A. Press the Shift key during bootup

B. Press the F8 key during bootup

C. Reboot from the operating system while holding the Shift key

D. Reboot from the operating system while holding the Ctrl key

Answer 48

B. Press the F8 key during bootup

During bootup, press F8 to enter the Advanced boot menu, from which you can boot into Safe Mode. Holding the Shift key during bootup will not boot into Safe Mode. Rebooting from the operating system while holding the Shift key works only with Windows 10. Rebooting from the operating system while holding the Ctrl key does nothing.

Question 49

Several of your electronics have been damaged after what you believe is a brownout. What should you use to protect your equipment?

A. A power strip

B. A UPS

C. A surge protector

D. A power monitor

Answer 49

B. A UPS

An uninterruptable power supplies (UPS) can be used to prevent damage to electronics when a brownout occurs. Power strips offer no protection from power problems. Surge protectors offer protection from surges in electrical voltage. Power monitors only monitor power and do not protect equipment.

Question 50

You are the first responder to a ransomware incident. What should you collect first?

A. A picture of the message on the screen

B. Filesystem information

C. Raw disk copy

D. Network activity

Answer 50

A. A picture of the message on the screen

The order of volatility prescribes that you should get memory contents first. This would include a message on the screen, which could go away. Filesystem information is collected after network processes are collected. Raw disk copy is the last thing you should collect. Network activity is collected after memory and swap files.