CompTIA A+ Core 2 Final Assessment Flashcards
(315 cards)
1
Q
A computer user looks to map a network drive using the most basic scripting language possible. Which language does the user implement for a Windows system?
A
A shell script written for the basic Windows CMD interpreter is often described as a batch script. A batch script would be the simplest way to create the script.
2
Q
PowerShell
A
Windows PowerShell (PS) combines a script language with hundreds of prebuilt modules called cmdlets that can access and change most components and features of Windows and Active Directory.
3
Q
VBScript
A
VBScript is a scripting language based on Microsoft’s Visual Basic programming language. VBScript predates PowerShell.
4
Q
Python
A
Python is a general-purpose scripting and programming language that can be used to develop both automation scripts and software apps. A Python project can either be run via an interpreter or compiled as a binary executable.
5
Q
An iOS user struggles with wirelessly connecting a set of headphones to a phone. What does the user check on the phone while troubleshooting? (Select all that apply.)
A
- Bluetooth communication would need to be checked and enabled on the smartphone. The headphones would also need to be powered on.
- Pairing is a method of connecting a smartphone or other device to a peripheral device via Bluetooth. Both the phone and the headphones would need to be in pairing mode to connect.
6
Q
WiFi connectivity
A
WiFi is a method that mobile devices can connect and communicate on a local network, but this is not used for pairing/using wireless headsets.
7
Q
AirDrop properties
A
AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection.
8
Q
An iOS smart device user notices that AirDrop is not working properly as files are not being received. What should the user check while troubleshooting? (Select all that apply.)
A
- AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection. Bluetooth should be enabled, and devices should be in close range with each other.
- In addition to having Bluetooth turned on for the device, AirDrop requires the users’ iOS device to have the Wi-Fi setting turned on as well.
9
Q
LAN
A
A network in a single location is often described as a local area network (LAN). This definition encompasses many different sizes of networks with widely varying functions and capabilities.
10
Q
Near-field
A
AirDrop does not use near-field communications (NFCs). NFC is typically used for contactless retail payments and more.
11
Q
A user experiences difficulty paying a retailer with a touchless near-field supported phone. What does the user check while troubleshooting?
A
A near-field communication (NFC) issue typically manifests when trying to make payments via a contactless card reader. One troubleshooting step is to verify that airplane mode is not active.
12
Q
AirDrop
A
AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection.
13
Q
Bluetooth
A
Bluetooth communication would not be used with a near-field communication (NFC) device, but rather with personal items such as headphones and speakers.
14
Q
Pairing
A
Pairing is a method of connecting a smartphone or other device to a peripheral device via Bluetooth. A smartphone would not need to pair to make a payment.
15
Q
A user inspects and learns about the electrical components on the inside of a computer. What is measured in ohms?
A
A resistor creates resistance. Resistance is the degree of opposition to the current caused by characteristics of the conductor and is measured in ohms.
16
Q
Current
A
Electricity flows in a circuit. Current is the amount of charge flowing through a conductor, measured in amps (A or I).
17
Q
Voltage
A
A circuit is made when conductors form a continuous path between the positive and negative terminals of a power source. Voltage is the potential difference between two points.
18
Q
Watts
A
A watt is a measure of electrical power. Components such as power supplies and add-on cards are usually rated by how many watts are required or provided.
19
Q
A user looks to implement Virtual Network Computing (VNC) access to a Windows computer while traveling. Which port does the user open on a hardware firewall to allow access?
A
Virtual Network Computing (VNC) is a freeware product with similar functionality to the Remote Desktop Protocol (RDP). It works over TCP port 5900.
20
Q
443
A
Remote connection tools include TeamViewer and LogMeIn. Like Windows Quick Assist, these products are designed to work over HTTPS (TCP/443) across the internet.
21
Q
22
A
Secure Shell (SSH) is a remote access protocol, but it connects to a command interpreter rather than a desktop window manager. SSH uses TCP port 22 (by default).
22
Q
3389
A
The Remote Desktop Protocol on a Windows workstation or server runs on TCP port 3389 by default but can be changed to another port.
23
Q
A user upgrades the memory in a Windows corporate workstation from 4 GB to 8 GB. After the upgrade, the user notices that only 4 GB is recognized by the system. What does the user conclude the problem to be?
A
Each version and edition of Windows 10 was originally available as 32-bit (x86) or 64-bit (x64) software. All 32-bit Windows editions are limited to 4 GB of system memory.
24
Q
A 64-bit version of Windows
A
All 64-bit editions of Windows all support more random access memory (RAM) than 4 GB but have different limits for licensing purposes.
25
The Enterprise version of Windows
Windows Enterprise editions are only available via volume licensing. Each supports more than 4 GB of memory if it is 64-bit. Windows Enterprise would not be used as a corporate workstation.
26
The Server version of Windows
Windows Server editions are only available in 64-bit and therefore support more than 4 GB of memory.
27
A company disposes of old computer systems. While doing so, all hard drives are removed and scheduled for physical destruction. Which method will NOT work with a solid state drive (SSD)?
With degaussing, a hard disk is exposed to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. Degaussing does not work with SSDs or optical media.
28
Shredding
With shredding, a disk is ground into little pieces. A mechanical shredder works in much the same way as a paper shredder.
29
Incinerating
With incinerating, a disk is exposed to high heat to melt its components. This should be performed in a furnace designed for media sanitization. Municipal incinerators may leave remnants.
30
Drill and hammer tools
A disk can also be destroyed using drill or hammer hand tools. While safe for most cases, this method is not appropriate for the most highly confidential data as there is at least some risk of leaving fragments that could be analyzed using specialist tools.
31
A business needs to deploy a Windows operating system on devices that will be used for both advanced business functions and personal use. They require an edition that includes business features like BitLocker, Remote Desktop, and Group Policy, along with Windows Sandbox for testing applications safely. Which Windows edition should they choose?
Windows 10 Pro edition includes advanced business features such as BitLocker for encryption, Remote Desktop for accessing the PC remotely, and Group Policy for managing network resources. Additionally, Windows 10 Pro offers Windows Sandbox, which is ideal for safely testing applications.
32
Windows 10 Home
Windows 10 Home is geared towards basic users and lacks advanced business features like BitLocker, Remote Desktop, Group Policy, and Windows Sandbox.
33
Windows 10 Enterprise
Windows 10 Enterprise provides all the features of Windows 10 Pro and more, but it's designed for larger organizations with advanced security and management needs, making it an overkill for this scenario.
34
Windows 10 Education is similar to the Enterprise edition but tailored for educational institutions, and it also includes features not necessary for the described business use.
Windows 10 Education
35
A new support technician works on entry-level trouble tickets. Which question does the technician use as a closed type of question?
**A closed question** is one that can only be answered with a "Yes" or "No," or that requires some other fixed response. This type of questioning can prove to be helpful.
36
What caused the problem to happen?
An open-ended question is a question that invites the other person to compose a response that may not be accurate or helpful. Asking the user to "What caused the problem to happen?" will likely result in inaccurate information.
37
What happened to create the problem?
An open-ended question such as "What happened to create the problem?" may result in an interpretation rather than what actually happened.
38
What is the computer's problem?
An open-ended question such as "What is the computer’s problem?" may result in an inaccurate description of the actual issue.
39
A new support technician interfaces with a user that has a computer problem. While discussing the problem, the technician gives undivided attention to the user and asks questions where the person creates their own response. When discussing the problem, what does the technician practice? (Select all that apply.)
1. An open-ended question is a question that invites the other person to compose a response that allows them to openly discuss what they are seeing versus locking them down into a fixed response.
2. Active listening is the skill of listening to an individual so that that person is given full attention and is not argued with, commented on, or misinterpreted in what they have said.
40
Close-ended questions
A closed question is one that can only be answered with a "Yes" or "No" or that requires some other fixed response. This type of questioning can be helpful but does not allow the other person to freely discuss their observation.
41
Use of jargon
Most users are not technically savvy. The introduction and use of technical jargon are usually confusing to users and not helpful.
42
A user contacts an IT help desk to report that when trying to browse a web page for office supplies, a completely unrelated webpage about gambling is presented. What does the help desk determine the causes could be? (Select all that apply.)
1. Redirection is where a user tries to open one page but gets sent to another. Often this may imitate the target page. In adware, this is just a blunt means of driving traffic through a site.
2. Domain name system (DNS) spoofing is a method where a fraudulent DNS address may be used to direct users to fraudulent websites.
43
Certificate problem
When browsing a site using a certificate, the browser displays the information about the certificate in the address bar. The certificate would not cause the browser to redirect to an unrelated site.
44
Service problems
The Windows operating system relies heavily on running services. These services are often the target of malware. In this case, a service is not related to the behavior.
45
A systems administrator configures a new Windows workstation. The system uses the New Technology File System (NTFS). The administrator needs the system to interact with a Linux system and support a set of common interface standards for compatibility. Which compliance does the administrator need to ensure?
POSIX (Portable Operating System Interface) is a set of common interface standards designed to facilitate compatibility between different operating systems, including but not limited to Unix-like systems and Windows. Ensuring POSIX compliance allows a Windows system, using NTFS, to interact more seamlessly with a Linux system.
46
Indexing
Indexing compliance is a useful feature for managing and accessing data on a system, but it does not directly facilitate compatibility between different operating systems like POSIX compliance does.
47
Journaling
Journaling compliance is an important feature for data integrity and reliability, it is not related to compatibility between operating systems.
48
Snapshots
Like indexing and journaling, snapshot compliance helps in managing and protecting data, but does not contribute to the interoperability of different operating systems.
49
A systems administrator looks to have a daily backup of a server located across a wide area network (WAN) link. As the link is not fast, the administrator creates a backup scheme that uses little to no bandwidth and acquires an entire backup of the system. Which scheme does the administrator implement?
A synthetic backup is an option for creating full backups with lower data transfer requirements. A synthetic full backup is not generated directly from the original data but instead assembled from other backup jobs.
50
Full
A full backup means that the backup job produces a file that contains all the data from the source. This means that the backup file is nominally the same size.
51
Incremental
Incremental jobs select only new files and files modified since the previous job. An incremental job has the lowest time and storage requirement.
52
Differential
Differential jobs select new files and files modified since the original full job. A differential chain has moderate time and storage requirements.
53
An engineer configures an Authentication, Authorization, and Accounting (AAA) server to authenticate credentials for remote users. Credentials are forwarded to the AAA server from a firewall. Which AAA method does the engineer utilize?
Remote Authentication Dial-in User Service (RADIUS) is one way of implementing the AAA server when configuring enterprise authentication. The firewall is configured as a client of the RADIUS server.
54
TACACS+
Terminal Access Controller Access Control System Plus (TACACS+) is a way of implementing AAA and is often used in authenticating administrative access to routers and switches.
55
Kerberos
On Windows networks, Kerberos is a protocol that allows a user account to authenticate to a domain controller (DC) over a trusted local cabled segment.
56
Active Directory
The Lightweight Directory Access Protocol (LDAP) is a TCP/IP protocol used to query and update an X.500 directory such as Windows Active Directory.
57
A user experiences a blue screen of death (BSoD) while using a Windows desktop computer. Upon initial inspection, no debris is observed in the tower. What does a support technician determine to be a good first troubleshooting step?
A Windows blue screen of death (BSoD) is often caused by hardware. This may be due to faulty hardware or a bad driver. A good first step is to determine what on the system has changed. (Remove any newly installed hardware.)
58
Check the system for malware.
Checking for malware on a system is a recommended step. However, with a blue screen of death (BSoD) it is recommended to check if there is newly installed hardware.
59
Reinstall the operating system.
Reinstalling the operating system is an option, but it may be a drastic solution to a simple problem. Any changes related to hardware should be investigated.
60
Clean any dust from the system.
Cleaning the dust from a system is always recommended. However, a good first step is to investigate if anything in the system has changed, such as hardware.
61
A Windows user needs to transfer and retain an entire directory structure from one disk to another. There is also a need to retain New Technology File System (NTFS) attributes. Which command does the user determine will fulfill the need?
The robocopy command (or "robust copy") is a Windows file copy utility. This utility is designed to work better with long file names and NTFS attributes.
62
move
The move command provides the ability to transfer files contained in a single directory. Files are copied to the destination while being deleted from the source.
63
copy
The copy command provides the ability to transfer files contained in a single directory by creating a duplicate set of files.
64
rmdir
The rmdir command is a tool for deleting directories. The /s switch enables the deletion of non-empty directories.
65
A user enables privacy settings on a Windows 10 computer. Which settings pertain to app permissions? (Select all that apply.)
1. App permissions allow or deny access to devices such as the location service, and to user data such as contacts, calendar items, email, and files.
2. There are multiple settings toggles to determine what app permissions are allowed. Camera and microphone settings are set under app permissions.
66
Language settings
Privacy settings govern what usage data Windows is permitted to collect. It affects language settings, general diagnostics, activity history, and more.
67
Use of speech
Data collection allows Microsoft to process usage telemetry. The use of speech services and input personalization are covered under data collection settings.
68
A user builds a new computer for gaming purposes. The ability to upgrade the performance graphics processing unit (GPU) over time is desired. What GPU type does the user invest in?
A dedicated graphics card will have its own random access memory (RAM). This allows the card to focus on rendering graphics without using system RAM.
69
Integrated graphics
A system’s graphics subsystem can be implemented as a feature of either the CPU or the motherboard chipset. This is referred to as integrated graphics.
70
Video RAM
Video RAM will be on the dedicated graphics card, separate from the general system RAM.
71
System RAM
System RAM is used by the computer to run and manage applications and data. Running multiple programs simultaneously will require more RAM.
72
A company has several offices within the United States. Engineers look to configure Microsoft DirectAccess virtual private networking technology for remote connections. Engineers instruct IT to deploy which operating system to Windows desktops?
Windows Enterprise edition has several features that are not available in the Pro edition, such as support for Microsoft’s DirectAccess virtual private networking technology.
73
Pro
Windows Pro is designed for small- and medium-sized businesses and can be obtained using original equipment manufacturer (OEM), retail, or volume licensing.
74
Home
The Windows Home edition is designed for domestic consumers and possibly small office home office (SOHO) business use. The Home edition cannot be used to join a Windows domain network.
75
Education
Windows Education/Pro Education are variants of the Enterprise and Pro editions designed for licensing by schools and colleges.
76
Windows allows for several types of installable software. Which type may be transferred between computers when a user utilizes a Microsoft account?
Store apps are installed via the Microsoft Store. Store apps can be transferred between any Windows device where the user signs in with that Microsoft account.
77
Windows features
Windows features are components of the operating system that can be enabled or disabled. For example, the Hyper-V virtualization platform can be installed as an optional feature in supported Windows editions.
78
Windows subsystem for Linux
Windows subsystem for Linux (WSL) allows the installation of a Linux distribution and the use of Linux applications.
79
Desktop apps
Desktop apps are installed by running a setup program or Microsoft installer (MSI) installer. These apps require administrator privileges to install.
80
An IPv6 address is made up of bits that identify the network and host of a system. How many bits long is an IPv6 address in total, and how many bits identify the host portion? (Select all that apply.)
1. In IPv6, the address is 128 bits long and the network prefixes are used to identify logical networks within the first 64 bits. IPv6 uses hexadecimal values for notation.
2. In IPv6, the address is 128 bits long and the interface address portion is always the last 64 bits.
81
32
In IPv4, the 32-bit address is combined with a 32-bit subnet mask, both of which are typically entered in dotted decimal notation.
82
256
Neither an IPv4 nor an IPv6 network address is 256 bits long. 256 bits are often used in security and encryption.
83
A user interacts with a Linux distribution that has no desktop graphical user interface (GUI). As the user types, which stream handles the interaction?
In a Linux distribution with no graphical user interface, a terminal interface is used. The default shell command interpreter uses the stream stdin (0) for the user’s keyboard input.
84
stderr
A terminal shell is often used in Linux and working at a terminal is referred to as using a shell interactively. Any errors in a terminal stream are identified by stderr (2).
85
std
In Linux, communication within a shell is identified by streams and std refers to a standard stream that is further categorized as stdin, stdout, and stderr.
86
stdout
A Linux terminal is connected by a teletype (tty) device that handles text output. The stdout (1) stream reads data from a shell from the tty device and displays it through the terminal.
87
A company establishes a mobile device deployment model. The policy states that a corporate-owned phone may be used for personal reasons. Which deployment is in use?
In a corporate-owned, personally enabled (COPE) program, a device is chosen and supplied by the company and remains its property. The employee may use it for personal reasons.
88
BYOD
In a bring your own device (BYOD) program, a mobile device is owned by the employee. The mobile will have to meet whatever profile is required by the company (in terms of OS version and functionality).
89
COBO
In a corporate-owned, business-only (COBO) program, a device is the property of the company and may only be used for company business.
90
CYOD
In a choose your own device (CYOD) program, the employee is given a choice of device from a list and may be able to use it for personal reasons.
91
Due to a recent breach, a cyber architect is tasked with drafting a company-wide memorandum on social engineering attacks and how they can be mitigated. Which statement does NOT support the organization in defeating social engineering attacks?
Contrary to preferred procedure, the company should train employees to release information or make privileged use of the system only according to standard procedures.
92
Establish a reporting system for suspected attacks.
The company should establish a reporting system for suspected attacks—though the obvious risk here is that a large number of false positives will be reported.
93
Train employees to identify current phishing-style attacks as well as newer styles in the future.
The company should train employees to identify phishing-style attacks plus new styles of attack as they develop in the future.
94
Train employees not to release any work-related information on external sites.
The company should train employees not to release any work-related information on third-party sites or social networks (and especially not to reuse passwords used for accounts at work).
95
Which proprietary file system does a Mac workstation use?
Apple Mac workstations and laptops use the proprietary Apple File System (APFS), which supports journaling, snapshots, permissions/ownership, and encryption.
96
NTFS
The New Technology File System (NTFS) is a proprietary file system developed by Microsoft for use with Windows. It provides a 64-bit addressing scheme.
97
ext4
Most Linux distributions use some version of the extended (ext) file system to format partitions on mass storage devices. The ext3 type is a 64-bit file system with support for journaling while ext4 delivers better performance.
98
FAT32
FAT32 is a variant of FAT that uses a 32-bit allocation table, nominally supporting volumes up to 2 TB. The maximum file size is 4 GB minus 1 byte.
99
An IT administrator creates a repository for standard operating procedures (SOPs). What documents does the administrator upload to the repository? (Select all that apply.)
1. A standard operating procedure outlines the steps for custom installation of software packages. The steps include verifying system requirements, validating download/installation source, and confirming license validity.
2. A standard operating procedure could be a new-user setup checklist. When onboarding new employees and helping employees change job roles, typical tasks include enrollment with secure credentials and the allocation of devices.
3. A standard operating procedure could outline the steps required when decommissioning a server. These steps may include identifying and migrating services to a new server.
100
Acceptable computer use policy
A policy is a statement of intent whereas an SOP is a set of instructions. An acceptable use policy would not be considered as an SOP.
101
A Windows user runs the Performance Monitor tool to check disk activity. What counter is the best option the user can evaluate to understand how busy the disk is at any given time?
The % disk time metric is the percentage of elapsed time that the selected disk drive is busy servicing read or write requests.
102
Average disk queue length
The average disk queue length is the number of requests outstanding on the disk at the time the performance data is collected.
103
Available bytes
The available bytes metric is a memory metric. It represents the amount of memory available, which should not be below 10% of the total system memory.
104
Pages/sec
The pages/sec value is a memory metric. This represents the number of pages read from or written to disk to resolve hard page faults.
105
A novice user wants to use a feature where they do not have to manually clear their cache after conducting browsing activity. Which feature fulfills this need?
Private/incognito browsing mode disables the caching features of the browser so that no cookies, browsing history, form fields, passwords, or temp files will be stored when the session is closed.
106
Cache clearing
Clearing cache is a manual task and is used to delete browsing history. By default, the browser will maintain a history of pages visited and cache files to speed up browsing.
107
Pop-up blocker
Pop-up blockers prevent a website from creating dialogs or additional windows. The pop-up technique is often used to show fake antivirus (AV) and security warnings or other malicious and nuisance advertising.
108
Browser settings
Browser settings configure options such as startup and home pages, tab behavior, and choice of search engine and search behavior.
109
A computer security team investigates a high-level computer breach at a large company. While investigating one of the computers in question, the team finds a USB drive inserted into the back of the shared user desktop tower. What are the primary concerns for the team from this discovery related specifically to the USB drive found? (Select all that apply.)
1. Chain of Custody refers to the sequence of custody, control, transfer, analysis, and disposition of evidence. It is crucial to maintain a record to show who has had control of the evidence to ensure its integrity and admissibility in court. In this case, the USB drive could be critical evidence, so maintaining its chain of custody is essential.
2. Data Integrity refers to the authorized or unauthorized manipulation of data. Digital information is susceptible to tampering, especially when it is easily accessible via an unsecured USB drive plugged into a computer. The team must ensure that the data on the drive hasn't been altered in any unauthorized way.
110
Incident documentation
Incident documentation, while important for investigations generally, is not specifically a concern tied to the discovery of the USB drive in this question.
111
Latent evidence
Latent evidence usually refers to evidence not easily visible or interpretable without specialized processes or equipment. While it's true that digital evidence can be considered latent, it is not one of the primary concerns related specifically to the USB drive in this question.
112
A problematic Windows system with multiple operating systems installed does not boot properly. A support technician tries to diagnose by outlining the boot process. The technician determines that the system uses an Extensible Firmware Interface (EFI) system partition. Which file does the technician inspect for problems related to a specific operating system boot problem?
The GUID partition table (GPT) identifies a System Partition. The system partition contains the boot manager and the boot configuration data (BCD). Each Windows installation has a subfolder under \EFI\Microsoft\ that contains a BCD and BOOTMGFW.EFI.
113
BOOTMGR
During boot, the master boot record (MBR) identifies the boot sector for the partition marked as active. The boot sector loads the boot manager, which for Windows is BOOTMGR.EXE.
114
NTOSKRNL
The Windows boot manager loads the Windows boot loader WINLOAD.EXE stored in the system root folder on the boot partition. The process then loads the kernel (NTOSKRNL.EXE).
115
HAL
In a Windows system, the hardware abstraction layer (HAL.DLL) is loaded during the WINLOAD boot process.
116
A user at an organization calls the IT help desk in a panic. The user exclaims that according to a message on the computer, someone is trying to extort them. What type of malware does the user experience?
Ransomware is a type of malware that tries to extort money from the victim. One class of ransomware will display threatening messages, such as requiring Windows to be reactivated.
117
Rootkit
Malware may be able to execute without requiring any authorization using system privileges and it may escalate privileges after installation. Malware running with this level of privilege is referred to as a rootkit.
118
Worm
A worm is a type of malware that replicates between processes in system memory rather than infecting an executable file stored on a disk. Worms can also exploit vulnerable client/server software to spread between hosts in a network.
119
Trojan
A Trojan is malware concealed within an installer package for software that appears to be legitimate.
120
Question
A user opens a help desk ticket after seeing that a company video, embedded within a particular internal webpage, is not displaying as it should. What does a support technician conclude to be the most likely issue?
Plugins play or show some sort of content embedded in a web page, or other video/multimedia format. In this case, a plugin is missing a particular page that is not displaying content.
121
An extension
Extensions add or change a browser feature via its application programming interface (API). For example, an extension might install a toolbar or change menu options.
122
A search provider
A search provider indicates the site used to perform web searches directly from the address bar.
123
An API
An application programming interface (API) is a method used by developers to integrate custom-developed software with other software applications.
124
An attacker uses a script to create fileless malware that requires no compilation. What scripting environment does the attacker utilize?
If the interpreter is not a default feature in an operating system, enabling it expands the attack surface. Threat actors use environments such as PowerShell to craft fileless malware.
125
VBScript
VBScript is a scripting language based on Microsoft’s Visual Basic programming language. VBScript predates PowerShell and uses an interpreter.
126
Python
Python is a general-purpose scripting and programming language that can be used to develop both automation scripts and software apps. Python requires an interpreter or compilation.
127
Batch script
A shell script written for the basic Windows CMD interpreter is often described as a batch file. Batch files use the .BAT extension.
128
A user boots and installs a legacy Windows operating system on a computer. The user notices that after installation, the system requires many drivers and updates to bring it to a healthy and up-to-date state. The user finds that it is not possible to add updates to which installation media type?
Historically, most attended installations were run by booting from optical media (CD-ROM or DVD). As updates for the operating system and drivers become available, optical media will become quickly dated because ongoing updates cannot be added to the installation disc.
129
Network boot
Network boot setup means connecting to a shared folder containing the installation files, which could be slipstreamed or use image deployment.
130
Flash drive
A USB drive could be used as a bootable device or as slipstreamed media to accompany a bootable operating system installation media.
131
Internet-based
A computer that supports network boot could also be configured to boot to set up over the internet. In this scenario, the local network’s DHCP server must be configured to supply the DNS name of the installation server.
132
A tech firm deploys wireless installations at client sites. As the firm uses Wi-Fi Protected Access (WPA) version 3, which security technology does the deployment utilize? (Select all that apply.)
1. Simultaneous Authentication of Equals (SAE) in WPA3 replaces the 4-way handshake in WPA2. The 4-way handshake mechanism is vulnerable to manipulations that allow a threat actor to recover the key.
2. WPA3 replaces Advanced Encryption Standard Counter Mode with Cipher Block Chaining Message Authentication Code Protocol with the stronger AES Galois Counter Mode Protocol (GCMP) mode of operation.
133
Rivest Cipher 4 (RC4)
WPA2 uses the Advanced Encryption Standard (AES) cipher deployed within the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). AES replaces RC4 and CCMP replaces TKIP.
134
4-way handshake association
WPA2 uses a 4-way handshake to allow a station to associate with an access point, authenticate its credential, and exchange a key to use for data encryption.
135
A technician configures a legacy computer for a user. Which account authentication policies does the technician implement? (Select all that apply.)
1. If the default administrator account cannot be disabled, it must never be left configured with a default password.
2. In the current versions of Windows, the guest account is disabled by default and cannot be used to sign in. It is only enabled to facilitate passwordless file sharing in a Windows workgroup.
(Change the default admin password.
Disable the guest account.)
136
Set any user permissions.
File permissions control whether a user can read or modify a data file or folder, either on the local PC or across the network. This management step pertains to authorization and not authentication.
137
Secure any critical hardware.
Users of portable computers must be alert to the risk of physical theft of devices. Portable computers can be secured to a desk using a cable lock.
138
A user installs an app on a smart device. The device’s official app store does not list the app, as it is a proprietary app for an organization. What type of installation does the user complete?
With unknown sources enabled on an Android device, untrusted apps can be downloaded from a website and installed using the .APK file format. This is referred to as sideloading.
139
Bootleg
A bootleg app is one that pirates or very closely mimics a legitimate app. Users might be tempted to enable unknown sources and install this type of app.
140
Spoofed
A malicious app will typically spoof a legitimate app by using a very similar name and use fake reviews and automated downloads to boost its apparent popularity.
141
Root
Root access is associated with Android devices. Some vendors provide authorized mechanisms for users to access the root account on a device.
142
Which type of malware replicates between processes rather than infecting a file?
Worms replicate between processes in system memory rather than infecting an executable file stored on a disk. Worms can also exploit vulnerable client/server software to spread between hosts in a network.
143
Trojan
A Trojan is malware concealed within an installer package for software that appears to be legitimate.
144
Virus
Viruses are concealed within the code of an executable process image stored as a file on a disk. In Windows, executable code has extensions such as .EXE, .MSI, .DLL, .COM, .SCR, and .JAR.
145
Pop-up
A pop-up is the result of malware being installed on a system. This type causes pop-ups within the Windows OS or browser.
146
A security engineer suggests the use of proximity technology to track the movement of portable equipment. What solution does the engineer recommend?
With proximity sensors, radio frequency ID (RFID) tags and readers can be used to track the movement of tagged objects within an area.
147
Passive infrared
A security mechanism might use passive infrared (PIR) technology. This technology uses temperature and can detect moving heat sources.
148
Microwave radio
The sensors in microwave radio security devices use detectors. These detectors may use reflection, such as those used in radar for example.
149
Concealed sensor
A duress alarm is manually triggered and could be implemented as a wireless pendant or concealed sensor or button. The alarm is triggered like a panic button.
150
An organization executes a project to replace all of its servers. A change that is requested by management goes through a risk analysis exercise before moving to approval. What attributes are associated with qualitative approaches? (Select all that apply.)
1. Qualitative risk analysis seeks to identify and evaluate impact and likelihood factors through previous experience with a system to replace or supplement metrics.
2. Qualitative risk analysis looks to determine a level of risk based on opinions. These opinions may be from subject matter experts or simply from end-users of the system.
151
Discrete values
Quantitative risk analysis calculates discrete values for the impact and likelihood of each factor affecting the change proposal for a system.
152
Data
Quantitative risk analysis uses data to make a determination for risk on a system. This data is based on a variety of calculations.
153
A network engineer implements a proxy at a small company. The configuration does not require settings on every client machine. What type of proxy does the engineer deploy? (Select all that apply.)
1. A proxy server can improve both performance and security. A transparent proxy does not require any client configuration as the server handles the appropriate settings.
2. Some networks use a proxy to provide network connectivity. An intercepting proxy does not require that each client is individually configured.
154
Manual Proxy
With a manual proxy, each client must be configured with the IP address and TCP port to use to forward traffic via the proxy.
155
Autoconfiguring Proxy
Proxy server settings can be done via Network and internet settings on a Windows client. This includes a fully manual option to input proxy settings or to automatically detect proxy settings. Whichever setting is used, it would still have to be configured on the client itself.
156
Malware infects a user’s computer. A support technician determines that the malware is executed without requiring any authorization using system privileges. What type of malware currently infects the system?
Malware may be able to execute without requiring any authorization using system privileges and it may escalate privileges after installation. Malware running with this level of privilege is referred to as a rootkit.
157
Ransomware
Ransomware is a type of malware that tries to extort money from the victim. One class of ransomware will display threatening messages, such as requiring Windows to be reactivated.
158
Keylogger
A keylogger is spyware that actively attempts to steal confidential information by recording keystrokes. The attacker will usually hope to discover passwords or credit card data.
159
Trojan
A Trojan is malware concealed within an installer package for software that appears to be legitimate.
160
A user installs an application on a Linux system by using which method in the operating system?
An app distribution method is the means by which the vendor makes it available to install. Linux uses DEB packages with the APT (package manager) or RPM for YUM.
161
Add remove programs
The add remove programs feature is found in the Windows operating system’s control panel applet.
162
Partition manager
A partition manager is used for managing volumes on physical disks and various other disk management utilities.
163
Optical drive
An optical drive may contain installable media, however, to install an application a package manager is used.
164
A user contacts an IT helpdesk. The complaint is that the computer is very sluggish. Support personnel notices high graphics processing unit (GPU) use. What does the helpdesk determine to be the issue?
A cryptominer hijacks the resources of the host to perform cryptocurrency mining. This is also referred to as cryptojacking. A graphics processing unit (GPU) is used in cryptomining.
165
Ransomware
Ransomware is a type of malware that tries to extort money from the victim. One class of ransomware will display threatening messages, such as requiring Windows to be reactivated.
166
Keylogger
A keylogger is spyware that actively attempts to steal confidential information by recording keystrokes. The attacker will usually hope to discover passwords or credit card data.
167
Remote access Trojan
A remote access Trojan (RAT) is malware that, once installed, allows the threat actor to access the PC, upload/exfiltrate data files, and install additional malware tools.
168
A user with tech knowledge and full permissions, browses the network to identify any available shares on all servers. While browsing, the user found a share known to contain payroll information. However, the user is unable to access the information within the share. Assuming that the user is not authorized to access the payroll information, what is the most likely reason why the user cannot view the information within the share?
A user can browse the network to see all available shares on available hosts. A share that is not visible is one that is hidden. On a Windows system, a hidden share is set by including a $ in the share name. (The user does not have permissions to access the share.)
169
The permissions are incorrect.
A user may browse a network for shareable resources. Permissions will pertain to the ability to access and use the share, not to see the share.
170
The share is a hidden share.
A network can be browsed for shares. While a share may be private in the sense that it is intended for specific users, it can still be seen.
171
The user is on the wrong server.
A user can browse an entire network for shares. The user is looking at shares on the wrong server in this case.
172
A new help desk technician receives a support call from a user. What initial information does the technician ask the user to provide? (Select all that apply.)
1. Most users may not be tech-savvy. However, the user must supply a basic description of the issue. The technician should ask clarifying questions to ensure an accurate initial description.
2. When working on a trouble ticket, it is important to gather the user’s name and other contact details. It might be possible to link the ticket to a customer relationship management (CRM) database.
173
System specifications
Most users are not tech-savvy. Asking a user to identify system specifications may be difficult. If asset tags are used, information could be obtained this way.
174
Hard drive type
Asking a user to identify the hard drive type in the system may not be helpful. It is also likely that the user will not know the answer.
175
A technician configures a backup routine on an important workstation. Which type does the routine use when only backing changes since the last full backup?
Differential jobs select new files and files modified since the original full job. A differential chain has moderate time and storage requirements.
176
Synthetic
A synthetic backup is an option for creating full backups with lower data transfer requirements. A synthetic full backup is not generated directly from the original data but instead assembled from other backup jobs.
177
Full
A full backup means that the backup job produces a file that contains all the data from the source. This means that the backup file is nominally the same size.
178
Incremental
Incremental jobs select only new files and files modified since the previous job. An incremental job has the lowest time and storage requirement.
179
A Windows user runs the Defragment and Optimize Drives tool (dfrgui.exe) on a solid state drive (SSD). What action will the tool take on the drive? (Select all that apply.)
1. On a solid state drive (SSD), data is stored in units called blocks that are not directly managed by the OS. The tool runs a trim process that identifies data that the OS has marked as deletable.
2. When the tool initiates a trim, data that is marked as deletable ultimately has its occupied blocks tagged as writable.
180
Rewriting of data into contiguous clusters
The Defragment and Optimize Drives tool (dfrgui.exe) tool runs various operations to speed up a disk. On a hard disk, the tool rewrites file data so that it occupies contiguous clusters.
181
Tracking files that can be safely erased
The Disk Clean-up (cleanmgr.exe) tool tracks files that can be safely erased to reclaim disk space.
182
A technician receives a company laptop from an employee who states they are unable to authenticate from one Windows system to another in a domain but fails with no error message and has verified the username and password are correct. What does the technician determine the issue to be?
Processes such as authentication and backup depend on the time reported by the local PC being closely synchronized to the time kept by a server.
183
Application crash
If an application crashes, the priority is to try to preserve any data that was being processed. Users should be trained to save regularly. This would not prevent a login.
184
Failed service
If a message such as "One or more services failed to start during the Windows load sequence" appears, check Event Viewer to identify which service has failed.
185
Blue screen of death
A blue screen of death (BSoD) displays a Windows STOP error. A STOP error is one that causes Windows to halt. A BSoD is a symptom of a crash and not a cause of a login problem.
186
A user with a problematic Windows system tries to use a previously created system image. How does the user access the image? (Select all that apply.)
1. Windows includes many operating system recovery and repair options. To restore a system with an image created in Backup and Restore, a repair disk can be used.
2. To recover a system using a backup image, use the Advanced Boot Option or the System Image Recovery option off a repair disk or recovery environment.
187
Start Menu
The Windows Start Menu provides access to many configuration and system maintenance tools to maintain operating system functionality. Creating an image can be accomplished through the Start Menu.
188
Reset this PC
If an up-to-date image of a system does not exist, an option is to reinstall Windows using the "Reset this PC" option in the recovery environment.
189
A company implements several types of security mechanisms around a high-risk data center. One of the mechanisms allows for a panic button to be pressed. Which security type does this button represent?
A duress alarm is triggered manually and could be implemented as a wireless pendant, concealed sensor or trigger, or call contact.
190
Circuit
A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm. This could be caused by a door opening or by a fence being cut.
191
Motion
A motion-based alarm is linked to a detector triggered by movement within a room or other area. The sensors in these detectors are either microwave radio reflection or passive infrared (PIR).
192
Proximity
Proximity alarms use radio frequency ID (RFID) tags and readers that can be used to track the movement of tagged objects within an area.
193
A user claims that they cannot browse the local shared network by name. After evaluating the computer’s IP settings and pinging the local share by IP address with no problem, what does a support technician determine as the cause?
All hosts on a network require the use of a domain name server IP address for network communications using host names. This is currently the problem. (Missing DNS address)
194
Missing IP address
All hosts on a network require the use of an IP address for network communications. Since the workstation can connect with a local server, the IP address is working fine.
195
Missing gateway address
All hosts on a network require the use of a gateway IP address for network communications to remote networks. The workstation can ping an internet host, so the gateway IP address is not the problem.
196
Missing subnet address
All hosts on a network require the use of a subnet address for network communications. Since the workstation can connect with a local server, the subnet address is working.
197
After a recent driver update on a Windows system, the display adapter does not function properly. A technician tries to roll back the driver by using which management console?
The Device Manager (devmgmt.msc) console allows administrators to view, edit, and troubleshoot the properties of installed hardware, update drivers, and remove or disable devices.
198
diskmgmt.msc
The Disk Management (diskmgmt.msc) console displays a summary of any fixed and removable disks.
199
dfrgui.exe
The Defragment and Optimize Drives tool (dfrgui.exe) runs various operations to speed up the performance of hard disk drives (HDDs) and solid-state drives (SSDs).
200
lusrmgr.msc
The Local Users and Groups (lusrmgr.msc) console provides administrators with an advanced interface for creating, modifying, disabling, and deleting user accounts. This console is also useful for resetting the password for an account.
201
A user modifies a Windows 10 computer’s ease of access settings. Which settings group configures Keyboard usability?
Interaction configures options for keyboard and mouse usability. The user can also enable speech- and eye-controlled input methods.
202
Vision
Vision configures options for cursor indicators, high-contrast and color-filter modes, and the Magnifier zoom tool. Additionally, the Narrator tool can be used to enable audio descriptions of the current selection.
203
Hearing
Hearing configures options for volume, mono sound mixing, visual notifications, and closed-captioning.
204
Power
Power settings are found in the Power Options applet in the Control Panel. These settings deal with a computer’s configuration as it relates to power saving mode, battery use on mobiles, and more.
205
A systems engineer would like to keep a company’s wireless network a secret. How can the engineer accomplish this?
Disabling broadcast of the service set ID (SSID) prevents clients from seeing the network. This provides a margin of privacy at the expense of configuration complexity.
206
Use content filtering.
Content filtering means that the firewall downloads curated reputation databases that associate IP address ranges, Fully Qualified Domain Names (FQDNs), and URL web addresses with sites known to host various categories of content.
207
Enable port forwarding.
Port forwarding means that the router takes a request from a host for a particular service and sends the request to another designated host.
208
Use port-triggering rules.
Port triggering is used with applications that require more than one port. When a firewall detects activity on outbound port A, it opens inbound access for the external IP address on port B for a set period.
209
An IT professional for a company wants to deploy an app outside the app store on company-managed devices. What requirement does the user complete to accomplish this?
Sideloading is the correct answer as it refers to the action of installing applications obtained outside of the device’s official app store, which is what the question is asking about.
210
Sim unlock
Sim unlock refers to unlocking a device to use a SIM card from another carrier. It doesn't have anything to do with installing apps outside the app store.
211
Root access
While root access allows users to install apps that are not from the official app store, it's not the only way to accomplish this. Sideloading does not require root access.
212
Wipe
Wipe is not the correct answer as it refers to resetting the device to its factory state. This would not enable the installation of apps outside the app store.
213
A technician would like to set every Windows computer at an organization to have a company logo as a desktop wallpaper. What does the technician determine as the best method for deploying the setting?
A domain group policy configures computer settings and user profile settings for all computers and user accounts within a domain. This type of policy would satisfy the requirement.
214
Login script
A login script performs some type of configuration or process activity when the user signs in. A script would not be used to set wallpaper.
215
Local group policy
A local group policy configures computer settings and user profile settings on an individual system. This would need to be done on each system which is time-consuming and prone to error.
216
Administrative template
Administrative templates contain particular configurations and can be used to define settings in third-party software too.
217
A technician troubleshoots a Windows system by using the command prompt. If the technician is currently in the directory named C:\Backup and wishes to enter the directory C:\Backup\02102022, what command does the technician use?
A user can easily navigate a Windows system by issuing the change directory (CD) command. The cd command followed by a space and then by a directory name will move to that directory.
218
cd\ 02102022
When navigating directories on a Windows system with a command prompt, the change directory (cd) command is used. The cd\ command will navigate to a higher level in the folder structure.
219
cd.. 02102022
The change directory (cd) command is used when navigating between directories when using a Windows command prompt. The cd.. command will move the user to a high level in the folder structure.
220
cd .\Backup\02102022
Using the command cd .\Backup\02102022 is not a valid command. It will return an error of "The system cannot find the path specified.
221
A company tightens system security in several ways. One approach implements on-access scanning of files for malware. Shortly after implementation, users complain to the help desk. What is the complaint?
An on-access scan means that any time a file is accessed by a user or an application, it is scanned by antivirus/antimalware software. This can cause system overhead. (Systems are slow.)
222
Backups have malware.
Backups of systems can contain malware. If a system is infected and a scheduled backup occurs thereafter, the backup would then include the malware.
223
Browser pop-ups are frequent.
Browser pop-ups would not be a result of an on-access scan. Pop-ups would be caused by malware infecting a system.
224
System restore is disabled.
System restore would not be impacted with an on-access scan. Once an infected system is isolated, the best next step is to disable system restore and other automated backup systems, such as file history.
225
A computer store help technician installs a Windows 10 edition that is designed for domestic consumers and SOHO business use. What edition has been installed in this instance?
In this scenario, Windows 10 Home is the appropriate software for installation as it is designed for domestic consumers and Small Office Home Office (SOHO) business use. The home edition cannot be used to join a Windows domain network.
226
Pro
The Windows 10 Pro edition is designed for small and medium-sized businesses. The "Professional" edition comes with networking and management features designed to allow network administrators more control over each client device.
227
Education
The Windows 10 Education edition provides variants of the Enterprise and Pro editions and is designed for licensing by schools and colleges.
228
Enterprise
The Windows 10 Enterprise edition is similar to the Pro edition but designed for volume licensing by medium and large enterprises.
229
An administrator reviews an audit log and notices strange logins when the business is closed. Which policy does the administrator use to deter this activity?
Restrict login times is typically used to prevent an account from logging in at an unusual time of the day or night or during the weekend.
230
Failed login lockout
Failed attempts lockout specifies a maximum number of incorrect sign-in attempts within a certain period. Once the maximum number of incorrect attempts has been reached, the account will be disabled.
231
Concurrent logins
Concurrent logins set a limit to the number of simultaneous sessions a user can open. Most users should only need to sign in to one computer at a time.
232
Use timeout
Use timeout/screen lock will lock the desktop if the system detects no user-input device activity. This is a sensible, additional layer of protection.
233
While implementing security on a small network, an administrator ensures that any data modification is legitimate. What security property pertains to this principle?
Integrity is a part of the CIA triad (the “I”) and means that the data is stored and transferred as intended and that any modification is authorized.
234
Confidentiality
Confidentiality is a part (the “C”) of the CIA triad and means that certain information should only be known to certain people.
235
Availability
Availability is a part of the CIA triad (the “A”) and means that information is accessible to those authorized to view or modify it.
236
Acceptability
Acceptability refers to the policy of use. Different security policies should cover every aspect of an organization's use of computer and network technologies, from procurement and change control to acceptable use.
237
What might a security engineer suggest as a solution to deter lunchtime attacks?
A lunchtime attack is where a threat actor is able to access a computer that has been left unlocked. Policies can configure screensavers that lock the desktop after a period of inactivity.
238
Strong password
A strong password is recommended to protect a system. However, a lunchtime attack occurs on a system that is unlocked and logged in.
239
Biometrics
Biometrics are a good way to provide authentication and multifactor authentication to a system. A lunchtime attack, however, occurs on a system that is already unlocked and logged in.
240
Permissions
Permissions pertain to what a user can do on a system. Permissions will not deter a lunchtime attack.
241
A user would like to install an updated Windows operating system (OS) on a computer. There are no files that need to be saved. What options does the user have to accomplish this? (Select all that apply.)
1. A clean install of an OS is an installation option where no previous operating system will be repaired. This is a good option for a new install.
2. An in-place upgrade means running setup from an existing version of the OS so that third-party applications, user settings, and data files are kept and made available in the new version.
242
Recovery partition
A factory recovery partition is a tool used by OEMs to restore the current OS environment to its ship state. The recovery partition is created on the internal fixed drive.
243
Windows reset
Windows supports a reset option to try to repair an installation. Using the full reset option deletes the existing OS plus apps, settings, and data so that the system is ready for the OS to be reinstalled.
244
A user suspects that a USB drive on their system has been tampered with. The user begins using the drive by saving a few reports while waiting for an IT technician to investigate. What does the user compromise?
Data integrity refers to the authorized or unauthorized manipulation of data. This also applies to intentional or unintentional manipulation. Contents of the drive may be useful as evidence.
245
Incident documentation
Documenting the scene of an incident is important; using photographs and ideally video and audio. Investigators must record every action they take.
246
Latent evidence
Digital evidence is mostly latent. Latent means that the evidence cannot be seen with the naked eye; rather, it must be interpreted using a machine or process.
247
Chain of custody
The evidence collected at the crime scene must conform to a valid timeline. Digital information is susceptible to tampering, so access to the evidence must be tightly controlled. In this case, only the user has handled the drive.
248
A user wishes to enable multiple desktops within macOS for different work environments. What feature makes this possible?
The Mission Control feature is used for window management and enables the user to set up multiple desktops with different sets of apps and backgrounds.
249
Terminal
The Terminal can be used to access the command-line environment, which uses either the Z shell (zsh) or Bash.
250
Spotlight Search
Spotlight Search can be used to find almost anything on macOS. To start a new search, click the magnifying glass in the menu bar or press COMMAND+SPACE to bring up the search box.
251
Dock
The dock at the bottom of the screen on a macOS computer gives one-click access to favorite apps and files, similar to the taskbar in Windows.
252
How might a mobile-device management suite of software detect that a user has rooted an Android device?
Mobile-device management (MDM) suites have routines to detect a “rooted” (associated with Android) or “jailbroken” (associated with Apple) device or custom firmware with no valid developer code signature. (There is no valid developer code signature. )
253
The device is in developer mode.
It is possible to put a device into developer mode. This makes advanced configuration settings and diagnostic/log data available. This will not help the software suite identify a rooted device.
254
The iOS device is jailbroken.
iOS is more restrictive than Android, so the term "jailbreaking" became popular for exploits that enabled the user to obtain root privileges and sideload apps on iOS devices. This will not help the software suite identify a rooted device.
255
The battery life is significantly reduced.
Reduced battery life can be a result of many factors, including aging hardware or software inefficiencies, and is not a specific indicator of a device being rooted. While rooted devices may experience battery life changes due to altered software configurations, this is not a reliable method for MDM suites to detect rooting.
256
A systems administrator configures a hardware firewall to allow remote desktop connections to various Windows computers. This involves port forwarding. Which port will the administrator need to change so that each system uses a unique port?
The Remote Desktop Protocol on a Windows workstation or server runs on TCP port 3389 by default but can be changed to another port.
257
22
Secure Shell (SSH) is a remote access protocol, but it connects to a command interpreter rather than a desktop window manager. SSH uses TCP port 22 (by default).
258
5900
Virtual Network Computing (VNC) is a freeware product with similar functionality to the Remote Desktop Protocol (RDP). It works over TCP port 5900.
259
443
Remote connection tools include TeamViewer and LogMeIn. Like Windows Quick Assist, these products are designed to work over HTTPS (TCP/443) across the internet.
260
An engineer configures numerous firewall rules on a system. If no specific rule or permission explicitly grants access and is automatically denied by default, what security function is in place?
Implicit deny means that unless there is a rule specifying that access should be granted, any request for access is denied.
261
Explicit deny
Explicit deny means that a specific rule is created that denies any access to a system or service.
262
Least privilege
Least privilege means that a user should be granted the minimum possible rights necessary to perform the job. This can be complex to apply in practice as security can be restrictive.
263
Physical control
Physical security and control measures dictate who can access a building or a secure area of a building, such as a server room.
264
A data analyst is creating new disaster recovery and prevention method guidelines after exposure to a recent data breach. What factors should be considered when developing a disaster recovery plan? (Select all that apply.)
1. A disaster recovery plan should identify scenarios for natural and man-made disasters and options for protecting systems.
2. Additionally, a disaster recovery plan should identify tasks, resources, and responsibilities for responding to a disaster.
(Identify scenarios for natural and man-made disasters. Identify tasks, resources, and responsibilities for responding to a disaster.)
265
Perform backups of data and configuration files on a regular basis.
Performing backups of data and configuration files on a regular basis is a good prevention method but is not specifically associated with a disaster recovery plan.
266
Create a customer recovery image for use in restoring a computer.
Also, creating a customer recovery image for use in restoring a computer is valuable but not specifically tied to disaster recovery planning.
267
A user looks to reconfigure an IP address for a network adapter. Which Control Panel applet is the most direct?
Network Connections (ncpa.cpl) is a Control Panel applet for managing adapter devices, including IP address information.
268
Network & Internet
The Network & Internet configuration area is the modern settings app used to view network status, change the IP address properties of each adapter, and access other tools.
269
Network and Sharing Center
The Network and Sharing Center is a Control Panel applet that shows various status information for a current network connection.
270
Advanced sharing settings
The advanced sharing settings is a Control Panel applet that configures network discovery (allows detection of other hosts on the network) and enables or disables file and printer sharing.
271
A Windows 7 computer user requires help from the IT department. A technician instructs the user to create an invitation file. What type of Windows help session does the user create?
Microsoft Remote Assistance (MSRA) allows a user to ask for help from a technician or co-worker via an invitation file protected by a passcode.
272
Microsoft Remote Desktop
With a remote desktop, a target PC runs a graphical terminal server to accept connections from clients.
273
Microsoft Quick Assist
Windows 10 feature updates introduced the Quick Assist feature as an alternative to Microsoft Remote Assistance (MSRA). The helper must be signed in with a Microsoft account and generate the passcode for the sharer.
274
Secure Shell
Secure Shell (SSH) is a remote access protocol that uses a command interpreter rather than a desktop window manager. SSH is typically used to manage hardware devices such as wireless access points.
275
A user loses their smartphone that is set up for roles as both personal and work-related functions while traveling. The IT department initiates the securest measure possible to impact work-related data only. What action does the IT department take?
An enterprise wipe can be performed against the corporate/work container only. This removes any corporate accounts and files but leaves personal items on the phone.
276
Remote lock
A remote lock of a smart device will lock the screen so that access will require authentication.
277
Device wipe
If a device is lost with no chance of recovery, it may be necessary to perform some level of remote wipe to protect data and account credentials. A device wipe performs a factory default reset.
278
Remote call
A remote call or ring will make the device ring for a period of time. This is useful when trying to locate a phone that may be nearby.
279
Which root-level file allows for the automatic execution of commands in a legacy version of Windows?
In a legacy versions of Windows, an inserted disk (USB or optical) would automatically run commands defined in an autorun.inf file stored in the root of the drive.
280
Start button
The Windows Start button, identified by the Windows logo, is the main navigation point in a Windows system.
281
Execution control
Execution control refers to logical security technologies designed to prevent malicious software from running on a host regardless of what the user account privileges allow.
282
AutoPlay
In the modern versions of Windows, an AutoPlay dialog box is shown when a program tries to automatically execute, prompting the user to take a particular action.
283
A Windows user is not able to resolve server names on a local network. After updating the system’s hosts file, which command does the user issue?
The domain name system (DNS) is used to resolve IP addresses to host names. Whether a server or a hosts file is used, the ipconfig /flushdns command clears a system’s DNS cache.
284
ipconfig /renew
In a Windows system, the ipconfig command is used to review and troubleshoot IP configuration problems. The ipconfig /renew command is issued to receive a new IP address from a Dynamic Host Configuration Protocol (DHCP) server.
285
ipconfig /release
When using a Windows system, command line tools are helpful with troubleshooting. The ipconfig /release command is used to release a currently configured dynamic address.
286
ipconfig /all
In a Windows system, the Control Panel can be used to review a system’s network configuration. The ipconfig /all command will also reveal IP related configurations.
287
A company looks to dispose of old computers and related equipment. Which items require special care? (Select all that apply.)
1. Any regular, swollen, or leaking batteries from laptop computers or within cell phones and tablets must be handled very carefully and stored within appropriate containers.
2, Photocopier and laser-printer toner is an extremely fine powder. The products in toner powder are not classified as hazardous to health, but any dust in substantial concentration is a nuisance as it may cause respiratory tract irritation.
3. Many components in PCs, cell phones, tablets, and display screens contain toxins and heavy metals, such as lead, mercury, and arsenic. These toxins may be present in circuit boards.
288
Mouse Pad
Mouse pads do not require special care.
289
Question
An engineer surveys risks tied to environmental impacts for a service computer stored in a server closet. What does the engineer focus on? (Select all that apply.)
1. A computer that is too hot is likely to be unreliable. Computers must have proper ventilation in a room to draw cool air into their cooling system. An improperly ventilated room may cause a computer to pull in hot air it has just expelled and increase the unit's temperature.
2. High humidity impacts the amount of water vapor in the air and can cause condensation to form. Low humidity allows static charges to build up more easily and increases the risk of electrostatic discharge (ESD).
3. Dust is drawn into the computer via ventilation holes. Over time, the dust can form a thick layer over components, heat sinks, fan blades, and ventilation slots, preventing effective heat dissipation.
290
Noise
Noise is not an environmental concern in terms of compute performance, though some co-locations that lease datacenter space may have ways to reduce noise for staff and visiting vendors while working in the space.
291
A tech has an Android tablet that no longer receives updates due to its age. Learning that a custom firmware with new features is available, what does the tech require to install the image?
For some devices, it is necessary to exploit a vulnerability or use custom firmware. Custom firmware is essentially a new Android OS image applied to the device and requires root access to install.
292
Jailbreak
iOS jailbreaking is accomplished by booting the device with a patched kernel. For most exploits, this can only be done when the device is attached to a computer while it boots (tethered jailbreak).
293
Sideload
Sideloading is the action of installing applications that are obtained outside of the device’s official app store.
294
Wipe
Wiping a device will reset the device to its factory state. Wiping is involved with installing a new firmware image; however, root access is required to install the image.
295
A user needs to restore a problematic Windows system to its original factory state. What approach does the user utilize to achieve the restoration?
A factory recovery partition is a tool used by the original equipment manufacturers (OEMs) to restore the OS environment to its ship state. The recovery partition is created on the internal fixed drive.
296
Windows refresh
Windows supports refresh and reset options to try to repair the installation. Using refresh recopies the system files and reverts most system settings to the default but can preserve user personalization settings, data files, and apps installed via Windows Store.
297
Clean install
A clean install of the operating system is an installation option where no previous operating system will be repaired.
298
In-place upgrade
An in-place upgrade means running setup from an existing version of the OS so that third-party applications, user settings, and data files are all kept and made available in the new version.
299
An organization looks to make a server available to internet traffic without bringing harm to its private network. An onsite engineer configures a separate network for the server. Which approach does the engineer utilize?
In an enterprise network, a screened subnet is a means of establishing a more secure configuration. The idea of a screened subnet is that some hosts are placed in a separate network segment.
300
Port forwarding
Port forwarding means that a router takes a request from a host for a particular service and sends the request to a designated host on the local area network (LAN).
301
Port triggering
Port triggering is used to set up applications that require more than one port, such as file transfer protocol (FTP) servers.
302
Inbound filtering
Inbound filtering determines whether remote hosts can connect to given TCP/UDP ports on internal hosts that are behind a firewall or router.
303
A recent software installation on a Windows desktop fails. Which internal log file does a technician review to see what may have gone wrong?
The application log contains information regarding non-core processes and utilities for some third-party applications. Third-party application installers write events to the application log.
304
System
The system log contains information about events that affect the core operating system (OS). These include service load failures, hardware conflicts, driver load failures, network issues, and more.
305
Security
The security log holds the audit data for the system. This includes a record of successful and failed logins. File access can also be audited.
306
Setup
The setup log records events generated during the installation of the operating system. This log assists in determining operating system setup failures.
307
A user finds their Android smartphone to be unresponsive when trying to use an app. How might the user resolve the problem so that they may use the phone?
A soft reset is usually effective in restoring unresponsive or frozen systems and is one of the first things to try when faced with a malfunctioning app or slow performance.
308
Perform a factory reset.
A factory reset removes all user data, apps, and settings. The device will either have to be manually reconfigured or restored from a backup configuration. This would be a drastic measure.
309
Remove the battery.
Cutting power to the phone will alleviate the problem. However, modern smartphones do not have a way for a consumer to easily access the internal battery.
310
Run an update.
Running updates is always recommended to keep a device secure and performing well. This will not solve the immediate problem of needing to use the phone.
311
A user would like to delete a mapped drive labeled as "X" on a Windows system. Which command will the user issue at the command prompt?
There are several net and net use command utilities that are useful in viewing and configuring shared resources on a Windows network. To delete a drive mapping, the correct syntax is net use X: /delete.
312
net delete X:
The net use command can map and delete a mapped drive. The correct syntax is to use the net use command with a /delete switch.
313
net delete *
When using the net use command, a /delete switch is issued to delete a mapped drive. The * would delete all mapped drives.
314
net use X: \\server\share
When there is a need to map a drive using a command line, the net use command is issued. Net use X: \\server\share would map a drive.
315
When there is a need to map a drive using a command line, the net use command is issued. Net use X: \\server\share would map a drive.
net use X: \\server\share
