Core 2 (11/15-1/30) Flashcards
(135 cards)
1
Q
You finish replacing the network adapter in a company workstation and verify full system functionality.
Using the six steps of troubleshooting, which step should you take next?
A
document findings, actions and outcomes
2
Q
What are the six steps of troubleshooting?
A
1) Identify the problem
2) Establish a theory of probable cause
3) Test the theory
4) Establish a plan
5) Verify full system functionality
6) Document findings, actions, and outcomes
3
Q
Which of these hazards does a surge suppressor protect against?
A
Power spikes
4
Q
You complete a trouble ticket submitted by a client. Once the problem is corrected, you ask the customer to verify that the system works as expected.
The customer acknowledges that the computer is functional, but states that there is a dim flicker that occurs often enough that it is giving him a headache.
You tell the customer that this is a result of action that had to be taken to correct that original problem. However it should diminish over time and the customer’s headaches will then go away.
Which of the principles shown below did you violate?
A
Do not dismiss the customer’s problems.
5
Q
Which backup type would you use to ensure all data is included in the scheduled backups?
A
Full
6
Q
In what way do administrators use Windows PowerShell?
A
create and run scripts used to manage the operating system
7
Q
Joe is attempting to repair an application on his computer. When he tries to start the program, the system returns a “DLL is missing” error message.
Joe imports a copy of the missing .dll file to his computer, but the program continues to return the error message and fails to start.
Which of the following tools should Joe use to complete the .dll import process?
A
regsrv32
8
Q
You are troubleshooting a computer at a client’s site. The client is upset because a number of important files have disappeared from his Documents folder. The client is sure that the files were there two days ago and can think of no reason why they would have disappeared.
You can restore the missing files from a tape backup.
Using the theory of troubleshooting, what should you do next?
A
Establish a theory of probably cause
9
Q
A customer has made several trouble calls to the help desk and is very irate. The technician that receives the call has learned that the issue has not yet been resolved. The technician politely asks the customer to explain the issue, and learns that the problem needs to be escalated. Which of the following should the technician do once the problem has been escalated?
A
communicate status with the customer and ensure a successful call transfer
10
Q
A technician is onsite troubleshooting a user’s issue and receives a call from another customer. Which of the following is the best course of action for the technician to take in this situation?
A
let the call go to voicemail and respond when time permits
11
Q
A computer is making a clicking noise, but is otherwise operating normally. What should you do first when responding to the issue?
A
Attempt to backup data from the hard drive
12
Q
A user submits a trouble ticket to the help desk. In completing the ticket, the user states that the problem is related to a newly installed application. After reading the full description of the problem, you know that the problem is related to something completely different.
Instead of following the course of action that the user recommends, you try to persuade the user that your method will be best. This exchange results in some harsh words between you and the user.
How should you have responded to the user?
A
You should have acknowledged the customer’s input, and then resolved the problem using your own knowledge of the best way to proceed
13
Q
What is the best way to deal with a difficult user?
A
Don’t allow yourself to be drawn into an argument or become defensive
14
Q
Dan, a new help desk technician, is talking with a customer on the phone. The customer has a problem that Dan has never seen before and does not know how to troubleshoot.
What is the first thing that Dan should say to the customer?
“Please hold while I escalate this problem to a Level II technician.”
“Please be patient with me. This is the first time I have encountered this problem.”
“Please hold while I consult with one of our senior technicians about your issue.”
“Would you mind holding for no more than two minutes while I check our resources?”
A
“Would you mind holding for no more than two minutes while I check our resources?”
It also gives Dan time to see if there is a simple solution to the problem or if it might need to be escalated. Until Dan has a chance to ask another technician how to deal with the user’s problem, he doesn’t know if the problem should be escalated or not.
15
Q
A user reports several technicians have been unable to solve a problem and requests that the technician on the phone comes out to fix the problem because the user is unable to work. After the technician has effectively communicated a willingness to help, which of the following is the next step?
A
identify the problem
16
Q
A client needs to work on some critical files, but says she cannot find them.
Using the theory of troubleshooting, what step should you complete first to resolve the problem?
A
Identify the problem
17
Q
A user calls the help desk to report a problem with a Windows computer. On the previous day, the user downloaded a new application from an approved share on the company’s network. Everything was working well yesterday.
This morning, when the user came in and restarted his computer, he received several messages which state that a DLL file that cannot be found.
You have been assigned to resolve this problem. What is the best course of action for you to take next?
A
Copy the DLL file from a working computer and use the regsvr32 command to import the file
In this case, it would appear that a needed .dll file was overwritten when the user downloaded and installed the new application. In order to fix the problem, you will need to restore the missing .dll by copying it from a trusted source and using the Regsvr32 utility to register the .dll file.
18
Q
What is DLL?
A
(Dynamic Link Library) files are composed of computer data and code. These are used by software makers as shared resources on Windows operating systems. Rather than install separate components, they share the same DLL file.
19
Q
What is Regsvr32?
A
a command-line utility to register and unregister OLE controls, such as DLLs and ActiveX controls in the Windows Registry. Regsvr32.exe is installed in the C:\Windows\System32 folder.
20
Q
Ann, a user at your company, brings her laptop to you for repair. What is the least professional thing you could say or offer to Ann?
“The department is slammed with repairs right now. Would you be able to bring the laptop back a little later when we are less busy?”
“Now that I have your laptop checked in for repair, may I offer you the use of a loaner laptop?”
“Please have a seat in the area while I work on your laptop.”
“Your laptop will be ready later today. Please feel free to come by any time at your convenience and see if the machine is ready.”
A
“The department is slammed with repairs right now. Would you be able to bring the laptop back a little later when we are less busy?”
Why?
1. You failed to recognize that the user has a problem.
2. You ignored the inconvenience you are causing your coworker.
21
Q
You are considering different methods for protecting the electronic devices on your company’s network. Which of the following devices will protect the equipment to which it is attached by directing power surges to the path of least resistance?
A
surge protector
22
Q
What is a surge protector?
A
a device that re-directs power surges through an alternate path of least resistance (or to “ground”), protecting valuable electronic equipment. Surge protectors should be installed on any equipment that contains a microprocessor.
23
Q
Read / Write errors are occurring intermittently on your PC. Which of the following actions would you MOST likely take?
Low level format the drive
Run FDISK on the drive
Update definitions and run a virus scan
Run CHKDSK on the drive
A
Run CHKDSK on the drive
24
Q
You are installing a wireless router in your home. What are the two most important actions you could perform to ensure that your network is secured from access by unauthorized users? Select two.
Change the default login name and password on the new router
Verify that the router firmware has the latest updates installed
Modify the encryption settings on each workstation’s wireless adapter
Enable encryption on the new router
Harden all workstations on your network
A
Change the default login name and password on the new router
Enable encryption on the new router
25
A network administrator is unable to install programs on a workstation. Which of the following is most likely the reason the administrator is not able to install applications?
the username is not part of the local administrator group
the workstation is the victim of a denial of service attack
the username is not authenticating on the network
the administrator has not applied appropriate security patches
the username is not part of the local administrator group
26
Which Control Panel path would you use to review and correct the issue of a user's computer that keeps producing a low virtual memory alert and experiences a degradation of performance shortly after?
System > System Restore
System > Advanced
System > Hardware
System > Remote
System > Advanced
27
Which of the following descriptions best describes a botnet?
a security hole which can be exploited by hackers before the vendor becomes aware if the problem and fixes it
attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication
an interconnected network of computers infected with malware without the user's knowledge and controlled by cybercriminals
an attack which secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other
an interconnected network of computers infected with malware without the user's knowledge and controlled by cybercriminals
They're typically used to send spam emails, transmit viruses and engage in other acts of cybercrime. They are sometimes known as a zombie army.
28
Which of the following commands cannot be completed using IPCONFIG?
determine if the computer is configured to be a DHCP client
find the MAC address assigned to a network interface card
find the assigned default gateway for a computer
send an ICMP packet to determine if a remote computer is accessible from the local computer
send an ICMP packet to determine if a remote computer is accessible from the local computer
29
What is the PING command?
used to demonstrate connectivity between two computers
send an ICMP packet to determine if a remote computer is accessible from the local computer network
30
Which of the following Windows operating system features is used to manage offline file activity?
Control Panel
Windows Updates
Sync Center
One Drive
Sync Center
Sync Center allows you to check the results of your recent sync activity if you've set up your computer to sync files with a network server. This allows you to access copies of your network files even when your computer isn't connected to the network. Sync Center can tell you if the files synced successfully or if there are any sync errors or warnings.
If you've ever needed to access important files stored in a shared folder on your network but couldn't because your laptop was disconnected from the network, then you can understand the need for offline files. With offline files, you can access copies of your network files even when your computer isn't connected to the network.
31
Which tool, included as a part of the Windows operating system, will you be prompted to use if Windows detects possible problems with your computer's memory?
Event Viewer
Computer Management
Windows Memory Diagnostic
Component Services
Windows Memory Diagnostic
If Windows detects possible problems with your computer's memory, it will prompt you to run the Memory Diagnostics Tool. The Memory Diagnostics Tool will run automatically when you restart Windows. It might take several minutes for the tool to finish checking your computer's memory. Once the test is completed, Windows will restart automatically. If the tool detects errors, you should contact your computer manufacturer for information about fixing them, since memory errors usually indicate a problem with the memory chips in your computer or other hardware problem.
32
A new user calls the help desk in tears. She reports that she accidentally kicked the power strip under her desk which cut power to her desktop computer. Now when she boots the machine, it takes a very long time to start and all her applications seem to be running much slower.
You examine the Event Viewer files on her computer and find several messages stating that the file system is corrupt.
What action should you take next to help resolve this problem?
run chkdsk with the /r switch and reboot the PC
convert the hard drive to the FAT32 file system
replace the hard drive in the computer
reinstall the operating system
run chkdsk with the /r switch and reboot the PC
Chkdsk creates and displays a status report for a disk based on the file system. Chkdsk also lists and corrects errors on the disk. Used without parameters, chkdsk displays the status of the disk in the current drive.
When run with the /r parameter, chkdsk locates bad sectors and recovers readable information. If the improper shutdown causes a file system corruption, this would be the least invasive way to try and recover.
33
Your company wants to replace the current user workstations with new computers that will run Windows 10. You have been given three new computers. Each computer has a slightly different hardware configuration from the other two. All three computers run Windows.
You install a critical application that was written for Windows 7 on the new computers. What feature or function could you use to help ensure that the application will run on Windows 10?
Microsoft Store
Control Panel / Programs and Features
Right click the application file in File Explorer / Properties / Compatibility tab
Windows Settings / Apps / Default Apps
Right click the application file in File Explorer / Properties / Compatibility tab
The Properties dialog box for executable files and the shortcuts to these programs have a Compatibility tab. It allows you to configure the program's original operating system environment and force it to use compatible display settings.
34
You have configured a hard drive so that it can boot into more than one operating system based on a selection made by a user at startup. The drive can best be described as a:
Virtual drive
Core drive
Mirrored drive
Dual boot drive
Dual boot drive
35
What is the average operating range of a Class 2 Bluetooth device?
5 meters (16.4 feet)
100 meters (328 feet)
1 meters (3.28 feet)
10 meters (32.8 feet)
10 meters (32.8 feet)
Bluetooth technology functions by creating a wireless personal area network (PAN), also known as a piconet, which Bluetooth-enabled devices can connect to. Once two devices are connected to the same piconet, they can communicate with each other.
36
You are troubleshooting a Windows computer from a command prompt window. As you navigate through the file system, you find that a new folder was recently created on the computer. You need to see what files have been saved to the new folder.
Which of the commands shown below would you use to display the folder contents?
md
cd
dir
rd
dir
The directory command (dir) is used to display the contents of the current folder or directory.
The other commands are used to move from one folder or directory to another (cd or change directory), create new folders or directories (md or make directory), or to delete directories from a drive (rd or remove directory).
37
Which of the statements shown below are NOT true regarding the similarities and difference between the Windows 32-bit and Windows 64-bit operating systems.
Windows 64-bit operating systems can address larger amounts of RAM than Windows 32-bit operating systems can.
Windows 32-bit operating system typically contain the same security features found in 64-bit versions of the same Windows operating systems.
Windows 32-bit operating systems typically do not use the same device drivers used by Windows 64-bit operating systems.
Any processor that supports a Windows 32-bit operating system can also support a Windows 64-bit operating system.
Any processor that supports a Windows 32-bit operating system can also support a Windows 64-bit operating system.
In fact, a Windows 32-bit operating system is written to run specifically on a 32-bit processor. Windows 64-bit operating systems are written to take advantage of the processing power that is unique to 64-bit processors.
38
You need to obtain a list of all the active IP ports on a specific computer. Which of the following commands could you use to gather this information?
MSCONFIG
NETSTAT
PING
NBTSTAT
NETSTAT
NETSTAT displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). When used without parameters, netstat displays active TCP connections.
39
Which of the following actions can you perform using Task Manager? Choose all that apply.
Close programs that are not responding
Monitor the computer's performance
Display processes currently running on a Windows computer
Create a redundant hard disk configuration
Schedule an action to occur at a specific time
Close programs that are not responding
Monitor the computer's performance
Display processes currently running on a Windows computer
If you're connected to a network, you can also use Task Manager to view network status and see how your network is functioning. If more than one person is connected to your computer, you can see who's connected and what they're working on, and you can send them a message.
40
What is Task Scheduler?
used to launch programs, scripts and batch files based on a trigger – such as time – that is specified by a user.
41
How much RAM is required to install Windows 7 32-bit on a PC?
1GB
2GB
16GB
512MB
1GB
According to Microsoft, the minimum hardware requirements needed to run Windows 7 are:
* 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
* 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
* 16 GB available hard disk space (32-bit) or 20 GB (64-bit)
* DirectX 9 graphics device with WDDM 1.0 or higher driver
42
A customer has recently installed several applications on a Windows workstation and is now experiencing slow system performance and spontaneous restarts. After removing some of the recently installed applications, the issue persists. Which of the following tools could the technician use to troubleshoot the problem while preventing data loss?
diskpart
msconfig
factory restore
SecureBoot
msconfig
MSConfig is a system utility to troubleshoot the Microsoft Windows startup process. It can disable or re-enable software and Windows services that run at startup, or change boot parameters.
43
Joe is in charge of formatting hard drives for a new deployment. His supervisor specifies that each drive must be formatted using the file system with the broadest compatibility.
Which file system should Joe use?
FAT16
FAT32
NTFS
CDFS
FAT32
FAT32 is most commonly used with portable drives. FAT32 avoids the problems that NTFS permissions and EFS can introduce when moving between systems.
44
A Trojan horse is a piece of malicious software that __________________________ .
is self-replicating and self-propagating
attaches to a legitimate computer program
attaches to an incoming email
monitors Internet surfing habits
attaches to a legitimate computer program
A Trojan horse, or Trojan for short, is a term used to describe malware that appears, to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system. The term comes from the Trojan Horse story in Greek mythology. Trojan horses are not self-replicating, which distinguishes them from viruses and worms.
45
Which of the following is the fastest way for a user to synchronize data between an iPhone and a work PC?
Copy the data from the phone to a MicroSD card.
Use Bluetooth to share data from the phone.
Connect the iPhone's USB cable and use iTunes.
Transfer data via WiFi Direct to the user's laptop.
Connect the iPhone's USB cable and use iTunes.
Of the four different connectivity solutions proposed, data transfer using USB will be the fastest.
Bluetooth data transfer speeds average 25 Mbps
WiFi Direct data transfer speeds average 250 Mbps
MicroSD cards can support data transfer speeds of 30 Mbps
Assuming that the cable and connectors support the USB V3.0 standard, data can be transferred at speeds of 640MBps.
46
Your company supports a variety of mobile devices, including Android and iOS phones and tablets.
You have been asked to identify which elements from the employees outlook accounts can be synced across all possible platforms supported by the company.
Which the items shown below will appear on your preliminary list of items that can be synced to mobile devices via outlook email? Choose all that apply.
Calendar
Mail
Free//Busy
Programs
Social media
Contacts
Favorites
Calendar
Mail
Free//Busy
Contacts
47
Under which circumstances would you perform a factory reset on an android mobile phone? Select all that apply.
Before a upgrading the phone's firmware
If you have forgotten the password to unlock the system
When the system has become slow or unresponsive and you have tried all other know remedies to fix the problem
After removing a number apps that you no longer use
If you have forgotten the password to unlock the system
When the system has become slow or unresponsive and you have tried all other know remedies to fix the problem
Factory resets can often fix many chronic performance issues such as freezing. Common reasons to perform a factory reset include:
* to fix a malfunctioning electronic device
* to remove a file or virus that is difficult to remove
* to clear the configuration and settings of the electronic device to the default settings
* to clear the memory space on the electronic device
* to recover from a lost password or passcode
* to remove personal information from the device before selling or giving away the device
48
Joe needs to purchase an application for use in company classroom. Although there are over 1,000 employees in the company, there will only be 15 students attending class at any one time.
What type of license should Joe consider to help control costs while ensuring that the students are in compliance with the end user licensing agreement (EULA)?
Commercial license
Seat license
Open source license
Enterprise license
Seat license
a software license based on the number of seats (actually computers) at which the software can be installed. In this model, many computers are licensed to run the software that is installed using a single product key. The number of users becomes irrelevant. For example, if a company buys an application with a per seat license for 20 seats, the software can be installed 20 times. There may be over 100 people who actually use the software, but only 20 users can work with it at any given moment in time. That would be the 20 people sitting at the 20 computers on which the software is installed. This can be less expensive than a commercial license, but is generally more expensive than an enterprise license.
49
What is Enterprise license?
a software site license that is issued to a large company. It typically allows unlimited use of the program throughout the organization, although there may be restrictions and limitations. In this model, many users are licensed to use the software installed on many computers through a single product key. This is often the most cost-effective way to buy software for employee use. A single Enterprise license usually costs less than the price of a commercial license multiplied by the number of users that need access to the software.
50
What is open-source license?
type of license for computer software and other products that allows the source code, blueprint or design to be used, modified and/or shared under defined terms and conditions. Open source software is not the same as freeware. You could pay for an open source license. The difference between open source and commercial licensing is that you have the freedom to modify the software under an open source license that you would not have under a standard commercial license.
51
What is commercial license?
any software or program that is designed and developed for licensing or sale to end users or that serves a commercial purpose. In this model, one user (the buyer) is licensed to install the software on one computer using an installation process that is tied to one product key. This is usually the most expensive way to buy software as you are paying for one license per user.
52
A technician needs to remove the ability of standard users to shut down or restart a shared computer. Which of the following commands can be used to accomplish this task?
gpedit.msc
shutdown.exe
bootrec.exe
services.msc
gpedit.msc
GPEDIT.MSC is the Local Group Policy Editor -- a Microsoft Management Console (MMC) snap-in that provides a single user interface through which all the settings of Local Group Policy objects can be managed.
Among the settings that can be configured, the administrator can disable user or computer settings in the Local Group Policy. This would include disabling the ability for users to shut down or restart a computer.
53
Sam is currently logged on to a Linux computer with his standard user account. He is not a member of any group that has administrative or system level access to the operating system.
Sam needs to update an application. He knows the command to use to run the update, but he needs to be able to run it with elevated privileges.
Which two commands, of those shown below, would give Sam the elevated privilege needed to update his application? Select two.
chown
yum
pwd
apt-get
su
sudo
su
sudo
Whenever a user tries to install, remove and change any piece of software, the user has to have the root privileges to perform such tasks. Sudo (Debian) or su (RHET) are the linux commands used to give such permissions to any particular command that a user wants to execute.
In addition to using sudo/su, the user must also know the password for the root or system account.
54
A new user is attempting to logon to her company-issued computer for the first time. She has been given a smart card and uses that during the logon process. However, the system still won't let her logon.
What other piece of information must she have in order to use her smart card to logon to the laptop?
a password generated by the administrator
a PIN
a user logon name
the name of her company's domain
a PIN
Smart cards use personal identification numbers (PINs) rather than passwords. The smart card is protected from misuse by the PIN, which is known only to the smart card's owner. To use the smart card, the user inserts the card in a smart card reader that is attached to a computer and, when prompted, enters the PIN. The smart card can be used only by someone who possesses the smart card and knows the PIN.
55
You need to launch the windows Start menu on a computer running Windows. Which key or key combination can you press on a Windows computer to complete this task? Choose two.
Windows key
F1
Ctrl + Esc
Ctrl+S
F8
Windows key
Ctrl+Esc
56
Which versions of Windows cannot provide full support for BitLocker?
Windows 8 Professional
Windows 7 Enterprise
Windows Vista
Windows 7 Ultimate
Windows Vista
BitLocker is only available in Window 7 and up.
57
You are creating a SOHO network for a customer. You have been asked to ensure that all employees have the ability to read from and write to a shared directory on the network. Users should have the ability to modify their own documents, but not have the ability to modify documents created in the shared folder by other users.
Which of the following tools would best help you achieve this goal?
VPN
ACL
LPI
RDP
ACL
You would use the ACL (access control list) associated with the shared folder to grant appropriate permissions to the office employees to use that directory.
Any individual who is not granted explicit permission to access the shared folder is considered to have been implicitly denied those permissions.
58
You have been asked to troubleshoot a PC. As you examine the disk configuration, you find that the system uses three volumes. Before you continue, you need to verify all active and assigned drive letters for that computer.
Which command should use with the LIST function to accomplish this task?
bootrec
extract
chkdsk
diskpart
diskpart
59
You have been asked to troubleshoot a PC. As you examine the disk configuration, you find that the system uses three volumes. Before you continue, you need to verify all active and assigned drive letters for that computer.
Which command should use with the LIST function to accomplish this task?
bootrec
extract
chkdsk
diskpart
diskpart
Before you can use DiskPart commands on a disk, partition, or volume, you must first list and then select the object to give it focus. When an object has focus, any DiskPart commands that you type act on that object.
You can list the available objects and determine an object's number or drive letter by using the list disk, list volume, and list partition commands. The list disk and list volume commands display all disks and volumes on the computer. However, the list partition command displays only partitions on the disk that have focus. When you use the list commands, an asterisk (*) appears next to the object with focus. You select an object by its number or drive letter, such as disk 0, partition 1, volume 3, or volume C.
60
A user reports that she cannot use her Android phone since the operating system was upgraded by Tech Support. She really needs this phone and wants to know how quickly the problem could be resolved.
Which of the following actions would you take to solve the problem as quickly as possible?
Perform a hard reset
Perform a factory reset
Rollback the operating system update
Replace the SID card
Perform a hard reset
Hard reset is one of the forms of factory reset, wherein only the hardware is rebooted. The intention of a hard reset is to put as many settings as possible back to their original, normal state.
In this scenario, the problem with the phone began after the operating system was updated. This suggests that the upgrade introduced a bad setting which caused the operating system to fail. When a device does not function properly, it means the setting in the device needs to be changed, so only that part of the device is reset, or rebooted in the hard reset. It clears all the memory associated with the hardware and updates the hardware with the latest updated version. After the hard reset, the CPU or the processor restarts the application.
61
Henry is a remote service technician who uses the GPS feature on his cellphone as he drives to see his customers.
Each time that Henry drives out to see his customers, he finds that an icon will appear on the phone stating that "additional information is required to log in".
What is happening on the smartphone to cause this to happen?
An unintended WiFi connection has been initiated
The phone is picking up cellular data roaming notifications
The smartphone is picking up weak cellular signals
An unintended Bluetooth connections has been initiated
An unintended WiFi connection has been initiated
62
What file system is best suited for optical media?
EXT3
CDFS
NTFS
FAT32
CDFS
The CD File System (CDFS or ISO 9660) is a legacy file system used for CD optical disc media (CD-ROM and CD-R). UDF is an updated file system for optical media with support for multisession writing.
63
You need to find the PID assigned to an application. What tool is best used for this task?
MSCONFIG
Local Security Policy
Task Manager
Computer Management
Task Manager
Running processes can be found on the Processes tab. But, you will find the Process IDs (PID) on the Services tab. This is true of all mainstream Windows operating systems.
The PID (Process ID) is a unique identification of an individual running application. It identifies the order an application spawned from the Windows Kernel. This information can provide clues to where system slowdowns or unauthorized processes and services might be occurring.
64
A SOHO user needs to share files across a network without using a server. Which of the following network configurations would best meet the user's needs?
WAN
PAN
WorkGroup
Domain
WorkGroup
A workgroup is most often used when you need to connect a small number of computers and you don't need or want any one computer to take control of the network or network communications.
Domains are used to share information between a large number of computers and you must manage both user accounts and computers from a central location.
Wide area networks or WANs are used when you want to connect users on networks that exist in different geographic locations.
PANs or personal area networks are used to share information between devices that are owned and managed by a single user, usually within close proximity to each other. PANs can also be used to provide connections between a mobile personal device and a larger network such as the Internet.
65
You are working on a tablet at a local airport while waiting for a flight. In order to connect to the Internet, you have connected your tablet to a personal hotspot device. As you work, you notice that there are three devices connected to the hotspot.
What action could you take to remove the unauthorized intruders from your hotspot device immediately?
shut down the intruder's device remotely and
change the SSID to a different broadcast name
install a WiFi analyzer to identify the intruding device and
add the intruding device to a blocked access list
set up a WiFi analyzer to identify the intruding device and
shut down the device until the intruder is no longer in the area
change the SSID to a different broadcast name and
add the intruding devices to a blocked access list
change the SSID to a different broadcast name and
add the intruding devices to a blocked access list
66
You are working on a tablet at a local airport while waiting for a flight. In order to connect to the Internet, you have connected your tablet to a personal hotspot device. As you work, you notice that there are three devices connected to the hotspot.
What action could you take to remove the unauthorized intruders from your hotspot device immediately?
shut down the intruder's device remotely and
change the SSID to a different broadcast name
install a WiFi analyzer to identify the intruding device and
add the intruding device to a blocked access list
set up a WiFi analyzer to identify the intruding device and
shut down the device until the intruder is no longer in the area
change the SSID to a different broadcast name and
add the intruding devices to a blocked access list
change the SSID to a different broadcast name and
add the intruding devices to a blocked access list
67
Which of the following is an example of Personally Identifiable Information (PII)?
vendor sales records
corporate passwords
employee social security numbers
customer purchasing preferences
employee social security numbers
Personally identifiable information (PII) is any data that could potentially identify a specific individual.
While all of the data shown is important, and should be protected, only the employee social security numbers could be used to uniquely identify an individual AND has the potential to cause that person harm.
68
Your company has just created a new space in the basement of the building for the IT department to accept computer shipments and perform system repairs. You notice that when you work in the new area for any length of time that your phone reception becomes very poor and the battery in your phone drains very quickly.
What is the most likely reason for the problems you experience?
Working in the basement weakens the wireless signals from your network devices
The system has been infected by malware
Too much data is written to an external SD card
Too many apps are installed on your phone
Working in the basement weakens the wireless signals from your network devices
The transceiver circuit in a smartphone is engineered with power saving in mind and will reduce sending power as much as possible if the reception is good. This also reduces the SAR value which is a measurement for exposure of the human body to radiation.
If the reception is bad sending signal strength has to be adjusted accordingly. As the sending power is increased, the battery is drained more quickly.
69
You recently cleaned malware from a user's computer. Now the user is seeing error messages about the Windows system files.
Which of the tools show below would you use to verify that all system files are undamaged and in their original versions?
FIXMBR
RD
SFC
CHKDSK
SFC
The System File Checker or sfc.exe is a utility in Microsoft Windows located in C:\Windows\System32 folder. This utility allows users to scan for and restore corrupt Windows system files.
In Windows 10/8/7/Vista, the System File Checker is integrated with Windows Resource Protection, which protects registry keys and folders as well as critical system files. If any changes are detected to a protected system file, the modified file is restored from a cached copy located in the Windows folder itself.
There are several events that could cause a corrupted Windows system file. Power issues and disk issues could cause file corruption. A system file might be overwritten during a service pack or hotfix update or overwritten during the installation of a new application or device driver. If you find that one or more of these events may have affected a Windows computer, and now that system is not working properly, consider running SFC first, before trying a System Restore.
70
A user calls you, desperate, because they can't install a program that they really need for the big meeting in five minutes. What group is the user most likely associated with?
Guest user
Power user
Standard user
Administrator
Standard user
A Standard User has limited permissions regarding the installation of programs. In this scenario, since the user is most likely a permanent employee, we can assume they are NOT using a Guest User account which has no install permissions. They are almost certainly not using an account which is part of the Administrators group, or else they would not likely be prevented from doing the installation. They are most likely using an account which is a member of the Standard User group, and are trying to install a program which Windows 7 detects as potentially damaging to the computer, not because of sinister intent but because the program could make changes to the computer and render it inoperable if installed improperly.
71
An end-user is attempting to access a file-sharing site to download files shared by a customer, but is receiving a message stating the site has been blocked. Which of the following is the most likely cause of this issue?
content-filtering
Internet connectivity issues
ransomware infection
antivirus software
content-filtering
On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable. Content filtering is used by corporations as part of Internet firewall computers and also by home computer owners, especially by parents to screen the content their children have access to from a computer.
72
A junior technician is trying to disable the User Account Control (UAC) feature on a computer that is running Windows Vista. So far, he has not been successful and has asked you for help.
You start by instructing him to open Control Panel. What actions would you tell him to perform in order to complete this task?
Click User Account Control > Click Disable User Account Control > Click Continue > Clear the check box > Click OK
Click User Accounts > Click Turn User Account off > Click Continue
Click User Accounts and Family Settings > Click one of the User Accounts > Click on Change security setting link > Click umselect the User Account Control then Continue > Clear the check box > Click OK
Click User Accounts > Click Disable User Account off > Click Continue
Click User Accounts and Family Settings > Click one of the User Accounts > Click on Change security setting link > Click umselect the User Account Control then Continue > Clear the check box > Click OK
The only correct sequence of actions are to:
1. Open Control Panel
2. Click User Accounts and Family Settings
3. Click on one of the User Accounts
4. Under Make changes to your use Account click on Change security settings link
5. Click unselect the Use User Account Control then click Ok button
6. You will be prompted to reboot your computer.
The options Disable user Account Control, Disable User Account off, Turn User Account off are not valid selections.
73
You have been asked to upgrade 75 computers to the most current version of Windows. Each client is currently able to boot from the network.
These clients exist on a fast Ethernet network and a server has already been configured as a Windows deployment server.
Which of the methods listed below would allow you to upgrade an operating system on each client with a minimal amount of work?
USB flash drive
PXE
Windows Image file
Windows Installation DVD
PXE
PXE (Preboot eXecution Environment) allows computers to boot over network even without hard disk. You can create a Windows operating system image to support PXE installations for Windows XP, 2003, Vista, Windows 7 and Windows Server 2008.
When the PXE boot server is set up, it is configured as a DHCP and TFTP server. Configure the client to boot from the network in BIOS. The client will get an IP address from the PXE DHCP server. Then the PXE server will push NBP (Network Bootstrap Program) and an operating system image stored in that server to the client using TFTP.
74
You are troubleshooting a remote computer and would like to use Remote Desktop Connection to access the system directly. Because you are currently working in a Command Prompt window, you would like to open the Remote Desktop Connection from the command line.
Which of the commands shown below will allow you to start a Remote Desktop Connection from the Command Prompt window?
msconfig
msinfo32
services.msc
mstsc
mstsc
(Note: "mstsc" stands for Microsoft Terminal Services Connection, the previous name for Remote Desktop Services.)
Instead of starting Remote Desktop Connection from the Start menu, you can start it from the search box, from the Run dialog box, or from a command line using the command mstsc.exe (found in the Windows\System32 folder). You can use additional command line parameters to control how Remote Desktop Connection looks or behaves.
75
You want to protect the Linux systems on your network from zero day attacks.
Which of the following best practices would offer you the best way to address this need?
Apply new patches to the operating system as soon as they become available
Establish local firewalls on all clients
Perform full backups each week
Harden the operating system
Apply new patches to the operating system as soon as they become available
A zero day vulnerability refers to a hole in software that is unknown to the vendor. When this security hole is exploited by hackers before the vendor becomes aware of the weakness, the attack is referred to as a zero day attack.
76
Which of the following is a Microsoft service that's used to provide updates like service packs and patches for the Windows operating system and other Microsoft software?
Firmware updates
Application updates
Driver updates
Windows updates
Windows updates
Windows Update is a Microsoft service that's used to provide updates like service packs and patches for the Windows operating system and other Microsoft software. Windows Update can also be used to update drivers for popular hardware devices.
Windows Update is used to keep Microsoft Windows and several other Microsoft programs updated. Updates often include feature enhancements and security updates to protect Windows from malware and malicious attacks.
77
You successfully install Windows 7 on a new computer. Now you must join the workstation to the company network. Which Windows utility will best allow you to add the workstation to the company domain?
System Properties
System Update
Network Management
Network Properties
System Properties
The fastest way to join a Windows workstation to a domain is to right-click on the Computer icon. From the pop-up or context menu that appears, select System Properties.
This will open a dialog box that provides you with the ability to either rename the workstation or join the workstation to an Active Directory domain.
78
Which of the following is not a standard permission assigned to a file?
Change
Read
Full Control
Write
Change
79
You have been given a computer without a CD/DVD-ROM drive and have been asked to install Windows on this machine. You have verified that the system components will support the version of Windows you were given to install.
Of the methods listed below, which would be the most effective method of installing Windows?
Create a floppy disk
Make a Bluetooth connection to another computer hosting the installation files
Place the installation files on a USB flash drive
Use the System Restore CD
Place the installation files on a USB flash drive
Of the methods given, the most efficient would be to use a USB flash drive to install Windows. A System Restore disk does not contain the full set of installation files. A floppy disk isn't big enough to hold the installation files needed for the operating system. Creating a Bluetooth connection to another system, even if it were possible, would not offer the same transfer speeds as working from a USB flash drive.
80
How many primary partitions are allowed on a hard drive formatted in FAT32 assuming that no extended partitions will be created?
3
4
1
2
4
Primary Partitions are used to support bootable operating systems. Extended partitions are not bootable. A basic disk can support three primary partitions and one extended partition.
If no extended partition is used, you can have a maximum of four primary partitions.
81
A highly-placed employee recently lost a company-issued laptop while on a business trip. The laptop held sensitive information about the company that has since been published on the Internet.
The IT Security department has compiled a list of best practices. They would like your advice regarding which step to take first.
Which of the actions shown below would you recommend to help prevent another data leak like the one that just occurred?
All laptop users must have strong passwords
All laptop users must change their password at frequent intervals
All laptops must require biometric identification to logon.
All laptops must require multifactor authentication to logon.
All laptops hard drives must be encrypted
All laptops hard drives must be encrypted
All of these actions are important and should be taken. However, the first task should be to demand that the hard drives on all mobile devices (laptops) be encrypted. This action can be taken immediately without having to buy additional hardware or software.
This makes encrypting the hard drive, a) fast, b) inexpensive, c) and accomplishes the goal of helping to secure data.
82
Jon, a system administrator, must upgrade multiple workstations with a new image to be deployed using Windows Deployment Services.
Which of the following client-side boot methods would provide the best way to deploy the new image?
USB flash drive
PXE
CD-ROM
GRUB
PXE
The Preboot eXecution Environment (PXE, sometimes pronounced as pixie) specification describes a standardized client-server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as DHCP and TFTP.
83
A client asks for your help with a PC problem. She states that the computer has begun behaving very erratically. The biggest problem is that when she tries to access certain sites on the Internet, the system either reports that those sites cannot be found or completely locks up.
What action should you take first to resolve the issue?
Identify the type of malware affecting the computer
Update the computer’s operating system
Install a different anti-malware software
Revert to a previous restore point
Identify the type of malware affecting the computer
The best practice procedure for malware removal, as given by CompTIA, is:
1. Identify malware symptoms
2. Quarantine infected system
3. Disable system restore (in Windows)
4. Remediate infected systems
a. Update anti-malware software
b. Scan and removal techniques (safe mode, pre-installation environment)
5. Schedule scans and run updates
6. Enable system restore and create restore point (in Windows)
7. Educate end user
84
What is the procedure to remove malware?
1. Identify malware symptoms
2. Quarantine infected system
3. Disable system restore (in Windows)
4. Remediate infected systems
a. Update anti-malware software
b. Scan and removal techniques (safe mode, pre-installation environment)
5. Schedule scans and run updates
6. Enable system restore and create restore point (in Windows)
7. Educate end user
85
Sam, the owner of a small business, believes in leadership by walking around. He routinely walks through the office to see what his employees are working on and to provide direction as needed. During those times, it is critical that no one has the ability to walk up and look at the sensitive material which might be open on his computer.
Sam also works long hours. On those instances when he expects to be back in the office before 6:00am, he does not want to turn off his computer when he leaves for the day.
How could you best configure his computer to ensure that the data on it is secure? Select two options.
Configure the computer's screensaver to start after one minute of inactivity
Configure the screen to lock after five minutes of inactivity
Use a fingerprint lock when the computer must be left on overnight
Enable login time restrictions to occur after regular working hours
Force the use of a strong password
Configure the screen to lock after five minutes of inactivity
Enable login time restrictions to occur after regular working hours
86
You need to prepare a hard drive before it can be used in a new computer. Which actions, of those shown below, must you perform before the drive can be used? Chose two.
Format the disk
Defragment the drive
Cleanup old and unused files from the disk
Partition the disk
Check the disk for bad sectors
Format the disk
Partition the disk
A hard drive must be partitioned and formatted before it can be used for any other purpose.
While the other actions shown can be performed on a new drive, they will not make the drive usable.
87
Which of the following protocols will allow a user to access email from multiple devices?
IMAP
POP3
EWS
MAPI
SMTP
IMAP
IMAP (Internet Message Access Protocol) is a standard email protocol that stores email messages on a mail server, but allows the end user to view and manipulate the messages as though they were stored locally on the end user's computing device(s). This allows users to organize messages into folders, have multiple client applications know which messages have been read, flag messages for urgency or follow-up and save draft messages on the server.
Most implementations of IMAP support multiple logins; this allows the end user to simultaneously connect to the email server with different devices. For example, the end user could connect to the mail server with his Outlook iPhone app and his Outlook desktop client at the same time. The details for how to handle multiple connections are not specified by the protocol but are instead left to the developers of the mail client.
88
Which of the following is a benefit or advantage to using PXE? Select all the answers that are true
It is an efficient way to install an operating system on many computers in a short period of time
It can take advantage of protocols that are a native part of the Windows operating system
It is virtually impossible to find a network card without PXE firmware already installed
It is a very secure way for a client to obtain access to the boot image
It is an efficient way to install an operating system on many computers in a short period of time
It can take advantage of protocols that are a native part of the Windows operating system
It is virtually impossible to find a network card without PXE firmware already installed
The Preboot eXecution Environment (PXE, sometimes pronounced as pixie) specification describes a standardized client-server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as DHCP and TFTP.
PXE uses protocols such as TFTP. Security concerns may arise from unauthorized PXE
servers and clients because of the open and "trusting" nature of the PXE boot process.
89
You are cleaning malware from a company computer. Which feature would you use to help verify that all traces of the malware are removed from the computer?
System > Advanced system settings
File History > Advanced settings
Display > Adjust resolution
Folder Options > View hidden files
Folder Options > View hidden files
Microsoft Windows hides system files by default. This makes it less likely that a user would accidentally attempt to edit or delete a needed file.
In this case, you want to see all files - especially those flagged as hidden - to be sure that you have removed all files associated with the malware attack from the computer.
90
Which of the following statements is true in regard to the way EFS is different from BitLocker?
BitLocker encrypts an entire volume; EFS encrypts individual files
BitLocker uses NTFS to support encryption; EFS uses TPM hard to support encryption
BitLocker requires users to enable encryption for each file or folder; EFS will encrypt all files added to a volume once the feature is enabled.
BitLocker was released with Windows 2000; EFS was released with Vista
BitLocker encrypts an entire volume; EFS encrypts individual files
91
You work for a government supplier. Earlier this week, your company's data systems were hacked. Security forensics have determined that some of the data accessed contained information about company employees including their names, photos, and rates of pay.
Why is this information considered to be sensitive?
Because revealing employee salaries could be detrimental to employer/employee relations
The data could be used to reveal company employees and their roles within the company
Information such as photos can be used to uniquely identify individuals resulting in a breach of privacy
Because it provides evidence that the attack was performed by one or more employees
Information such as photos can be used to uniquely identify individuals resulting in a breach of privacy
The information accessed is considered to be sensitive because it is personally identifiable information.
Personally identifiable information (PII) is any data that could potentially identify a specific individual.
PII can be sensitive or non-sensitive. Non-sensitive PII is information that can be transmitted in an unencrypted form without resulting in harm to the individual. Non-sensitive PII can be easily gathered from public records, phone books, corporate directories and websites.
Sensitive PII is information which, when disclosed, could result in harm to the individual whose privacy has been breached. Sensitive PII should therefore be encrypted in transit and when data is at rest. Such information includes biometric information, medical information, personally identifiable financial information (PIFI) and unique identifiers such as passport or Social Security numbers.
92
You are creating a drive mapping for a user to a shared folder on another computer. You need to be sure that the drive mapping will persist after the user has restarted the computer. Which of the following actions should you take? Note: There are two correct answers. Select two.
include the parameter /persistent: yes with the Net Use command
do nothing; the mapped network drive will automatically reconnect at relogon
replace the hard drives on the file server hosting the shared files
run the command diskpart /p to create a persistent connect.
check the "reconnect at logon" checkbox the Map Network Drive dialog box
include the parameter /persistent: yes with the Net Use command
check the "reconnect at logon" checkbox the Map Network Drive dialog box
Users can create persistent drive mappings by using the option "reconnect at logon" in the Map Network Drive window or by using the command "net use x: \\servername\shared drive name /persistent: yes".
93
You are configuring email on a client's iPad. The client must be able to synchronize all changes with a PC-based server.
Which protocol should you use to complete this task?
MAPI
SMTP
IMAP
EWS
IMAP
94
You are designing a network for a small business. For security reasons, you must be able to manage user accounts and computers from a central location. Based on this criteria, which of the following network models would be most appropriate to meet the company's needs?
PAN
WAN
Domain
WorkGroup
Domain
Domains are used to share information between a large number of computers and you must manage both user accounts and computers from a central location.
95
You are configuring a new Windows computer for use on a SOHO network. You want to make the new computer more secure.
Which of the following steps should you take to secure the workstation? Select two.
disable Windows Update
add the local user account to the local Administrators group
disable the guest account
rename the default user accounts
disable Windows firewall
share the C:\\\ directory
disable the guest account
rename the default user accounts
Both of these actions would make it harder for an attacker to logon using a commonly known name.
96
You are configuring a new Windows computer for use on a SOHO network. You want to make the new computer more secure.
Which of the following steps should you take to secure the workstation? Select two.
disable Windows Update
add the local user account to the local Administrators group
disable the guest account
rename the default user accounts
disable Windows firewall
share the C:\\\ directory
disable the guest account
rename the default user accounts
Both of these actions would make it harder for an attacker to logon using a commonly known name.
97
Recently, you find that it takes longer and longer for those technical drawings to open on the desktop. You worry that the hard drive might be going bad, so you make it a point to backup all your files at least once per day
Today, the files load so slowly that you cannot get started on your work at all. You call the company Help Desk to see if they can resolve this problem. What is the first task that the support technician would most likely perform solve this problem?
create a new partition and move the drawings to the new location
restore all technical drawings from the most recent backup
add a larger external drive to your computer and ask you to move the files to the new location
analyze the disk for file fragmentation
analyze the disk for file fragmentation
Disk defragmentation is the process of consolidating fragmented data on a volume (such as a hard disk or a storage device) so it will work more efficiently.
Fragmentation happens to a volume over time as you save, change, or delete files. The changes that you save to a file are often stored in a different place on the volume than the original file. This doesn't change where the file appears in Windows—only where the bits of information that make up the file are stored on the actual volume. Over time, both the file and the volume itself become fragmented, and your computer slows down as it has to look in different places to open a single file.
The least costly and most efficient way to get your computer working as expected would be to see if the large technical drawing files had become fragmented.. If that is the case, the technician could run defrag and defragment the files on the hard drive.
98
You need to remove an application from a computer running Windows 8.1. Which one of the following Control Panel applets would best meet your needs?
Folder Options
Administrator Tools
Add/Remove Programs
Programs and Features
Programs and Features
Windows Vista, Windows 7 and Windows 8/8.1 use Control Panel > Programs and Features to remove or modify applications installed on the computer.
99
You need to map a network drive on a computer running Windows. Which of the following examples shows the correct path that you would use?
\servername/usershare
\\servername\usershare
//servername/usershare
//servername\usershare
\\servername\usershare
The UNC syntax for Windows systems has the generic form:
\\ComputerName\SharedFolder\Resource
Microsoft often refers to this as a "network path"
100
Which of the following partitioning technologies will allow you to create partitions that are larger than 2TB in size?
Logical
GPT
Extended
MBR
GPT
Master boot record (MBR) disks use the standard BIOS partition table. GUID partition table (GPT) disks use unified extensible firmware interface (UEFI). One advantage of GPT disks is that you can have more than four partitions on each disk. GPT is also required for disks larger than 2 terabytes.
101
What is the maximum amount of RAM that can be used by a computer running Windows Professional 32-bit?
512G
2GB
4GB
1GB
4GB
All versions of Window client operating systems are limited in the amount of RAM they can support when installed on a system with a 32-bit processor. The physical maximum on any x86 system is 4GB of RAM. That limit may be even lower depending on the version of Windows installed.
When Windows is installed on a system using a 64-bit processor (x64), the maximum amount of supported RAM usually starts at 8GB and - depending on the version of Windows installed - can go up to 512GB RAM.
102
Jean, a user, states that there are too many applications running each time she logs in to her Windows computer.
Which command line tool would provide you with the fastest way to stop these applications from running?
SERVICES.MSC
MSINFO32
REGEDIT
MSCONFIG
MSCONFIG
System Configuration (msconfig) is a tool that can help identify problems that might prevent Windows from starting correctly. You can start Windows with common services and startup programs turned off and then turn them back on, one at a time. If a problem doesn't occur when a service is turned off, but does occur when that service is turned on, then the service could be the cause of the problem.
MSCONFIG contains several tabs. These are:
* General: Lists choices for startup configuration modes
* Boot: Shows configuration options for the operating system and advanced debugging settings
* Services: Lists all of the services that start when the computer starts, along with their current status (Running or Stopped). Use the Services tab to enable or disable individual services at startup to troubleshoot which services might be contributing to startup problems.
* Startup: Lists applications that run when the computer starts up, along with the name of their publisher, the path to the executable file, and the location of the registry key or shortcut that causes the application to run.
* Tools: Provides a convenient list of diagnostic tools and other advanced tools that you can run.
103
Which of the following Microsoft encryption software provides the HIGHEST level of security for PCs running Windows 10 Enterprise?
NTFS
BitLocker drive encryption
Windows Defender
EFS
BitLocker drive encryption
104
You work from a computer running Windows. You are trying to access a shared file on another computer which also runs Windows. You can connect to other computers on the same network and you can connect to the Internet.
You ask a fellow technician to examine the permissions assigned to the file. He reports that they are set in such a way that you should have all the access you need to work with the remote file.
Finally, you use the PING command to test the connection to the remote computer, but receive a response that the remote computer cannot be found.
You verify that the remote Windows workstation is turned on and connected to the network. Of the issues listed below, which is the most likely cause of the problem?
Windows firewall is enabled
Local Security Policy settings are disabled
The user's computer is not connected to the network
You do not have permission to access the Windows 7 workstation remotely
Windows firewall is enabled
Of the answers given, only Windows firewall is enabled would explain the problems encountered by the user.
* If the user can connect to other computers and the Internet, she has network connectivity.
* There are no settings in the Local Security Policy utility that would cause the reported trouble.
* You did not attempt to access the remote shared file, you simply tried to ping the remote computer.
However, if the Windows Firewall is enabled on the remote computer, it will block ICMP responses and ICMP is the protocol used to support PING.
105
A user named Mary reports that she is unable to start her computer. When she tries to start the system, she receives a message that reads "Bootmgr is Missing".
Which of the commands shown below could you use to troubleshoot this problem?
BOOTCFG
BOOTREC
FIXMBR
DISKPART
BOOTREC
When you use the Recovery Environment (Windows RE) to troubleshoot startup issues, first try the Startup Repair option in the System Recovery Options dialog box. If this does not resolve the issue, or if you have to manually troubleshoot additional issues, use the Bootrec.exe tool.
The Bootrec.exe tool in the Windows RE can be used to troubleshoot and repair the following items in Windows:
* A master boot record (MBR)
* A boot sector
* A Boot Configuration Data (BCD) store
106
What is often perceived of as the weakest link in system security?
naive or uneducated end users
poorly managed file and folder permissions
lack of firewalls and other security appliances
failure to use strong passwords
naive or uneducated end users
End user ignorance is often cited as the weakest link in system security. Uneducated users are more likely to fall for social engineering attacks, click on questionable links and websites, and download suspect applications.
All other potential failures can be easily remedied by a well-designed policies and procedures.
107
An intern calls you to ask how he can best see all the users that are signed in to a specific computer. Which tool of those shown below would you advise him to use?
MSCONFIG
Administrative Tools
Disk Management
Task Manager
Task Manager
Task Manager shows you the programs, processes, and services that are currently running on a computer. You can use Task Manager to monitor your computer's performance or to close a program that is not responding.
From the Application tab, you can exit existing programs or start new programs
From the Processes tab, you can observe resource use per process and end a process that is not performing correctly
From the Services tab, you can observe services that are running on the computer
From the Performance tab, you can watch CPU, memory, network interface and disk read/write resource use in real time
From the Networking tab, you can monitor network utilization from each active network interface on the computer
From the Users tab, you can obtain a list of all users with active connections to the system
108
Joe, a user, must remove a static IP address on a client's iPhone. What is the general series of steps to take to complete the change?
Wi-Fi > SSID Name > Network > IP Address
Settings > Wi-Fi > SSID Name > IP Address
General > SSID Name > IP Address
Location Services > Wi-Fi > IP Address
Settings > Wi-Fi > SSID Name > IP Address
General Steps to Set a Static IP Address and Manual DHCP in iOS
1. Tap on "Settings"
2. Tap "Wi-Fi" and look for the network name you are connected to, then choose the little (i) button or arrow next to it to get more information about that network
3. Tap the "Static" tab
4. The "Static" section is where you enter network appropriate DHCP info and static IP address information*
5. Close out of Settings, and launch Safari or another network app to confirm connectivity
Settings are applied automatically after all the information is input.
109
You have been asked to re-install Windows on a user's computer. Unfortunately, you did not expect to perform this task today and you do not have a Windows installation disk with you.
Upon examining the computer's hard drive, you find that a small 200MB partition also exists. Based on your finding, what technique would you MOST likely be able to use to re-install the operating system?
system partition
backup partition
recovery partition
partition restore
recovery partition
Many computers ship without Windows installation discs. Instead they come with recovery partitions and/or discs that can be used restore the PC to its "factory original" state.
110
You need to suggest strategies for preventing the spread of malware between computers on the company network. Which action could you take to achieve this goal?
Disable all attachment filters on company email servers
Disable Windows Update
Disable AutoRun
Disable client firewalls
Disable AutoRun
AutoRun allows manufacturers of removable storage media to incorporate an autorun.inf file within the device. This file instructs the operating system which application (or executable) to call when the storage device is inserted in the computer.
AutoRun was released with the early versions of Windows. It has since been replaced by AutoPlay which provides the same service as AutoRun.
Disabling AutoRun/AutoPlay makes it much harder for a virus or other malware to jump from a removable device, such as a thumb drive, to a user's computer and then on to the network. The user would have to physically access the infected file before the malware could be transferred.
The other actions shown will all weaken network security and make your systems more vulnerable to attack.
111
You plan to install Windows 7 on a new computer. The key system components are listed below. Which of the components listed below would prevent you from installing a 64-bit version of Windows?
2 GB RAM
DirectX 9 graphics device with WDDM 1.0 or higher driver
16 GB available hard disk space
1 gigahertz (GHz) or faster 64-bit processor
16 GB available hard disk space
The hardware requirements which must be met in order to install Windows 7 are:
* 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
* 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
* 16 GB available hard disk space (32-bit) or 20 GB (64-bit)
* DirectX 9 graphics device with WDDM 1.0 or higher driver
Based on the hardware specifications listed in the question, the only component that will limit which version of Windows 7 you install is the amount of available free space on the hard drive. You need at least 20GB of free space on the hard drive to install the 64-bit version of Windows 7 on the computer.
112
You need to implement HomeGroup on three computers. Which version or versions of Windows could you install that will support this feature? Select all that apply.
Windows Server 2008
Windows Vista
Windows 7 Professional
Windows XP Professional x64 Edition
Windows 8.1 Enterprise
Windows 7 Professional
Windows 8.1 Enterprise
113
You work for a company that is replacing over 200 employee computers with new computers that will run Windows 8.1. You create a single image that is customized to meet the needs of your employer. Now, you need to install this image on every new computer purchased by the company before it is joined to the network.
Which of the Windows tools listed below would best help you meet your goal?
RDP
chkdsk
SYSPREP
Windows Update
SYSPREP
The System Preparation (Sysprep) tool prepares an installation of Windows 8 for duplication, auditing, and customer delivery. Duplication, also called imaging, enables you to capture a customized Windows image that you can reuse throughout an organization. Audit mode enables you to add additional device drivers or applications to a Windows installation. After you install the additional drivers and applications, you can test the integrity of the Windows installation. Sysprep also enables you to prepare an image to be delivered to a customer. When the customer boots Windows, Windows Welcome starts.
Sysprep must be used only to configure new installations of Windows. You can run Sysprep as many times as required to build and to configure your installation of Windows. However, you can reset Windows activation no more than three times. You must not use Sysprep to reconfigure an existing installation of Windows that has already been deployed.
114
A user, Anne, receives a phone call from the company's mail administrator who indicates her email account has been disabled due to high volumes of emails being sent in a very short period of time. Which of the following types of attack has the user experienced?
virus infection
malware infection
phishing attack
man-in-the-middle attack
virus infection
The differences between "viruses" and "malware" is, in short, viruses are a specific type of malware (designed to replicate and spread), while malware is a broad term used to describe all sorts of unwanted or malicious code. Malware can include viruses, spyware, adware, nagware, trojans, worms, and more. In this case the virus is using Anne's email account to try and infect other computers on the network by attacking her address book.
115
What permission must be assigned to a user in order to permit that user to save a file to a folder?
the user must have read and write permission to the folder
the user requires write permissions to the folder
the user must have write permission to the file
the user required read permission to the folder
the user requires write permissions to the folder
116
A fellow technician is searching the Control Panel on a Windows 7 computer to find the applet that he can use to easily transfer large files such as streaming video to the other four computers on the network. Which applet is he looking for?
HomeGroup
AutoPlay
Sync Center
Ease of Access Center
HomeGroup
HomeGroup is used to simplify home networking, especially file and printer sharing. HomeGroup was introduced with Windows 7 and is also offered in Windows 8.
117
What purpose or function does the TASKKILL command serve?
It is used to remove files from a directory or folder.
It is used to end one or more tasks or processes, either by name or by PID.
It is used to clear the screen of all recently executed commands.
It is used to either shut down or restart the local computer.
It is used to end one or more tasks or processes, either by name or by PID.
118
An employee has used his company-issued computer in a manner that directly violates the company's acceptable use policy. You need to preserve digital evidence of the activity in case the event leads to a criminal investigation.
Under such a circumstance, which of these protocols would be the most important?
Chain of custody
MSDS documents
Channel escalation
Change control management
Chain of custody
The chain of custody is defined as the witnessed, written record of all of the individuals who maintained unbroken control over the items of evidence. It establishes the proof that the items of evidence collected at the crime scene is the same evidence that is being presented in a court of law.
119
A technician installs a new application and restarts the computer. After signing in to Windows, an error message appears stating that the application did not start automatically as intended. After confirming the software has installed correctly, which of the following tools would be used to troubleshoot this problem?
appwiz.cpl
gpedit
msconfig
regsrv32
msconfig
120
Jenny, a user, reports that unwanted icons have started popping up on her desktop. She is using a computer that runs Windows 8.1.
You respond to Jenny’s report and determine the computer has a malware infection.
What action should you take next?
Educate the end user
Disable System Restore
Quarantine Jenny’s computer
Run anti-malware signature updates
Report the issue to the information security officer
Quarantine Jenny’s computer
121
Which of the following statements is false concerning the Windows Start menu?
The overall appearance, purpose, and contents of the Desktop has remained the same through much of Windows' existence.
The user has no control over what links or other objects appear in the Start menu.
Not all versions of Windows have a Start menu.
The Start menu serves the function of providing quick access to important features and programs.
The user has no control over what links or other objects appear in the Start menu.
122
You just purchased an application to manage video and audio files on your home theater PC. What type of license did you most likely purchase to remain compliant with the end user licensing agreement (EULA)?
Commercial license
Open source license
Seat license
Enterprise license
Commercial license
123
You are downloading a security hotfix for a Windows computer. You want to create a new folder to store the file. Which of the following commands could you use to create that new folder?
rd
md
cd
pushd
md
124
What type of files are stored by default in the directory \Program Files (x86) on a computer running Windows?
32-bit program files installed on a Windows 64-bit operating system
32-bit program files installed on a Windows 32-bit operating system
all program files installed on a Windows 32-bit operating system
all program files installed on a Windows 64-bit operating system
32-bit program files installed on a Windows 64-bit operating system
125
You are configuring the wireless router on a SOHO network for a client. The customer runs a small business with only five employees. You have been asked to configure the network in such a way that after the five employees connect to the network, no other connections will be accepted.
You configure WEP on the router. What other settings should you configure on the router to accomplish this task?
Update router firmware
Enable MAC filtering
Disable SSID broadcast
Install a firewall application on the router
Enable MAC filtering
126
Sally is working on a computer running Windows. Earlier today, a co-worker from a branch office sent Sally a large data file on a CD. Sally inserts the disc in her CD/DVD drive and is able to retrieve the files successfully. At the end of the day, Sally shuts down her computer and leaves the office.
The next morning, Sally starts the computer which returns the following error message:
"Invalid boot disk error."
What happened to Sally's computer?
The system is trying to boot from the CD/DVD drive. It fails because the disc in the drive is a non-bootable device.
Nothing. Sally just needs to restart the computer
The system is trying to boot from the CD/DVD drive. It fails because the disc in the drive contains a nasty piece of malware.
The system is trying to boot from the active partition. It fails because the files on the CD corrupted the boot partition.
The system is trying to boot from the CD/DVD drive. It fails because the disc in the drive is a non-bootable device.
The Windows boot process, regardless of version, requires the computer to be able to read specific files stored in the boot partition or system drive for that computer.
When the error message, "Invalid boot disk error." appears during start up, it means that the disk that the computer is reading from does not contain the files needed to start the boot process for Windows. The most common cause for this problem is that the user left a non-bootable floppy disk or non-bootable CD-ROM in a drive and the computer is trying to find the files it needs on that device. Once the floppy or CD is removed from the computer, the system will be able to find the files it needs from the hard drive or other device specified in CMOS as the bootable device.
127
You are troubleshooting a Windows computer that fails to boot. Instead, the user sees the following message each time she attempts to start the computer:
Invalid Partition Table
You believe that the Master Boot Record partition (MBR) has become corrupted. You place a copy of the Windows operating system installation CD in the optical drive. Then you run the Bootrec command. Which of the following options would you select fix this problem?
DXDIAG
MSCONFIG
FIXMBR
FIXBCD
FIXBOOT
FIXMBR
MBR errors can have three different causes: a virus infection, a drive failure or an MBR overwrite caused by a program. Virus infections happen when a virus is loaded onto your computer. Many viruses target the master boot record, since this is the most important part of your hard drive. Drive failures are also a major cause of MBR errors. If the area of the hard drive where the MBR is located contains a few defective clusters, the master boot record is rendered unreadable. Finally, some programs sometimes accidentally overwrite part of the MBR, causing it to become corrupt.
If your main hard drive suffers from a corrupt or missing MBR, you are usually not able to start Windows. Instead, after the BIOS screen, an error message such as "Missing operating system," "Error loading operating system" or "Invalid partition table" is displayed and remains on the screen until you reboot your computer.
128
Shortly after purchasing and registering a new router for a SOHO network, you receive notice from the router manufacturer that several new vulnerabilities have been discovered. These issues affect the router you just purchased and installed.
You verify that all connections and settings are configured as recommended by the manufacturer and that they are appropriate for your network needs.
What action should you take next to best protect your router from a potential attack based on these new vulnerabilities?
Change all router user-names and passwords
Reconfigure firewall settings on the router
Add another router to the network to create a DMZ
Check with the manufacturer for new firmware updates and apply them to your router
Check with the manufacturer for new firmware updates and apply them to your router
129
In order to make a local computer more secure, you want to modify Windows 7 so that any time a user enters a bad password, the user's account is locked out for 30 minutes.
Which Windows utility would you use to enforce the desired behavior?
Windows Security Center
User Account Properties
Local Security Policy
Activity Center
Local Security Policy
The Local Security Policy is used to help protect your computer by defining the maximum number of times an incorrect password can be entered before an account is locked out, how long an account should be locked out before the user can attempt to login again, and when the account lockout counter should be reset.
Account lockout policy disables a user account if an incorrect password is entered a specified number of times over a specified period. These policy settings help you to prevent attackers from guessing users' passwords, and they decrease the likelihood of successful attacks on your network.
130
A co-worker in a different building on your company’s campus is having trouble installing a local printer driver. You have been asked to log into the co-worker’s computer and resolve the problem.
Which of the following connectivity tools would best help you connect to the user's computer?
virtual private network
remote assistance
computer management
remote desktop
remote assistance
131
Your computer has begun to display pop-ups each time you connect to the Internet. You verify that your anti-malware software is using the latest signature file and you run a complete system scan on the computer, but the anti-malware reports that nothing is wrong.
After further research, you find that there is a process running on the computer that you cannot kill. You want to use System Configuration (msconfig) to restart your computer without starting any unnecessary apps or services.
Which of the following start up modes would allow you to accomplish this goal?
Normal startup
Diagnostic startup
Minimal startup
Selective startup
Selective startup
To start Windows in Selective startup mode
1. On the General tab, tap or click Selective startup, and then clear the Load system services and Load startup items check boxes.
2. Select the Load system services check box, tap or click OK, and then tap or click Restart.
3. If the problem occurs after restarting, do one or both (if necessary) of the following tasks:
Identify the system service that's causing the problem.
* Tap or click the Services tab, tap or click Disable all, select the check box for the first service that's listed, and then restart your PC. If the problem doesn't occur, then you can eliminate the first service as the cause of the problem.
* With the first service selected, select the second service check box, and then restart the PC.
* Repeat this process until you reproduce the problem. If you can't reproduce the problem, then you can eliminate system services as the cause of the problem.
Identify the startup item that's causing the problem.
* Tap or click the Startup tab, and tap or click Open Task Manager.
* Turn off all startup items except the first one by tapping or clicking each startup item, and then tapping or clicking Disable. Restart your PC. If the problem doesn't occur, then you can eliminate the first startup item as the cause of the problem.
* With the first startup item selected, tap or click the second startup item, and then tap or click Enable. Restart your PC. Repeat this process until you reproduce the problem.
132
A user has reported that their computer running very slowly. You would like to see which applications are consuming resources.
Which of the following tools should you use to observe system performance?
netmon
Event Viewer
msconfig
Task Manager
Task Manager
133
Joe is a member of the company's marketing team. He reports that he has recently stopped receiving email from a team member in another location.
You need to resolve Joe's problem. What aspect of his current computer configuration would you look at first?
Examine the local firewall to see if it is blocking messages from the sender's email domain
Examine his antimalware software to see if it is configured to block messages from the sender's address
Examine the ACL for the email application to see if it is set to deny messages from the sender's address
Examine his email software for any filters that might be placing messages from the team member into quarantine
Examine his email software for any filters that might be placing messages from the team member into quarantine
134
The CEO states that the flickering of his screen is making him nauseous and asks if you can stop the flickering.
Which Control Panel path would you take to resolve the issue?
Display > Settings > Resolution
Display > Settings > Advanced > General > DPI
Display > Appearance > Effects > Transition
Display > Settings > Advanced > Adapter > Refresh
Display > Settings > Advanced > Adapter > Refresh
135
A user was prompted to change her password. When she did, she found that she was required to enter a password that was 10 characters long and that used strong password characteristics.
The user reports that this behavior occurred shortly after her workstation was joined to the company's Active Directory domain. You examine the settings on her PC and find that the password management options are grayed out on the computer and cannot be changed.
What has happened to make her password policy settings unavailable to you?
Domain-level group policies were applied when her workstation was joined to the company domain
The company-mandated antivirus software has disabled the password management feature on her workstation
The user is the victim of a malware attack that has corrupted her password Registry settings
You should have logged on to her computer with her standard user account and not as an administrator.
Domain-level group policies were applied when her workstation was joined to the company domain
