test 1 Flashcards

Question

``` What is the maximum amount of RAM supported by a 32-bit version of an operating system? ❍ A. 4 GB ❍ B. 8 GB ❍ C. 16 GB ❍ D. 192 GB ```

Answer 1

The Answer: A. 4 GB The limited address space of a 32-bit operating system can only support 4 GB of system memory. The incorrect answers: B. 8 GB A 32-bit operating system hits a limit at 4 GB of addressable memory. Although there are some techniques to work around this 4 GB limitation, they're not often implemented in practice. C. 16 GB 4 GB is the limit for 32-bit operating systems. D. 192 GB 192 GB would be well over the limit for 32-bit operating systems. More information: 220-1002, Objective 1.1 - Operating Systems Overview https://professormesser.link/1002010101

Answer 2

The Answer: A. Map the shared folder to an available drive letter The easiest and most efficient way for technicians to access the drive share is to map a drive letter to the share and transfer the files directly. The incorrect answers: B. Download the shared folder through a proxy There's no mention of a proxy in the question, and adding a proxy to this process would not provide any additional features or benefits. C. Link the images to a cloud storage service Operating system images are relatively large, and transferring them to an external cloud-based service would add additional time and bandwidth to resources that are already located on a local file server. D. Access the folder using a remote access client The installation of an operating system requires direct access to the installation files, and a remote access client would not provide direct access to the files.

Answer 3

The Answer: C. Power cycle the tablets Before making any changes to the operating system or application software, it would be useful to know if power cycling the tablets would have an effect. If the symptom was to disappear after the restart, then no immediate changes would be required. The incorrect answers: A. Install all operating system updates Making a change to the system without understanding the issue would be a blind guess. It would be a better practice to gather more information about the problem before making changes. B. Uninstall the application Uninstalling the application would make it very difficult to troubleshoot the application, and it's not the best possible option before gathering more information about the problem. D. Roll back to the previous application version A technician wouldn't want to make significant changes to the application or the operating system until they knew more about the problem and tried to resolve the issue without installing or uninstalling any software.

Answer 4

The Linux dd command is used to copy and convert files. It's commonly used to backup and restore an entire Linux partition as a disk image.

Answer 5

The Answer: A. dd The Linux dd command is used to copy and convert files. It's commonly used to backup and restore an entire Linux partition as a disk image. The incorrect answers: B. sudo The sudo command allows a Linux user to execute a command as the superuser or as any other user on the system. The sudo command on its own does not provide any backup or imaging functionality. C. ifconfig The Linux ifconfig command is similar in function to the Windows ipconfig command. The output of ifconfig will display network interface and IP address configuration details. D. apt-get The Linux apt-get is an Advanced Packaging Tool command that handles the management of application packages on the system.

Answer 6

The Answer: A. Repeat your understanding of the issue to the customer and provide an estimate and follow-up time The best response in a stressful situation is to listen, ask questions, and refrain from arguing or acting defensive. In this situation, the technician should gather as much information about the problem and keep all responses focused on resolving the problem. The incorrect answers: B. Refuse the repair until the customer calms down It's always preferable to avoid any comments that would be associated with emotion. Technical problems can be stressful enough on their own, and adding additional stress is not going to help repair the system. C. Inform the customer of his mistake with the proposed repair This isn't a game, and there are no winners or losers. The technician will be left to resolve the issue, regardless of the root cause. It's not necessary to comment or speculate on any proposed repair process. D. Refuse to make any commitments until the computer is examined The technician is ultimately responsible for resolving the issue, and it would help everyone involved to maintain a constant line of communication.

Answer 7

The Answer: E. Anti-malware utility A browser hijack is a very specific attack type that is commonly the result of a malware infection. The incorrect answers: A. Windows firewall The Windows firewall is useful for preventing inbound connections, but most malware is installed by the user. This installation process circumvents the firewall and it's the reason we rely on both a firewall and anti-malware software. B. MAC filtering MAC filtering is commonly used on a network device to limit which devices can communicate on a network. MAC filtering would not be related to a browser hijack. C. Port security Port security prevents unauthorized users from connecting to a switch interface. Port security is not associated with a browser hijack. D. Certificate-based authentication Certificate-based authentication provides a method to verify a user during the authentication process. This authentication mechanism is not related to browser hijacking.

Answer 8

The msconfig (System Configuration) command is useful for managing the startup process of services. Prior to Windows 8.1, System Configuration can also be used to manage applications during the startup process.

Answer 9

The Answer: C. Disconnect all power sources The first step when working inside of a computer or printer is to remove all power sources. The incorrect answers: A. Remove the existing memory modules Prior to removing the existing modules, the power source would need to be disconnected and an ESD strap would need to be attached to the computer case. B. Wear an air filter mask A filtered mask would not commonly be required for replacing memory modules. If the environment is very dusty or dirty, then a filtered mask may be necessary. D. Connect an ESD strap An ESD (Electrostatic Discharge) strap would allow the technician to minimize the potential of an electrostatic discharge. However, disconnecting the power source takes a higher priority

Answer 10

The Answer: C. Regular format A standard Windows format with the regular formatting option overwrites each sector of the drive with zeros. After this format is complete, the previous data on the drive is unrecoverable. The incorrect answers: A. Quick format A standard Windows format with the quick format option clears the master file table, but it doesn't overwrite any data on the drive. With the right software, the previous data could be recovered. B. Degauss the drives Degaussing the drives would remove the magnetic fields necessary for the drives to work properly. Although this would make the previous data unrecoverable, it would also cause the hard drives to be unusable. D. Reinstall the operating system Reinstalling the operating system may not overwrite any of the previous user data on the drive. Recovery software would be able to identify and "undelete" the previous drive data.

Answer 11

The Answer: D. PXE PXE or "Pixie" (Preboot eXecution Environment) is a method of booting a computer from a device over the network instead of from operating system files on a local storage device. This method is especially useful when managing large groups of devices, such as a training room. The incorrect answers: A. MBR MBR (Master Boot Record) describes the information contained on the first sector of a drive. MBR is not used to boot devices across the network. B. NTFS NTFS (NT File System) is a file system designed for Windows computers. Although a system may store files using NTFS, the file system does not include any features that would allow it to be booted over the network. C. Dual boot A dual boot system contains a storage device with multiple operating systems, and each operating system can be individually selected and booted when starting the computer.

Answer 12

PXE or "Pixie" (Preboot eXecution Environment) is a method of booting a computer from a device over the network instead of from operating system files on a local storage device. This method is especially useful when managing large groups of devices, such as a training room.

Answer 13

The Answer: A. Unattended An unattended Windows installation requires the administrator to answer the normal installation questions in a single XML file. This allows the installation process to continue from the beginning to end without any user intervention. The incorrect answers: B. Image A system image is a complete backup of a volume or drive. The process for installing a system image is to copy the entire contents of the image to the drive of the computer. The normal operating system setup is not used, so an XML file would not answer installation questions. C. PXE PXE, or "Pixie," (Preboot eXecution Environment) is a method of booting a computer across the network. Booting with PXE does not answer files during an operating system installation. D. Clean A clean install is used to completely replace an existing operating system with a fresh version. Although this can be used with an unattended answer file, a clean installation by itself does not include an XML file with answers to installation questions.

Answer 14

The Answer: C. The user has installed a personal license Personally licensed software can be difficult to audit on computers that are owned by a company, and many organizations will not allow software to be installed on company-owned systems if the company has not purchased the license. The incorrect answers: A. The company per-seat licenses are all in use This home tax software is not owned by the company, so the company would not have per-seat licenses to distribute. B. The software uses a FOSS license A FOSS (Free and Open Source) license would not cause any licensing issues, and many companies will install FOSS software on their systems. D. The software is subject to the GDPR The GDPR (General Data Protection Regulation) are rules in the European Union that are specific to a user's control of their personal data. The GDPR regulations would not be the most likely reason for removing this software.

Answer 15

The Answer: B. Disable the startup applications Delays during the boot process can be caused by many issues, but a device that was previously working properly most likely has been changed. A single application install can create issues, so disabling startup applications would be an easy way to remove those from the troubleshooting process. The incorrect answers: A. Replace the CPU If the CPU was faulty, the computer would most likely not be operational. C. Upgrade the RAM Upgrading RAM can often resolve application performance issues, but this computer was previously working with the existing amount of memory. D. Install the latest OS patches It's possible that problems might occur after an OS patch update, but it would not be most likely that these issues would occur prior to patching. Without knowing more about the issue, it would not be a best practice to make such a significant change to the system.

Answer 16

The Answer: D. Contact the end-user and determine the urgency of the repair A support ticket marked as "urgent" should be evaluated to determine the timeframe for resolving the issue and the complexity of the task. If the end user feels that the issue is time-sensitive, then it's important to contact them and see what options might be available to get them up and running as quickly as possible. The incorrect answers: A. Place the ticket into the queue as first-come, first-served Not all support tickets have the same priority, and it's the responsibility of the technician to properly triage the cases to handle the most critical first. It will usually involve some communication with the client to determine the scope of the issue. B. Prioritize the support tickets by device type The urgency of a technical issue isn't determined by the type of the device. Instead, the priority of issues should be based on the needs of the end user and the importance of their task. C. Triage the queue and prioritize the tickets in order of repair complexity The complexity of a repair doesn't consider the importance of the repair to the organization's goals and objectives. An executive going into an important presentation may have a simple problem, but their issue has greater importance to the organization.

Answer 17

The Answer: A. Update the anti-virus signatures After disabling system restore, the next step in virus removal is to remediate the system. To remove the malware, it's important the technician is using the latest set of signatures. The incorrect answers: B. Educate the end-user This is one of the most important tasks for malware removal, but it's usually reserved for the final step when there's no longer any urgency to remove the malware. C. Schedule anti-virus scans for midnight each day Once the virus is removed, the system should be configured for ondemand scanning and additional scans each day. However, this would not immediately follow the disabling of System Restore. D. Boot the system with a pre-installation environment A pre-installation environment may be required for more difficult virus removal tasks, but this would only occur after the latest anti-virus signatures were downloaded and installed

Answer 18

The Answer: C. SSH SSH (Secure Shell) provides encrypted console communication, and it's commonly used to manage devices across the network. If an administrator is managing a server, switch, router, or firewall, they're probably using SSH. The incorrect answers: A. RDP Microsoft RDP (Remote Desktop Protocol) is commonly used to share the desktop of a Windows computer. Most switches and firewalls are not Windows devices, so RDP would not be the best choice for this connection. B. Telnet Telnet (Telecommunication Network) is very similar to SSH, but Telnet does not use encrypted communication. Because Telnet traffic is sent in the clear, it's not a good choice for most networks. Don't use Telnet! D. VNC VNC (Virtual Network Computing) is a screen sharing technology that is common to many non-Windows operating systems. If a technician is sharing the screen of a macOS or Linux desktop, they may be using VNC.

Answer 19

The Answer: D. Hijacked email Of the available options, the most likely reason for these unusual email replies is a hijacked email account. An attacker that gains access to an email account can send spam, read messages, and effectively control all emails associated with the account. Common responses to an email hijacking are to change the passwords associated with the account and scan for malware. The incorrect answers: A. Man-in-the-middle A man-in-the-middle attack would include a third-party that was intercepting and potentially modifying network data. In this situation, there's no evidence that a third-party is intercepting any network communication. B. Corrupted email database A corrupted email database would cause the user's emails to be unreadable or would cause messages to be missing. Most email platforms will recognize a corrupted database and would not allow the user to access their mailbox. C. Adware Adware would show advertising and sales messages to the infected user and would not commonly send email messages to other users.

Answer 20

The Answer: C. sfc The sfc (System File Checker) command is used to scan and replace any core operating system files that may be corrupted or missing. It's common to run the sfc utility after removing malware or after a significant operating system issue. The incorrect answers: A. gpupdate The gpupdate (Group Policy Update) command is used to force a Group Policy update to computers in a Windows Active Directory domain. The gpupdate command would not restore any missing operating system files. B. dism The dism (Deployment Image Servicing and Management) tool is used to make changes to Windows Imaging Format (WIM) files. This question did not specify that the computer was using a WIM file, so the dism utility would not be the best choice to restore any missing files. D. diskpart An administrator can manage disk configurations and partitions with the Windows diskpart utility. The diskpart utility is not used to restore or modify files within the Windows operating system.

Answer 21

The Answer: D. Retrieve and securely store the computer When a security incident has occurred, it's important to securely collect and store any evidence. The computer that was used to share copyrighted materials should be collected and stored until the proper authorities can take control of this evidence. The incorrect answers: A. Create a firewall rule to block Internet access to this computer Creating a firewall rule would stop anyone from accessing the computer, but it wouldn't stop the user from modifying or deleting files and evidence from the PC. B. Create a hash for each file that was shared Although creating hashes of the files may be part of the evidence gathering process, the immediate need is to impound and protect the data on the system used in this event. C. Compile a list of licenses for each set of copyrighted materials The determination of copyright is part of the process that will occur later. The more important task will be to collect the evidence and protect its integrity.

Answer 22

The Answer: D. Detailed upgrade plan Before working through the remaining change control steps, it's important to have a detailed explanation of the steps that will be required to complete the change. This detailed plan will provide decision-making information to the change control board and provide the information needed to create a backout plan. The incorrect answers: A. End-user approvals Without a detailed plan, it's difficult to determine who the end users are. Since the end-user approvals are required to continue with the change control process, the detailed plan will need to be created first. B. Backout plan A backout plan can't be created until you know the specific changes that are planned. C. Change control application The change control committee will need specific details about the proposed changes so they can understand the scope of what they are approving.

Answer 23

The Answer: B. UPS A UPS (Uninterruptible Power Supply) provides short-term backup power if a power outage or low-voltage situation was to occur. The incorrect answers: A. Cloud-based storage The use of cloud-based storage does not provide any server uptime if a power outage occurs. C. Redundant power supplies Some servers might use redundant power supplies to maintain uptime if one of the power supplies was to fail. If there's a power outage, then none of the power supplies will be working properly. D. Surge suppressor A surge suppressor will protect a computer from spikes and noise, but it won't provide any uptime if the primary power source was to fail.

Answer 24

``` A UPS (Uninterruptible Power Supply) provides short-term backup power if a power outage or low-voltage situation was to occur. ```

Answer 25

The Answer: B. OS installation from a network drive PXE (Preboot eXecution Environment), or "Pixie," is a method of booting a computer from an image file located on a network server. One common use of PXE boots are to install an operating system across many systems at the same time. The incorrect answers: A. Monthly OS patch install It's not necessary to boot from a network drive to install the monthly Microsoft operating system patches. C. Boot to Safe Mode Booting into Safe Mode can be managed on a local computer without the requirement of booting across the network using PXE. D. Control the computer remotely Remote control or remote desktop functionality is managed with applications on the operating system. It is not necessary to boot with PXE to control a device remotely

Answer 26

The Answer: A. Install the latest OS patches This system will be used during non-working hours from a location that is not part of your organization, so keeping the operating system secure will be important. Maintaining an aggressive patching schedule will ensure that any known vulnerabilities are always removed before they could possibly be exploited. The incorrect answers: B. Remove the server from the Active Directory domain An Active Directory domain allows a domain administrator to centrally manage security policies and to provide ongoing monitoring of a device. The server would be less secure if it were removed from the AD domain. C. Use only 64-bit applications There's no enhanced security with 64-bit applications, so ensuring the use of those applications wouldn't provide any significant security advantages. D. Run a weekly anti-virus scan The concern with this server is that it will be accessed by unknown thirdparties from the partner's network. Running an anti-virus scan every week would not provide any significant security benefit, and would probably be delivered too late to be of use.

Answer 27

The Answer: D. sudo The sudo (superuser do) command will execute a command as the superuser or any other user on the system. When performing administrative tasks such as upgrading software, it's often necessary to use elevated rights and permissions. The incorrect answers: A. chmod The chmod (change mode) command will modify the read, write, and execution permissions for a file system object. The mode of a file or folder would not commonly need to be modified during an upgrade. B. apt-get The apt-get (Advanced Packaging Tool) command is used to manage application packages and software upgrades. The apt-get command does not provide any additional rights and permissions, however. C. ifconfig The ifconfig (Interface Configuration) command displays or configures a network interface and IP address configuration. No rights or permissions are provided through the ifconfig command.

Answer 28

The Answer: E. MAC filtering MAC (Media Access Control) address filtering can be configured to allow or deny access to the network based on the hardware address of the wireless network adapter. Given the available options, MAC filtering would be the only way to provide this type of device exclusion. The incorrect answers: A. SSID suppression The SSID (Service Set Identifier) is the name of the wireless network, and most access points allow the administrator to control the broadcasting of the network name. This option would not display the name on a list of available wireless networks, but a device could connect to the network if the name was already known. B. Content filtering Content filtering refers to the control of information inside of an existing data flow. This commonly controls based on the URLs (Uniform Resource Locators) associated with websites, allowing the administrator to allow or deny access to certain categories of online content. This functionality would not be used to limit wireless network access for a single device. Practice Exam A - Answers 125 C. Static IP addressing Static IP addressing would require the administrator to manually assign IP addresses to all of the devices on the network, but this manual assignment is not a security feature and would not necessarily restrict access to the network from any device. D. WPS WPS (Wi-Fi Protected Setup) is a configuration option on a wireless access point that is designed to make it easier for other devices to connect to the network. The use of WPS does not provide a way to limit or restrict wireless network access if a device already has the proper credentials.

Answer 29

The Answer: D. Disable the user's account The first step after identifying a malware infection is to quarantine the system. This would include removing the system from the network and preventing the user's account from accessing other network resources. The incorrect answers: A. Uninstall the new browser Once the new browser was installed, the malware undoubtedly made significant changes to the user's operating system. Uninstalling the browser would not remove the existing malware infection. B. Backup the user's documents Although it will be important to preserve as much of the data as possible, performing a backup of the user's documents would not be the best next step given the available options. C. Roll back to a previous restore point If the system is infected with malware, then it's very likely that the previous restore points have also been infected. Rolling back to a previous restore point will most likely not remove the malware.

Answer 30

The Answer: A. WPA2 WPA2 (Wi-Fi Protected Access 2) encryption is used to protect the data transmitted over the wireless network. WPA2 or similar encryption would be considered to be the highest level of data protection on a wireless network. The incorrect answers: B. MAC filtering MAC (Media Access Control) filtering is used to allow or deny access to the network based on the hardware address of the wireless adapter. However, MAC filtering can be easily circumvented and is not considered a security feature. C. Static IP addressing Static IP address would require the network administrator to manually assign IP addresses to the network devices. Static IP addressing does not provide any security features. D. SSID suppression SSID (Service Set Identifier) suppression will prevent the name of the wireless network from appearing in lists of available networks. SSID suppression does not prevent someone from connecting to the network if they already know the name, and it's not considered a security feature

Answer 31

PXE or "Pixie" (Preboot eXecution Environment) is a method of booting a computer from a device over the network instead of from operating system files on a local storage device. This method is especially useful when managing large groups of devices, such as a training room.