C.3.4 CompTIA A+ 220-1102 (Core 2) Domain 4: Operational Procedures
Which of the following is true of online software activation? (Select three.) Answer Since the license account information is stored online, it is usually not affected by operating system upgrades or migrations. The software vendor does not track how many times each license code is activated, but uses persistent activation to annually audit the number of licenses being used. With enterprise licenses, the software vendor tracks how many times each license code is activated and automatically charges the enterprise for activations above the license limit. Persistent activation may require the license to be continuously re-activated online at a preconfigured interval. With personal software licenses, the limit is usually one to three online activations. Before running a newly installed application, the user must activate their license online on the software vendor's website.
--Persistent activation may require the license to be continuously re-activated online at a preconfigured interval. --With personal software licenses, the limit is usually one to three online activations. --Before running a newly installed application, the user must activate their license online on the software vendor's website.
You are an IT technician for your company. A coworker calls your department and asks for help fixing his malfunctioning internal Blu-ray drive, which he installed himself. When you arrive, you unplug and then open the employee's computer. As you begin to examine his computer, the employee begins to describe the steps he has taken to install and troubleshoot the issue on his own. You examine all of the connectors and discover that the employee forgot to connect the Blu-ray drive's power cable. Your initial thought is, "How stupid can this guy be?" but you restrain from making any comments. At that moment, another coworker calls your cell phone. The ringing of the phone distracts your thoughts, and while the owner of the computer is still explaining the troubleshooting steps already completed, you quickly connect the power to the device and close the computer. A quick test determines that the device is now working. Which of the following professionalism principles is the technician failing to follow? (Select two.) Answer Avoiding being judgmental Argue with customers and/or be defensive Actively listening Allow the client to speak and avoid interrupting Talking to coworkers while interacting with customers
Actively listening Avoiding being judgmental
Which of the following is an important aspect of evidence gathering in response to a security incident? Answer Restore damaged data from backup media. Back up all log files and audit trails. Monitor user access to compromised systems. Purge transaction logs.
Back up all log files and audit trails.
As part of the response to a security incident on your company network, you have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up to the time of presentation in court. Which document have been asked to draft? Answer FIPS-140 Rules of evidence Chain of custody CPS (Certificate Practice Statement)
Chain of custody
A technician was able to stop a security attack on a user's computer. Which of the following actions should be performed FIRST when conducting the subsequent forensic investigation? Answer Document what is on the screen. Remove the hard drive. Stop all running processes. Turn off the system.
Document what is on the screen.
Which type of contract are you typically required to accept when obtaining a proprietary software license? Answer EULA GPL PRD DMCA
EULA
Which of the following is a software license that allows 100 or more activations? Answer General Public License Personal license Public domain license Enterprise license
Enterprise license
As the principal of a private school, you have discovered that an office assistant has shared a student's home address with an unauthorized individual. Which of the following regulations is your school in violation of? Answer SOX FERPA HIPAA CCPA
FERPA
As an IT technician for a savings and loan institution, you have been tasked with making sure that your organization adheres to all Payment Card Industry Data Security Standards (PCI DSS) for all debit, credit, and prepaid cards issued by the company. You are currently assigning a unique ID to each company employee with computer access to the card data. Which of the following PCI DSS goals are you attempting to meet in this scenario? Answer Regularly monitor and test networks. Implement strong access control measures. Build and maintain a secure network. Maintain a vulnerability management program.
Implement strong access control measures.
One software license model allows software to be freely distributed, downloaded, and installed without paying a license fee, but often requires a fee for support, training, or added functionality. What is the name of this model? Answer Open source Persistent Proprietary Personal Enterprise
Open source
You have accepted a position working in a retail store's IT department. Which of the following government regulations would be the most important for the retail store to be in compliance with? Answer SOX PCI DSS HIPAA FERPA
PCI DSS
A software vendor has had recurring problems with customers misusing their proprietary software. Which of the following technologies can give them the MOST control in regulating who, how, and when their software is being used? Answer One-time license activation Digital fingerprinting Digital watermarking Persistent license activation
Persistent license activation
Your organization has 75 workstations that each need a software program installed. Which of the following is the BEST choice to accomplish this? Answer Purchase a personal license for the software program and reuse the activation code for each workstation. Purchase an enterprise license for the software program and reuse the activation code for each workstation. Purchase 75 personal licenses for the software program and use each unique activation code for each workstation. Purchase one personal license for the software program and then search online for additional activation codes provided by third parties or activation code generators.
Purchase an enterprise license for the software program and reuse the activation code for each workstation.
What is the purpose of the chain of custody incident response step when it comes to security incident resolution? Answer Maintain compliance with federal privacy laws. Detail the timeline between evidence creation and discovery. Retain evidence integrity by identifying people coming into contact with evidence. Identify the evidence owner.
Retain evidence integrity by identifying people coming into contact with evidence.
You work for a company that offers their services through the internet. It is critical that your website performs well. As a member of the IT technician staff, you receive a call from a fellow employee who informs you that customers are complaining that they can't access your website. After doing a little research, you have determined that you are a victim of a denial-of-service attack. As a first responder, which of the following is the next step you need to perform in response to the security incident? Answer Investigate how the attack occurred. Eradicate the issue. Identify the issue further. Secure the affected system.
Secure the affected system.
Which of the following does the GPL prevent you from doing with an open-source software program? Answer Modify its source code Sell a contract for technical support Sell a license to use the program Access its source code
Sell a license to use the program
A security technician is conducting a forensic analysis. Which of the following actions is MOST likely to destroy critical evidence? Answer Restricting physical access to the system Shutting down the system Copying the contents of memory to removable media Disconnecting the system from the network
Shutting down the system
Which of the following is true of the way many large digital media vendors use Digital Rights Management technology today? (Select two.) Answer They are cooperating with other vendors to make their digital files more portable in relation to those vendors' hardware and software. They are offering free backup copies of protected digital files. They are adopting alternatives to DRM, such as encouraging customers not to illegally share digital files. They are moving away from DRM because of several key shortcomings in the technology.
They are adopting alternatives to DRM, such as encouraging customers not to illegally share digital files. They are moving away from DRM because of several key shortcomings in the technology.
Which of the following is one way that developers and organizations who produce open-source software can generate revenue from the software? Answer Persistent activation licenses Enterprise licenses One-time activation licenses Training contracts
Training contracts
Your organization has 20 employees who need an accounting software update installed. Due to a miscommunication, the purchaser only paid to update 10 licenses. The software company issued a paper license and a single key for updating 10 users. Since this is an enterprise paper license, there is no mechanism that enforces a limit to the number of times the key can be used, so you decide to go ahead and update all 20 users. What are the possible consequences of this decision? (Select two.) Answer The software company will never detect the violation, so negative consequences are unlikely. You risk losing your job. The software will eventually stop working properly for the 10 extra updates you installed. Because you should be allowed one to three activations per user, this decision does not put you at risk for negative consequences. You expose your company to litigation by violating the software license agreement.
You risk losing your job. You expose your company to litigation by violating the software license agreement.
What is the technology that protects the intellectual property rights of publishers and restricts the use of copyrighted works to only those who have paid the necessary licensing fees?
digital rights management (DRM)
Match each incident detection method on the left with the appropriate description on the right. (Each method may be selected more than once.) Drag Passive Active Proactive Drop An organization looks for existing security flaws in their system. A network intrusion detection system (IDS) detects malicious traffic. A technician performing maintenance on a computer discovers prohibited content. A device or practice helps determine how and why a security incident occurred. nothing selected
proactive active passive passive
