IT Applications Practice Quiz

A user installs an app on a smart device. The device's official app store does not list the app as it is a proprietary app for an organization. What type of installation does the user complete? A. Bootleg B. Spoofed C. Root D. Sideload

Sideload With unknown sources enabled on an Android device, untrusted apps can be downloaded from a website and installed using the .APK file format. This is referred to as sideloading.

A user wishes to use an iOS smartphone with a carrier other than the one the phone was originally meant for. What requirement does the user complete to accomplish this? A. Sim Unlock B. Root Access C. Sideload D. Wipe

Sim Unlock To use a phone on another carrier than where it was bought, it must be SIM unlocked, by an IMEI whitelist.

An IT administrator creates a repository for standard operating procedures (SOPs). What documents does the administrator upload to the repository? (Select all that apply.) A. Software installation instructions B. New-user setup checklist C. Server decommissioning checklist D. Acceptable computer use policy

Software Installation Instructions New-user setup instructions Server decommissioning checklist A standard operating procedure outlines the steps for custom installation of software packages. The steps include verifying system requirements, validating download/installation source, and confirming license validity. A standard operating procedure could be a new-user setup checklist. When onboarding new employees and helping employees change job roles, typical tasks include enrollment with secure credentials and the allocation of devices. A standard operating procedure could outline the steps required when decommissioning a server. These steps may include identifying and migrating services to a new server.

Windows allows for several types of installable software. Which type may be transferred between computers when a user utilizes a Microsoft account? A. Windows Features B. Store Apps C. Windows subsystem D. Desktop Apps

Store Apps Store apps are installed via the Microsoft Store. Store apps can be transferred between any Windows device where the user signs in with that Microsoft account.

A systems administrator looks to have a daily backup of a server located across a wide area network (WAN) link. As the link is not fast, the administrator creates a backup scheme that uses little to no bandwidth and acquires an entire backup of the system. Which scheme does the administrator implement? A. Full B. Synthetic C. Incremental D. Differential

Synthetic A synthetic backup is an option for creating full backups with lower data transfer requirements. A synthetic full backup is not generated directly from the original data but instead assembled from other backup jobs.

A company tightens system security in several ways. One approach implements on-access scanning of files for malware. Shortly after implementation, users complain to the help desk. What is the complaint? A. Backups have malware. B. Browser pop-ups are frequent. C. System restore is disabled. D. Systems are slow.

Systems are slow. An on-access scan means that any time a file is accessed by a user or an application, it is scanned by the antivirus/antimalware software. This can cause system overhead.

Based on the scenario, use the dropdown selectors to identify or determine the function of the ADUC/User Properties interface objects, then use the radio selectors to answer the statements.

The Computers organizational unit contains domain-joined computer objects such as desktops, laptops, and servers. The ADUC object Domain Controllers is an Organizational Unit (OU). The ADUC object Users is an organizational unit that contains user objects and security groups. The User Properties object Member Of views/modifies group membership. The User Properties object Connect within the Home Folder area configures the mapping of a private drive to a network share. The User Properties object Logon script within the User profile area contains a script file executed during the sign-in process. The General tab of the user properties does not display the users' password settings. Within ADUC, a group can be a member of another group.

Based on the scenario, use the dropdown selectors to complete the Windows commands that would display the directory of the C drive, then drag the characters or switches to answer the questions.

The correct command sequence that shows the contents of the C drive as follows: C:\Windows\System32> cd C:\Windows\DigitalLocker C:\Windows\DigitalLocker> cd .. C:\Windows> cd .. C:\> cd Users C:\Users> cd .. C:\> dir

A user with tech knowledge is browsing the network to identify any available shares on all servers. While browsing, the user found a share known to contain payroll information. However, the user is unable to access the information within the share. Assuming that the user is not authorized to access the payroll information, what is the most likely reason why the user cannot view the information within the share? A. The permissions are incorrect. B. The user does not have permission to access the share. C. The share is a hidden share. D. The user is on the wrong server.

The user does not have permission to access the share. A user may browse a network for shareable resources. Permissions will pertain to the ability to access and use the share, not to see the share.

Due to a recent breach, a cyber architect is tasked with drafting a company-wide memorandum on social engineering attacks and how they can be mitigated. Which statement does NOT support the organization in defeating social engineering attacks? A. Train employees to release information based on personally-preferred procedures. B. Establish a reporting system for suspected attacks. C. Train employees to identify current phishing-style attacks as well as newer styles in the future. D. Train employees not to release any work-related information on external sites.

Train employees to release information based on personally-preferred procedures. Contrary to preferred procedure, the company should train employees to release information or make privileged use of the system only according to standard procedures.

A network engineer implements a proxy at a small company. To avoid management overhead, the configuration does not require settings on every client machine. What type of proxy does the engineer deploy? (Select all that apply.) A. Manual B. Transparent C. Autoconfiguring D. Intercepting

Transparent Intercepting A proxy server can improve both performance and security. A transparent proxy does not require any client configuration as the server handles the appropriate settings. Some networks use a proxy to provide network connectivity. An intercepting proxy does not require that each client is individually configured.

Which type of malware replicates between processes rather than infecting a file? A. Worm B. Trojan C. Virus D. Pop-up

Worm Worms replicate between processes in system memory rather than infecting an executable file stored on a disk. Worms can also exploit vulnerable client/server software to spread between hosts in a network.

Which root-level file allows for the automatic execution of commands in a legacy version of Windows? A. Start Button B. Execution Control C. AutoPlay D. autorun.inf

autorun.inf In a legacy version of Windows, an inserted disk (USB or optical) would automatically run commands defined in an autorun.inf file stored in the root of the drive.

A technician troubleshoots a Windows system by using the command prompt. If the technician is currently in the directory named C:\Backup and wishes to enter the directory C:\Backup\02102022, what command does the technician use? A. cd\ 02102022 B. cd.. 02102022 C. cd 02102022 D. cd .\Backup\02102022

cd 02102022 A user can easily navigate a Windows system by issuing the change directory (CD) command. The cd command followed by a space and then by a directory name will move to that directory.

After a recent driver update on a Windows system, the display adapter does not function properly. A technician tries to roll back the driver by using which management console? A. devmgmt.msc B. diskmgmt.msc C. dfrgui.exe D. lusrmgr.msc

devmgmt.msc The Device Manager (devmgmt.msc) console allows administrators to view, edit, and troubleshoot the properties of installed hardware, update drivers, and remove or disable devices.

A Windows user runs the Performance Monitor tool to check disk activity. What counter is the best option the user can evaluate to understand how busy the disk is at any given time? A. % Disk Time B. Average disk queue length C. Available bytes D. Pages/sec

% Disk Time The % disk time metric is the percentage of elapsed time that the selected disk drive is busy servicing read or write requests.

Which proprietary file system does a Mac workstation use? A. NTFS B. APFS C. ext4 D. FAT32

APFS Apple Mac workstations and laptops use the proprietary Apple File System (APFS), which supports journaling, snapshots, permissions/ownership, and encryption.

A user experiences difficulty paying a retailer with a touchless near-field supported phone. What does the user check while troubleshooting? A. AirDrop B. Airplane Mode C. Bluetooth D. Pairing

Airplane Mode A near-field communication (NFC) issue typically manifests when trying to make payments via a contactless card reader. One troubleshooting step is to verify that airplane mode is not active.

A recent software installation on a Windows desktop fails. Which internal log file does a technician review to see what may have gone wrong? A. System B. Application C. Security D. Setup

Application The application log contains information regarding non-core processes and utilities for some third-party applications. Third-party application installers write events to the application log.

A user contacts an IT help desk to report that when trying to browse a web page for office supplies, a completely unrelated webpage about gambling is presented. What does the help desk determine the causes could be? (Select all that apply.) A. Certificate Problem B. Browser Redirection C. DNS Spoofing D. Service Problems

Browser Redirection DNS Spoofing Redirection is where a user tries to open one page but gets sent to another. Often this may imitate the target page. In adware, this is just a blunt means of driving traffic through a site. Domain name system (DNS) spoofing is a method where a fraudulent DNS address may be used to direct users to fraudulent websites.

A company establishes a mobile device deployment model. The policy states that a corporate-owned phone may be used for personal reasons. Which deployment is in use? A. BYOD B. COBO C. COPE D. CYOD

COPE In a corporate-owned, personally enabled (COPE) program, a device is chosen and supplied by the company and remains its property. The employee may use it for personal reasons.

A computer security team investigates a high-level computer breach at a large company. While investigating the computer, the team learns that a USB drive is missing from the computer. A user states that the drive is now safe with the receptionist of the company. What concerns the team from this action? (Select all that apply.) A. Incident Documentation B. Latent Evidence C. Chain of Custody D. Data Integrity

Chain of Custody Data Integrity It is vital that the evidence collected at the crime scene conforms to a valid timeline. Digital information is susceptible to tampering, so access to the evidence must be tightly controlled. Data integrity refers to the authorized or unauthorized manipulation of data. This also applies to intentional or unintentional manipulation. It is possible that a file from the drive may have been open or in memory.

A user would like to install an updated Windows operating system (OS) on a computer. There are no files that need to be saved. What options does the user have to accomplish this? (Select all that apply.) A. Recovery Partition B. Windows Reset C. Clean Install D. In-place Upgrade

Clean Install In-place Upgrade A clean install of an OS is an installation option where no previous operating system will be repaired. This is a good option for a new install. An in-place upgrade means running setup from an existing version of the OS so that third-party applications, user settings, and data files are kept and made available in the new version.

A technician would like to set every Windows computer at an organization to have a company logo as a desktop wallpaper. What does the technician determine as the best method for deploying the setting? A. Login Script B. Domain Group Policy C. Local Group Policy D. Administrative Template

Domain Group Policy A domain group policy configures computer settings and user profile settings for all computers and user accounts within a domain. This type of policy would satisfy the requirement.

A company implements several types of security mechanisms around a high-risk data center. One of the mechanisms allows for a panic button to be pressed. Which security type does this button represent? A. Circuit B. Motion C. Duress D. Proximity

Duress A duress alarm is triggered manually and could be implemented as a wireless pendant, concealed sensor or trigger, or call contact.

A Windows user runs the Defragment and Optimize Drives tool (dfrgui.exe) on a solid state disk (SSD). What action will the tool take on the drive? (Select all that apply.) A. Rewriting of data into contiguous clusters. B. Identifying blocks that are deletable. C. Tagging blocks as writable. D. Tracking files that can be safely erased.

Identifying blocks that are deletable. Tagging blocks as writable. On a solid state disk (SSD), data is stored in units called blocks that are not directly managed by the OS. The tool runs a trim process that identifies data that the OS has marked as deletable. When the tool initiates trim, data that is marked as deletable ultimately has its occupied blocks tagged as writable.

An engineer configures numerous firewall rules on a system. The system processes the rules in order and then reaches the last default rule which blocks access. Which security principle is in place? A. Implicit Deny B. Explicit Deny C. Least Privilege D. Physical Control

Implicit Deny Implicit deny means that unless there is a rule specifying that access should be granted, any request for access is denied.

A user modifies a Windows 10 computer's ease of access settings. Which settings group configures Keyboard usability? A. Vision B. Hearing C. Power D. Interaction

Interaction Interaction configures options for keyboard and mouse usability. The user can also enable speech-and-eye controlled input methods.

A Windows computer user requires help from the IT department. A technician instructs the user to create an invitation file. What type of Windows help session does the user create? A. Microsoft Remote Assistance B. Microsoft Remote Desktop C. Microsoft Quick Assist D. Secure Shell

Microsoft Remote Assistance Microsoft Remote Assistance (MSRA) allows a user to ask for help from a technician or co-worker via an invitation file protected by a passcode.

A user wishes to enable multiple desktops within macOS for different work environments. What feature makes this possible? A. Mission Control B. Terminal C. Spotlight Search D. Dock

Mission Control The Mission Control feature is used for window management and enables the user to set up multiple desktops with different sets of apps and backgrounds.

A user looks to reconfigure an IP address for a network adapter. Which Control Panel applet is the most direct? A. Network and Internet B. Network Connections C. Network and Sharing Center D. Advanced Sharing Settings

Network Connections Network Connections (ncpa.cpl) is a Control Panel applet for managing adapter devices, including IP address information.

A security engineer suggests the use of proximity technology to track the movement of portable equipment. What solution does the engineer recommend? A. Passive Infrared B. Microwave Radio C. Radio Frequency D. Concealed Sensor

Radio Frequency With proximity sensors, radio frequency ID (RFID) tags and readers can be used to track the movements of objects within an area.

An organization looks to make a server available to internet traffic without bringing harm to its private network. An onsite engineer configures a separate network for the server. Which approach does the engineer utilize? A. Port Forwarding B. Port Triggering C. Inbout Filtering D. Screened Subnet

Screened Subnet In an enterprise network, a screened subnet is a means of establishing a more secure configuration. The idea of a screened subnet is that some hosts are placed in a separate network segment.

A tech firm deploys wireless installations at client sites. As the firm uses Wi-Fi Protected Access (WPA) version 3, which security technology does the deployment utilize? (Select all that apply.) A. Rivest Cipher 4 (RC4) B. Simultaneous Authentication of Equals Mechanism C. 4-way Handshake Association D. AES Galois Counter Mode Protocol Mode

Simultaneous Authentication of Equals Mechanism AES Galois Counter Mode Protocol Mode Simultaneous Authentication of Equals (SAE) in WPA3 replaces the 4-way handshake in WPA2. The 4-way handshake mechanism is vulnerable to manipulations that allow a threat actor to recover the key. WPA3 replaces Advanced Encryption Standard Counter Mode with Cipher Block Chaining Message Authentication Code Protocol with the stronger AES Galois Counter Mode Protocol (GCMP) mode of operation.

An engineer surveys a computer room for environmental impacts. What does the engineer focus on? (Select all that apply.) A. Temperature B. Humidity C. Power D. Ventilation

Temperature Humidity Ventilation A computer that is too hot is likely to be unreliable. Computers must have proper ventilation in a room to draw cool air into their cooling system. An improperly ventilated room may cause a computer to pull in hot air it has just expelled and increase the unit's temperature. High humidity impacts the amount of water vapor in the air and can cause condensation to form. Low humidity allows static charges to build up more easily and increases the risk of electrostatic discharge (ESD). Dust is drawn into the computer via ventilation holes. Over time, the dust can form a thick layer over components, heat sinks, fan blades, and ventilation slots, preventing effective heat dissipation.

How might a mobile-device management suite of software detect that a user has rooted an Android device? A. The device is in developer mode. B. There is no valid developer code signature. C. The iOS device is jailbroken. D. Access is denied to an enterprise app.

There is no valid developer code signature. Mobile-device management (MDM) suites have routines to detect a "rooted" (associated with Android) or "jailbroken" (associated with Apple) device or custom firmware with no valid developer code signature.

A user attempts to authenticate from one Windows system to another in a domain but fails with no error message. The user verifies the username and password as correct. What does the user determine the issue to be? A. Application Crash B. Time Drift C. Failed Service D. Blue Screen of Death

Time Drift Processes such as authentication and backup depend on the time reported by the local PC being closely synchronized to the time kept by a server.

A new support technician works on entry-level trouble tickets. Which question does the technician use as a closed type of question? A. What caused the problem to happen? B. What happened to create the problem? C. What is the computer's problem? D. What did the message say?

What did the message say? A closed question is one that can only be answered with a "Yes" or "No" or that requires some other fixed response. This type of questioning can prove to be helpful.

A Windows user is not able to resolve server names on a local network. After updating the system's hosts file, which command does the user issue? A. ipconfig /renew B. ipconfig /release C. ipconfig /flushdns D. ipconfig /all

ipconfig /flushdns The domain name system (DNS) is used to resolve IP addresses to host names. Whether a server or hosts file is used, the ipconfig /flushdns command clears a systems DNS cache.

A user would like to delete a mapped drive labeled as "X" on a Windows system. Which command will the user issue at the command prompt? A. net use X: /delete B. net delete X: C. net delete * D. net use X: \\server\share

net use X: /delete There are several net and net use command utilities that are useful in viewing and configuring shared resources on a Windows network. To delete a drive mapping, the correct syntax is net use X: /delete.

A user interacts with a Linux distribution that has no desktop graphical user interface (GUI). As the user types, which stream handles the interaction? A. stderr B. std C. stdout D. stdin

stdin In a Linux distribution with no graphical user interface, a terminal interface is used. The default shell command interpreter uses the stream stdin (0) for the user's keyboard input.

A user on a Linux system would like to run all commands at an administrative level while maintaining a login in their own account. What command does the user issue to accomplish this? A. su - B. etc/passwd C. su username D. sudo

sudo The sudo (superuser do) command allows any account listed in the /etc/sudoers file user to run specified commands with superuser privilege level.

A user installs an application on a macOS device. The user determines that installation will require running an additional service. What installer format does the application use? A. .exe B. .app C. .pkg D. .dmg

.pkg The macOS pkg format is used where app setup needs to perform additional actions, such as running a service or writing files to multiple folders.

An IPv6 address is made up of bits that identify the network and host of a system. How many bits long is an IPv6 address in total, and how many bits identify the host portion? (Select all that apply.) A. 128 B. 32 C. 256 D. 64

128 64

A systems administrator configures a hardware firewall to allow remote desktop connections to various Windows computers. This involves port forwarding. Which port will the administrator need to change so that each system uses a unique port? A. 22 B. 5900 C. 443 D. 3389

3389 The Remote Desktop Protocol (RDP) on a Windows workstation or server runs on TCP port 3389 by default but can be changed to another port.

A user looks to implement virtual network computing (VNC) access to a Windows computer while traveling. Which port does the user open on a hardware firewall to allow access? A. 443 B. 22 C. 5900 D. 3389

5900 Virtual Network Computing (VNC) is a freeware product with similar functionality to the Remote Desktop Protocol (RDP). It works over TCP port 5900.

A user upgrades the memory in a Windows corporate workstation from 4 GB to 8 GB. After the upgrade, the user notices that only 4 GB is recognized by the system. What does the user conclude the problem to be? A. A 64-bit version of Windows B. The Enterprise version of Windows C. A 32-bit version of Windows D. The Server version of Windows

A 32-bit version of Windows Each version and edition of Windows 10 was originally available as 32-bit (x86) or 64-bit (x64) software. All 32-bit Windows editions are limited to 4 GB of system memory.

A user opens a help desk ticket stating that web content embedded within a particular webpage is not displaying as it should. What does a support technician conclude to be the most likely issue? A. A plugin B. An extension C. A search provider D. An API

A plugin Plugins play or show some sort of content embedded in a web page, such as Flash, Silverlight, or other video/multimedia format. In this case, a plugin is missing a particular page that is not displaying content.

A problematic Windows system with multiple operating systems installed does not boot properly. A support technician tries to diagnose by outlining the boot process. The technician determines that the system uses an Extensible Firmware Interface (EFI) system partition. Which file does the technician inspect for problems related to a specific operating system boot problem? A. BOOTMGR B. NTOSKRNL C. HAL D. BOOTMGFW

BOOTMGFW The GUID partition table (GPT) identifies a System Partition. The system partition contains the boot manager nd the boot configuration data (BCD). Each Windows installation has a subfolder under \EFI\Microsoft\ that contains a BCD and BOOTMGFW.EFI.

A computer user looks to map a network drive using the most basic scripting language possible. Which language does the user implement for a Windows system? A. PowerShell B. VBScript C. Python D. Batch Script

Batch Script A shell script written for the basic Windows CMD interpreter is often described as a batch script. A batch script would be the simplest way to create the script.

A company looks to dispose of old computer equipment. Which items require special care? (Select all that apply.) A. Power Cables B. Batteries C. Toner D. Motherboard

Batteries Toner Motherboard Any regular, swollen, or leaking batteries from laptop computers or within cell phones and tablets must be handled very carefully and stored within appropriate containers. Photocopier and laser-printer toner is an extremely fine powder. The products in toner powder are not classified as hazardous to health, but any dust in substantial concentration is a nuisance as it may cause respiratory tract irritation. Many components in PCs, cell phones, tablets, and display screens contain toxins and heavy metals, such as lead, mercury, and arsenic. These toxins may be present in circuit boards.

An iOS smart device user notices that AirDrop is not working properly as files are not being received. What should the user check while troubleshooting? (Select all that apply.) A. LAN B. Bluetooth C. Contacts D. Near-field

Bluetooth Contacts AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection. Bluetooth should be enabled and devices should be in close range with each other. On the iOS device, the sender of a file must be listed in the recipient's contacts list, or AirDrop must be configured to receive files from everyone.

An iOS user struggles with wirelessly connecting a set of headphones to a phone. What does the user check on the phone while troubleshooting? (Select all that apply.) A. Bluetooth Connection B. Near-field Communication C. AirDrop Properties D. Pairing Mode

Bluetooth Connection Pairing Mode Bluetooth communication would need to be checked and enabled on the smartphone. The headphones would also need to be powered on. Pairing is a method of connecting a smartphone or other device to a peripheral device via Bluetooth. Both the phone and the headphones would need to be in pairing mode to connect.

A technician configures a legacy computer for a user. Which account authentication policies does the technician implement? (Select all that apply.) A. Change the default admin password. B. Disable the guest account. C. Set any user permissions. D. Secure any critical hardware.

Change the default admin password. Disable the guest account. Set any user permissions. If the default administrator account cannot be disabled, it must never be left configured with a default password. In the current versions of Windows, the guest account is disabled by default and cannot be used to sign in. It is only enabled to facilitate passwordless file sharing in a Windows workgroup. File permissions control whether a user can read or modify a data file or folder, either on the local PC or across the network. This management step pertains to authorization and not authentication.

A user contacts an IT helpdesk. The complaint is that the computer is very sluggish. Support personnel notices high graphics processing unit (GPU) use. What does the helpdesk determine to be the issue? A. Ransomware B. Cryptominer C. Keylogger D. Remote Access Trojan

Cryptominer A cryptominer hijacks the resources of the host to perform cryptocurrency mining. This is also referred to as cryptojacking. A graphics processing unit (GPU) is used in cryptomining.

A user suspects that a USB drive on their system has been tampered with. The user begins using the drive by saving a few reports while waiting for an IT technician to investigate. What does the user compromise? A. Incident Documentation B. Latent Evidence C. Data Integrity D. Chain of Custody

Data Integrity Data integrity refers to the authorized or unauthorized manipulation of data. This also applies to intentional or unintentional manipulation. Contents of the drive may be useful as evidence.

A user builds a new computer for gaming purposes. The ability to upgrade the performance graphics processing unit (GPU) over time is desired. What GPU type does the user invest in? A. Integrated Graphics B. Video RAM C. Dedicated Graphics D. System RAM

Dedicated Graphics A dedicated graphics card will have its own random access memory (RAM). This allows the card to focus on rendering graphics without using system RAM.

A company disposes of old computer systems. While doing so, all hard drives are removed and scheduled for physical destruction. Which method will NOT work with a solid state disk drive (SSD)? A. Shredding B. Incinerating C. Degaussing D. Secure Erase

Degaussing With degaussing, a hard disk is exposed to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. Degaussing does not work with SSDs or optical media.

A new help desk technician fields a support call from a user. What initial information does the technician ask the user to provide? (Select all that apply.) A. Description of the issue B. Contact details C. System specifications D. Hard drive type

Description of the Issue Contact Details Most users may not be tech-savvy. However, the user must supply a basic description of the issue. The technician should ask clarifying questions to ensure an accurate initial description. When working on a trouble ticket, it is important to gather the user's name and other contact details. It might be possible to link the ticket to a customer relationship management (CRM) database.

A technician configures a backup routine on an important workstation. Which type does the routine use when only backing changes since the last full backup? A. Synthetic B. Full C. Incremental D. Differential

Differential Differential jobs select new files and files modified since the original full job. A differential chain has moderate time and storage requirements.

A systems engineer would like to keep a company's wireless network a secret. How can the engineer accomplish this? A. Use content filtering B. Disable service set ID broadcast C. Enable port forwarding. D. Use port-triggering rules.

Disable service set ID broadcast Disabling broadcast of the service set ID (SSID) prevents clients from seeing the network. This provides a margin of privacy at the expense of configuration complexity.

A company has several offices within the United States. Engineers look to configure Microsoft DirectAccess virtual private networking technology for remote connections. Engineers instruct IT to deploy which operating system to Windows desktops? A. Enterprise B. Pro C. Home D. Education

Enterprise Windows Enterprise edition has several features that are not available in the Pro edition, such as support for Microsoft's DirectAccess virtual private networking technology.

A user loses their company smartphone while traveling. The IT department initiates the securest measure possible to impact work-related data only. What action does the IT department take? A. Remote Lock B. Device Wipe C. Enterprise Wipe D. Remote Call

Enterprise Wipe An enterprise wipe can be performed against the corporate/work container only. This removes any corporate accounts and files but leaves personal items on the phone.

A systems administrator looks to implement a server backup plan. Which two factors govern backup operations? (Select all that apply.) A. Frequency B. Chains C. Retention D. Restoration

Frequency Retention Frequency is the period between backup jobs. The frequency configuration reflects and governs how much lost work can be tolerated. Retention governs the period that any given backup job is kept for. Short-term retention is important for version control and for recovering from malware infection.

A user would like to use a browser without having to manually clear the cache after every use. Which feature fulfills this need? A. Browsing Data Options B. Incognito Mode C. Pop-up Blocker D. Browser Settings

Incognito Mode Private/incognito browsing mode disables the caching features of the browser so that no cookies, browsing history, form fields, passwords, or temp files will be stored when the session is closed.

While implementing security on a small network, an administrator ensures that any data modification is legitimate. What security property pertains to this principle? A. Confidentiality B. Integrity C. Availability D. Acceptability

Integrity Integrity is part of the CIA triad (the "i") and means that the data is stored and transferred as intended and that any modification is authorized.

A user enables privacy settings on a Windows 10 computer. Which settings pertain to app permissions? (Select all that apply.) A. Location service B. Language settings C. Use of speech D. Camera and microphone

Location Service Camera and Microphone App permissions allow or deny access to devices such as the location service, and to user data such as contacts, calendar items, email, and files. There are multiple settings toggles to determine what app permissions are allowed. Camera and microphone settings are set under app permissions.

A user claims that they cannot browse the local shared network by name. After evaluating the computer's IP settings and pinging the local share by IP address with no problem, what does a support technician determine as the cause? A. Missing IP Address B. Missing Gateway Address C. Missing DNS Address D. Missing Subnet Address

Missing DNS Address All hosts on a network require the use of a domain name server IP address for network communications using host names. This is currently the problem.

A user boots and installs a legacy Windows operating system on a computer. The user notices that after installation, the system requires many drivers and updates to bring it to a healthy and up-to-date state. The user finds that it is not possible to add updates to which installation media type? A. Network Boot B. Non-Writeable Optical Disc C. Flash Drive D. Internet-based

Non-Writeable Optical Disk Historically, most attended installations and upgrades were run by booting from optical media (CD-ROM or DVD). As updates for the operating system and drivers become available, optical media will become quickly dated.

A new support technician interfaces with a user that has a computer problem. While discussing the problem, the technician gives undivided attention to the user and asks questions where the person creates their own response. When discussing the problem, what does the technician practice? (Select all that apply.) A. Close-ended Questions B. Open-ended Questions C. Active Listening D. Use of jargon

Open-ended Questions Active Listening An open-ended question is a question that invites the other person to compose a response that allows them to openly discuss what they are seeing versus locking them down into a fixed response. Active listening is the skill of listening to an individual so that that person is given full attention and is not argued with, commented on, or misinterpreted in what they have said.

A systems administrator configures a new Windows workstation. The system uses the New Technology File System (NTFS). The system requires interaction with a Linux system and supports case sensitive file naming by utilizing which feature? A. Indexing B. Journaling C. Snapshots D. POSIX

POSIX To support UNIX/Linux compatibility, Microsoft engineered NTFS to support case-sensitive naming, hard links, and other key features. This is known as Portable Operating System Interface (POSIX) compliance.

A user installs an application on a Linux system by using which method in the operating system? A. Package Manager B. Add Remove Programs C. Applications Store D. Optical Drive

Package Manager An app distribution method is the means by which the vendor makes it available to install. Linux uses DEB packages with the APT package manager or RPM for YUM.

A user finds their Android smartphone to be unresponsive when trying to use an app. How might the user resolve the problem so that they may use the phone? A. Perform a factory reset. B. Remove the battery. C. Run an update. D. Perform a soft reset.

Perform a soft reset. A soft reset is usually effective in restoring unresponsive or frozen systems and is one of the first things to try when faced with a malfunctioning app or slow performance.

What might a security engineer suggest as a solution to deter lunchtime attacks? A. Strong Password B. Biometrics C. Permissions D. Policies

Policies A lunchtime attack is where a threat actor is able to access a computer that has been left unlocked. Policies can configure screensavers that lock the desktop after a period of inactivity.

An attacker uses a script to create fileless malware that requires no compilation. What scripting environment does the attacker use? A. PowerShell B. VBScript C. Python D. Batch Script

PowerShell If the interpreter is not a default feature in an operating system, enabling it expands the attack surface. Threat actors use environments such as PowerShell to craft fileless malware.

An organization executes a project to replace all of its servers. A change that is requested by management goes through a risk analysis exercise before moving to approval. What will a qualitative approach use for metrics? (Select all that apply.) A. Previous Experience B. Opinions C. Discrete Values D. Data

Previous Experience Opinions Qualitative risk analysis seeks to identify and evaluate impact and likelihood factors through previous experience with a system to replace or supplement metrics. Qualitative risk analysis looks to determine a level of risk based on opinions. These opinions may be from subject matter experts or simply from end-users of the system.

An engineer configures an Authentication, Authorization, and Accounting (AAA) server to authenticate credentials for remote users. Credentials are forwarded to the AAA server from a firewall. Which AAA method does the engineer utilize? A. TACACS+ B. RADIUS C. Kerberos D. Active Directory

RADIUS Remote Authentication Dial-In User Service (RADIUS) is one way of implementing the AAA server when configuring enterprise authentication. The firewall is configured as a client of the RADIUS server.

A user at an organization calls the IT help desk in a panic. The user exclaims that according to a message on the computer, someone is trying to extort them. What type of malware does the user experience? A. Rootkit B. Worm C. Ransomware D. Trojan

Ransomware Ransomware is a type of malware that tries to extort money from the victim. One class of ransomware will display threatening messages, such as requiring Windows to be reactivated.

A user needs to restore a problematic Windows system to its original factory state. What approach does the user utilize to achieve the restoration? A. Windows Refresh B. Recovery Partition C. Clean Install D. In-place upgrade

Recovery Partition A factory recovery partition is a tool used by the original equipment manufacturers (OEMs) to restore the OS environment to its ship state. The recovery partition is created on the internal fixed drive.

A user experiences a blue screen of death (BSoD) while using a Windows computer. What does a support technician determine to be a good first troubleshooting step? A. Check the system for malware. B. Reinstall the operating system. C. Remove any newly installed hardware. D. Clean any dust from the system.

Remove any newly installed hardware. A Windows blue screen of death (BSoD) is often caused by hardware. This may be due to faulty hardware or a bad driver. A good first step is to determine what on the system has changed.

A user with a problematic Windows system tries to use a previously created system image. How does the user access the image? (Select all that apply.) A. Start Menu B. Repair disk C. Reset this PC D. Advanced boot

Repair disk Advanced boot Windows includes many operating system recovery and repair options. To restore a system with an image created in Backup and Restore, a repair disk can be used. To recover a system using a backup image, use the Advanced Boot Option or the System Image Recovery option off a repair disk or recovery environment.

A user inspects and learns about the electrical components on the inside of a computer. What is measured in ohms? A. Current B. Voltage C. Resistance D. Wattage

Resistance A resistor creates resistance. Resistance is the degree of opposition to the current caused by characteristics of the conductor and is measured in ohms.

An administrator reviews an audit log and notices strange logins when the business is closed. Which policy does the administrator use to deter this activity? A. Restrict login times B. Failed login lockout C. Concurrent logins D. Use timeout

Restrict login times Restrict login times is typically used to prevent an account from logging in at an unusual time of the day or night or during the weekend.

A Windows user needs to transfer and retain an entire directory structure from one disk to another. There is also a need to retain New Technology File System (NTFS) attributes. Which command does the user determine will fulfill the need? A. move B. copy C. xcopy D. robocopy

Robocopy The robocopy command (or "robust copy") is a Windows file copy utility. This utility is designed to work better with long file names and NTFS attributes.

A tech has an Android tablet that no longer receives updates due to its age. Learning that a custom firmware with new features is available, what does the tech require to install the image? A. Jailbreak B. Root access C. Sideload D. Wipe

Root access For some devices, it is necessary to exploit a vulnerability to use custom firmware. Custom firmware is essentially a new Android OS image applied to the device and requires root access to install.

Malware infects a user's computer. A support technician determines that the malware is executed without requiring any authorization using system privileges. What type of malware currently infects the system? A. Ransomware B. Keylogger C. Rootkit D. Trojan

Rootkit Malware may be able to execute without requiring any authorization using system privileges and it may escalate privileges after installation. Malware running with this level of privilege is referred to as a rootkit.