CompTIA A+ brush up
Partitioning Basic
-Available in DOS and windows versions -Primary/extended partitions, logical drives -Basic disk partitions cant span separate physical disks
Partitioning Primary
-Bootable partitions -maximum of four primary partitions per hard disk -one of the primary partitions can be marked as active
A user is having an issue with a specific application on their Android devices. The user works for DionTraining, and every employee has the exact same model of smartphone issued by the company. Whenever the user attempts to launch the application, the app fails and generates an error message. Which of the following should the technician attempt FIRST to solve this issue? -Rollback the application to the previous version -Clear the local application cache -Reinstall the malfunctioning application -Update the operating system of the two smartphones
-Clear the local application cache
Partitioning Dynamic
-Install multiple drives to system and extended partition into all physical drives -Split data across physical disks(striping) -Duplicate data across physical disks(mirroring). Not all windows versions support all capabilities
Power Options Hibernate
-Open docs and apps are saved to disk -Common on laptops
A corporate user has called the enterprise service desk because they believe their computer has become infected with malware. When you arrive at their desktop to troubleshoot the issue, you notice it was powered down. You press the power button, the system loads without any issues. When you open Google Chrome, you notice that multiple pop-ups appear almost immediately. Which of the following actions should you take NEXT? -Clear the browsers cookies, history, and enable the pop up blocker -Document the pop ups displayed and take a screenshot -Reinstall or reimage the operating system -Quarantine the machine and report it as infected to your company's cybersecurity department for investigation
-Quarantine the machine and report it as infected to your company's cybersecurity department for investigation
Quick format vs. full format
-Quick format • Creates a new file table • Looks like data is erased, but it's not • No additional checks -Quick format in Windows 7, 8/8.1, and 10 • Use diskpart for a full format within windows 7, 8/8.1/10 -Full format • Writes zeros to the whole disk • Your data is unrecoverable • Checks the disk for bad sectors - Time consuming
Power options Sleep
-open apps are stored in memory -save power, startup quickly -switches to hibernate if power is low
Partitioning Extended
-used for extending the maximum number of partitions -one extended partition per hard disk (optional) -contains additional logical partitions -logical partitions inside an extended partition are not bootable
Basic Linux Commands iwconfig/ifconfig
-view or change wireless network configuration -essid, frequency/channel, mode, rate, etc. -requires some knowledge of the wireless network
Which of the following file types are commonly used by scripts in a Linux command line environment? .sh .ps1 .js .vbs
.sh Explanation OBJ-4.8: A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files.
chkdsk command /f
/F This chkdsk command option will fix any errors found on the disk.
Chkdsk Command /R
/R This option tells chkdsk to locate bad sectors and recover any readable information from them. This option implies /F when /scan is not specified.
chkdsk command /X
/X Disconnects a drive so it can be scanned and repaired. This command also runs the chkdsk /f functionality.
Windows 10 minimum requirement x64
1GHz processor with support for PAE,NX and SSE2 2GB RAM 20GB Microsoft Directx 9 graphics device with WDDM driver
netstat
A TCP/IP troubleshooting utility that displays statistics and the state of current TCP/IP connections. It also displays ports, which can signal whether services are using the correct ports.
System File Checker sfc
A Windows utility that verifies and, if necessary, refreshes a Windows system file, replacing it with one kept in a cache of current system files.
boolean
A boolean stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one).
What type of structure is "IF THEN ELSE" in scripting?
A branch is used to control the flow within a computer program or script, usually based on some logic condition. Often, these are implemented with IF THEN ELSE statements.
Which of the following types of backups only copies data modified since the last full backup? Synthetic Differential Incremental Full
A differential backup only creates a copy of the selected data that has been modified since the last full backup. It is a good compromise in speed between a full backup (which takes the longest to backup and the least to restore) and an incremental backup (which takes the least to backup and the longest to restore). An incremental backup only creates a copy of new files and files modified since the last full, incremental, or differential backup. Therefore, it takes the least amount of time to complete a backup. Unfortunately, it also takes the most time to restore since you have to first restore the full backup, then any differential and incremental backups until all your data is restored. A full backup creates a copy of all the selected data regardless of when it was previously backed up. It takes the most time to complete a backup but is the fastest when conducting a restoral of all the data on a hard drive. Synthetic backup is the process of generating a file from a complete copy of a file created at some past time and one or more incremental copies created at later times. The expression synthetic in this context refers to the fact that the assembled file is not a direct copy of any single current or previously created file. Instead, a synthetic file is merged or synthesized by a specialized application program from the original file and one or more modifications to it.
floating-point
A floating-point number stores a fractional or decimal number, such as 3.14, 45.5, or 333.33. A floating-point number data type usually consumes 4 to 8 bytes of storage.
loop
A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen.
What type of structure is a "Do While" in scripting?
A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For, For Next, While, or Do While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen
Summarize the importance of physical security measures Mantrap
A mantrap is an access control system that consists of a small space and two interlocking doors.
Compare and contrast the differences of basic Microsoft Windows OS security settings. Power user
A power user is an individual that operates a computer or device with advanced skills, knowledge, experience and capabilities. A power user has the ability to reap multiple benefits and functionalities of a computer, software application or the Internet. A power user is also known as a super user. -A "power user" has similar permissions to an administrator except they can't edit or view subscriptions or other users and they do not have access to billing information. A "user" is the most limited role. They can only view the account.
Compare and contrast social engineering, threats, and vulnerabilities Rainbow table
A rainbow table attack is a password cracking method that uses a special table (a "rainbow table") to crack the password hashes in a database.
string
A string stores a group of characters, such as Hello, PYTHON, or JasonDion. A string data type usually consumes as much storage as necessary. Each character in the string usually requires 1 byte of storage.
What are Network-based firewalls?
A type of firewall that can encrypt traffic into/out the network and can proxy traffic.
What type of malicious application does not require user intervention or another application to act as a host to replicate? Trojan Virus Worm Macro
A worm is a self-replicating type of malware that does not require user intervention or another application to act as a host for it to replicate. Viruses and Macros require user intervention to spread, and Trojans are hosted within another application that appears harmless.
Which of the following is the default package manager for the Ubuntu Linux distribution? wget gzip apt yum
APT (Advanced Packaging Tool) is the default package manager for the Ubuntu Linux distribution. A package manager is a system used to download, install, update and remove software applications.
Compare and contrast the differences of basic Microsoft Windows OS security settings. - Administrative shares vs. local shares
Admin shares are mainly for administrative purposes. Normal shares are shares of folders (and files) to groups of people based on share permissions and folder permissions.
Basic Linux Commands apt-get
Advanced packaging tool -handles the management of application packages -applications and utilities Install, update, remove
Summarize the importance of physical security measures. Key fobs
Also known as a hardware token, a key fob provides on-device, one-factor authentication to facilitate access to a system or device, such as a car, computer system, restricted area or room, mobile device, network service or other kind of keyless entry system. Like a car key HID that acts as a key
While onboarding as a new employee at Hooli you were asked to review and sign a document stating you understood policies governing what you can and cannot do with company devices like laptops, desktops and smart phones. What type of document were you given? MOU MOA SLA NDA SOW AUP
An acceptable-use-policy (AUP) is a document used at many companies to dictate what employees can and cannot use company electronic devices for. For example it may state you cannot use personal email services like Gmail, or that you are forbidden from connecting external storage devices like thumb drives.
integer
An integer stores a whole number, such as 21, 143, or 1024. An integer data type usually consumes 8 bytes of storage
Given a scenario, implement methods for securing mobile devices Antivirus vs Anti-malware
Antivirus software is designed to detect and remove viruses and other malicious software from a system, whereas anti malware is a program that safeguards the system from all sorts of malware, including Trojans, worms, and adware.
Which of the following should be configured on a macOS system to enable the Smart Zoom feature on a user's MacBook trackpad? Signals Movements Gestures Motions
Apple introduced gestures as a simple way to control macOS from a Magic Trackpad or built-in trackpad of a MacBook. Gestures are finger movements on a trackpad or mouse that enable a user to scroll, zoom, and navigate the desktop, documents, and application content in macOS. Gestures include things like Smart Zoom, Rotate, Scroll Direction, and many others. To see what gestures are available on the Mac or change any of the settings, go to System Preferences, and then click Trackpad.
Options in task manager
Applications Processes Performance Networking Users
The management cycle of any IT project commonly involves four steps
Assess Design Implement Evaluate
A user recently connected a Windows laptop to a free WiFi hotspot. After returning to the office, the user cannot access network shares. Which of the following is the MOST likely cause? A. Remote access has been disabled B. The local firewall settings are incorrect C. Location-based settings are not turned on D. The network shares are hidden
B. The local firewall settings are incorrect
Which of the following Windows versions introduced using applications in the Metro interface? A. Windows 7 B. Windows 8 C. Windows 8.1 D. Windows 10
B. Windows 8
A Linux user wants to use the grep command to identify every file name in the current directory that contains the word `mandatory`. Which of the following commands would BEST accomplish this? A. grep ג€"d mandatory * B. grep ג€"i mandatory * C. grep mandatory file D. grep mandatory *
B. grep ג€"i mandatory * i = performs a case-insensitive search (upper-case or lower-case)
An ethical hacker has been hired to conduct a physical penetration test of a company. During the first day of the test, the ethical hacker dresses up like a plumber and waits in the building's main lobby until an employee goes through the main turnstile. As soon as the employee enters his access number and proceeds to go through the turnstile, the ethical hacker follows them through the access gate. What type of attack did the ethical hacker utilize to access the restricted area of the building? Social engineering Shoulder surfing Spoofing Tailgating
Based on the description, the ethical hacker conducted a very specialized type of social engineering attack known as tailgating. Sometimes on a certification exam, there are two correct answers, but one is more correct. This question is an example of that concept. Tailgating involves someone who lacks the proper authentication following an employee into a restricted area. Social engineering uses deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. Shoulder surfing is a type of social engineering technique used to obtain personal identification numbers (PINs), passwords, and other confidential data by looking over the victim's shoulder. Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source.
Script file types .bat
Batch files .bat file extension -scripting for windows at the command line -legacy goes back to DOS and OS/2
You are a desktop technician for a graphic design company. The company issues Apple computers running OSX 10.9 to all employees. Recently you have been asked to find a solution that will allow employees to use Windows applications on their computers. Which of the following is a potential solution? Disk Util Boot Camp vSphere iBoot
Boot Camp is a Mac OSX application that allows users to install Windows based operating systems. Boot Camp
Compare and contrast the differences of basic Microsoft Windows OS security settings. Inheritance
By default, when you add a folder or file to an existing folder, the folder or file inherits the permissions of the existing folder. For example, if the Domain Users group has access to a folder and you add a file to this folder, members of the Domain Users group will be able to access the file. Inherited permissions are automatically assigned when files and folders are created.
Basic Linux Commands cd
Change current directory -nearly identical to windows command line -forward slashes instead of backward cd <directoy> cd /var/log
Upgrade methods :clean install
Clean install -Wipe everything and reload -Backup your files -Start the setup by booting from the installation media
Basic Linux Commands kill
Closing programs Use terminal -sudo for proper permissions Killall - sudo killall firefox Xkill Graphical kill Kill <pid>
Internet Options
Connections Security General Privacy Programs Advanced
Linux Basic Commands dd
Convert and copy a file -backup and restore an entire partition
Power options Power plans
Customize power usage
Deployment image servicing and management tool (DISM)
Deployment image servicing and management tool -manage Windows Imaging Format (WIM) files -Get information about an image -Update applications -Manage drivers -Manage updates -Mount an image
Change Management Assess
Determine the purpose of the change. Why is the change needed? Which corporate strategic goal(s) does the plan align with? Do a risk analysis to determine the risks involved and whether the benefits outweigh the risks
An office of 25 computers is interested in employing a file server, network shares, and print server functionality. Which of the following network setups would be BEST suited for this situation? Token ring Domain Ad-hoc Workgroup
Domain Only a domain will give you a centralized, controlled network and allow for file servers, print servers, and network shares. These are possible in a workgroup, but will not provide the network control that a business would require.
An office of 25 computers is interested in employing a file server, network shares, and print server functionality. Which of the following network setups would be BEST suited for this situation? Workgroup Token ring Domain Ad-hoc Next Question
Domain Only a domain will give you a centralized, controlled network and allow for file servers, print servers, and network shares. These are possible in a workgroup, but will not provide the network control that a business would require.
Change Management Evaluate
Ensure that each part of the plan was done properly. Document findings.
Change Management Implement
Execute the plan. Have meetings or establish an online method to share progress. Document changes. Correct any issues that are discovered. Have an end-user acceptance process in which the person who will be using the IT system verifies that it works appropriately.
Basic Linux Commands grep
Find text in a file -search through many files at a time
Regulated Data GDPR
GDPR -General Data Protection Regulation European union regulation Controls export of personal data Gives individuals control of their personal data Site privacy policy
options in MSConfig
General Boot Services Startup Tools
You work for a hip tech startup with a combination of Linux, Mac and Windows PCs. Most users opt to use company provided devices but some users instead receive a monthly stipend and use personal devices. Which product and licensing model would make the most sense for sharing documents, presentations and spreadsheets amongst employees? IBM OfficeSphere Microsoft 365 Libre Office Mac Office for iCloud Microsoft Azure
Given the requirements of the situation Microsoft 365 is the best choice as it provides Microsoft Office licensing including both desktop and cloud options. This means users on personal devices or unsupported operating systems could use the web based cloud options while others could use either the desktop applications or web based cloud options. Libre Office is a free software but has no cloud equivalents. Mac Office for iCloud is not a real thing. Microsoft Azure is a cloud computing suite focusing on PaaS and IaaS. IBM OfficeSphere is also not a real thing but is a pretty cool name.
File system types/formatting HFS
Hierarchical File System (HFS) is a proprietary file system developed by Apple Inc. for use in computer systems running Mac OS. Originally designed for use on floppy and hard disks, it can also be found on read-only media such as CD-ROMs. HFS is also referred to as Mac OS Standard (or HFS Standard), while its successor, HFS Plus, is also called Mac OS Extended (or HFS Extended).
Host based firewalls
Host-based malware often uses signatures to detect and remove malicious code. Signature-based anti-malware is a generic category of malware that may be implemented through host-based, network-based, or cloud-based anti-malware solutions. Anti-malware either operates using signature-based detection, behavioral-based detection, or heuristic-based detection.
when she turns her computer on a lot of applications open and she doesn't want them to open automatically. The PC is running Windows 10. Where should you go to disable applications from starting up on boot? Task Manager Event Viewer start.msc services.msc
In Task Manager under the Startup tab you can deselect any programs and applications you don't want opening automatically on startup.
A home user brought their Windows 10 laptop to the electronics store where you work because they suspect it has a malware infection. Which of the following actions should you perform FIRST? Run Windows Update Disable System Restore Enable System Restore Investigate malware symptoms
Investigate malware symptoms
What is the "iwconfig" command used for in Linux?
It is used to view or change wireless network configuration.
What is the "ifconfig" command used for in Linux?
It is used to view or configure a network interface and IP configuration of a wired network.
Scripting file types .js
Java script Scripting inside of your browser -.js file extension Adds interactivity to HTML and CSS -used on almost every web site JavaScript is not java -different developers and origins -very different use and implementation
Basic Linux Commands ls
List directory contents -Similar to the dir command in windows Lists files, directories
You are troubleshooting a user's computer. As part of your efforts, you want to install a new login with administrative privileges. Which of the following utilities should you use? Local Users and Groups System Information System Configuration Group Policy
Local users and groups (lusrmgr.msc) is a utility used to assign rights and roles to different users and groups on a local computer. Group policy editor (gpedit.msc) is a utility used to define and control how programs, network resources, and the operating system operate for users and computers in an organization. In an active directory environment, a group policy is applied to users or computers based on their membership in sites, domains, or organizational units. System configuration (msconfig.exe) is a system utility to troubleshoot the Microsoft Windows startup processes. MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues.
What does the /R switch of the CHKDSK utility do on Disk Operating System (DOS), OS/2, or windows systems? -Locates bad sectors and recovers readable information -Displays cleanup messages -Displays the full path and name of every file on the disk -Uses more system resource to perform a scan as fast as possible
Locates bad sectors and recovers readable information
Check Disk Chkdsk /r
Locates bad sectors and recovers readable information, when you run /r it will perform /f first and then move on to the more intense /r command Check disk needs complete control of the drive , and if you get a prompt stating that chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y,N) When pc starts back up the screen will show scanning and repairing drive and a percentage of completion
You work in a top secret datacenter and are in charge of security measures. You have been tasked to evaluate readiness against a series of scenarios. One scenario is a total power outage. Which security measure would continue to operate in this situation? Motion detectors Biometric scanners Access card reader CCTV Locked man trap
Locked man trap
Partitioning Logical
Logical partitioning is the ability to make a system run as if it were two or more independent systems. Each logical partition operates as an independent logical server. However, each partition shares a few physical system attributes such as the system serial number, system model, and processor feature code.
Given a scenario, implement appropriate data destruction and disposal methods. - Low-level format vs. standard format
Low lever formatting -provided at the factory Standard formatting/quick format -sets the file system,installs a boot sector -clears the master file table but not the data -can be recovered with the right software Standard formatting/regular format -overtires every sector with zeros -windows vista and later -can't recover the data
Change Management Design
Make a plan for the change and share that plan. What is the timeline? What resources are needed? Who will do what? Are parts needed? What is the scope of the change? Defining limits of a project prevents project creep (that is, the tendency of a project to increase in complexity and depth). Project scopes include time, resources, money, deliverables, and acceptance criteria. Are other departments involved? If so, who is the contact person? What is the backout plan, or at what step do things get reversed if the changes are not working? A backout plan might be part of a document called a statement of work (SOW) that outlines all activities, deliverables, timelines, reporting structure, and quality checks.
Microsoft Command Line Tools net use
Mapping drives Access a share -This PC/Map network drive Local drive letter and share name -May require additional authentication Or use the command line: net use
An employee's inbox is now filled with unwanted emails after their email password had been compromised last week. You helped them reset their password and regain access to their account. Many of the emails are coming from different email addresses such as @yahoo.com, @gmail.com, and @hotmail.com. Which of the following actions should the user take to help reduce the amount of spam they receive? -Create a domain based email filter -click the unsubscribe button of each email -Establish an allow list of trusted senders -Mark each email as spam or junk
Mark each email as spam or junk
Your CEO loves PowerPoint and has mandated its use for all presentations in the company. The company is one the largest in the world but for compliance reasons does not use any cloud products. Which Microsoft Office license would be best for this scenario? Enterprise Office 365 Personal Business
Microsoft Office Enterprise licensing is ideal because it allows unlimited users and PCs to use Office products. This typically makes more sense for large companies, while smaller and medium sized ones may prefer Business licensing where they pay a fee per-user.
Which of the following security controls provides Windows system administrators with an efficient way to deploy system configuration settings across many devices? Patch management GPO HIPS Anti-malware
Microsoft's Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users. A Group Policy is the primary administrative tool for defining and controlling how programs, network resources, and the operating system operate for users and computers in an organization. In an active directory environment, Group Policy is applied to users or computers based on their membership in sites, domains, or organizational units. A host-based intrusion detection system (HIDS) is a device or software application that monitors a system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system. Anti-malware software is a program that scans a device or network for known viruses, Trojans, worms, and other malicious software. Patch management is the process of distributing and applying updates to the software to prevent vulnerabilities from being exploited by an attacker or malware. Proper patch management is a technical control that would prevent future outbreaks.
Mac OS features
Multiple desktops/Mission Control Key Chain Spot Light iCloud Gestures Finder Remote Disc Dock Boot Camp
File system types/formatting NFS
Network File System Using the NFS protocol, you can transfer files between computers over a network running Windows and other non-Windows operating systems, such as Linux or UNIX.
File system types/formatting NTFS
New Technology File System It's the primary file system used in Microsoft's Windows 11, Windows 10, Windows 8, Windows 7, Windows Vista, Windows XP, Windows 2000, and Windows NT operating systems. It's supported in other OSes, too, like Linux and BSD. macOS offers read-only support for NTFS.
You are working as a mobile device technician for a large corporation's enterprise service desk. A user complains that every time they attempt to launch the company's mobile email application, it crashes and displays an error message of Code123. This is the third user with this error on an Android (model DTA) smartphone. The same app is working on your smartphone, but it is a model DTX. Which of the following should you do FIRST to attempt to solve this problem? Rollback the app to an earlier version Reinstall the email app Clear the app's cache Update the smartphone's OS
Normally, your first step would be to uninstall and reinstall the application. But, since this issue is occurring on multiple devices with the same model, it would be a better first step to update the smartphone's OS. Based on the scenario, you know that the app works on a different smartphone model. With Android devices, the OS is usually modified by the smartphone manufacturer, specifically for their devices. If the app doesn't work on one model, but it does on another, it may be an operating system issue.
Which type of antivirus scan provides the best protection for a typical home user? Daily Scheduled scans Safe mode scans Weekly scheduled scans On-access scans
On-access scans are a type of antivirus scan where the AV software intercepts operating system calls to open files to scan the file before allowing or preventing the file from being opened. On-access scans reduce performance somewhat but are essential to maintaining effective protection against malware. Weekly and daily scans are good to use, but they are not as effective in preventing infections as an on-access scan. A system administrator normally conducts safe mode scans after malware is found by an on-access scan, daily, or weekly scan.
Regulated Data PCI
PCI DSS Payment card industry data security standard -a standard for protecting credit cards
Regulated Data PHI
PHI protected health information Health information associated with an individual Data between providers HIPAA regulations
Regulated Data PII
PII - personally identifiable information Any data that can identify an individual -part of your privacy policy
A user's workstation is running slowly and cannot open some larger program files. The user complains that they often get a warning that states memory is running low on their Windows 10 workstation. Which of the following should you configure until more memory can be installed to help alleviate this problem? Disable the visual effects Defragment the hard disk Increase the pagefile size Enable the swap file
Pagefile in Windows 10 is a hidden system file with the .sys extension stored on your computer's system drive (usually C:\). The Pagefile allows the computer to perform smoothly by reducing the workload of physical memory. Simply put, every time you open more applications than the RAM on your PC can accommodate, the programs already present in the RAM are automatically transferred to the Pagefile. This process is technically called Paging. Because the Pagefile works as a secondary RAM, it is often referred to as Virtual Memory. Adding more physical memory will allow the computer to run faster, but increasing the pagefile size is an acceptable short-term solution.
Basic Linux Commands passwd
Passwd -change a user account password -your or another -passwd [username]
In the context of multi-factor authentication, which option is NOT an example of something a user has? Password Credit card Cell phone with authentication app Software token
Password A password is an example of "something a user knows" and is not something in a user's possession.
Which of the Windows Task Manager tabs in Windows 8 includes the information about the network resources usage under Networking tab in previous releases of the Microsoft OS? Performance Applications Services Processes
Performance The "performance" tab will show your network resources and a live update of your system usage.
Compare and contrast the differences of basic Microsoft Windows OS security settings. -Permission propagation
Permissions propagation is the process whereby permissions from a higher level node in a folder tree are copied to a child node further down in that same folder tree. For example: The user has Read access to Folder A. Folder B is a child folder of Folder A. Therefore, User has Read access to Folder B. A folder within a folder will take on and adopt the permissions
Which of the following options can be used to restrict what devices can be physically connected to a network based on a MAC address? -Port security -Firewall -Switch filtering -Access Control Lists
Port Security also known as MAC Filtering is used to restrict which devices can physically connect to the network. This is done by whitelisting which MAC addresses (the physical address of a Networking Interface Card (NIC) are permitted on the network. It is most commonly done where a network port like an RJ-45 is publicly accessible like in an office waiting area.
Basic Linux Commands ps
Process status -view or change wireless network configuration -essid, frequency/channel, mode, rate, etc. -requires some knowledge of the wireless network
Windows 10 Minimum Requirements (x86)
Processor/CPU 1GHz processor with support for PAE,NX and SSE2 Memory 1GB RAM Free disk space 16GB Video Microsoft Directx 9 graphics device with WDDM driver
What are some types of viruses?
Program viruses (part of an application), Boot sector viruses (runs with the OS), Script viruses (comes in through a browser), and Macro viruses (found in Microsoft Office).
Basic Linux Commands pwd
Pwd -print working directory -display the current working directory path -useful when changing directories often
Scripting file types .py
Python General purpose scripting language -.py file extension -popular in many technologies -broad appeal and support
Compare and contrast wireless security protocols and authentication methods RADIUS
RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.
A user receives the following error message: "Windows Update cannot currently check for updates because the service is not running." The user calls the help desk to report the error they received. A support technician uses a remote connection tool to log in to the computer remotely, quickly identifies the issue, and fixes the issue. Which of the following should the technician do NEXT? Restart the network services Rollback the device drivers Reboot the computer Register the Windows Update service's DLL files
Reboot the computer
A user is complaining that their profile is taking too long to load on their Windows 10 system. Which of the following is the BEST solution to this problem? -Reboot the system into Safe Mode -Disable unnecessary programs from automatically starting up -Rebuild your windows profile -Reinstall windows
Rebuild your Windows profile
A user complains that an application used for their daily tasks often fails. It will lock up for several seconds, then eventually close out. There is no error message shown to the user. What Windows OS application can be used to try and view a history of the application crashes? -Resource Monitor -cmd.exe -Task Manager -Reliability Monitor
Reliability Monitor Reliability Monitor is an application available in some Windows operating systems that will show a timeline of events recorded by Windows. This includes security warnings, application failures and other informational messages. Using Reliability Monitor you can view when the application crashed, error/crash details and try to identify a pattern or cause for the crashes.
Least Privilege
Right and permissions should be set to the bare minimum -you only get what's needed to complete you objective All users accounts must be limited -applications should run with minimal privileges Don't allow users to run with administrative privileges -limits the scope of malicious behavior
You are passed a trouble ticket about an issue involving a Windows 10 system that should allow remote connections. The previous tech said the RDP service is not set to start automatically. How do you fix this? -Open port 3389 in Windows Firewall -Rundxdiagto enable remote connections through Direct Connect -Run services.msc and change the Startup Type for each Remote Desktop service to "Auto" -Add the RDP gateway to the proper adapter under Network Connections in the Control Panel
SERVICES.MSC is where you change the startup configurations for services in Windows. DXDIAG is a tool for troubleshooting DirectX sound/video issues. Port 3389 is the port for RDP, but the port being blocked was not the issue. Adding the RDP gateway to an adapter is a made up answer.
Scripting file types .sh
Shell script Scripting the Unix/Linux shell Starts with a shebang or hash-bang #! Often has a .sh file extension
Partitioning GPT
Short for GUID partition table, GPT is a part of the EFI standard that defines the layout of the partition table on a hard drive. GPT is designed as an improvement to the MBR partitioning system, which has a 2.2 TB partition size limitation. GPT is part of the UEFI standard, but may also be used on older BIOS systems. Using GPT, a drive could support between 8 and 9.4 ZB, depending on the sector size.
What are Host-based firewalls?
Software-based "personal" firewalls included in many operating systems.
Spyware
Spyware is a program that monitors user activity and sends the information to someone else. It may be installed with or without the user's knowledge. It invades the device, steals sensitive information and internet usage data, and relays it to advertisers, data firms, or external users.
Compare and contrast wireless security protocols and authentication methods TACACS
Terminal Access Controller Access Control System (TACACS) is a security protocol that provides centralized validation of users who are attempting to gain access to a router or NAS
bootrec/rebuildbcd
The Boot Configuration Data (BCD) stores the list of known Windows installations that can be booted from a hard drive. If the Windows installation is not listed, the computer will be unable to boot into Windows
File system types/formatting CDFS
The CDFS file system, which stands for "Compact Disk File System," is used in CDs particularly with open source operating systems. Formatting a CD that uses the CDFS file system is done in the same way as with a CD using the NTFS or any other file system. Formatting will erase the data on the CD and rearrange the data sectors.
What is a boot sector
The boot sector is a special location on a bootable disk that contains programming designed to tell the system where to locate the operating system.
File system types/formatting ext3, ext4
The ext4 journaling file system or fourth extended filesystem is a journaling file system for Linux, developed as the successor to ext3
A user cannot open some files on a file server and contacts the help desk for support. The help desk technician troubleshoots the server and notices that all of the server's data backups are operational, but large portions of time are missing within the event log. The technician remembers that there have been several bad thunderstorms recently during those missing time periods. What might the technician do to prevent these server issues in the future? Replace the server's memory Replace the server's hard drive Install a surge protector Install a new battery backup
The missing time periods in the event logs indicate that the server was powered off during those periods. This is likely to have occurred due to a power loss during the thunderstorms. To prevent these power losses, it is recommended that the servers be connected to a battery backup. When a server is unexpectedly shut down due to a power loss, its files can become corrupted and unusable. Based on the description in the scenario, the key issue is the power loss and not a faulty hard drive or the server's memory. A surge protector defends against possible voltage spikes that could damage your electronics, appliances, or equipment. A surge protector cannot protect against a power loss r under-voltage event.
Network based firewalls
The network-based anti-malware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer. Network-based anti-malware solutions can be installed as a rack-mounted, in-line network appliance in your company's on-premise datacenter to protect every client and server on the network without having to install software on each of the clients. Network-based anti-malware solutions often come as part of a unified threat management (UTM) appliance.
What does the command "shutdown /l" do on a Windows workstation? Log off the workstation Reboot the workstation Enter sleep mode Shutdown the workstation
The shutdown command allows a user or administrator to shut down or restart local or remote computers, one at a time. Using the /r option will reboot the computer. Using the /s option will shut down the computer. Using the /l option will log off the current user. Using the /h option will enter sleep or hibernation mode.
File system types/formatting Swap partition
The swap partition serves as overflow space for your RAM. If your RAM fills up completely, any additional applications will run off the swap partition rather than RAM.
A user's workstation is infected with malware. You have quarantined it from the network. When you attempt to boot it to the Windows 10 desktop, it fails. Which of the following should you do NEXT to begin remediating this system? Disable System Restore and reinstall Windows 10 Restart into Safe Mode and conduct an antivirus scan Format the workstation and reinstall Windows 10 Restore the workstation from the last system restore point
The system should be rebooted into Safe Mode and an antivirus scan conducted. Safe Mode starts Windows in a basic state, using a limited set of files and drivers. If a problem doesn't happen in Safe Mode, then the default settings and basic device drivers aren't causing the issue. Observing Windows in safe mode enables you to narrow down the source of a problem and can help you troubleshoot problems on your PC. Safe Mode will allow you to restore an earlier System Restore point, but it will not allow you to disable System Restore. Restoring to the last system restore point may not restore the system to the time before the malware infection. Formatting and reinstalling Windows would lead to data loss for the user. Therefore, you should attempt to remediate the malware infection from Safe Mode first. The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.
chkdsk command /I
This option will perform a less vigorous chkdsk command by instructing the command to run faster by skipping over certain regular checks.
A user has been using Microsoft Excel for twenty minutes when it crashes. You could recover their data for them, but you cannot figure out exactly why the application crashed. Which of the following actions should you take? Verify that disabling one service has not affected others Uninstall and reinstall the application Remove a recently added hardware device Disable any unneeded applications configure to automatically startup
Uninstall and reinstall the application
Upgrade methods :In place
Upgrade methods In place -upgrade the existing OS -Keep all applications, documentations and settings -Start the setup from inside the existing OS
chkdsk command /V
Use this chkdsk option on a FAT or FAT32 volume to show the full path and name of every file on the disk. If used on an NTFS volume, it will show cleanup messages (if there are any).
You are concerned about users installing unauthorized software and making unauthorized changes to their Windows 8 workstations. Which tool is best for limiting this type of behavior? Sudo UAC NTFS Windows Defender
User Account Control (UAC) is a feature in Windows 7, 8 and 10 that prompts users to confirm changes initiated by software. Until the changes are confirmed by UAC the change will not be made. This helps users understand when they are making system level changes like installing a new application. Sudo is a similar feature in Linux operating systems. NTFS is a file system and Windows Defender is an anti-malware application.
Scripting file types .vbs
VBScript is a scripting language based on Microsoft's Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose.
A programmer is writing a script to calculate the disk space needed to perform a daily backup. The programming needs to store the amount of disk space in a temporary placeholder within the program that can be updated and changed during the script's execution. Which of the following would be used to store the value of the disk space needed? Comment Variable Constant Loop
Variable Explanation OBJ-4.8: A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9. A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A comment is written into the code to help a human understand the initial programmer's logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed.
Microsoft Command Line Tools net user
View user account information and reset passwords Net user <username> Net user <username> * /domain
Basic Linux Commands vi
Visual editor used to edit source code at the terminal
Edward has just returned to his office after a two-week vacation. When he logs into his email client to access his company email, he notices that he cannot see the shared Customer Service inbox folder in his email client. He contacts the help desk, and they verify that his account is still connected to the domain controller and that it can still send and receive emails successfully. What is the MOST likely happened during Edward's vacation that caused the missing inbox folders in the email client? The operating system was updated Edward's user account permission has changed The internet security options in his email client have been modified The network file share's permission has been modified
While Edward was on vacation, the network file share's permissions have likely been modified. Based on the fact that Edward's account is connected to the domain and can send/receive emails, it is not his user account's permissions causing the issue. The internet security options would also prevent him from sending/receiving mail, so that can be eliminated. Even if the operating system were updated, that would not affect the shared inboxes since they reside on the network file shares and not Edward's computer.
Which of the following is NOT an edition of Windows 8? Windows 8 Enterprise Windows 8 (Core) Windows 8 Starter Windows 8 Pro
Windows 8 Starter Windows 8 has 4 primary editions: Windows 8 (Core), Windows 8 Pro, Windows 8 Enterprise and Windows 8 RT. Windows 8 (Core) is often marketed as simply Windows 8 but many technical docs and other sources refer to it as Core to avoid confusion.
Scripting file types .ps1
Windows powershell Command line for system administrators -.ps1 file extension -included with windows 8/8.1 and 10
access control vestibule
a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens.
Traceroute
a utility application that monitors the network path of packet data sent to a remote computer
You attempt to boot a Windows 10 laptop and receive an "Operating System Not Found" error on the screen. You can see the hard disk listed in the UEFI/BIOS of the system. Which of the following commands should you use to repair the boot sector of the hard disk? diskpart list bootrec /fixmbr bootrec /rebuildbcd bootrec /fixboot
bootrec /fixboot
what command repairs the drives boot sector
bootrec /fixboot
Microsoft Command Line Tools cd
cd - change working directory, use backslash \ to specify volume or folder name .. (two dots) -to reference or move to folder above current working folder
Basic Linux Commands chmod
chmod Change mode of a file system object r=read (4), w=write (2), x=execute (1) -can also use octal notation -set for the file owner (u), the group (g), others (o), or all (a) Usually just user, group and other
Basic Linux Commands chown
chown Change file owner and group -Modify file settings Sudo chown [owner:group] file Exp sudo chown professor script.sh
Basic Linux Commands cp
cp Copy a file -Duplicate files or directories Cp sourse dest Cp first.txt second.txt
Microsoft Command Line Tools dir
dir -list files and directories
File system types/formatting ExFAT
exFAT is a file system that was created to be used on flash drives like USB memory sticks and SD cards. exFAT is an acronym for Extended File Allocation Table. exFAT is a newer version of the old FAT32 file system, and it is a middle ground between FAT32 and the more modern and more sophisticated NTFS file system (New Technology File System).
Check Disk chkdsk /f
fixes logical file system errors on the disk
Which of the following Windows command line tools will provide a computer's network configuration information? netstat ping tracert ipconfig
ipconfig Ipconfig is a Windows command line tool that provides network information like the IP Address, MAC Address, and Subnet Mask.
Basic Linux Commands mv
mv Move a file -rename a file mv source dest
Which of the following is NOT a method for stopping a process on a Windows operating system? taskkill /F /IM process.exe Using Task Manager ALT+F4 pkill -9 process.exe
pkill -9 process.exe pkill is not a Windows command, but can be found on some Linux OSs and Mac OS. taskkill, using Task Manager and pressing ALT+F4 while using an application are all common ways to stop a process on Windows.
Which of the following commands is used on a Linux system to delete all the files and directories in a Linux system's filesystem? rm / rm -rf/ rm -rf*.* rm*.*
rm -rf/ Explanation OBJ-1.9: The rm command is a command-line utility for removing files or directories. The "rm -rf /" is the most dangerous command to issue in Linux. The rm -rf command is one of the fastest ways to delete a folder and its contents. But a little typo or ignorance may result in unrecoverable system damage. The -r option means that the command will recursively delete the folder and its subfolders. The -f option means that even read-only files will be removed without asking the user. The use of / indicates that the remove command should begin at the root directory (/) and recursively force all files and folders to be deleted under the root. This would delete everything on the system. The *.* would only begin deleting from the current working directory and then delete all files and folders further down the directory structure, not the entire file system.
Basic Linux Commands rm
rm stands for 'remove' as the name suggests rm command is used to delete or remove files and directory in UNIX like operating system
Basic Linux Commands su/sudo
su- become super user or change to a different user sudo- execute a command as the super user
You are a technician working at a Computer Repair Shop. A customer complains that while their Windows 10 laptop works, it has grown very slow. Of the following options which can be used to troubleshoot the cause of the slow performance? taskmgr.exe sysdm.cpl activitymonitor.exe msconfig.exe
taskmgr.exe Task Manager (taskmgr.exe) is an application on Windows operating systems that can be used to quickly view resource utilization like Network, CPU, Memory and Disk utilization. It is a quick option to view what the cause of the slowness is, for example you may find that the NIC card has very little bandwidth available or that a certain application is taking up a high percentage of the CPU.
UPS
uninterruptible power supply (UPS) is a battery backup. It is used to protect one server or workstation from under-voltage events, sags, and power failures
File system types/formatting FAT32
used by USB sticks and mobile hard drives formatted in this way can be read across platforms, e.g. by Apple devices or games consoles. maximum file size is only around 4 gigabytes