220-1102 Practice Test
A. BitLocker allows the user to use drive encryption to protect files, including those needed for startup and logon. BitLocker can be turned on or off only by administrators, and it's enabled by default in Windows 11. It is only available in Pro or higher editions of both Windows 10 and Windows 11. The Encrypting File System (EFS) can encrypt data at the volume, file, or folder level, but not an entire hard drive. OneDrive is Microsoft's online storage, and ShadowDrive is not a computer term.
13. Which feature of Windows Pro or higher editions is designed to encrypt storage volumes, must be activated by an administrator, and can encrypt operating system startup files? A. BitLocker B. EFS C. OneDrive D. ShadowDrive
D. The best way to remove data from the device is to perform a remote wipe. Ideally you have backed up or synced the device before then or you will lose data. Full-device encryption is a good security practice, but that should have been completed prior to the phone being stolen. BitLocker is a Microsoft Windows feature for full-drive encryption.
14. Your iPhone has been stolen. To ensure that the thief does not have access to your data, what should you do? A. Perform a remote backup. B. Enable full-device encryption. C. Enable BitLocker. D. Perform a remote wipe.
D. When you create a partition in Windows 10, it will ask if you want to create a master boot record (MBR) or GUID Partition Table (GPT) partition. GPT is newer and has far more features. One of those features is that you can create an unlimited number of logical partitions on it. Only the operating system will limit you; Windows 10 will only allow 128 partitions on one drive. Windows 11 supports only the GPT partition type.
15. You have installed a second hard drive in a Windows workstation. In Disk Management, what type of partition can you create that will allow you to create an unlimited number of logical partitions in it? A. Extended B. Dynamic C. Logical D. GPT
D. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware. This policy should also outline the consequences for misuse. In addition, the policy should address the installation of personal software on company computers and the use of personal hardware such as USB devices. The AUP is often signed during the employee onboarding process and may be part of an employee handbook but is not required to be. An Android package (APK) is a file for installing an Android app, an access control list (ACL) defines who has what permissions on an object, and an automatic document feeder (ADF) sits atop a copier or multifunction device (MFD) to send a stack of papers through, one at a time.
21. Your company works with confidential government files. It is illegal for employees to copy any files to flash drives. Where do you specify this as well as the penalties for not complying with the rule? А. АРК B. ACL C. ADF D. AUP
C. Inheritance is the default behavior throughout the permission structure, unless a specific setting is created to override it. For example, a user who has Read and Write permissions in one folder will have that in all the subfolders unless a change has been made specifically to one of the subfolders. Modify access does not give users permissions to change permissions for others. Only Full Control allows that.
26. You have assigned the Finance group Modify permissions on the D:\MonthlyReports folder. You then create a folder named D: \MonthlyReports\ January. What level of permissions does the Finance group have to the folder D: \MonthlyReports\ January? A. No access, because no permissions were explicitly set B. Full control, because no permissions were explicitly set C. Modify, because the folder inherits permissions from its parent folder D. Modify, because the folder inherits permissions from the Finance Group, and the Finance Group members can grant permissions to other users or groups for this folder
D. If you have your policy in place, then your incident response plan should be relatively scripted. Your first priority as the first responder is to identify the improper activity or content. Then you should always get someone else to verify the material or action so that it doesn't turn into a situation of your word against someone else's. Immediately report the situation through proper channels, and secure the drive away from the user.
27. Your company has a policy prohibiting illegal content on work computers. You have identified and verified illegal content on a user's workstation. What is the next step you should take? A. Ask the user to delete the material. B. Delete the illegal material yourself. C. Document the situation. D. Report the incident through proper channels.
B. Device Manager allows you to manage all your hardware devices, including updating drivers and disabling the device. It is found within the Computer Management console and in Control Panel.
28. Your Windows workstation is having intermittent video issues. The manufacturer's website suggests you i stall the latest driver. Which utility should you use to check the driver version installed on your computer? A. Display Settings B. Device Manager C. Services D. Disk Management
D. In macOS, there is a bar of icons that runs along the bottom (or side, if so configured) of your screen. That set of icons is known as the Dock, and it provides easy access to key apps that come with the Mac (such as Safari, Mail, Videos, and Music) or others that you choose to add there. Remote Disc enables Macs without optical drives to use another computer's optical drive across a network. The Finder is similar to Windows File Explorer and enables the user to drill down through files and folders to find what they are looking for. Spotlight is a search tool.
29. On a MacBook Pro running macOS, what is the name of the bar of icons that runs along the bottom of the screen, allowing you to open apps? A. Remote Disc B. Finder C. Spotlight D. Dock
B, C. The New Technology File System (NTFS) is available with all current versions of Win-dows. NTFS is an advanced filesystem that includes such features as individual file security, compression, and RAID support as well as support for extremely large file and partition sizes and disk transaction monitoring. In Pro and higher editions of Windows, the Encrypting File System (EFS) is available to encrypt individual files and folders.
3. You are planning on formatting a hard drive with NTFS that will be used to share files between Windows 10 and Windows 11 Pro computers. Which of the following features are present in NTFS? (Choose two.) A. Linux OS support B. File compression C. File and folder encryption D. Enhanced flash drive support
B. When a client wants to authenticate to a server over a public network, Kerberos works with an Authentication Server (AS) to ensure that each party to the connection is who they say they are. Multifactor authentication requires two or more methods for the user to prove their identity, such as a password and biometric login. Remote Authentication Dial-in User Service (RADIUS) is a protocol used specifically between a remote connection and a server. It authenticates the remote user, and if the RADIUS server has the remote user configured as a client, it will send configuration information back to the user. RADIUS authenticates the remote user, not both parties. Temporal Key Integrity Protocol (TKIP) was used to encrypt information on wireless networks, but it is no longer considered secure.
51. You're configuring a remote connection and need a protocol or process to ensure that both parties to a transaction are who they say they are and to encrypt their user information as it passes from one to the other. Which of the following will you use? A. Multifactor authentication B. Kerberos C. RADIUS D. TKIP
A. While all four of these options will help to keep a computer system safe, all it takes is one employee who doesn't know how to recognize dangers, and a malicious software can be unleashed on a computer system. Regular user education regarding common threats should be a part of your company's security plan.
52. A user called the help desk because their mouse is moving across the screen and windows are opening and closing. They believe it's not malware because they said they didn't do anything; they just opened an email with a strange subject. Which of the following will be most important to prevent malware on this computer going forward? A. Educate users regarding threats. B. Install anti-malware and set it to update automatically. C. Enable and configure software firewalls. D. Enable and configure hardware firewalls.
B, C. If you're running low on memory, you have two options. You can modify the virtual memory settings, or you can add more physical memory if the motherboard will support it. Using Task Manager to close unnecessary programs will help in the short term but not in the long term if you often have those programs running. A faster network interface card (NIC) won't help here.
53. When your friend launches their new favorite game, they often get low memory warnings. Which two of the following can you do to prevent this problem from happening in the future? (Choose two.) A. Use Task Manager to end unnecessary programs. B. Increase virtual memory. C. Increase physical memory. D. Put in a faster NIC.
A, D. It sounds like the user needs read, write, and perhaps modify to the folder on the C: drive, and they don't need any other access on that drive. The principle of least privilege is one of the most important security rules in computer systems. It says that you give a user only the access that they need and nothing more. If they have access to the entire C: drive, and an attacker gets in on their account, then the attacker will have complete access too and can cause all sorts of trouble. Limiting them to only the folder they need also limits their exposure. The other two options are simply not true.
62. A user wants to have Full Control over their C: drive and all the contents of it, because they have one program that defaults to saving files in a folder there. Why will you not give them this access? (Choose two.) A. It is a security risk. B. It violates the Windows EULA. C. Only administrators can have access to the C: drive. D. It violates the principle of least privilege.
C. The seven steps of the malware removal process are as follows: 1. Investigate and verify malware symptoms. 2. Quarantine infected systems. 3. Disable System Restore in Windows. 4. Remediate infected systems. a. Update anti-malware software. b. Scanning and removal techniques (e.g., safe mode, preinstallation environment). 5. Schedule scans and run updates. 6. Enable System Restore and create a restore point in Windows. 7. Educate the end user.
63. A user has a computer that suddenly started running very sluggishly. Upon inquiry, you find that they went to some websites yesterday that they don't normally visit, so you decide to follow the best practice procedures for malware removal. What is the first step? A. Quarantine infected systems. B. Disable System Restore in Windows. C. Investigate and verify malware symptoms. D. Schedule scans and run updates.
D. If this is the first time the error has occurred, simply reboot and see if it goes away. Windows is quite stable, but occasionally a blue screen of death (BSOD) occurs, and you need to reboot. If it doesn't happen again, there likely isn't a problem. If it continues to happen, look for any error message on the screen that will give you a clue about what the problem is, and troubleshoot from there. If there is no error message, assume the problem is hardware or a corrupted driver and boot into safe mode to fix the issue.
64. A user tells you that they received a BSOD error on a Windows 10 computer. No changes have been made to this computer recently. What is the best way to restart Windows to see whether you can isolate the issue? A. Boot to the Windows installation media and start the WinRE. B. Boot to safe mode. C. Boot using an anti-malware boot drive. D. Boot normally and see whether the error happens again.
B. If a user profile is very large, it may be slow to load but it should eventually get there. If there is an error message that it is unable to load, suspect a corrupted profile. To verify that's the problem, create a new user and copy the existing user profile to the new user, then try to log on as the new user. If the same error occurs, the profile is corrupted. You'll need to delete the corrupted profile and when the user logs on again, a new profile will be created.
65. A user reports that their profile is very slow to load, then they get an error message that says, "unable to load profile." What should you suspect? A. The profile is too large. B. The profile is corrupted. C. The user logged on using the wrong password. D. They need to reboot and try again.
C. The first thing to try for an Android-based device that won't load an app is to restart the device and try the app again. If that doesn't work, try each of the following and restart bet-ween, then see if the app will launch: First, check for Android updates, Next, check for app updates. Finally, clear the app's data and cache. If none of these solutions work, you may need to contact the app developer.
66. An app on your Android-based device won't open. What will you try first? A. Check for Android updates. B. Check for app updates. C. Restart the device. D. Clear the app's data and cache.
C. When you're installing a new component, the safest place for it is inside (not lying on) the antistatic bag that it arrived in. If an antistatic bag isn't available, the next safest place is lying on a grounded antistatic mat. You would never leave a new card teetering on the edge of a case, and antistatic bags are designed to keep static on the outside, so lying the component on the bag is not a good idea.
67. You're installing a new video card in a computer. It was an expensive card and you want to ensure that it isn't damaged by ESD. Until you are ready to place the card in the slot, what is the safest place for the card? A. Lying on the antistatic mat B. Lying on the antistatic bag C. Inside its antistatic bag D. Lying on the edge of the computer so that it's grounded
C. Microsoft Remote Assistance (MSRA) is your best option, and really the only one unless you are a managed service provider (MSP) and already have remote monitoring and management (RMM) set up on their computer. RDP is not available on Windows Home edi-tions, and a virtual private network (VPN) is usually used for connecting remotely to a network as if you were sitting in the office. It also requires some configuration. MSRA allows you to co-control the user's desktop.
68. Your friend in another state is having a problem with their Windows 11 Home edition computer and wants your help. What could you do to provide the quickest possible help? A. RDP B. VPN C. MSRA D. 2MM
B. Script files can be used to make repeated tasks much easier by automating the process. Power Shell is a very popular scripting program among network administrators, and Power-Shell files use a . ps1 extension. A batch file has a . bat extension, Visual Basic scripts have a . vbs extension, and Python files have a • py extension. Others are . sh, for Bash (Linux) scripts, and js, for JavaScript.
69. You are writing a script in Microsoft PowerShell to automate some processes that you perform daily. What file extension will the script file have? A. . bat B. •ps1 C. . vbs D. • py
A, C. To add or manage users go to either Settings > Accounts > Family & Other Users, or Control Panel > User Accounts > Manage Another Account. These options are the same in Windows 10 and 11.
70. You need to add a new user on a Windows desktop computer. Where can you go to do this? (Choose two.) A. Settings > Accounts B. Settings > Users C. Control Panel > User Accounts D. Control Panel > Credential Manager
A, C. Two of the most common, and easiest to fix, problems with AirDrop are if Bluetooth is off or either device is not discoverable. Turning Airplane mode on would disable all wireless communication, and making both phones a hotspot won't help with AirDrop.
79. You're trying to share pictures with your friends. You both have iPhones, but your AirDrop doesn't seem to be working. Which of the following might solve the problem? (Choose two.) A. Turn Bluetooth on. B. Turn Airplane mode on. C. Ensure both devices are discoverable. D. Turn on both hotspots.
C. Following best practices, this user would need two accounts: one a member of the administrator's group and another a standard user. They should be instructed to only log onto the administrator account if they can't do what they need to from their standard user account using features like Run As Administrator or entering their administrator password in the User Account Control (UAC) window.
94. You have hired a new network administrator. We'll assume their name is NewUser. How many and what type of accounts will you set up for NewUser? A. NewUser, an administrator account only B. NewUser, a standard user only C. NewUser_Admin, which is an administrator account and NewUser, a standard user account D. NewUser_Admin, which is an administrator account and NewUser_Guest, which is a guest account
A. The quickest way to thwart this would-be attacker is to turn on Airplane mode. This disconnects all of your wireless connections and is usually done by pressing a key or two, such as the Fn key and whichever F key has a picture of an airplane on it. There is no network cable to disconnect if you are on Wi-Fi, and what closing the lid does depends on how the computer is configured. It may do nothing. If you turn the laptop's power off, you will lose whatever you have been working on.
1. You're at a favorite coffee shop using their Wi-Fi, when suddenly you notice that your mouse is moving, and you aren't moving it. You knew using this unsecured Wi-Fi was a bad idea, and now you've been hacked and want to stop the attacker as soon as possible, but you need time to save your files. What is the best course of action? A. Turn on Airplane mode. B. Unhook the network cable. C. Close the lid on the laptop. D. Turn the laptop's power off.
B. Even if you disable the Service Set Identifier (SSID) broadcast, potential attackers still have many simple tools available to see your wireless network traffic and get the SSID anyway. It is a weak form of security that will keep out only the most casual intruders. Disabling guest access limits who can connect to your network, but if you must have guest access, look for a setting that will isolate the guest network from your network. WPA3 is the best commonly available form of encryption for wireless routers. WPA2 is usually available alongside of WPA3 for networks that are transitioning between WPA2 and WPA3. The router may have an option that says WPA2/WPA3 or WPA3 transitional, which will allow newer devices to connect using WPA3 and older devices to connect using WPA2. Changing the default username and password is always recommended, because those are often easy to find online.
10. You are configuring a wireless router for a home office. Which of the following changes will have the least impact on improving the security of the network? A. Disabling guest access B. Disabling the SSID broadcast C. Configuring WPA3 D. Changing the default username and password
D. If a battery is very low, the applications can show a slower than normal response time, If this continues when the phone is charged, see how full your phone is. If it's slow when you're saving or reading files, then you may need to clear out some space on the phone. Make sure your phone is updated. If it's an Android phone, ensure that your anti-malware is updated. If the problem is happening with just one app, try updating the app, clearing the app's cache, or removing and reinstalling the app.
100. You're on your smartphone and notice that the apps are all responding slowly, almost jittery when you change from one to the other. What is the first thing to do? A. Check the storage on the device. B. Close some running apps. C. Suspect a virus. D. Check the battery charge.
B, C. To ensure your personal safety, always remember some important techniques before moving equipment. The first thing to always check for is to ensure that the equipment is unplugged. There's nothing worse (and potentially more dangerous) than getting yanked because you're still tethered. Remove any loose jewelry, and secure long hair or neckties. Lift with your legs, not your back (bend at the knees when picking something up, not at the waist).
11. You are going to move a desktop computer from one office location to another edure the foor, underneath the desk. Which of the following are good personal safety procedures to follow? (Choose two.) A. Bend at the waist and lift straight up. B. Bend at the knees and lift with your legs. C. Tie back any loose jewelry, long hair, or neckties. D. Leave the computer plugged in to avoid ESD.
C. A striped volume is like RAID-0 and will provide a 1 TB volume with a slight performance boost. A simple volume would not be able to combine the two drives. A spanned volume would result in a 1 TB volume, but not the performance boost. A mirrored volume, like a RAID-1 array, will make one of the disks redundant, so in this case it would not give the user 1 TB of storage.
12. You have just installed a second and third hard drive into a Windows Pro workstation. Each drive is 500 GB. The user wants to combine the two drives into one 1 TB volume. What should you create from those two drives to accomplish this and give the user a disk read and write performance boost? A. Simple volume B. Spanned volume C. Striped volume D. Mirrored volume
A. Removing all data on a drive by repeatedly replacing it with binary bits, s or 1s, is commonly done using drive-wiping software. This can make the data unrecoverable and make it safe to donate the drives. The format command will erase the file allocation table or master file table, but the files may still be able to be recovered. It is not a secure way to ensure that your data can't be read. Degaussing and incinerating are ways to physically destroy drives. Degaussing works with only magnetic media.
16. You have some older drives that you intend to donate to a nonprofit organization. You want to set all data on the drive to be nothing but Os. What should you use to accomplish this? A. Drive-wiping software B. format command C. Degaussing D. Incinerating
C. A battery backup, also called an uninterruptible power supply (UPS), is designed to provide enough power to keep systems running until they can be safely shut down or switched to another power source. The UPS must provide adequate wattage for the devices connected to it as well as sufficient battery capacity. Most also offer protected and unprotected out-lets; surge suppression, which protects against power surges; and line conditioning, which improves the quality of power delivered to the device, such as boosting the power when there is a sag on the input side. Power strips only give you a place to plug devices in and turn them all off at once. A smart UPS can notify an administrator that there is a power outage.
17. A small business has two servers in their telecommunications room. They've come seeking your advice because the area has frequent power outages and they have lost important data on their servers as a result. What will you recommend for them to protect against this issue? A. Surge suppressor B. Power strip C. Battery backup D. Line conditioner
A, B. There are three tools in Windows 10 and Windows 11 that quickly show you CPU and memory usage in Windows. They are Resource Monitor, Performance Monitor, and Task Manager. Performance Monitor can also be accessed through Computer Management.
18. You are working on a Windows workstation that is operating very slowly. You want to quickly check system CPU and RAM usage to see whether anything appears amiss. Which two utilities can you use to do this? (Choose two.) A. Resource Monitor B. Performance Monitor C. Control Panel > System D. Control Panel > Device Manager
B. A brute-force attack is an attempt to guess passwords until a successful guess occurs. Because of the nature of this attack, it usually occurs over a long period of time. To make passwords more difficult to guess, longer is better, eight characters being the minimum that should be required. Limiting the number of unsuccessful lockouts may also help thwart this attack, and requiring that passwords be periodically changed will help too. All of these can be set using the Local Group Policy Editor. Navigate to Computer Configuration > Windows Settings > Security Settings > Account Policies.
19. As the network administrator, you have set account lockout policies so that an account is locked out after five unsuccessful login attempts. What type of security threat will this deter? A. Shoulder surfing B. Brute-force attack C. Zero-day attack D. Spear phishing
A, B. When working with customers, it's important to avoid distractions such as personal phone calls, texting, or social media sites. Exceptions can be made if it's an emergency. situation, but in those cases notify the client that you might get a call or text and explain that you will deal with it only if it's the emergency. Otherwise, ignore the personal interruption until you are not working with a client.
2. You are on-site fixing a client's laptop that will not load the OS. You are waiting to hear about your friend's awesome party that they are hosting this weekend, and your phone starts to vibrate. And it keeps vibrating. You're sure that all your friends are texting information about the party. What should you do? (Choose two.) A. Turn your phone off and apologize to the client. Tell them that the phone was distracting you from your job, but it won't be a problem now. B. Ignore your phone. C. Text your friends back and tell them that you are working. D. Call your friend and tell them to wait until after this job before planning all the details because you want to help.
A. Pop-ups are annoying but not necessarily an indication that your computer is infected with anything. Enabling Chrome's pop-up blocker should prevent them. Antivirus and anti-malware programs don't generally deal with pop-ups unless those pop-ups are associated with malware, and most pop-ups aren't-they are just coded into the website. A firewall won't help with pop-ups either.
20. Occasionally when visiting websites using Google Chrome, you receive a pop-up window in front of your browser. Generally, it's an advertisement trying to sell you something. Which of the following actions will stop this from happening? A. Enable Chrome's pop-up blocker. B. Install an antivirus program. C. Install an anti-malware program. D. Enable Windows Firewall.
B. This is a form of ransomware, which can be programmed to take control over a user's webcam. It's just another layer of complexity to scare users. Deleting and reinstalling Windows will work, but it's not necessary. The system will be locked, so you can't open the anti-malware software. You can, however, boot to a bootable media from the anti-malware software provider and start a remediation that way.
22. A Windows computer user reports that their computer just completely locked up. On the screen is a message saying that the person pictured had participated in illegal acyivity. The mesage also says they can resolve the charges against them by paying a $500 fine. They are understandably shaken by the incident. What should you do next? A. Tell the user that if they performed an illegal activity with their work computer, their employment will be terminated. B. Boot to a bootable media from your anti-malware provider and run a remediation. C. Delete and reinstall Windows.
D. While it's possible that the disposal information and risks may be on the container some-where, you will always find it on the product's material safety data sheet (MSDS). It should be stated that, while CompTIA still refers to these sheets as MSDSs as an exam objective, the name has been changed to safety data sheet (SDS). SDSs include information such as physical product data (boiling point, melting point, flash point, and so forth), potential health risks, storage and disposal recommendations, and spill/leak procedures. With this information, technicians and emergency personnel know how to handle the product as well as respond in the event of an emergency.
23. One of your technicians just touched a plastic bottle containing chemicals you are not familiar with. Their hand starts to feel like it's burning. Where can you find information on how to properly wash the technician's hands without making the problem worse, and how to dispose of the chemical? A. OSHA B. Bottom of the container C. Warning label D. MSDS
A, C. When authorized users access devices through unintended connections or unauthorized users access stolen devices, they can access the data on the device. Disable autoconnect to avoid unintended connections and encrypt data on devices to help protect the data on them in the event they are stolen.
24. You want to protect mobile device users on your network from potentially leaked files or data. Which of the following should you do to help reduce this risk? (Choose two.) A. Disable network autoconnect. B. Enforce data transmission over limits. C. Enable device encryption. D. Install mobile firewalls.
A. The dir command shows a folder (directory) listing. The /p switch displays only one page at a time. Think of it as the pause switch. The dir /o:s command lists the files in order by size, dir /w shows a wide format, and dir /s includes all the subdirectories. There are many other switches that can be used to modify the output of the dir command. Type dir /? at a command prompt to see them.
25. You are at a Windows command prompt. The folder you are in has hundreds of files, so when you view a folder listing, you want it to only show one page of files at a time. Which command should you use to do this? A. dir /p B. dir /o:s C. dir /w D. dir /s
D. The purpose of the System File Checker (SFC) utility is to keep the operating system alive and well. sfc. exe automatically verifies system files after a reboot to see whether they were changed to unprotected copies. If an unprotected file is found, a stored copy of the system file overwrites it. The check disk utility, chkdsk, is used to verify the integrity of the filesystem and to identify bad sectors of a hard drive. In the graphical user interface (GUI) it is called error checking. diskpart is the Windows command-line utility that allows you to perform disk partition operations. The tracert utility traces the route a packet takes from one computer to another.
30. A Windows workstation is not booting properly, and you believe it's a problem with system files. Which utility can scan and repair corrupt Windows system files? A. chkdsk B. diskpart C. tracert D. sfc
B. The user should check to ensure that Wi-Fi is enabled. A common cause for a lack of wireless connectivity is for a device to be in Airplane mode, but since the user has a cellular signal, the phone definitely isn't in this mode. The other wireless signal types (Wi-Fi and Blue-tooth) can be individually disabled, so check them both. Adjusting receptivity isn't an available option on smartphones, and resetting to factory defaults will wipe out the phone's data.
31. An Android phone user reports that their phone can't connect to the Wi-Fi network, but they have a cellular signal. What is the first thing to have them try? A. Check whether the phone is in Airplane mode. B. Check whether the Wi-Fi is enabled. C. Adjust the Wi-Fi signal receptivity. D. Reset to factory defaults.
B. The seven steps of the malware removal process are as follows: 1. Investigate and verify malware symptoms. 2. Quarantine infected systems. 3. Disable System Restore in Windows. 4. Remediate infected systems. a. Update anti-malware software. b. Scanning and removal techniques (e.g., safe mode, preinstallation environment). 5. Schedule scans and run updates. 6. Enable System Restore and create a restore point in Windows. 7. Educate the end user.
32. You are troubleshooting a Windows workstation that has malware on it. Following the best practice procedures for malware removal, you have gotten to the point where you've scheduled system scans and run anti-malware updates. What is the next step you should take? A. Educate the end user. B. Enable System Restore and create a restore point in Windows. C. Disable System Restore in Windows D. Remediate the infected system.
D. The recommended way to assign permissions on Microsoft systems is to grant them to groups. Then, users can be assigned to groups depending on their access needs. This is far less work than managing permissions on a user-by-user basis.
33. When configuring NTFS permissions on a Windows workstation, what is the recommended method? A. Grant permissions to user accounts. B. Put user accounts into groups. Grant folder permissions to groups and file permissions to users. C. Put user accounts into groups. Grant folder permissions to users and file permissions to groups. D. Put user accounts into groups. Grant permissions to groups.
A. The copy command makes a copy of a file in a second location. It cannot be used to copy folders. To copy a folder, you need to use the copy command.
34. You are at a Windows command prompt in the D: lusers folder. You want to use the copy command to copy the D: \users \jdoe folder to the D: \files folder. Which of the following statements is true? A. You can't use the copy command to perform this task. B. You can use the command copy d: \users\jdoe\*.* d: \files. C. You can use the command copy d: \users\jdoe d: \files. D. You can use the command copy d: \users\jdoe d:\files /y.
A. Keychain is a password management system from Apple. It allows you to store passwords for websites, mail servers, Wi-Fi, and so forth. There is an iCloud variant (iCloud Keychain) that keeps such information as Safari usernames/passwords and credit card information. Mission Control gives you a look at all the open apps, windows, and desktop spaces on your machine. File Vault provides encryption. Terminal is the command-line interface on macOS and most Linux systems. Windows 11 has the traditional Command Prompt and a new tool called Windows Terminal that opens a Power Shell prompt. Unlike the Command Prompt, it allows the user to create multiple tabs. Typing exit in Windows Terminal exits the program instead of returning the user to a regular command prompt as it would in the Command Prompt.
36. You are instructing a new Mac user on the features of macOS. They ask if the system is capable of storing their passwords to various Internet sites. Which feature would they use for that? A. Keychain B. Mission Control C. File Vault D. Terminal
C. The System Configuration tool allows you to force the operating system to boot into safe mode by clicking the box next to Safe Boot on the Boot tab. The System Configuration utility (msconfig. exe) has five tabs: General, Boot, Services, Startup, and Tools. Task Scheduler wouldn't work here because the operating system loads before Task Scheduler could run. Computer Management and Task Manager don't have settings for booting.
37. You are troubleshooting a malware problem with a Windows 11 computer and find that you need to boot into safe modelsafe boot, which loads with minimal drivers. Which management tool can you use to force the system to boot into safe mode when it reboots? A. Task Scheduler B. Computer Management C. System Configuration D. Task Manager
B. The one big advantage of share permissions is that they can be used if the NTFS filesystem is not in place. Of course, share permissions are in effect only when the user connects to the resource via the network. NTFS permissions are able to protect at the file level. Share permissions can be applied to the folder level only, NTFS permissions can affect users logged on locally or across the network to the system where the NTFS permissions are applied.
38. Which of the following is an advantage of using share permissions over using NTFS permissions? A. Share permissions will override NTFS permissions if there is a conflict. B. Share permissions can be enabled to secure resources across the network that are not on an NTFS partition. C. Share permissions apply when users access a resource across the network, but NTFS permissions apply only to local users. D. Share permissions are able to be set at the file level, whereas NTFS permissions can be set only at the folder level.
A. Personally identifiable information (PII) is anything that can be used to identify an individual person on its own or in context with other information. This includes someone's full name, address, and other contact information; the names of family members; and other details that people would consider private. A first name is considered to be generally common enough that it is not PII. A full name, if not common, would be PII.
39. Your manager is concerned that your company could divulge PII. Which of the following types of data is not considered PII? A. First name B. Home address C. Family member names D. Employee ID number
B. The sudo ("substitute user do" or "superuser do") command is used to run a command with a different privilege level than the current user logged in. Typically this means running a command with superuser or root permissions. The su command switches to a different user, again the default is root, but with sudo you need to enter sudo before each command. With su, you don't. Considering best practices, you would use sudo if you had one command to run and su if you had several. The grep command is used to search for patterns in a file, so if you can't remember the filename but know what is in it, you can still find it. The man command brings up a manual-for example, man grep would show you how to use the grep command.
4. You are logged into a Linux workstation with a regular user account. You need to execute a command with root permissions. Which command do you need to use? A. su B. sudo C. grep D. man
A. No unintended or unauthorized event is a good thing for mobile users. The one that leaves a user most susceptible to an on-path attack is an unintended Wi-Fi connection. This is because the device at the other end that the user is connecting to could be intercepting data or storing it for a possible attack later.
40. You are training mobile users on potential security risks. Which of the following could make users more susceptible to an on-path attack? A. Unintended Wi-Fi connection B.Unauthorized account access C. Unauthorized location tracking D. Unauthorized camera activation
C. The way to protect against this is to implement a BIOS/UEFI password. If a user can get into the BIOS/UEFI settings, then they can change the boot sequence, boot to an unauthorized device, and then do some damage to the system. A strong Windows password will help protect Windows but does not protect the computer in general. Autorun is a feature of Windows and does not affect the boot process. User permissions limit what a user can do on a computer system.
41. The network you manage has a dozen Windows workstations. You want to ensure that users do not have the ability to change the boot order so that they can't boot to an unauthorized device. Which step should you take? A. Disable Autorun. B. Restrict user permissions. C. Set a BIOS/UEFI password. D. Enable a strong password policy.
D. In hibernate mode, the computer saves all the contents of memory to the hard drive, preserves all data and applications exactly where they are, and allows the computer to power off completely. When the system comes out of hibernation, it returns to its previous state. Sleep continues to use a small trickle of power until there is none left, then will go into hibernate mode. Windows 10 and 11 support a feature called Modern Standby. Modern Standby must also be supported by the hardware. It is not the right answer because it also uses a small amount of power. With Modern Standby, the system will wake from the lowest power to allow short bursts (milliseconds) of software execution as the system needs them. The system uses just enough power to process background tasks but still preserve battery life. The result is that when in sleep mode, a computer can stay connected to a LAN and reacts much like a smartphone with in
42. A user needs to travel for a presentation and wants to be sure their laptop does not run off battery power, so they want to turn it off. However, they want to leave their files and applications running, so that when they turn it back on, the applications are already open. Which of the following statements is true? A. The user will be unable to do this. B. The user should put their computer into standby mode. C. The user needs to activate the sleep power plan. D. The user should have their computer hibernate.
C. A snapshot is an exact copy of a logical volume that has been frozen at a specific point in time. When creating the snapshot, you don't need to worry about users changing files or taking the volume offline. Time Machine, Remote Disc, and FileVault are also features of macOS.
43. You have a Linux server on your network. You want to back up all files in the /user/ files volume without disrupting user access. What should you use to do this? A. Time Machine B. Remote Disc C. Snapshot D. FileVault
A. Windows 10 and 11 both incorporate Windows Defender Firewall with Advanced Security, which can be used to stop incoming and outgoing network traffic. Traffic is allowed or denied by specific rules that are part of an access control list (ACL). By default, Windows Defender Firewall blocks incoming traffic. By creating exceptions, you can configure what incoming traffic you want to allow through. NTFS permissions are used to configure user access to files, folders, and volumes. Local Security Policy is used to configure items such as password policy and account lockout policies. Computer Management is a Microsoft Management Console with several frequently used tools.
44. You have a Windows Pro workstation installed in a workgroup. There is no centralized secu-rity. Which tool should you use to help protect yourself against malicious network attacks? A. Windows Defender Firewall B. NTFS Permissions C. Local Security Policy D. Computer Management
B. Set and meet, or exceed, customer expectations and communicate timelines and status. Customers want to know what is going on. In addition, giving the customer a choice in repair or replacement options will usually help the customer feel better because they have a choice in the outcome. Remember that if they have called you, their day is already more difficult than normal, so treat customers with kindness and compassion.
45. You are working on a client's desktop computer, and the video card is dead. You can get a warranty replacement, but it will take three days to arrive. Or you can replace it with a more expensive card today, but the customer would need to pay the difference. Which of the following is the best way for you to continue the service call? A. Tell the customer that the video card is dead. It will take three days for the video card to arrive, and you will return then to replace it. B. Tell the customer that the video card is dead. It will take three days for a warranty replacement to arrive (at no cost), or you can replace it with an upgraded model today if they want to pay the difference in cost. C. Tell the customer that the video card is dead. Offer to replace it today with a more expensive video card, and they can pay the difference in cost. D. Tell the customer that they will be without a computer for three days, but then you will come back and fix it.
A, C. If an OS update fails, it could be a configuration issue or simply a one-time glitch in the process. Wait until Windows Update reverts the changes; then reboot and try the update again. If that does not work, you can unplug removable media from your computer and try again, or you can try the Windows Update Troubleshooter.
46. You are attempting to update a Windows 10 workstation using Windows Update. The update fails with this message: "Failure configuring Windows updates. Reverting changes." You reboot and try again but receive the same error. What should you try next? (Choose two.) A. Wait until changes are reverted. Unplug removable media from your computer and try again. B. Wait until changes are reverted. Run a virus scan and try again. C. Wait until changes are reverted. Run the Windows Update Troubleshooter. D. Ignore the update.
B. Check the simple things first. If the Print Spooler service isn't running, then printers will not show. It's unlikely that you would need to reinstall or repair Windows.
47. A user calls and complains that they can't see any printers when they try to print a document from their Windows computer. They say that they had three network printers showing yes-terday, and they can access the server across the network. What will you do first? A. Reinstall the network printers. B. Check the status of the Print Spooler service. C. Reinstall Windows. D. Repair Windows.
C. If you can reach a website using an IP address, then the problem has something to do with DNS settings. The default DNS server can be configured using DHCP settings, but since the other users aren't having this problem, it's not a setting on the DHCP server. That means it must be configured on the local computer. The user is able to reach the file server, and if they're accessing a remote website the problem wouldn't be your company's web server.
48. A user calls the help desk because they are not able to access the Internet. After asking a few questions, you discover that if they type in IP address in the browser, then the website pops up. Other users on the same switch aren't having this problem. Where will you start looking for the problem? A. File server B. Web server C. DNS settings D. DHCP settings
D. An acceptable use policy (AUP) describes what users are and are not allowed to do on the company's network. Often companies will use a splash screen to confirm that the employee has read and agrees to the AUP or other company policies before they can use the network. In different environments such as a kiosk or app, a splash screen can display while the program is loading, and in those situations, it may be used to reinforce a brand or advertise products. There are ways to track employee time on the network, but that's not the job of the splash screen.
49. Whenever you log into a computer at work, a screen with the company's name and some text appears. You must click OK before you can access the company network. What is a common purpose of a company's custom splash screen? A. Announce upcoming events B. Advertising their products C. Tracking employee time D. Confirming agreement to an AUP
C. Biometric devices use physical characteristics to identify the user. Biometric systems include fingerprint/palm/hand scanners, retina scanners, and anything else that uses part of your body to identify you. To gain access to resources, you must pass a physical screening process. While it's true that guards are humans, they are not biometric devices. Radio frequency identification (RFID) badges have information on them that is read by an RFID scanner, and key fobs generate a new code every few seconds to allow access.
5. A security consultant recommends that your secure facility implement biometrics as a form of building access control. Which of the following systems might they be referring to? A. RFID badges B. Key fobs C. Palmprint scanner D. Guards
B, C, D. Windows 10 and 11 treat these items the same. The difference lies in whether the Home edition or Pro edition is being used. All Windows editions support NTFS file com-pression. Only Windows editions that are Pro or higher support joining a domain, using the : Group Policy Editor (gpedit. msc), and Remote Desktop Protocol.
50. Which of the following features are not available in the Home edition of Windows but are available in Pro and higher editions of Windows? (Choose three.) A. File compression B. Join a Windows Domain C. Group Policy Editor (gpedit. msc)
D. There are many settings that can be reached through Settings > Network & Internet. Network Troubleshooter, Mobile Hotspot, and Change Adapter Options are just a few. The main menu items here include Wi-Fi, VPN, Mobile Hotspot, Airplane Mode, Proxy, Dial-up, Properties (for the connection), and Data Usage. There are also Advanced Network Set-tings, which include Change Adapter Settings, Network Troubleshooter, and Network And Sharing Center. In Windows 10 the Advanced Network Settings are on the same page, but in Windows 11 you'll need to click the Advanced Network Settings option to bring up additional options.
54. A friend is having trouble with the network connection on their Windows 10 computer, so you open Network & Internet in the Settings app. Which of the following is not an option there? A. Network Troubleshooter B. Mobile Hotspot C. Change Adapter Options D. Share A Printer
B. When configuring a static IP address in IPv6 networking, a subnet mask is not needed, but you do need to know the subnet prefix length. That's the only difference between configuring IPv4 and IPv6. In addition to the IPv6 address and default gateway, you'll need to know the address of the preferred DNS server.
55. You need to manually configure the IP address for a server, so you go to Network and Sharing Center, click Change Adapter Settings, then right-click the connection, choose Prop-erties, and select IPv6. Which of the following pieces of information is not needed to configure IPv6? A. IPv6 address B. Subnet mask C. Subnet prefix length D. Default gateway
C. If they are able to access the Internet using Microsoft Edge, then the issue is with Google Chrome. The most likely problem is that the firewall isn't allowing it. To resolve the problem, go into Windows Defender Firewall, and in the inbound rules, add Google Chrome and allow it to send information through the firewall.
56. A user is trying to use Google Chrome on their Windows computer, but they receive the error message "Unable to access the network." If they use Microsoft Edge, they are able to access websites with no problem. What do you need to do? A. Uninstall and reinstall Google Chrome. B. Instruct the user to only use Microsoft Edge. C. Ensure that Google Chrome is a permitted program in Windows Defender Firewall. D. Reinstall the operating system.
D. If you're planning a change to an IT system, it's important to have a rollback plan, in case the change fails, and to test the change in a sandbox before you go live with it. You'll also want to do a thorough risk analysis and identify the systems that will be affected or impacted by the change. Getting end-user acceptance is also helpful, so be sure to explain to them why the change is necessary and involve them in the changes that will affect them, such as user input screens. A kickoff meeting happens after the change board approval and before the change begins to take place.
57. Which of the following is not done/created before the change board approves a change? A. Rollback plan B. Sandbox testing C. Risk analysis D. Kickoff meeting
B. The grandfather-father-son (GFS) method of backing up, as described in the question, ensures that there are short-term, medium-term, and long-term backups of a system. You should have backups both on-site and off-site. The 3-2-1 backup rule says you should have three copies of data, using two different types of media, and one should be off-site. A synthetic backup is a full backup created by combining a recent full backup and the changes since then to create new files. It can be done outside the system, so there is no downtime and it's faster than doing a full backup.
58. Your company makes a full backup every Sunday. Monday through Friday they create differential backups. They keep the weekly backup for a month, the daily backups are overwritten each week, and they make a backup once a month that is kept for a year. What is this backup scheme called? A. On-site/Off-site B. Grandfather-father-son (GFS) C. 3-2-1 backup rule D. Synthetic
C. If a problem is beyond your abilities, of course you will follow the company policy, but in most cases you will escalate the problem to someone else who has appropriate training or experience to resolve the issue. Any of the other options might lose a customer permanently.
59. A user has called the help desk, and you've entered their ticket. The problem they describe is beyond your training. What do you do? A. Hang up and tell them to call the PC manufacturer. B. Put them on hold for an hour while you figure it out. C. Escalate the problem to the next level. D. Tell them to perform a factory installation of their operating system.
B. Many companies rely on digital rights management (DRM) to protect digital assets such as online photos or videos. Unlike an end-user license agreement (EULA) that legally protects software and other objects, DRM will physically protect the information by not allowing copies to be made, printing a watermark on the face of an image or document, or similar measures to prevent use, modification, and distribution of materials that are copyrighted. DRM is not as established as licensing agreements are, but you should still respect the property of the owners of digital content.
6. You are looking online to to find pictures to use as promotional materials your company wants to make. Which of the following statements is true regarding online content A. Online content is considered open source; therefore, you may use whatever you find. B. Online content can be protected through the use of DRM. c. Online content is protected through the use of the BULA. D. Online content is protected through terms established by Microsoft.
B. It's easy to pick and choose which notifications you want popping up on your screen. In Windows 11, go to Settings > System > Notifications, and there you can choose by application which ones you want notifications from. In Windows 10 the menu option is Notifications & actions.
60. Your friend has a new Windows 11 computer, and they're getting way too many notifications while they're trying to work. What will you tell them? A. Yes, we all do. It's just something we have to deal with. B. I can help you fix that. It's easy. C. We can turn them all off or all on; you don't get to choose. D. You have to reinstall your apps and tell it no when it asks if you want to allow notifications.
C. FAT32 and exFAT are both compatible with both Windows and macOS systems, but the exFAT filesystem supports files greater than 4 GB; FAT32 does not. NTFS is only compatible with Windows, ext4 is used in Linux/Unix systems, and Apple File System (APFS) is the file-system for macOS 10.13 and later.
61. Your client has computers using macOS and other computers that are Windows-based. They want to have a shared drive configured so that both operating systems can access it. The files are very large, some of them exceeding 4 GB. What filesystem should you use to format the shared drive? A. NTFS B. ext4, C. exFAT D. FAT32
D. Tailgating refers to being so close to someone when they enter a building that you are able to come in right behind them without needing to use a key, a card, or any other security device. Using access control vestibules, which are devices such as small rooms that limit access to one or a few individuals, is a great way to stop tailgating. A brute-force attack attempts to repeatedly guess a password. Shoulder surfing is just like it sounds-someone looking over your shoulder to gain passwords and logins, and an evil twin is an unauthorized wireless access point that has the same SSID as a legitimate one.
7. In which type of security threar will someone try to gain access to a secure area withoue credentials by following someone else, who used their access rights, into the secured area? A. Brute-force B. Shoulder surfing C. Evil twin D. Tailgating
A. Mapping a network drive for this user will make navigating to the resource much easier. A domain name identifies a Windows Active Directory domain. A subnet mask is used in IPv4 networking, and a gateway is the proxy server, router, or other device that connects a user to other networks, including the Internet.
71. A user who is less comfortable with technology is having to navigate through File Explorer to a network shared resource several times a day. The user asks if there is an easier way. What will you configure for this user? A. Mapped drive B. Domain name C. Subnet mask
A. The computer is running a virus program before the operating system even boots, which indicates that there is a boot sector virus. The best way to remove this malware is using boot media from your antivirus company to clean the computer. You may need to go into the BIOS/UEFI settings and change the boot order to boot to the anti-malware media. You wouldn't need to repair or replace the operating system yet, although as part of the remediation you may need to. It is unlikely with this scenario that you would be able to boot into safe mode, and even if you did, the malware could be lurking in the restore point. Part of the best practice procedures for malware removal is to disable System Restore in Windows.
72. One of the users you are responsible for called the help desk because when they turned the computer on this morning, instead of booting into Windows, it showed a green screen with 1s and Os running down it. What will you do? A. Turn the computer off and boot using boot media from your antivirus company. B. Go into WinRE and repair the operating system installation. C. Go into WinRE and perform a clean installation of the operating system. D. Boot into safe mode and restore from a recent restore point.
A, B. Facial recognition and fingerprint readers are common methods of biometric identification on smartphones, tablets, and laptops. A PIN code is a number, which is not bio-metric. Swipe to unlock offers virtually no security on a mobile device.
73. Your mobile device locks after a short inactivity period for security reasons. Which of the following are common biometric devices for opening a mobile device whose screen is locked? (Choose two.) A. Facial recognition B. Fingerprint readers C. PIN codes D. Swipe to unlock
A. This is a classic symptom of malware. Your first job is to remove it. The seven steps of the malware removal process are as follows: 1. Investigate and verify malware symptoms. 2. Quarantine infected systems. 3. Disable System Restore in Windows. 4. Remediate infected systems. a. Update anti-malware software. b. Scanning and removal techniques (e.g., safe mode, preinstallation environment). 5. Schedule scans and run updates. 6. Enable System Restore and create a restore point in Windows. 7. Educate the end
74. A user logs onto their computer system and notices that several of their files are missing and some are renamed. What should you do? A. Begin the malware removal process. B. Reimage the machine. C. Restore the files from a backup. D. Restore from the last Restore Point.
A, C. Possible undesirable outcomes of running or allowing script files to be run are inadvertently changing system settings, browser or system crashes, and unintentionally introducing malware. The other options listed are advantages of script files.
75. A new network admin wants to try their hand at writing a PowerShell script. You tell them that's fine but to show it to you before they run it. What are possible undesirable effects of running a script file? (Choose two.) A. Inadvertently changing system settings B. Saves time in remapping network drives C. Browser or system crashes due to mishandling of resources D. Automates backups
D. A 32-bit operating system is a software requirement, not hardware, and it's unlikely that a 32-bit operating system would be adequate for a 3D printer. They typically require a 64-bit operating system and a certain generation, type, or speed processor; some RAM of their own; and space on your hard drive. Some will require that you have a dedicated graphics card rather than an integrated one. The best practice here is to make sure you know what the system requirements are and that everything is compatible before purchasing hardware and software.
76. You're considering purchasing new 3D printers. The printers have software that will be installed to create and print the 3D objects. There are also hardware requirements to consider. Which of the following is least likely to be a hardware requirement? A. CPU type/speed B. RAM speed or quantity C. Storage requirements D. 32-bit operating system
A. First Aid in the macOS Disk Utility will check and repair the file system, similar to Windows Error Checking. From Disk Utility you can also erase, create, and restore partitions.
77. You have a macOS computer that is behaving in an unstable manner, so you press the Command+R keys while it is booting and enter Disk Utility. What option in Disk Utility will check and repair the filesystem? A. First Aid B. Partition C. Erase D. Restore
B, C. For data-at-rest, which means it's on a storage media, your options are Encrypting File System (EFS) and BitLocker. BitLocker is more secure and would be preferred. Kerberos and RADIUS secure information that is moving (data-in-transit/motion) between two points.
78. You need to configure encryption for the data-at-rest on a new Windows Pro workstation. Which of the following are options? (Choose two.) A. Kerberos B. EFS C. BitLocker D. RADIUS
A. The ms info32 tool displays a thorough list of settings on the machine. You cannot change any values from here, but you can search, export, and save reports. When run from a command prompt, the / computer option allows you to specify a remote computer on which to run the utility, and the / report option saves the report as a text file. Another option while in the GUI is clicking View > Remote Computer to collect information related to the chosen PC. The compmgmt command opens the Computer Management console, mmc opens the Microsoft Management Console, and per fmon opens Performance Monitor.
8. A management directive requires that you keep hard copies of all your workstations' system configurations. You have all Windows workstations. Which command can you use to easily gather this information for remote workstations and save a report as a text file? A. msinfo32 B. compmgmt C. mmc D. perfmon
C. Most laptops, and many commercial desktop computers, will have a recovery partition that can be used to restore the computer to factory defaults. Usually you can get there by pressing a key or group of keys during the bootup. This would be better than using installation media made from the Microsoft website because it will have the proper drivers and other software that came with the computer. There is no need to buy a new hard drive, unless of course the drive is physically damaged.
80. A user has a Windows 10 Pro laptop that they have installed and tested lots of software on and now it will barely run. There is nothing that they want to save on it, and they've asked if you can just make it like new again. What is likely the easiest way to do this? A. Create installation media from the Microsoft website and perform a repair installation. B. Create installation media from the Microsoft website and perform a clean installation. C. Boot to a recovery partition and perform a factory installation. D. Install a new hard drive and perform a clean installation from Microsoft installation media.
A, B. Many routers that don't have a setting for PA3 can get it by updating the router's firmware. If some of your devices are older they may not work with WPA3. WPA2/WPA3 Transitional (also known as WPA2/WPA3 mixed mode) is a mode that allows older devices to still work with WPA2, but they should be replaced or updated to WPA3 as soon as prac-ticable. If you choose WPA3 Personal, some devices might not work. If you choose WPA2 Personal, your network is not as secure as it could be.
81. You're verifying settings on your router and notice that it only has WPA2, not WPA3. Your devices have all been working with WPA2 and you have some older and some newer devices. What should your next steps be? (Choose two.) A. Update the router's firmware. B. Choose WPA2/WPA3 Transitional. C. Choose WPA3 Personal. D. Chose WPA2 Personal (AES).
B, D. Creating a screened subnet will protect your network from traffic interacting with the server, and can be done with one router, as long as the web server, outside world, and internal network are on different ports of the router. Incoming requests for HTTPS port 443 should be forwarded to the web server. Universal Plug and Play (UPnP) is considered unsafe, but it is irrelevant to our web server question. You wouldn't forward outgoing requests.
82. Your client has a computer on their network that they have configured to be a secure web servet. How should you configure their router to ensure that traffic for the server is going to the server? (Choose two.) A. Forward outgoing requests for port 443 to the web server's IP address. B. Forward incoming requests for port 443 to the web server's IP address. C. Set the router to use UnP. D. Create a screened subnet for the web server.
A. Always try the simple things first. An invalid certificate warning can come up if your date and time are incorrect, making them fall outside of the time the certificate is valid. That's the
83. You've tried to access a website that you're sure is safe, but you're getting an invalid certificate warning. What should you do? A. Verify the date and time on your computer. B. Run an antivirus. C. Report the website as dangerous. D. Delete the certificate from your computer.
C. Jailbreaking does let you do more with your device, but it isn't necessarily safe or legal. Jailbreaking is most commonly done with Apple devices because they are more locked down than Android or Windows devices are. Jailbreaking an iPhone, for instance, allows the user to install apps that are not approved by Apple. When you open the device up for yourself by cracking software or gaining root access, it also opens your device up more for cybercrimi-nals to perpetrate an attack on it. Jailbreaking also voids the warranty on your device. The device may become unstable, and with the warranty voided, you are not likely to receive support in fixing problems. Jailbreaking may be illegal depending on where you are in the world.
84. A friend asks you what jailbreaking a device is and if they should do it. Which of the following is not true about jailbreaking? A. Jailbreaking is like cracking software or gaining root access to a phone, which makes your device more vulnerable to attack. B. Jailbreaking might be illegal depending on where you are in the world. C. Jailbreaking is a safe way to get more out of your device. D. Jailbreaking gives the user full access to the device and on an iPhone, it allows the user to download apps not approved by Apple.
A, D. There are two places to configure a VPN in Windows 10 and 11. Go to Control Panel > Network and Sharing Center, and select Set Up A New Connection Or Network. or, go to Settings > Network & Internet, and select VPN. The Windows Mobility Center has settings for mobile devices, and Personalization enables the user to change background, lock screen, and color schemes.
85. You need to configure a VPN for a new salesperson. Where is this done in Windows 10? (Choose two.) A. Control Panel > Network and Sharing Center B. Control Panel > Windows Mobility Center C. Settings > Personalization D. Settings > Network & Internet
B. A 64-bit operating system will support both 32-bit and 64-bit applications. A 32-bit application will work on a 64-bit operating system, but it won't take advantage of the 64-bit speed. It will essentially run half as fast as a 64-bit application would. 32-bit operating systems only support 32-bit programs; you can't run a 64-bit application on a 32-bit operating system. Luckily, there aren't many computers with 32-bit operating systems around anymore.
86. A user has a 32-bit application that they want to use on a 64-bit operating system and they have asked you if that will work. What do you tell them? A. 32-bit and 64-bit are interchangeable. B. Yes, a 32-bit application will work on a 64-bit operating system. C. No, the application must be 64-bit to run on a 64-bit operating system. D. A 64-bit application will run on a 32-bit operating system, but a 32-bit application will not run on a 64-bit operating system.
C. This is a classic example of multifactor authentication. The username identifies you; the password (something you know) and the authenticator app code (something you have) are multiple ways to prove (authenticate) who you are. The four types of authentication are something you know, something you have, something you are (biometrics), and some place you are.
87. You are required to enter a username, password, and code from an authenticator app on your phone before you can access the company website. What type of authentication is this? A. Multi sign-on B. Single sign-on C. Multifactor D. Domain
D. The seven steps of the malware removal process are as follows: 1. Investigate and verify malware symptoms. 2. Quarantine infected systems. 3. Disable System Restore in Windows. 4. Remediate infected systems. a. Update anti-malware software. b. Scanning and removal techniques (e.g., safe mode, preinstallation environment). 5. Schedule scans and run updates. 6. Enable System Restore and create a restore point in Windows. 7. Educate the end user.
88. You're troubleshooting a computer that appears to have contracted a boot sector virus, following the best practice procedures for malware removal. It seems to be booting OK now, and you have created a restore point in Windows. What is your next step? A. Schedule scans and run updates. B. Quarantine the infected system. C. Disable System Restore in Windows. D. Educate the end user.
B, C. No one likes to have changes forced on them, but in IT there are changes every day. When you have a major change, your headaches will be less if you can gain end-user acceptance before the change happens. Two of the best ways to do this are to involve them in the parts of the planning process that affect them, such as user input screens. Have a meeting and listen to input from the people who will actually be using the system. They may have some insight that you don't. Also be sure to thoroughly explain why the change is necessary.The worst thing to do is spring the change on them by not telling them about it and having them discover it when they log in Monday morning.
89. Computer users are often reluctant to have anything change, so gaining their acceptance prior to the change will make a transition run more smoothly. What are two ways that you can gain end-user acceptance to a change? (Choose two.) A. Make them fill out request forms. B. Involve them in the planning process. C. Thoroughly explain why this change is necessary. D. Don't tell them and just have the change done when they come in on a Monday.
C. Forensic install is not an option. The easiest way to install Windows 11 on a Windows 10 computer is through Windows Update in the Settings app. If you have a situation where that's not possible, you can create Windows 11 installation media and use it to install the OS. When you launch the installation from within Windows 10, you have three options. The first is Full Upgrade, which will keep Windows settings, drivers, personal files, and apps. The sec-ond, Keep Data Only, will keep drivers and personal files but no installed apps or Windows Settings. The third option is a Clean Install, which will wipe out everything on the drive and install a fresh copy of Windows 11. If you boot a computer from the installation media, your only option is a clean install.
9. You have a situation that requires installing Windows 11 from installation media. You'll be launching Setup on the media while you are on the existing Windows 10 desktop. Which of the following is not an option? A. Full Upgrade B. Keep Data Only C. Forensic install D. Clean Install
D. Incremental backups will only back up what has changed since the last full backup or the last incremental backup. An incremental or full backup resets the archive bit, so only Monday's changes will be backed up on Monday, only Tuesday's changed files will be backed up on Tuesday, and only Wednesday's changed files will be backed up on Wednesday. You will need to restore all three backups to get all the changes that occurred since Sunday.
90. Your company does a full backup every Sunday and incremental backups all the other days of the week at the end of the day. If you come in on Wednesday morning and your system has crashed, what backups will need to be restored so that your system will be fully recovered? A. Sunday only B. Sunday and Monday C. Sunday and Tuesday D. Sunday, Monday, and Tuesday
A. Secure Shell (SSH) has virtually replaced Telnet as a remote access protocol and program. Telnet is not secure. SSH is. Videoconferencing software allows users to see and talk to one another as if in the same room while they may be thousands of miles apart. File Transfer Protocol (FTP) is used for efficiently transferring files, but it is not secure.
91. You need to make a secure connection to a remote router and make some configuration changes. What will allow you to do that securely? A. SSH B. Telnet C. Videoconferencing software D. FTP
B. When an operating system has reached end-of-life (EOL) status, not only are there no more feature updates or support, but there are no security updates and patches, and therein lies the danger. Using an EOL OS may be opening your system up to hackers. When an OS reaches EOL, it's past time to upgrade.
92. What is the danger in using an operating system that has reached BOL? A. Lack of feature updates. B. Lack of security updates. C. There is no technical support. D. Technical support is very expensive.
A. The Yellowdog Updater Modified (yum) command is used to get system updates auto-matically, install new packages, and remove old ones. The most similar to yum is apt-get, which is used to install, remove, and update packages. The main difference is that with apt-get, you must tell the command to get all of the updates. In the end, whether you use yum or apt-get may be determined by the Linux distribution that you use. The pwd command prints the working directory, meaning it will display or output the full path to the directory that you are in. The chmod command is used to modify user permissions to a directory or file.
93. You need to ensure that your Linux computer is up-to-date. Which command can be used to do this automatically? A. yum B. pwd C. chmod D. apt-get
A. The first step for any unresponsive app on your mobile device is to force-close it. How that is done will be different depending on whether it is an Apple or an Android device. If the app is still causing problems, you can try restarting your device, and if that doesn't work, uninstall and reinstall the application. Reverting your mobile device to factory defaults shouldn't be necessary.
95. An application on your mobile device has crashed and is unresponsive. What should be your first choice to fix it? A. Force-close the application. B. Restart the device. C. Revert to factory defaults. D. Reinstall the application.
C. When you tell a client you will do something, you are setting their expectations. The rule is to meet or exceed the expectations that you set. Remember that people like options. Let them know that you're running late, apologize, and give them the option of how to proceed. Be sure to call the other clients scheduled for the day, too.
96. You are running late because your morning appointment took longer than you thought it would. Your next client meeting is in five minutes, and they're 20 minutes away. What do you do? A. You get there when you get there. Your time is valuable. B. Skip that meeting and go on to the next so you're not late all day. C. Call the client and apologize. Let them know the situation, and ask if they would prefer to reschedule or see you a bit later. D. Call the client and tell them you're running late.
A, C. The exact terms of what you can and cannot do with the software will be spelled out in the license, but it is common that you can use, modify, and share the source code, but not sell it for a profit, and you usually need to credit the original author of the software.
97. You have downloaded some open source license software. What are you usually allowed to do with it? (Choose two.) A. Modify the program to suit your needs. B. Resell the software to other people for a profit. C. Make copies but credit the original source, and redistribute it under the same license you received it under. D. Run only one copy on one machine.
B. A case like this is exactly why you have a rollback plan. Occasionally, despite your best efforts, you get into a project and discover that it isn't going to work, or it will take longer than expected. Perhaps if you rework the plan you could make the changes without a big disruption to the business. Involving management in what is going on is always a good idea. The acceptable use policy (AUP) likely doesn't have any bearing here.
98. You're in the middle of a major IT systems change and have gotten to a point where you realize that it's not going to work without shutting down everything for a week. This would cost the company a fortune and will put production way behind. What will you do? A. Let the management know and continue with the project. B. Follow the rollback plan. C. Fire the responsible staff member. D. Follow the AUP.
A, B. Websites store parts of pages in the cache to make loading them faster the next time. If you clear the browser's cache and cookies, then when you access the website, it must download all of the data that was previously cached which means that it will be the updated version. It may take a little longer, but it will be up-to-date. If it's a site where you use cached credentials to log in, you must log in again. Uninstalling and reinstalling your browser isn't necessary. The Ctrl key and F key pressed simultaneously usually bring up a Find dialog box.
99. You're working at your desktop computer, viewing a web page you use often, when a website that you know should be updating doesn't seem to be. In fact, if you access it from a different device, the website looks different. What can you do to force the website to update on your computer? (Choose two.) A. Clear the browser's cache. B. Clear the browser's stored cookies. C. Uninstall and reinstall your browser. D. Hold the Ctrl Key and F key simultaneously while on the website.
