comp 2
IT manager, who is in charge of the client image, considers enabling a data at rest solution. Where can the manager go to enable the built-in Microsoft solution?
System Settings
user is conscientious about security after hearing about breaches in the news. The user wants to see if they are up to date on patches for their Apple computer. Where should the user go to check?
App Store
employee needs to ensure that the customer receives a professional support delivery. Which of the following does this include? (Select all that apply.)
Be on time. Provide proper documentation. Deal appropriately with confidential and private materials
technician detected and reported an incident, resulting in the appropriate unit being notified and tasked with acting as first responders, taking charge of the situation, and formulating the appropriate response. What is this unit called?
CSIRT (the Right one)
user has just set up their network and needs to make sure that their network is secure, and no one can log in to the network. Which of the following should the user do?
Consider the physical placement.
What type of malware attack designates the victim's computer to mine digital currency?
Cryptominer
server administrator wants to run the latest technologies. What technology should the administrator start using which will replace the New Technology File System (NTFS)?
ReFS
Which of the following are proper component handling tools and techniques to protect electronic components against electronic discharge when fixing a PC or mobile device?
ESD straps ESD mats
customer has opened a ticket for a problem to be fixed, and when the customer opens the ticket, there will be a record that shows what?
Proper documentation
What tool will distinguish client accounts and provide support for recording and reporting billable support activity?
RMM
Which of the following uses a security shield icon for tasks that are protected under them?
UAC
A security administrator for Linux systems in their demilitarized zone wants to ensure only some administrators can perform certain commands. Which of the following is best used to lock down certain commands?
sudo
vulnerability manager is brainstorming different ways to enhance security for their cell phone devices. The company only uses Apple, and so one of the ideas the manager comes up with is to look for anomalistic files that do not belong with Apple for signs of possible malware which did not profile the device and instead just blasted malware out, hoping the operating system would be right. Which of the following would be anomalistic?
.apk
technician is implementing a Linux shell script that each statement comprising the actions that the script will perform is then typically added on separate lines. Which of the following is this?
.sh
technician needs this skill to give full attention to the customer, so there is no disagreement or misinterpretation of what was said. What is this skill?
Active listening
user has owned the same personal computer for a while and thinks it might be time for an upgrade. Which of the following are upgrade considerations? (Select all that apply.)
Application support Hardware compatibility (Right)
user has owned the same personal computer for a while and thinks it might be time for an upgrade. Which of the following are upgrade considerations? (Select all that apply.)
Backup files Hardware compatibility Application support (The Right one)
An employee uses a cryptographic contactless technique that allows access to a building. What is this technique?
Badge reader
What can use a trusted platform module chip in the computer to tie the use of a fixed disk to a particular motherboard?
BitLocker
security administrator is in charge of multiple locations in various countries. The administrator wants to set Coordinated Universal Time (UTC) on a test box to ensure logging is standardized. In Windows, where can the administrator set this?
Time and Language
After installing Windows 10 on an old computer, a computer technician is stumped when the computer continues to boot to a blank screen. Determine which ones could conceivably fix the blank screen from the available solutions. (Select all that apply.)
Update the graphics adapter driver. Repair Windows.
System Restore tool in Windows is used to roll back configuration changes to an earlier date or restore point. One option for creating restore points is to use Task Scheduler. What other actions will create a restore point? (Select all that apply.)
Updating an application Installing a program
The System Restore tool in Windows is used to roll back configuration changes to an earlier date or restore point. One option for creating restore points is to use Task Scheduler. What other actions will create a restore point? (Select all that apply.)
Updating an application Installing a program
Windows client administrator plans to upgrade their OS in the current environment. What is one of the most important considerations for the upgrade?
User training
IT manager is setting up an image for dispatching airplanes at a major airport. They are trying to lock down the image to run only the dispatch service. One of the layers of security is to block unneeded service ports from communicating, such as email. Where should the manager start?
Windows Firewall
malware infection can manifest in many ways, often making it difficult to diagnose. Malware may cause which of the following computer issues? (Select all that apply.)
Windows update fails Redirection
Which of the following log-in options require a user to touch a device that takes a digital print?
Fingerprint scanner
Which of the following log-in options require a user to touch a device that takes a digital print?
Fingerprint scanner (Right)
An administrator in charge of user endpoint images wants to slipstream and use image deployment. Which boot method would best support this?
Network
network administrator troubleshoots domain name system (DNS) issues that a particular user is having. Which of the following utilities will help the administrator troubleshoot DNS specifically?
nslookup
endpoint machine administrator configures specific Apple computers designated for users with disability. Where should the administrator look to configure these settings?
Accessibility
vulnerability manager investigates their mobile environment for overall risk posture and starts with identifying legacy systems. Who determines when an Android version is at the end of life?
Vendor
What uses domain names of components loading on the web page against a vast blacklist?
Ad blocker
Worried about a crash, a user creates a complete backup of the system configuration and data files on their computer. Identify what the user has created.
An image
curious IT administrator notices issues with certain applications invoking the kernel. Which operating system would allow the administrator to change the underlying operating system?
Android
Which of the following can prevent, detect, and remove software threats that consist of ransomware, Trojans, spyware, and rootkits?
Anti-malware
technician needs to set up a method that blocks URLs or search terms using keywords and phrases. What is this method?
Content filtering
Most vendors have recycling systems for what types of products? (Select all that apply.)
Toner Battery Device
IT Department has learned that a new employee starts on Monday and will need a computer just before the weekend. There is a used PC in the storeroom. A " no operating system found " message appears when the computer is rebooted after a technician installs Windows 10 on the computer with the hard drive partition style set to support Unified Extensible Firmware Interface (UEFI). Determine which of the following scenarios would generate that message.
Damaged hard drive
What is referred to as data on persistent storage like HDDs, SSDs, and thumb drives?
Data-at-rest encryption
3D animations expert is searching for a new computer. What should they ensure it has to handle their demanding software?
Dedicated graphics card
What method uses the process of immersing the device into a high-intensity magnetic field that leaves the object magnetically impartial?
Degaussing
To ensure the authenticity and authorization of a mobile app, a service provider issues a certificate to valid developers. Developers can use this certificate to sign their app, and to establish trust. Which of the following attributes of an app would likely disqualify as trustworthy?
Duplicates the function of core OS apps.
ensure the authenticity and authorization of a mobile app, a service provider issues a certificate to valid developers. Developers can use this certificate to sign their app, and to establish trust. Which of the following attributes of an app would likely disqualify as trustworthy?
Duplicates the function of core OS apps.
To ensure the authenticity and authorization of a mobile app, a service provider issues a certificate to valid developers. Developers can use this certificate to sign their app, and to establish trust. Which of the following attributes of an app would likely disqualify as trustworthy?
Duplicates the function of core OS apps. (the right one)
employee uses an option to ask for help from a technician with an invitation file protected by a passcode. What is this option?
MSRA
What is this called when antivirus software scans a file before allowing or preventing it from opening?
On-access scanning
If an individual is creating an account and unable to think of a strong key code word, the browser can suggest strong keycodes to use. What is this called?
Password manager
threat actor poses as a hiring manager for a company and asks a user for their personal credentials and to log in to a spoofed website that looks genuine. When the user confirms log-in with the spoofed website, their information is obtained. Which of the following is this attack?
Phishing (right)
technician helps a customer with a ticket request and needs to record that the customer has accepted that the ticket can be closed. Which of the following fields reflect this part of the ticket life cycle?
Problem resolution
user calls the help desk complaining that Windows freezes to a blue screen every time it tries to boot. When the technician arrives, they boot the computer in Safe Mode. After evaluating this situation, what is the BEST reason the technician wants to enter Safe Mode to begin troubleshooting?
Safe Mode loads only the minimum amount of drivers and services to start the system.
An employee is working with a substance that can potentially harm them. Which of the following should they use? (Select all that apply.)
Safety goggles Air filter mask
employee disposes of a disk by grounding it into little pieces. What is this called?
Shredding
administrator uses an access control system to shuttle authentication and authorization traffic between the supplicant and the AAA that encrypts an entire authentication rather than just the password. What is this method?
TACACS+
researcher calls the help desk complaining of slow computer performance. When the technician arrives and probes for clues, the researcher explains that they frequently run multiple programs simultaneously and have a significant number of browser tabs open to aid with their research. Which of the following solutions should speed up the computer's performance?
Add RAM.
user wants to share their printer with other teams, but not all teams use the same operating system. What can the user do to configure functionality with the other teams?
Additional drivers
Over the day, a user's computer becomes slow. Then pop-ups start to appear randomly. Later on, the pop-ups become more frequent, and the user notices that internet searchers are using Google when their default search provider is in Firefox. Once the computer starts crashing repeatedly, the user calls for help. Considering all of these data points, what is the best diagnosis of the problem?
Adware or spyware infection
Which of the following uses the file-copy tool as Windows using "robocopy"?
Automated backups
Which of the following uses the file-copy tool as Windows using "robocopy"?
Automated backups (The right one)
employee needs to ensure that the customer receives a professional support delivery. Which of the following does this include? (Select all that apply.)
Avoid distractions. Deal appropriately with confidential and private materials. Be on time.
What is a type of employee device that must meet the profile that the company requires, and the employee will have to agree on the installation of corporate apps and to some level of oversight and auditing?
BYOD
user receives an unsolicited call from a Microsoft support technician during a normal workday. The technician says the antivirus software on the user's computer alerted Microsoft of a new malware infection. The technician needs to remote into the user's computer to fix the problem. What is the technician trying to do?
Circumvent security software.
technician is cleaning a computer and notices dust forming over the fan blades and ventilation slots. What can the technician use to perform dust cleanup? (Select all that apply.)
Compressed air blaster Natural bristle brush PC vacuum cleaner
software company hires a new app developer. The corporate network denies access when the developer tries to connect their phone. Why would the network deny access from the developer's mobile phone?
Developer mode
helpdesk technician is helping a user experiencing printer problems. After several troubleshooting steps, the technician thinks the user may have installed the wrong driver. Where can they go to install a different one?
Device Manager
technician destroys disks by putting holes through them and smashing them with a hammer. What is this method?
Drilling
threat actor uses a technique that allows devices to connect to an open authentication and then redirect the user's browser to a fake captive portal that encourages the user to enter their network password. What is this technique?
Evil twin
security awareness trainer spends a good portion of the training class talking about phishing, given its popularity as an attack vector. Phishing campaigns are getting more sophisticated, so the trainer is helping the class learn how to identify a phishing email. Which of the following is an indicator of phishing? (Select all that apply.)
Inconsistent sender and reply to addresses Urgency Disguised links
user experiences issues searching their local computer for files. What is a common issue that the user should check?
Indexing options
An installer is implemented using. EXE file. What is this technique performing?
Installation of applications
administrator reviews a series of instructions that the workstation follows every time a user logs on. What is this called?
Login script
security analyst notices an unauthorized disclosure of customers' data at the company. What type of data is breached?
PII
user implements a technique that requires an input of 4- or 6- digits to gain access to their device. What is this technique?
PIN
Windows administrator wants to learn how to use Linux by installing the Linux subsystem for Windows. What should their version of Windows have on the New Technology File System (NTFS) to support case-sensitive naming and hard links required by Linux?
POSIX
While conducting an online search for cleaning services, a homeowner clicks on the link for one of the results. When the website loads, the page says, "Warning: Potential Security Risk Ahead." What would cause this message to appear? (Select all that apply.)
The certificate is issued by an untrusted CA. The certificate has expired. Malware is trying to redirect the browser to a spoofed page.
Which of the following scenarios would result in a website having an untrusted or invalid certificate? (Select all that apply.)
The certificate is revoked. The certificate is self-signed. The certificate has expired.
What uses a 4-way handshake to allow a station to associate with an access point, authenticate its credential, and exchange a key to use for data encryption?
WPA2
administrator uses a method that uses simultaneous authentication of equals (SAE) instead of the 4-way handshake. What is this method?
WPA3
transportation company wants to set up software that gathers statistics from the controller area network for trailers hauling loads, enabling them to adjust processes to optimize cost savings. What type of adapter will the company need to send the statistics back to their cloud network?
WWAN
administrator uses a document list that identifies the discrete stages in the use of hardware and software. What is this document called?
Warranty
low battery charge can cause several different problems to occur on a mobile device. Which of the following issues could stem from a low battery? (Select all that apply.)
Weak Bluetooth signal Weak Wi-Fi signal
Linux administrator sets up a development environment where they can install and test new packages. Which of the following commands will help the administrator accomplish this? (Select all that apply.)
apt-get yum
administrator for Apple endpoints has heard about roaming profiles on Windows where users can sync certain settings from different devices. Which of the following offers a similar functionality?
iCloud keychain
What ensures that old data is destroyed by writing to each location on a hard disk drive?
Erasing/wiping
Which of the following backup procedures state that users should have three copies of their data across two media types, with one copy held off-line and off-site?
3-2-1 backup rule
teenager hears from friends about a legitimate website to download games to their Samsung Galaxy phone that is not in the Google Play store. The teenager goes to the site and downloads some games. What best describes the teenager's behavior?
APK sideloading
An employee needs to ensure that the customer receives a professional support delivery. Which of the following does this include? (Select all that apply.)
Avoid distractions. Be on time.
accountant has an unlimited data plan and has set data usage limit triggers for their mobile phone. What concern does the accountant have with high data usage with an unlimited data plan? (Select all that apply.)
DDoS Cryptomining
A vulnerability and risk manager reviews older systems that can only receive critical patches. What are these systems classified as?
Extended support
technician is using a tool with a secure erase function that performs a zero-filling on HDDs and marks all blocks as empty on SSDs. The SSD firmware's automatic garbage collectors then perform the actual erase of each block over time. What is this tool?
Low-level formatting
user requests a site's certificate, but an evil twin intercepts the request and presents a spoofed certificate, which the user's browser accepts. What has just happened? (Select all that apply.)
Malware is in the middle of the session. The user thinks they have a secure connection. An on-path attack
operating system update on a user's phone fails. The user verifies the phone's connection to a wall outlet that leads to the office Wi-Fi. Which of the following could be responsible for the update failure?
Metered network
video game development company is purchasing upgraded laptops to develop cutting-edge graphics for a new story they have been marketing. They want to be able to integrate persistent system RAM. What type of operating system should they use for support?
Pro for Workstations
user implements a method that requires a one-time code within a given time frame to get access to their email account. What is this method?
Soft token
user needs to install a desktop application and use an application store that is reputable. What type of vendor is this store?
Trusted source
server administrator notices a file server starting to run low on space. The administrator wants to create extra space before all space is used up and even worse issues arise. What should the administrator use?
cleanmgr.exe
administrator automates the creation of folders during a Windows install process. Which command should they use in their script?
md
Advanced malware infection may require manual removal. Which of the following tools assists in manual malware removal? (Select all that apply.)
msconfig WinPE regedit
What are their options when a company wants to create and deliver a custom app for their employees without using a public store? (Select all that apply.)
Apple Business Manager Managed Google Play
server administrator hears weekly about companies breached by malware. What is the most significant impact the server administrator is likely worried about?
Applications
user has a Mac computer but likes Windows better for functionality and compatibility purposes. The user wants to sell their computer on an online marketplace and wipe their presence from the computer. Which of the following will help them accomplish this?
Disk Utility
attacker uses a technique against a wireless network that allows them to flood access points with too many packets. What is this called?
DoS
server administrator migrates their environment from physical servers to a virtualized environment. The administrator wants to install new virtual machine operating systems. What is the best approach to use regarding deploying virtualized OSs?
ISOs
attacker imitates an IT support technician for a company. The attacker asks for a user's password to gain access to the user's system remotely. What is this called?
Impersonation
The IT department determines that the phone belonging to the company's vice president suffers a compromise and that the personal and corporate data contained on the phone has leaked. Which of the following should the IT team do next?
Quarantine all devices that could be connected to the leak.
user receives a Windows dialog box pop-up that states 163 viruses were detected by antivirus software. When the user clicks on the pop-up, it states that to get rid of the viruses the user needs to purchase the software's full version. What type of antivirus does the user have in this scenario?
Rogue
Many mobile apps collect location data. Rogue apps could use location data for criminal purposes, such as burglary. However, many legitimate apps also track a mobile user's location. Why would a legitimate shopping app have an interest in a user's location?
Targeted advertising
user finds that their iPhone 5 starts to run slowly, and a reboot does not solve the slow performance. Which of the following issues could be causing the problem? (Select all that apply.)
Too many apps open OS update Low battery charge
client administrator sets up a new system for GUID partition table (GPT) partitioning. What dependency will the administrator need to set?
UEFI
user uses a scripting language based on Microsoft's Visual Basic programming language. Which of the following extensions is used?
.vbs
server administrator has not used the command line in quite some time and is trying to remember what will help them with commands and how to use them. Which of the following should the administrator use?
/?
According to CompTIA's seven-step best practices procedure for malware removal, which of the following correctly lists the first three steps?
1. Investigate and verify malware symptoms. 2. Quarantine infected systems. 3. Disable System Restore
software developer is looking at installing a new 64-bit program that will help to streamline coding and optimize workflow. What types of systems can the developer install it on?
64-bit only
Which of the following should generate an alert when the account is disabled or altered?
Change default administrator account.
An IT specialist removes malware from a computer system and then re-enables System Restore. Then a new restore point is created, all security-critical services and settings are validated, and the DNS configuration is verified. However, when the specialist runs a final antivirus scan, it detects malware. Considering all the steps taken, which would explain why there was still malware on the system?
C&C network connection was detected.
user has just set up their network and needs to make sure that their network is secure, and no one can log in to the network. Which of the following should the user do?
Change default passwords.
employee enters the web address of their local newspaper to check for news on the company, and a site pops up with many click-bait celebrity stories. The employee re-enters the address assuming a misspelling but returns to the same page. When the help desk technician arrives, which of the following troubleshooting steps would be appropriate?
Check HOSTS files for malicious entries. (The right one)
user is about to join a Zoom call and plugs in USB-C headphones with a built-in microphone to the computer's USB 3 port. A message appears that there are "not enough USB controller resources." Evaluate the situation and select the best fix for the problem.
Connect the headphones to a USB 2 port.
developer, working at Microsoft, is helping to develop the latest and greatest user interface for Windows. The developer is assigned to the team that works on the user interface's top level. What will the developer be working on?
Desktop
company has backup storage located at a different location, which lowers the risk of losing both productions and backup copies of data. Which of the following is this backup storage?
Off-site backup storage
company has backup storage located at a different location, which lowers the risk of losing both productions and backup copies of data. Which of the following is this backup storage?
Off-site backup storage (Right)
Company is using a credit card transaction that guarantees both customer's card data and the company's system are safe against fraudulent purchases and identity theft. What is this?
PCI DSS
server administrator was called in to help a VIP whose computer was accidentally infected with a virus. The administrator wants to revert the computer but still preserve user personalization settings. What should the administrator use?
Refresh
user is only able to read data on the file. What account management policy is this?
Restrict user permission.
attacker uses a set of tools designed to gain control of a computer and can create a backdoor with system-level privileges without the user noticing. What is this called?
Rootkit
user likes to watch Netflix on their phone while on the treadmill. The user turns the phone sideways for better viewing, but this time, the picture did not orient to landscape as it always has. Which of the following could cause this issue?
Rotation lock is enabled.
technician sets up a company's network and uses a method that lets employees know which network is the company's network. What is this called?
SSID
user wants to connect to multiple systems after a single login at only one of the devices. What is this called?
SSO
customer uses their computer at a café, and an attacker watches the customer typing their login information. What is this called?
Shoulder surfing
manager for a Linux server team recently purchased new software which will help to streamline operations, but they are worried that in IT, there is a high turnover of personnel. The manager wants to ensure they can obtain updates, monitor and fix security issues, and are provided technical assistance. What impact is the manager trying to mitigate?
Support
marketing professional normally sends large files to other team members. The IT department recommended using a shared drive and assisted them in setting it up. The project was a very high priority, so the professional collaborated with several members but started receiving reports that some users could not access it sometimes and others could. They eventually figured out that only 20 people at a time seemed to be able to access it. What is causing the issue?
The share was created on a Windows desktop.
user disables some of the laptops' services, thinking it would speed up performance. After restarting the laptop, "One or more services failed to start" appears. When the IT specialist opens the Services snap-in, they identify the failed service and restart it, but that does not fix it. Which of the following scenarios best explains why the restart did not work?
The user disabled a dependent service.
Snapchat app on an iOS phone will not close. The user rebooted the device, but that was unsuccessful. Which of the following options would be the best for the user to try to fix the problem?
Uninstall then reinstall
Which of the following avoids opening remote desktop ports on the network's firewall?
VPN
helpdesk professional assists a user with issues booting up their Mac computer. The user reports that there is no drive to boot from. Where will the computer boot from?
Web
administrator for Apple endpoints has heard about roaming profiles on Windows where users can sync certain settings from different devices. Which of the following offers a similar functionality?
iCloud keychain (The right one)
client uses this software that allows access to a given computer. What is this software?
Screen-sharing
Which of the following is to use clear and concise statements that avoid jargon, abbreviations, acronyms that a user might not understand?
Proper language
server administrator experiences performance issues on a server and needs to narrow down the source of the problem. The server is an externally facing website with high visibility for the company. The longer the site is having issues, the more customers might notice and possibly damage the company's reputation. What can the administrator use to view and log performance statistics? (Select all that apply.)
resmon.exe perfmon.msc
server administrator sets up jobs that will copy over files on various servers. They want it to detect if the file was transferred successfully and, if not, resend the file. Which command is optimal for server administrators to perform this task?
robocopy
installer is implemented using. EXE file. What is this technique performing?
Installation of applications
penetration tester targeted top-level executives during a test by sending out phishing emails. They received their first shell when the first executive opened the attachment in the phishing email. Once the penetration tester connects to the executive's computer, what command will tell them the location of where their shell landed?
pwd
computer administrator sets up a client workstation to join a centrally managed network. What options should the administrator configure to do this?
Access work or school
computer administrator sets up a client workstation to join a centrally managed network. What options should the administrator configure to do this?
Access work or school (correct)
What type of encryption does WPA2 use? (Select all that apply.)
AES TKIP
company has employees sign a document that enforces the importance of protecting the organization from the security and legal implications of employees misusing its equipment. What is this document?
Acceptable use policy
Which of the following will block untrusted application sources from running?
Anti-malware
company's IT support specialist is ready to start recommissioning a system as part of the malware removal process. What is the last step before removing the computer from quarantine?
Antivirus scan
technician is talking to a customer about an issue, but the customer is not sure how to locate the issue on their computer, so the technician has the customer tell them step by step to figure out the issue. What type of technique is this?
Ask an open-ended question.
IT specialist removes malware from a computer system and then re-enables System Restore. Then a new restore point is created, all security-critical services and settings are validated, and the DNS configuration is verified. However, when the specialist runs a final antivirus scan, it detects malware. Considering all the steps taken, which would explain why there was still malware on the system?
C&C network connection was detected.
user notices that their device has a leaking component and needs to take careful measures to minimize any risk and discard the approved component at the proper waste facility. Which of the following disposal is this?
Battery
security engineer researches how to make backup and antivirus apps available to their iOS mobile devices. Where should the apps be pushed?
Business Manager
customer has opened a ticket for a problem to be fixed, and when the customer opens the ticket, there will be a record that shows what?
Proper documentation (The right one)
technician is working with a customer who is being unreasonable. Which of the following skills should the technician use? (Select all that apply.)
Do not take complaints personally. Identify early that the customer is angry.
When making major adjustments to a project, a security technician will have to assess the business and technical merits as well as the risks of the adjustment plan. What documentation will need to be submitted?
Change board approval
teacher wishes to reform education in their school system. They are looking for low-cost operating systems to support education. Which one is best geared towards accomplishing their goal?
ChromeOS
new employee calls the help desk because their phone will not connect to the office Wi-Fi. When the technician asks about the phone model, the employee says it is an iPhone 5. The technician immediately knows the problem. Which of the following could be the problem?
Configuration
technician is working with a customer who is being unreasonable. Which of the following skills should the technician use? (Select all that apply.)
Do not take complaints personally. Identify early that the customer is angry. Hang up. (Right)
server administrator tests connectivity between two statically assigned servers in a forest with different domains. What should they check first in this case?
DNS settings
erver administrator tests connectivity between two statically assigned servers in a forest with different domains. What should they check first in this case?
DNS settings
software engineer uses the "data protection" option for the apps on their mobile device. This option is subject to the second round of encoding using a key derived from and protected by the user's credentials. What is this method?
Device encryption
administrator wants to listen to music through headphones to help with productivity during work. However, the administrator is having issues connecting the headphones via Bluetooth. Where should they go first to look?
Devices
Which of the following are proper component handling tools and techniques to protect electronic components against electronic discharge when fixing a PC or mobile device? (Select all that apply.)
ESD straps ESD mats
technician makes sure that there is no faulty electrical equipment that can pose a risk and places extinguishers nearby. What is this called?
Electrical fire safety
server administrator was hired at a startup company. The administrator has not established any services yet, but wants to set up basic domain services such as Active Directory, email, and domain name system (DNS). Which client operating systems will be compatible with domain-joined networks? (Select all that apply.)
Enterprise Education Pro
technician must remove all corporate accounts and files from an employee's device but leave personal applications, accounts, settings, and files untouched. What is this called?
Enterprise wipe
server administrator looks at which Linux supports file systems to show all available options. Which of the following are supported by Linux? (Select all that apply.)
FAT32 ext4
user logs into a computer and uses a camera that records a 3-D image with its infrared sensor to mitigate attempts to use a photo to spoof the authentication mechanism. What is this called?
Facial recognition
attacker is trying multiple times to login into a user's phone, but the phone ends up being disabled. What is this called?
Failed attempts lockout
company needs to set up perimeter security to control and monitor who can approach the building. Which of the following should the company use? (Select all that apply.)
Fencing Guard Access control vestibule
user downloaded a script, but the file was in a text file format. The user needs to change the extension to a PowerShell script to run it, but they do not see the extension. Where can the user configure this setting?
File Explorer View tab
lawyer opens an email attachment that appears to be a court summons, but it is malware. The law firm's IT consultant quarantines the lawyer's system and then disables System Restore. Which of the following should IT disable?
File History
systems administrator for client machines has managed Windows machines for some time. The company is now adding Apple computers. The security team wants to implement an equivalent to Bitlocker. Which of the following should the administrator enable and configure?
FileVault
A telltale sign of a malware infection is when changes occur to system files. Which of the following is likely the result of malware-induced changes to system files? (Select all that apply.)
Files that are missing or renamed Files with date stamps and file sizes that are different from known-good versions
IT technician is installing software on a device that inspects network traffic and accepts or blocks traffic based on a set of rules. What is this called?
Firewall
What allows a user to download from a vendor's website and select the correct patch for their device's make and model?
Firmware updates
technician uses a backup method that reflects how much lost work can be tolerated. What is this method?
Frequency
administrator is backup chaining a database with the type of backup that utilizes a moderate time and storage requirement. What type of backup is this?
Full with differential
Rooting is typically an action related to Android, while jailbreaking is associated with iOS. They are both trying to do the same thing. What is that?
Gain unrestricted access.
user has owned the same personal computer for a while and thinks it might be time for an upgrade. Which of the following are upgrade considerations? (Select all that apply.)
Hardware compatibility Application support
user has owned the same personal computer for a while and thinks it might be time for an upgrade. Which of the following are upgrade considerations? (Select all that apply.)
Hardware compatibility Application support (Right)
vulnerability management lead wants to set up the company using a more secure authentication method than a simple password. What hardware aspect should the management lead consider?
Hardware token
What type of data breach can be associated with a specific person or use an anonymized or de-identified data set for analysis and research?
Healthcare data
digital forensics expert investigates a laptop that was not completely powered down. They are looking for a hibernation file on the local hard drive. Which power mode would perform this?
Hibernate
manager received a document identifying underlying causes and recommended remediation steps to mitigate the risk of repeating an issue. What is this document called?
Incident report
technician implements a type of authentication method used on Windows machines that once users are authenticated, they are trusted by the system. What is this method?
Kerberos
new employee is going over the site safety handbook about correct ways of carrying objects, so they do not damage the object or get injured. What is this called?
Lifting techniques
What technique is used on hard drives that reset them to factory condition and the hard drives only contain the information necessary to interact with a file system?
Low-level formatting
Microsoft provides a repository of information about threats that Windows Defender discovers. What is the name of the repository?
Microsoft Knowledge Base
Which of the following accounts can users set up profile settings to synchronize between devices via the online portal?
Microsoft account
security researcher wants to install an older operating system for research and testing. What is the most common medium that comes with a disk that the researcher should use?
Optical media
What technique is often used to exhibit fake antivirus and security warnings or other malicious advertising?
Pop-ups
technician configures a method to run some server application from a network and make it accessible to the internet. What is this method?
Port forwarding
technician runs an isolated test that allows them to run the program without impacting the system. What is this called?
Sandbox
Which of the following alternatives can a customer select from when an issue cannot be resolved remotely?
Replace Repair
analyst is a method that calculates a product of the likelihood and impact of the potential threat category. What is this method?
Risk levels
What method gets a system back up and running before the recommended amount of time elapses?
Rollback plan
technician uses a method where each server is configured with a public/private encryption key pair and identified by a host key fingerprint. What is this method?
SSH
When a project team is constructing a change request document, a part that needs to be included is the number of devices, users, or customers that will be affected by the change. What is this part of the document?
Scope of the change
Employees are expected to stay updated on skills and knowledge to cope with changing threat types. Which of the following covers this?
Security-awareness training
security administrator for a defense contracting company wants to disable external devices. The administrator pushes out a group policy setting to disable such devices but worries that attackers might elevate privileges and reenable them. What other setting will help the administrator accomplish the objective?
Selective suspend
security analyst notices a critical incident that has a widespread effect on customers that can eventually involve a potential data breach. The analyst creates a ticket with the vendor and sets the importance in order to trigger a faster response time. What describes what attribute of the ticket the analyst set?
Severity levels
Linux server administrator notices a service they do not recognize, although the environment is quite big. They look at the help file for the ksh process, but the documentation seems poor. It does seem to indicate that it provides interactivity, however. What type of program is this?
Terminal
Which of the following malware tries to extort money from the victim?
Spyware
Which of the following devices come in the form of adapters, trailing sockets, or filter plugs, with the protection circuitry built into the unit?
Surge suppressor
Malware encyclopedias are a resource that antivirus vendors often make available to IT professionals. What is their value for IT practitioners? (Select all that apply.)
They provide information about the type, symptoms, purpose, and removal of malware. They are documentation of known malware.
helpdesk operator looks at build numbers for Windows as they plan upgrade timelines. The operator investigates the significance of the build numbers. Which of the following are the build numbers based on? (Select all that apply.)
Time of year Year
user performs a technique that allows them to connect their PlayStation to their network. What is this technique?
UPnP
While browsing the internet, a user receives a pop-up that states, "We have detected a Trojan virus. Click OK to begin the repair process." Out of fright, the user clicks OK. Given the following choices, what is the most likely outcome of the user's response?
Unwanted notifications start popping up in Windows.
user calls the help desk with issues consistent with a malware infection, although the user received no alert. The technician confirms that there was no malware alert. Which of the following options would be an appropriate next step? (Select all that apply.)
Update the antivirus software. Scan the system using different antivirus software.
security administrator moves their proxy from on-premise to the cloud and wants to establish a client tunnel to the cloud proxy tunnel for web traffic. This way, the users are protected even while out in public and not connected to the domain. What should the administrator set up?
VPN
helpdesk manager assesses older Windows 7 computers their company owns and tries to determine available upgrade paths. Which of the following can NOT be upgraded?
Windows 7 Home to Windows 10 Enterprise
administrator assists the human resources department in testing access to their new cloud-based training site. Unfortunately, the site cannot be accessed due to the organizational security policy. Which of the following should the administrator use to assist them?
certmgr.msc
systems administrator wants to create a scheduled task throughout the environment, which does a basic health check at night when users are not working. Which command should the administrator use in their scheduled task?
chkdsk
IT manager is in charge of client machine administration. The manager wants to test various boot settings before applying them to the environment. Which tool can the manager use to accomplish this best?
msconfig.exe
Security analyst conducts an incident response investigation against suspected malware on a userbox. The analyst suspects a certain variant of malware known to beacon out to a command and control server. What command will help them investigate this?
netstat
server administrator locks down security on their golden client image but is concerned about potentially breaking things in the environment. They decided to set up a test image for test users in various departments before full implementation. What should the administrator use to make individual configuration changes to the image?
regedit.exe
Linux server administrator meets with their Windows server administrator counterparts. A certain grouping of Linux and Windows servers is designated to run services that share files. What will the administrators need to enable sharing between the disparate systems?
samba
server administrator receives a report that the company's external-facing web server is unresponsive. Rebooting the server would take too long, and they are not even completely certain the server would come back up. What utility should the administrator use to restart the website?
services.msc
security administrator for Linux systems in their demilitarized zone wants to ensure only some administrators can perform certain commands. Which of the following is best used to lock down certain commands?
sudo (The right one)
forensic investigator is told that a server's processor that does not normally run high has been over-utilized lately, and they suspect possible malware. The investigator wants to start by investigating processes. Which command can they use to start the investigation? (Select all that apply.)
top ps
user just installed a new application on their workstation, but the application has issues even starting up. The user has been working on the machine regularly up to this point without any prior issues. Which of the following is most likely the issue?
Firewall
What will block third-party cookies and enable strict tracking protection?
Private browsing mode
Before an IT team can submit an application for change, it must include a document that includes an analysis of risks associated with performing the change and risks that might be incurred through not performing the requested change. What type of document is this?
Purpose of the change
technician suspects a computer system is infected with malware. Which of the following activities is the correct next step?
Sandboxing
What is also known as a potentially unwanted application (PUA) and should be removed from the computer?
Untrusted source
penetration tester conducts the initial reconnaissance phase and is currently targeting externally facing servers for a certain company. Currently, they are trying to enumerate the domain name system (DNS) servers. Which built-in tool will help them perform this?
dig
While researching and writing a paper on their home computer, a student notices an alert in the notification area that Windows Defender has expired and needs to be updated. The student is annoyed by the interruption but clicks on the alert and follows the update instructions. Later, the student told their parents that Defender expired, and they installed the update. The student's parents are panic-stricken. Determine the best reason for the parents' reaction from the information provided.
A malicious browser push notification tricked the student into downloading malware.
company uses a method that restricts its employees from messing with their computer settings. What is this method called?
BIOS
employee enters the web address of their local newspaper to check for news on the company, and a site pops up with many click-bait celebrity stories. The employee re-enters the address assuming a misspelling but returns to the same page. When the help desk technician arrives, which of the following troubleshooting steps would be appropriate?
Check HOSTS files for malicious entries.
After starting the computer and signing in, a user notices the desktop takes a long time to load. Evaluate the following Windows operating system problems to determine the one that best diagnoses what could be causing the slowness.
Corrupted user profile
user's phone begins to act strangely, with apps responding slowly and pop-up ads appearing frequently. When the user calls the help desk and explains the issues, the technician says it sounds like malware. What other symptoms would be common to a malware infection on a mobile phone? (Select all that apply.)
Fake security warnings Redirection
client administrator for a video game development company wants to upgrade machines to support five primary partitions. The developers work with a lot of large files and might even need partitions larger than 2 TB. Which of the following should the administrator use?
GPT
intern for a Windows server team is watching a server administrator verify the authenticity and integrity of an installer. Where did the administrator most likely get it from?
Internet download
attacker can access a computer by executing a lunchtime attack. Which of the following principles were NOT followed that led to this attack?
Log off when not using the computer.
Which of the following contains information about ingredients, health hazards, precautions, and first aid information and what to do if the material is spilled or leaks?
MSDS
Users are curious about what is run on startup, so they dig into the startup script. The users find the command "net use M: \\sharedrive\data /persistent:yes". What is the startup script invoking?
Mapped drive
Management provides employees with written policies and procedures to help them fulfill their tasks. Which of the following procedures requires employees to enroll and identify themselves using secure credentials?
New-user setup checklist
technician detected and reported an incident, resulting in the appropriate unit being notified and tasked with acting as first responders, taking charge of the situation, and formulating the appropriate response. What is this unit called?
Open-source
curious user looks through their local logs and sees errors in region-coding copy-protection mechanisms. What type of device is generating these logs?
Optical media
user is buying software for their PC. Which of the following would the user be purchasing for individual use?
Personal license
threat actor poses as a hiring manager for a company and asks a user for their personal credentials and to log in to a spoofed website that looks genuine. When the user confirms log-in with the spoofed website, their information is obtained. Which of the following is this attack?
Phishing
IT professional helps to fix their friend's computer. The computer is running extremely slow. The IT professional notices the operating system is running Home edition. Which of the following is the only service available for the Home edition?
RDP
pet store owner receives an email from their bank with a special financing offer. The owner clicks on the attachment, but it does not open. Later that day, when the owner returns to their computer, it is running very slowly and will not connect to the internet. By the time the IT consultant arrives, the computer has locked up. Which of the following is the best action for the IT consultant given the existing conditions?
Run an antivirus scan.
administrator uses a method that assigns permissions and rights to a collection of user accounts. What is this called?
Security group
technician creates full backups by having the chain start with an initial full backup as normal and afterward makes a series of incremental backups. Which of the following backups is this?
Synthetic
Two friends want to share photos with each other from their iPhones. The first friend selects their photos and uses AirDrop to share with the second friend. However, the first friend gets a message that there is no one nearby to share with. Why would that message appear?
The second friend has Bluetooth disabled.
security administrator for Linux systems in their demilitarized zone wants to ensure only some administrators can perform certain commands. Which of the following is best used to lock down certain commands?
chmod
remote computer administrator is managing clients in rigorous conditions. The clients keep overheating and often have issues. The administrator wants to run regular checks for damage or corruption. Which of the following will help them accomplish this?
sfc