CompTIA A+ 220-1102 (Core 2)
microsoft remote assistance (msra)
allows a user to ask for help from a tech or coworker by an invitation file protected by a passcode, opening the file will connect you to a remote system
eap
allows authentication against a network directory. foundation of managing wifi accessed based on active directory user objects
shared secret
allows radius server and access point to trust one another
windows subsystem for linus (wsl)
allows the installation of a Linux distribution and the use of Linux applications
spoofing
an attack where the threat actor can masquerade as a trusted resource. It can mean cloning a valid MAC or IP address or using a false digital certificate
.apk format
android package source - allows apps to be downloaded and installed from untrusted and external third party sources
content filter to block known phishing sites and adware/spyware on mobile devices
antivirus/antimalware app
why might a user have issues installing a program?
app settings
before upgrading sodimm in a laptop what should you do first
disconnect from power
configuring a host on a home network, what address will be the same as the gateway?
dns
nfts feature allows space on multiple physical disks to combine into volumes
dynamic disks
jailbreaking
enables users to obtain root privileges, sideload apps, and customize interfaces side effects -leaves many security measures permanently disabled -can no longer be assumed to run a trusted OS -subverting the security controls built into os to gain unrestricted system level access
radius server and wireless supplicant must have what during configuration
encryption key pair digital certificate
applocker software comes with
enterprise
single sign-on (SSO)
enterprise networks use a centralized database of user accounts to authenticate users once to access the network and gain authorization for all other applications on the network
most common file system for removable/flash drives
exFAT
degaussing disks means to
expose the disk to powerful electromagnet
what uses infrared scanning and 3d imaging to id the user?
facial recognition
mobile signs of malware
fake security warnings high number of ads sluggish
installing applications cannot be executed in silent mode using command switches for the installer - t/f?
false
t/f NTFS can be supported by any OS
false, windows only
robocopy
file copy utility. specifically for long file names
what is a symptom of malware introduction on a computer's file system?
file names of saved work changed
linux command to search for file
find
monitor app activity and prevent connections to ports or ips
firewall
content filtering
firewall downloads curated reputation database
on a mac, cmd option esc does what?
force quit
disk maintenance
fragmentation - reduces read performance capacity - 20% free space damage - impact, overheating, electrical issues, age
open source licenses
free to use modify share
what questions should you ask regarding trusted sources
from where is the program installed is the vendor of the program/app reputable can the installer of the vendor be verified
backup that has high storage and time requirements but least complexity to recover
full
where can you configure resource dedication to a game
gaming settings
tab to change single/double click settings in file explorer
general
partition to be set up for new computers that will store large amounts of data on 4tb drives
gpt (guid partition table) would support over 2tb mbr does not support over 2tb
drive shredding
grinds the disk into tiny pieces
what does linux use to verify authenticity of the software packages obtained from an online source
hash value
what type of data includes a persons illness history and treatment findings
healthcare data
what does fast start-up decrease boot time
hibernation file utilization
performance symptom of malware
host cannot access network or the network is slow
cmd to identify local machine
hostname
examples of internet of things
hub/control system wireless mesh networking smart device types
byod security challenge
identifying secure configuratioin baselines for each device and os version
feature updates introduce new os features/tools and can also perform:
in place upgrade (from 10 to 11)
what kind of backup uses gfs scheme
incremental
what kind of backup has a low backup time and only includes new files and files modified since the last backup job
incremental -low time and storage -high recovery complexity
disk management
initializing - mbr or gpt partitioning - choose amount of space and file system formatting - volume label repartition - expand or shrink configure dynamic disks- more than one disk required. new dynamic volume can use multiple devces to implement software raid redundancy
reimage device
install a new os and reload software
eas of access main setting groups
interaction vision hearing
you must always configure each client with an ip address and transmission control protocol (TCP) port to forward traffice via a proxy in network and internet settings unless the organization uses:
intercepting proxy transparent proxy autoconfiguring proxy
which operating systems originated from the unix kernel
ios macos linux
protects a network by allowing users to control what traffic to permit in and out of the network
ip filtering
show dns resolver cache
ipconfig /displaydns
clear dns resolver cache
ipconfig /flushdns
If a DHCP lease is missing or incorrect, you can use what ipconfig to request a new one.
ipconfig /release && ipconfig/renew
what type of file represents a virtual mountable optical disk
iso
characteristics of placing a device in dev mode
it can be purposely misused to install bootleg apps it should only be used for app dev it makes advanced config settings and log data available
what is important to understand about dust
it contains particles that can cause overheating or loss of function
what type of script can be used to develop interactive content?
javascript (.js) - scripting language designed to implement interactive web based content
phase of procurement life cycle that includes documentation of an asset such as warranty and licensing details deployment maintenance change management procurement
procurement
benefit of UPnP
provides a networking protocol framework, allowing networked devices to discover the network
what does the df command in linux do
provides memory usage
chain of custody
records who collected evidence, handled it, stored it and must show access to the evidence at every point
new-psdrive cmdlet does what
remap network drive
using remote desktop, what can you use to mitigate risk of compromised credentials
remote credential guard rdp restricted admin (rdpra)
app for macs that allow access to an optical drive on another computer
remote disc
what does regedit provide
remote mgmt of client os and its devices, software, apps config info
zero day attack
takes advantage of a system vulnerability for which there is currently no patch or update to resolve
hashing
takes any amount of data and produces a fixed length value
symptoms associated with security issues within file systems
the device has altered system files the device files have been renamed
restore files on mac
time machine
what item needs certain disposal to reduce risk to respiratory tract irritation
toner
linux commands to list processes running on a system
top ps
tracert
tracert 192.168.1.1 will trace the path the packet takes to get to its target. can take an ip or an fqdn
software that secretly collects data from and provides access to the host/network
trojan
purpose of the ipconfig command
troubleshoot network adapter
t/f Windows 10 Pro and Education editions have a 2 TB RAM support limitation
true
t/f malware can corrupt dns to perform redirection, causing limited connectivity
true
wpa3 allows everyone to join but traffic is encrypted t/f
true
why should you disable a guest account
unauthenticated access to a computer that may provide network access
examples of external hardware tokens
usb security key smart card
display help on a command
use /? switch or type /help
how to prepare mass amounts of computers with the needed configuration
use an image
security account policies
use timeout/lock screens restrict login times restrict user's permissions
some of the main system objects in windows are
user account onedrive this pc network recycle bin
evil twin
uses a rogue wireless access point to harvest credentials. The evil twin might harvest authentication information from users. It might have a similar network name or SSID to the legitimate one
fingerprint recognition
uses a sensor to scan unique features of the user
pattern screen locks
uses connect the dot approach to unlock
xcopy and robocopy
utility that allows you to copy the contents of more than one directory at a time and retain the directory structure. The syntax for xcopy is as follows: xcopy Source [Destination] [Switches] robocopy - another file copy utility. recommended over xcopy. designed to work better with long file names and NTFS attributes. Check the command help for additional switches and syntax.
tab that allows admins to configure settings - hiding extensions, protected system files, hidden fields/folders, etc
view
system information
view hardware and software components, provide an inventory of system resources, firmware, os, driver file locations, environment variables, network status, etc msinfo32.exe
common malware vectors
virus worm trojan
what proactive measures should you look for regarding leaked files?
websites should be set for immediate notification linked devices to the data should be quarantined two step verification monitored
file system types
windows - ntfs linux - ext3 or ext4 apple - apfs
certificate manager
windows console to authenticate users and validate via third party (certificate authority ca)
volume licensing
windows enterprise and education licensing
oem licensing
windows home and pro licensing. also available as fpp (full packaged product) or a volume license program
advanced hardware support comes with
windows pro for workstations
what does a user observe when they experience a bsod
windows stop error
system information
windows tool that provides a comprehensive inventory
performance monitor
windows tool to provide resource information about cpu, memory, disks, and network while logging data to a file for long term analysis
command for build number of windows
winver
aes gcmp
wpa3 replaces aes ccmp with ggmp
what process correlates with erasing/wiping data
writing to each location on the hard drive, using zeroes or a random pattern to clean the disk
what type of connection is a laptop connecting wirelessly to a cellular phone provider's network
wwan
accounts settings in windows is used for what tasks
your info email & accounts sign in options access work or school family and other users sync settings
linux antivirus/malware protection that is free/opensource
clam
os installation to help sluggishness on pc
clean install
tablet sensitivity touch settings are called
gesture
apple password manager app
keychain
what shell script is written for basic windows cmd interpreter
.bat (batch file)
what scripting/programming language can develop both automation scripts and software apps?
.py - python
what starts with a shebang line designating which interpreter to use (such as bash or ksh)
.sh - in linux every shell script starts with this line
how to get to a file named "audit" on a floppy disk drive of a typical PC
A:\ Audit
administrative tools
Folder in Control Panel containing default Microsoft management consoles used to configure the local system. examples: Computer Management (compmgmt.msc) Defragment and Optimize Drives (dfrgui.exe) Disk Cleanup (cleanmgr.exe) Event Viewer (eventvwr.msc) Local Security Policy (secpol.msc) Resource Monitor (resmon.exe) and Performance Monitoring (perfmon.msc) Registry Editor (regedit.exe) Services console (services.msc) Task Scheduler (taskschd.msc)
what allows asset management scanners and software to track a device's location?
RFID tag
3 higher layers of network failure
Security—A firewall or other security software or hardware might be blocking the connection or proxy settings might be misconfigured. Name resolution—If a service such as DNS is not working, you will be able to connect to servers by IP address but not by name. Application/OS—The software underpinning the service might have failed. If the OS has failed, there might not be any sort of connectivity to the host server. If the server can be contacted, but not a specific service, the service process might have crashed.
port security
TCP or UDP port number used by the application protocol
different power management settings available under advanced Power Options in Windows 2010 OS
USB selective suspend display brightness search and index behavior
what is the format for a mac setup file
dmg
linux command to search and filter contents of file
grep
default protocols and services on ethernet and wifi adapters
link layer topology discovery internet protocol
fully open source os kernel
linux
benefits of a locator app
lock device remotely find misplaced phones use if phone is stolen or lost
physical workstation security
log off when not in use secure hardware secure pii and passwords
linux command to display content of a directory
ls
what os choice most limits hardware options
mac
spyware
malware that exploits a target page to capture auth details
adware
malware that has a blunt means of driving traffic through a site
rootkit
malware that modifies system files, often at the kernel level. They may also contain tools for cleaning system logs, further concealing its presence.
linux command to provide help
man (manual pages) or -help
microsoft management console mmc
manage multiple snap ins, adjust windows settings such as local users, groups, disks, services. event viewer, disk cleanup, disk defragement, etc
command to make a directory
md
in linux what is the purpose of chown
modify file or directory owner
This type of alarm system utilizes either microwave radio reflection or passive infrared to trigger an alert threshold.
motion sensor
RMM
provide remote support, monitor client accounts and reporting billable activity
can be auto or manually configured to follow the service provider's instructions to configure the correct address on the router's interface
static wan ip
alternative to rdp that allows a user to screenshare with a tech
virtual network computing (vnc)
where do you configure sleep settings in windows
system settings
port forwarding
takes a request from an internet host for a particular service
file extension/scripting language based on microsoft visual basic programming langues (predates powershell)
.vbs (vbscript)
comptia malware removal steps
1. investigate and verify malware symptoms 2. quarantine infected symptoms, disconnect from network, move to sandbox, scan removable media 3. disable system restore to mitigate risk of spreading 4. remediation - a. update antimalware software, b. scanning and removal techniques 5. schedule scans and run updates, b. scanning and removal techniques 6. enable system restore and create new windows restore point. ensure software firewall and dns are configured right. 7. educate end user
troubleshooting autorotate issues
1. use the notification drawer/control center to check that the rotation lock is not enabled 2. check that the user is not touching any screen part to prevent rotation 3. consider some apps only allow a certain orientation
what port do teamviewer, logmein, and similar apps use to connect over the internet
443
max file size addressable by 32 bit allocation tables like fat32
4gb
which of these apps will fail to run on a windows pc with 64bit cpu running a 32 bit os? A 64-bit application installed with an .EXE A 32-bit application installed with YUM A 32-bit application installed with an .MSI file A 32-bit application installed with a .DMG
A 64-bit application installed with an .EXE A 32-bit application installed with YUM A 32-bit application installed with a .DMG
proxy server
Client PCs pass Internet requests to the proxy server, which forwards them to the Internet. The proxy may also cache pages and content that is requested by multiple clients, reducing bandwidth.
network status and adapter information is managed via various configuration utilities
Network & Internet is the modern settings app used to view network status, change the IP address properties of each adapter, and access other tools. Network Connections (ncpa.cpl) is a Control Panel applet for managing adapter devices, including IP address information. Network and Sharing Center is a Control Panel applet that shows status information. Advanced sharing settings is a Control Panel applet that configures network discovery (allows detection of other hosts on the network) and enables or disables file and printer sharing.
shortcut in control panel that allows access to windows defender firewall
administrative tools
default security groups in a windows domain
administrator user guest
default mac accounts
administrator and guest
administrative tools provides
advanced windows configuration consoles
tacacs+
aaa protocol developed by ciscothat often authenticates to administrator accounts for network appliance management
automated solution where only one employee can enter or exit at a time
access control vestibule
mapped drives
access to file server resources
"no OS found" message indicates what?
a disk drive is identified as a boot device but does not report the location of the os loader
dictionary attack
a password attack where software matches the hash to those produced by ordinary words found in a dictionary
automation
a primary use case for scripting
home folder
a private drive mapped to a network share that users can store personal files on
where can you configure a biometric reader to log in to windows
account settings
Linux has several shells, also called terminals, that provide a command environment where users can interact with the operating system, most notably the
bash, zsh, ksh shells
common issue that can impact OS updates, cause random reboots, or cause slowness?
battery issues
FDE (full disk encryption)
bitlocker. alternative to file encryption, not available to home users
malware infections that persist after the pc has been cleaned
boot sector virus
recovery mode command prompt to repair boot sector
bootrec/fixboot if mbr, use /fixmbr instead
time drift
can occur when mobo battery runs low, causes sync issues
recommended fire extinguisher for electrical fire
carbon dioxide
what part of ticketing system groups related tickets
categories
command to move directories
cd
what can a wifi analyzer do to assist in home router config
changing a channel (it can find the least congested channel)
command to scan file system for faults and repair
chkdsk
what can happen if an interpreter is not a default feature?
code can unintentionally expose the environment to risk of malware. can occur when interpreter is not default or script opens a network port/exposes the user form for input
surge suppressor
comes in adapters, trailing sockets, or filter plugs with the protection circuitry built into the unit
pin
common to use to activate and access the certificates of a smart card for logging on a user to a web application and other network services
Group Policy Editor (gpedit.msc)
configures many windows settings and templates
system settings provides options for
configuring i/o power remote desktop notifications clipboard about page - hardware/os information performance options startup and recovery options
computer management
console to schedule tasks and configure disks, services, devices, groups and local users
indexing options
control panel applet to search, catalog, and run database maintenance
rebuild windows profile
creating a new account and copying files from corrupt profile to new
what signifies malware is causing power drain and high resource utilization (apps perform slowly)
data usage limit notification
drilling disks
destroys drives by drilling holes in them
what makes mobile device advanced config settings and diag/logs available?
developer mode
troubleshoot nfc issues
device not in airplane mode device unlocked and nfc enabled nfc sensor supported and enabled in the wallet app
list usage by directory, file system, and space used in linux
df
what type of backup has a moderate backup time and only includes new files and files modified since the last backup job
differential -moderate time and storage -moderate recovery complexity
command to list files and subdirectories
dir
controls that place emphasis on software execution control
disable autoplay disable autorun
protocol that allows access points to use radius, tacacs+, or eap to tunnel credentials and tokens that allow a domain user to connect via a wireless client to authenticate to a Windows domain controller and use single sign-on authorization?
kerberos. single sign-on authentication and authorization service based on a time-sensitive ticket-granting system, allows a user account to authenticate to a Windows domain controller.
feature of windows 11 that allows a user to have more than one workspace on a computer
multiple desktops
what is important for equipment placement
must allow optimal environment for computing operations and increased lifespan
command to view shared resources and configure them on a windows network
net use
command that can be used to investigate open ports and connections on the local host.
netstat
what kind of setup method is pxe
network based
compatibility issues a web app might have
network compatibility user training and support
resilient file system (refs) is the successor for
new technology file system (ntfs) - currently only for pro and enterprise and not used as boot volume
desktop alerts
notification advising of immediate action. examples that are legitimate may include: immediate download push notification (can be malware) software install and upgrade
unwanted operating system (OS) notification
notification that appears on the display that was not prompted by the user
false antivirus warnings
notification that attempts to ruse the user into downloading content under false premises
If you identify or suspect a problem with name resolution, you can troubleshoot DNS with the _____ command
nslookup
encrypting file system (EFS)
ntfs feature not for win 10 home supports file and folder encryption
benefit to changing ssid
orients users to the correct network
security related symptoms of malware
os update failure
what must be sent to waste management/recycling because materials may contain toxins and heavy materials toner batter other devices/asset dust
other devices/assets
what could cause random reboots
overheating low battery faulty battery/hardware
bluetooth issues occur when
paired devices are not in range of one another to create a communications link
windows command tool to measure latency over an extended period
pathping. tracks the route data takes and provides each router hop to determine the round trip time (RTT)
vishing
phishing over the phone
whaling
phishing that targets upper management
file system feature that supports compatibility between unix/linux and windows
posix compliance
local account for legacy apps in windows
power user
ad blocker vs pop up blocker
prevents additional content besides the main site showing up vs prevents additional dialogs, respectively.
where to see app permissions
privacy
windows versions that can be domain joined
pro enterprise education
windows versions that support bitlocker and rdp
pro enterprise education
application security
process that listens for connections, Windows Firewall can block the Remote Desktop Protocol (RDP) service, so external applications cannot use it for remote access
user account control (uac)
requires user to approve to consent dialog or enter admin creds
low level formatting
reset a disk to factory condition
what is not a feature of a locator application
reset the phone to factory
apps not opening after update
restart services
os validations to ensure reinfections don't occur
restore points software firewall settings dns config (dns spoofing can redirect u to fake sites)
start + x is equivalent to what
right clicking start
a risk analysis worksheet where red is high risk, orange is moderate risk, and green is minimal risk are examples of
risk level
command to delete a directory
rmdir. if not empty, requires /s switch
what setup file format does yum package manager use (linux)
rpm
in linux what protocol provides smb file sharing compatibility
samba
the main display config settings are
scale - font size color multiple displays resolution and refresh rate
.iso file for infected pc does what
scans the computer in recovery mode
the number of devices/users/customers affected by a change
scope
windows start + L accomplishes what
screensaver lock (different than timeout screen lock which is due to user inactivity)
local users and groups lusrmgr.msc
secdurity groups as well as modifying/disabling/deleting accounts
what could cause browser certificate warnings
server name mismatch in the certificate the fqdn requested by the browser is different from the subject name listed certificate expired certificate is self signed
A user is connecting to their home folder at \\server1\home$\jdoe. What is \\server1\home$\?
shared folder
Certificate Manager console (certmgr.msc)
shows which certificates have been installed and provides a mechanism for requesting and importing new certificates personal - user account certs trusted root - certs including ms root and third party trusted certs third party root - contains trusted issuers from providers other than ms
command to shut down apps and power off pc
shutdown /s
some physical keys include
smart cards key fobs
services console
snap in tool that allows for process management via stop/start/pause/disable for services
advanced configuration and power interface (acpi)
standby/suspend to ram - cuts power to most devices hibernate/suspend to disk - saves any open but unsaved file data to disk and shuts pc down for windows, this is implemented as sleep, hybrid sleep, and modern standby modes
address that distinguishes the network id from the host id of the IP address
subnet mask
temporarily elevate privileges on linux terminal
sudo
aes
symmetric 128 192 or 256 bit block cipher used for bulk encryption in modern security standards like wpa2 wpa3 and tls
backup not generated directly from the original data but instead assembled from other backup jobs
synthetic
