Practice Exam 2 (220-902)
A. You can change the priority of a process in Task Manager's Processes tab for Windows Vista and Windows 7 (or on the Details tab in Windows 8) by right-clicking the name of the process and choosing Set Priority. The six priorities, from lowest to highest, are low, below normal, normal, above normal, high, and realtime. Only an administrator can set a process to run at realtime priority. Task Manager changes the priority only for that instance of the running application. The next time the process is started, priorities revert to that of the base (typically normal).
A user is running an application that requires complex calculations and takes a lot of CPU power. He wants to set his Windows 7 workstation so that it gives the application priority over all non-system-critical programs. Which tool can he use to do this? A. Task Manager B. Application Manager C. Performance Monitor D. System Configuration
You are working on a Windows 7 workstation that is operating very slowly. You want to quickly check system CPU and RAM usage to see whether anything appears amiss. Which two utilities can you use to do this? A. Resource Monitor B. Performance Monitor C. Control Panel ➢ System D. Control Panel ➢ Device Manager
A, B. There are three tools that quickly show you CPU and memory usage in Windows. They are Resource Monitor, Performance Monitor, and Task Manager. Performance Monitor can also be accessed through Computer Management.
You are onsite fixing a client's laptop that will not load Windows 7. You are waiting to hear about your friend's awesome party that they are hosting this weekend, and your phone starts to vibrate. And it keeps vibrating. You're sure that all of your friends are texting information about the party. What should you do? (Choose two.) A. Turn your phone off, and apologize to the client. Tell them that the phone was distracting you from your job, but it won't be a problem now. B. Ignore your phone. C. Text your friends back and tell them that you are working. D. Call your friend and tell him to wait until after this job before planning all of the details because you want to help.
A, B. When working with customers, you need to avoid personal interruptions such as phone calls or texts. Exceptions can be made if it's an emergency situation, but in those cases notify the client that you might get a call or text and explain that you will deal with it only if it's the emergency. Otherwise, ignore the personal interruption until you are not working with a client.
You are instructing new technicians on safety procedures when fixing computers and monitors. As an exhibit, you have an old CRT monitor that has not been used in a few months. Which of the following are the biggest potential dangers if you were to open this monitor? (Choose two.) A. Broken glass B. Sharp edges C. High-voltage capacitors D. Burns
A, C. Do not attempt to repair a CRT monitor without specific training. Even if the monitor has not been used for some time, capacitors can still hold a lethal charge. Also be careful with the tubes in a CRT monitor. They are vacuum sealed, and if the glass breaks, it can be sent flying in any direction.
You are attempting to update a Windows Vista workstation using Windows Update. The update fails with this message: "Failure configuring Windows updates. Reverting changes." You reboot and try again but receive the same error. What should you try next? (Choose two.) A. Wait until changes are reverted. Unplug removable media from your computer and try again. B. Wait until changes are reverted. Run a virus scan and try again. C. Wait until changes are reverted. Run the Windows Update Troubleshooter. D. Ignore the update.
A, C. If an OS update fails, it could be a configuration issue or simply a one-time glitch in the process. Wait until Windows Update reverts the changes; then reboot and try the update again. If that does not work, you can unplug removable media from your computer and try again, or you can try the Windows Update Troubleshooter.
You want to protect mobile device users on your network from potentially leaked files or data. Which of the following should you do to help reduce this risk? (Choose two.) A. Disable network autoconnect. B. Enforce data transmission over-limits. C. Enable device encryption. D. Install mobile firewalls.
A, C. When authorized users access devices through unintended connections or unauthorized users access absconded devices, they can access the data on the device. Disable autoconnect to avoid unintended connections, and encrypt data on devices to help protect the data on them in the event they are stolen.
Your company works with confidential government files. It is illegal for employees to copy any files to flash drives. Where do you specify this as well as the penalties for not complying with the rule? A. AUP B. DLP C. ACL D. Employee handbook
A. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware. This policy should also outline the consequences for misuse. In addition, the policy (also known as a use policy) should address the installation of personal software on company computers and the use of personal hardware such as USB devices. The AUP may be part of an employee handbook but is not required to be.
You intend to recycle some older magnetic hard drives. You want to set all data on the drive to be nothing but 0s. What should you use to accomplish this? A. Overwrite B. format C. Degaussing D. diskpart
A. An overwrite, also frequently called a drive wipe, replaces all data on a hard drive with 0s. This effectively makes it so that people can't recover old data from the drive and makes the drive safe to recycle.
You have installed an antivirus program on your Windows 8.1 workstation. When configuring it, what should you set the update frequency to? A. Automatic B. Once per week C. Once per month D. Once per year
A. Antivirus databases should be updated frequently to keep your antivirus program up-to-date with all the possible virus definitions. Most antivirus programs will automatically update themselves (if configured properly) just as Windows Update will update Windows, provided the computer has a live Internet connection. The best bet is to let them automatically update. Otherwise, at least once a week is good.
Which type of server on a network will be configured with a scope, which contains information the server will provide to clients who request it? A. DHCP server B. DNS server C. Proxy server D. Authentication server
A. DHCP servers are configured with a scope, which contains the information that the server can provide to clients. DHCP servers need at least one scope, but they can also have more than one. The scope contains the address pool for DHCP clients as well as other pertinent information for configuration.
You have a Windows 7 Professional workstation with a physically attached printer. You want others on the network to be able to use the printer as well. What do you need to do to enable this? A. Right-click the printer, choose Printer Properties, and share the printer. B. Right-click the printer, choose Printer Properties, and map the network printer. C. Open the Add A Printer Wizard and share the printer. D. Open the Add A Printer Wizard and map the network printer.
A. If the printer is on your local computer and you want others to use it, you need to share the printer. You do this by right-clicking the printer, choosing Printer Properties, and then going to the Sharing tab. Check the box to share the printer. You map a network printer if you are the one connecting to a remote printer.
A Linux user on your network has received an error message during boot that GRUB is missing, as well as an error number. What can you do to solve this problem? A. Boot to the Linux installation CD or DVD, enter Linux rescue mode, and re-create the MBR. B. Boot to the Linux installation CD or DVD, and reinstall Linux. C. Boot to the Linux installation CD or DVD, enter Linux rescue mode, and mount the hard drive. D. Boot to the Linux installation CD or DVD, enter Linux rescue mode, and overwrite the contents of the GRUB file.
A. In Linux, there are two common boot loaders used. LILO (LInux LOader) is the older one but has been replaced by GRUB (GRand Unified Bootloader) in most instances. The most likely cause of a GRUB/LILO error is a missing or corrupt master boot record (MBR). The method to fix it depends on the version of Linux you are running, but generally speaking, you need to boot to the Linux installation CD/DVD, go into Linux rescue mode, and re-create the MBR.
You are instructing a new Mac user on the features of macOS. She asks if the system is capable of storing her passwords to various Internet sites. Which feature would she use for that? A. Keychain B. Wallet C. Passport D. Spotlight
A. Keychain is a password management system from Apple. It allows you to store passwords for websites, mail servers, Wi-Fi, and so forth. There is an iCloud variant (iCloud Keychain) that keeps such information as Safari usernames/passwords and credit card information.
A user has two monitors installed on his Windows 7 workstation. He wants his secondary monitor to be on the right side of his primary monitor. However, when he moves the mouse to the right on the primary monitor, the cursor stops at the edge of the screen. When he moves it to the left, the cursor then appears on the right side of his secondary monitor. Where can he go to change this setting? A. Right-click the desktop and choose Screen Resolution. B. Right-click the desktop and choose Mouse Alignment. C. Right-click the desktop and choose Monitor Alignment. D. Right-click the desktop and choose Display Settings.
A. Monitor settings such as resolution, orientation, and location of secondary monitors are changed through Screen Resolution.
You are training mobile users on potential security risks. Which of the following could make users more susceptible to a man-in-the-middle attack? A. Unintended Wi-Fi connection B. Unauthorized account access C. Unauthorized location tracking D. Unauthorized camera activation
A. No unintended or unauthorized event is a good thing for mobile users. The one that leaves a user most susceptible to a man-in-the-middle attack is an unintended Wi-Fi connection. This is because the device at the other end that the user is connecting to could be intercepting data or storing it for a possible attack later.
A user reports that his Android phone will not turn on. When he hands you his phone, it is almost hot to the touch. He then admits that the phone had been in his locked car for most of the day, and it's summertime. What is the most likely cause of the problem? A. Overheating B. Frozen system C. System lockout D. Battery drain
A. One of the best ways to avoid overheating is to avoid ambient temperatures that are too hot or too cold: avoid having the device in direct sunlight for extended time periods, in a hot car on a summer day, or on top of a heat source. When the device does overheat, you can often help it cool down quicker by removing any protective case that may be there—and putting it back on later.
Your manager is concerned that your company could divulge PII. Which of the following types of data is not considered PII? A. First name B. Home address C. Family member names D. Employee ID number
A. Personally identifiable information (PII) is anything that can be used to identify an individual person on its own or in context with other information. This includes someone's name, address, other contact information; the names of family members; and other details that people would consider private. A first name is considered to be generally common enough that it is not PII. A full name, if not common, would be PII.
Occasionally when visiting websites using Google Chrome, you receive a pop-up window in front of your browser. Generally it's an advertisement trying to sell you something. Which of the following actions will stop this from happening? A. Enable Chrome's pop-up blocker. B. Install an antivirus program. C. Install anti-malware software to stop the adware. D. Enable Windows Firewall.
A. Pop-ups are annoying but not necessarily an indication that your computer is infected with anything. Antivirus and anti-malware programs don't generally deal with pop-ups unless those pop-ups are associated with malware, and most pop-ups aren't—they are just coded into the website. A firewall won't help here either.
Which feature of Windows 7 is designed to encrypt storage volumes, must be activated by an administrator, and can encrypt operating system startup files? A. BitLocker B. EFS C. OneDrive D. Shadow Drive
A. Referenced by CompTIA as "Bit-Locker," Microsoft calls it BitLocker, and it allows you to use drive encryption to protect files, including those needed for startup and logon. BitLocker can be turned on only by administrators.
A new law requires that you keep hard copies of all your workstations' system configurations. Which command can you use to easily gather this information for remote workstations and save a report as a text file? A. MSINFO32 B. COMPMGMT C. MMC D. PERFMON
A. The MSINFO32 tool displays a thorough list of settings on the machine. You cannot change any values from here, but you can search, export, and save reports. When run from a command prompt, the /computer option allows you to specify a remote computer on which to run the utility, and the /report option saves the report as a .txt file.
You are at a Windows 8.1 command prompt in the D:\users directory. You want to use the copy command to copy the D:\users\jdoe directory to the D:\files directory. Which of the following statements is true? A. You can't use the copy command to perform this task. B. You can use the command copy d:\users\jdoe\*.* d:\files. C. You can use the command copy d:\users\jdoe d:\files. D. You can use the command copy d:\users\jdoe d:\files /y.
A. The copy command makes a copy of a file in a second location. It cannot be used to copy directories. To copy a directory, you need to use the xcopy command.
You are at a Windows 8 command prompt. The directory you are in has hundreds of files, so when you pull a directory listing, you want it to only show one page of files at a time. Which command should you use to do this? A. dir /p B. dir /o C. dir /s D. dir /d
A. The dir command shows a directory listing. The /p switch displays only one page at a time. Think of it as the pause switch.
You want to grant a user the ability to make changes to files and run programs located in an NTFS folder. However, you do not want him to be able to delete files in the folder. Which level of access should you allow him? A. Read & Execute, and Write B. Modify C. Full Control D. Write
A. The user needs at least Read & Execute access to be able to run programs, and Write will allow him to make changes to files. Neither will allow him to delete files. Modify and Full Control will allow everything he needs as well, but Modify allows him to delete files (or the folder), and Full Control also gives him the ability to take ownership and assign permissions to others.
The network you manage has a dozen Windows 7 workstations. You want to ensure that users do not have the ability to change the boot order, so they can't boot to an unauthorized device. Which step should you take? A. Set a BIOS/UEFI password. B. Disable autorun. C. Restrict user permissions. D. Enable a strong password policy.
A. The way to protect against this is to implement a BIOS/UEFI password. If a user can get into the BIOS, then he can change the boot sequence, boot to an unauthorized device, and then do some damage to the system. A strong Windows password will help protect Windows but does not protect the computer in general. Autorun is a feature of Windows and does not affect the boot process.
A technician is troubleshooting a driver issue on a Windows 8.1 workstation. She has verified full system functionality and implemented preventive measures. According to troubleshooting theory, what should she do next? A. Document findings, actions, and outcomes. B. Establish a plan of action to resolve the problem and implement the solution. C. Question the user and identify user changes to the computer. D. Perform backups of the computer.
A. Troubleshooting theory for the A+ exam consists of six steps: identify the problem; establish a theory of probable cause; test the theory to determine cause; establish a plan of action to resolve the problem and implement the solution; verify full system functionality and, if applicable, implement preventive measures; and document findings, actions, and outcomes.
You have a Windows 7 Professional workstation installed in a workgroup. There is no centralized security. Which tool should you use to help protect yourself against malicious network attacks? A. Windows Firewall B. Advanced Security C. Local Security Policy D. Computer Management
A. Windows 7 incorporates Windows Firewall, which can be used to stop incoming and outgoing network traffic. Traffic is allowed or denied by specific rules that are part of an access control list (ACL). By default, Windows Firewall blocks incoming traffic. By creating exceptions, you can configure what incoming traffic you want to allow through.
Which Windows Vista feature is an area on the desktop designed specifically for small, customizable programs such as a clock, news headlines, or a weather app? A. Sidebar B. Widgets C. Gadgets D. Charms
A. Windows Vista has an area known as the Sidebar that is designed for gadgets and can be placed on the Desktop. Windows 7 did away with the Sidebar, and the gadgets are now placed directly on the Desktop.
You want to enable encryption on a Windows 8.1 workstation. Which of the following statements are true? (Choose two.) A. Enabling EFS requires administrative access. B. Enabling BitLocker requires administrative access. C. EFS can encrypt an entire volume or single files. D. BitLocker can encrypt an entire volume or single files.
B, C. BitLocker and EFS can both be used for encrypting files on an NTFS volume. Encrypting File System (EFS) is available in most editions of Windows, and all users can use EFS. Only administrators can turn on BitLocker. As an additional distinction, EFS can encrypt just one file, if so desired, while BitLocker encrypts the whole volume and whatever is stored on it.
You are planning on formatting a hard drive with NTFS to install Windows 8.1. Which of the following features are present in NTFS? (Choose two.) A. Linux OS support B. File compression C. File security D. Enhanced flash drive support
B, C. The New Technology File System (NTFS) is available with all current versions of Windows. NTFS is an advanced file system that includes such features as individual file security, compression, and RAID support as well as support for extremely large file and partition sizes and disk transaction monitoring.
You are going to move a desktop computer from one office location to another. It's on the floor, underneath the desk. Which of the following are good personal safety procedures to follow? (Choose two.) A. Bend at the waist and lift straight up. B. Bend at the knees and lift with your legs. C. Tie back any loose jewelry, long hair, or neckties. D. Leave the computer plugged in to avoid ESD.
B, C. To ensure your personal safety, always remember some important techniques before moving equipment. The first thing to check for always is to see whether it's unplugged. There's nothing worse (and potentially more dangerous) than getting yanked because you're still tethered. Remove any loose jewelry, and secure long hair or neckties. Lift with your legs, not your back (bend at the knees when picking something up, not at the waist).
You have a Windows 7 workstation with an 802.11n network adapter. When you establish a network connection, which type of connection should you choose? A. WWAN B. Wireless C. Wired D. VPN
B. 802.11n is a wireless networking standard. Therefore, choose wireless as the network connection type.
As the network administrator, you have set account lockout policies so that an account is locked out after five unsuccessful login attempts. What type of security threat will this deter? A. Shoulder surfing B. Brute forcing C. Zero-day attack D. Spear phishing
B. A brute-force attack is an attempt to guess passwords until a successful guess occurs. Because of the nature of this attack, it usually occurs over a long period of time. To make passwords more difficult to guess, they should be much longer than two or three characters (Microsoft recommends eight as the minimum), be complex, and have password lockout policies.
An Android phone user reports that her phone can't connect to the Wi-Fi network, but she has a cellular signal. What is the first thing to have her try? A. Check whether the phone is in airplane mode. B. Check whether the Wi-Fi connection is enabled. C. Adjust the Wi-Fi signal receptivity. D. Perform a hard reset.
B. A common cause for a lack of wireless connectivity is for a device to be in airplane mode. Since the user has a cellular signal, the phone definitely isn't in this mode. The other wireless signal types (Wi-Fi, Bluetooth) can be individually disabled, so check them as well.
Your Windows 7 workstation is having intermittent video issues. The manufacturer's website suggests you install the latest driver. Which utility should you use to check the driver version installed on your computer? A. Display Settings B. Device Manager C. Services D. Computer Management
B. Device Manager has been present in every version of Windows since Windows 95. It allows you to manage all of your hardware devices, including updating drivers and disabling the device. It is found within the Computer Management console.
A workstation on your network is configured to dual boot between Windows Vista and Windows 8.1. Previously, the user would get a menu asking him which OS to choose. He has not made any configuration changes, but now that menu no longer appears. Which file is responsible for presenting the user with this menu? A. WINRESUME B. WINLOAD C. BOOTMGR D. NTLDR
B. During the Windows 8/7/Vista boot process, WINLOAD.EXE processes a file that resides in the root directory specifying what OSs are installed on the computer and where they reside on the disk. During this step of the boot process, you may be presented with a list of the installed OSs (depending on how your startup options are configured and whether you have multiple OSs installed). In Windows 8/7/Vista, WINLOAD.EXE replaces NTLDR from the Windows XP days.
You are configuring a wireless router for a home office. Which of the following changes will have the least impact on improving security of the network? A. Enabling MAC filtering B. Disabling the SSID broadcast C. Configuring WPA D. Changing the default username and password
B. Even if you disable the SSID broadcast, potential attackers still have many simple tools available to see your wireless network traffic and get the SSID anyway. It is a weak form of security that will keep out only the most casual intruders. Enabling MAC filtering can help you allow access only to certain hosts, but MAC addresses can be spoofed. WPA is a good encryption method, but WPA2 is stronger. Changing the default username and password is always recommended.
You receive a notice from our wireless provider that you are about to exceed your data plan for the month. This month you have not used your phone often, so this surprises you. What could this be a sign of? A. The phone needs to be replaced. B. Unauthorized account access. C. Rogue apps, such as a rogue antivirus. D. High resource utilization.
B. Going over the limits on data plans can be symptomatic of a hacked account. Closely monitor account usage.
You are looking online to find pictures to use as part of promotional materials your company wants to make. Which of the following statements is true regarding online content? A. Online content is considered open source; therefore, you may use whatever you find. B. Online content is protected through the use of DRM. C. Online content is protected through the use of EULA. D. Online content is protected through terms established in the Geneva Conventions.
B. Many companies rely upon digital rights management (DRM) to protect digital assets such as online photos or videos. DRM is not as established as licensing agreements are, but you should still respect the property of the owners of digital content.
You are at a client's office and need to replace faulty memory but do not have an ESD strap. Which of the following describes the best way to practice self-grounding while replacing the RAM? A. Leave the computer plugged in but powered off, and stay in contact with the plastic part of the case. B. Leave the computer plugged in but powered off, and stay in contact with the metal part of the case. C. Unplug the computer, and stay in contact with the plastic part of the case. D. Unplug the computer, and stay in contact with the metal part of the case.
B. Self-grounding is not as effective as using proper anti-ESD gear, but it makes up for that with its simplicity. To self-ground, make sure the computer is turned off but plugged in. Then touch an exposed (but not hot or sharp!) metal part of the case. That will drain an electrical charge from you. Better yet is if you can maintain constant contact with that metal part. That should keep you at the same bias as the case.
You are working on a client's desktop computer, and the video card is dead. You can get a warranty replacement, but it will take three days to arrive. Or you can replace it with a more expensive card today, but he would need to pay the difference. Which of the following is the best way for you to continue the service call? A. Tell him that the video card is dead. It will take three days for the video card to arrive, and you will return then to replace it. B. Tell him that the video card is dead. It will take three days for a warranty replacement to arrive (at no cost), or you can replace it with an upgraded model today if he wants to pay the difference in cost. C. Tell him that the video card is dead. Offer to replace it today with a more expensive video card, and he can pay the difference in cost. D. Tell him that he will be without a computer for three days, but then you will come back and fix it.
B. Set and meet—or exceed—expectations and communicate timelines and status. Customers want to know what is going on. In addition, offering different repair or replacement options will usually make the customer feel better, as you are giving them an option in choosing a solution.
You have discovered that an outside attacker has gained control over several of your workstations and is remotely controlling them. It appears as though the attacker is using the systems to send spam to thousands of users. Which type of attack is this? A. Ransomware B. Zombie/botnet C. Noncompliant systems D. Spoofing
B. Software running on infected computers called zombies is often known as a botnet. Bots, by themselves, are but a form of software that runs automatically and autonomously and are not harmful. Botnet, however, has come to be the word used to describe malicious software running on a zombie and under the control of a bot-herder. Denial of service attacks—both DoS and DDoS—can be launched by botnets, as can many forms of adware, spyware, and spam (via spambots).
In which type of security threat will someone try to gain access to a secure area without credentials by following someone else, who used their access rights, into the secured area? A. Brute forcing B. Tailgating C. Shoulder surfing D. Man-in-the-middle
B. Tailgating refers to being so close to someone when they enter a building, you are able to come in right behind them without needing to use a key, a card, or any other security device. Using mantraps, which are devices such as small rooms that limit access to one or a few individuals, is a great way to stop tailgating.
You are troubleshooting a Windows 8.1 workstation that has malware on it. Following the best practices for malware removal, you have gotten to the point where you've scheduled system scans and run anti-malware updates. What is the next step you should take? A. Educate the end user. B. Enable system restore and create a restore point. C. Disable system restore. D. Remediate the infected system.
B. The best practices for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.
You are logged into a Linux workstation with a regular user account. You need to execute a command with root permissions. Which command do you need to use? A. su B. sudo C. vi D. dd
B. The sudo ("substitute user do" or "superuser do") command is used to run a command with a different privilege level than the current user logged in. Typically this means running a command with superuser or root permissions.
A Windows 7 user reports that her computer just completely locked up. On her screen is a message saying that the person pictured has participated in an illegal activity. Her webcam turned on by itself, and she was pictured. The message also says she can resolve the charges against her by paying a $500 fine. She is understandably shaken by the incident. What should you do next? A. Tell her that if she performed an illegal activity with her work computer, her employment will be terminated. B. Boot to a recovery CD from your anti-malware provider, and run a remediation. C. Delete and reinstall Windows. D. Pay the fine.
B. This is a form of ransomware, which can be programmed to take control over a user's webcam. It's just another layer of complexity to scare users. Deleting and reinstalling Windows will work, but it's not necessary. The system will be locked, so you can't open the anti-malware software. You can, however, boot to a bootable CD or DVD from the anti-malware software provider and start a remediation that way.
You want to set up your mobile phone to be able to pay for items at convenience stores simply by moving it close to the merchant's receiver. What type of mobile payment service is this? A. SMS or MMS B. NFC C. Direct mobile billing D. Mobile web payments
B. Using near field communication (NFC), a user will simply move their device within range (about 4″ or 10cm) of the merchant's receiver, and the payment will be processed. In most cases, a PIN is required. This method is of course used when the customer and merchant are in the same physical location. Charges are usually linked to a bank account, credit card, or online payment service.
When you begin synchronization of an iPhone to a desktop computer, what type of authentication occurs? A. There is no authentication required for synchronization. B. Both devices authenticate each other. C. The iPhone authenticates the desktop computer. D. The desktop computer authenticates the iPhone.
B. When synchronizing with a desktop, both the iOS and the desktop authenticate each other. This two-way authentication is called mutual authentication, and it lets multiple services on the iOS device communicate with the appropriate services on the desktop.
A Windows 8.1 workstation has a corrupt BCD file. Which two commands can you use to fix this? (Choose two.) A. BOOTREC /FIXMBR B. BOOTREC /FIXBOOT C. BOOTREC /REBUILDBCD D. BCDEDIT
C, D. BOOTREC /REBUILDBCD will rebuild the BCD file, and BCDEDIT allows you to edit the file. The BOOTREC /FIXBOOT command will rebuild the boot sector to one that is compatible with Windows 7 (or Windows Vista/8/8.1). BOOTREC /FIXMBR will fix the Master Boot Record.
Which of the following types of threats are specific examples of social engineering? (Choose two.) A. Spoofing B. Viruses C. Shoulder surfing D. Spear phishing
C, D. Social engineering is a process in which an attacker attempts to acquire information about your network and system by social means, such as talking to people in the organization. When this is done via email or instant messaging, it's called phishing. Phishing attempts that appear to come from a trusted source are called spear phishing. Another form of social engineering is known as shoulder surfing, and it involves nothing more than watching someone when they enter their sensitive data.
You are installing virtualization on a network server. Which type of hypervisor should you install to minimize the amount of resources required by the physical machine hosting the virtual servers? A. Virtual machine manager. B. Either Type 1 or Type 2 will function in the same way. C. Type 1. D. Type 2.
C. A Type 1 hypervisor sits directly on the hardware, and because of this, it's sometimes referred to as a bare-metal hypervisor. In this instance, the hypervisor is basically the operating system for the physical machine. This setup is most commonly used for server-side virtualization, because the hypervisor itself typically has very low hardware requirements to support its own functions. Type 1 is generally considered to have better performance than Type 2, simply because there is no host OS involved and the system is dedicated to supporting virtualization. The hypervisor is also called a virtual machine manager (VMM).
You are working on a Windows 7 workstation that will not properly load Windows. Another technician suggests using a snapshot to restore the system. Where do you do this from? A. Windows RE B. Windows pre-installation environment C. Safe Mode D. Backup and Restore
C. A restore point is a copy, or snapshot, of your system configuration at a given point in time. It's like a backup of your configuration but not your data. Snapshots are created within Windows from the System Restore program. If Windows will not load, Safe Mode can be used to run rstrui.exe, which will open a version of System Restore so you can use a snapshot.
You have a Linux server on your network. You want to back up all files in the /user/files volume without disrupting user access. What should you use to do this? A. Time Machine B. Linux Backup C. Snapshot D. Image recovery
C. A snapshot is an exact copy of a logical volume that has been frozen at a specific point in time. When creating the snapshot, you don't need to worry about users changing files or taking the volume offline.
A security consultant recommends that your secure facility implement biometrics as a form of building access control. What type of system is she most likely referring to? A. RFID badges B. Key fobs C. Retinal scanners D. Mantraps
C. Biometric devices use physical characteristics to identify the user. Biometric systems include fingerprint/palm/hand scanners, retinal scanners, and soon, possibly, DNA scanners. To gain access to resources, you must pass a physical screening process.
The personal finance app on your Android phone will not load. You rebooted your phone and the app still does not work. What should you try next to get it to work? A. Perform a factory reset. B. Download an antivirus app and perform a virus scan. C. Remove and reinstall the app. D. Perform a force stop on the app and then open it again.
C. If an app does not load, try rebooting (forcing the device to restart, if necessary). If that does not work, attempt to remove and reload the app. Be sure to check the vendor's site for any similar problems (and solutions) encountered by others.
You would like to configure a test workstation to be able to boot to Windows Vista, Windows 7, and Windows 8.1. Which of the following statements is true regarding installation of these operating systems? A. The location of operating system installation does not matter in this situation. B. You should install all the operating systems on the same partition. C. You should install each of the operating systems on their own partitions. D. You can't install all three operating systems on one workstation.
C. If there is sufficient space on a machine and the hardware will support it, you can have more than one operating system and choose which one to run when you boot. If you create a multiboot environment, always install each OS on its own partition; that way the key OS files remain separated and don't conflict with each other.
You have assigned the Finance group Modify permissions on the D:\MonthlyReports folder. You then create a folder named D:\MonthlyReports\January. What level of permissions does the Finance group have to the folder D:\MonthlyReports\January? A. No access, because no permissions were explicitly set. B. Full control, because no permissions were explicitly set. C. Modify, because the folder inherits permissions from its parent folder. D. Modify, because the folder inherits permissions from its parent folder. Finance group members can also grant permissions to other users or groups for this folder.
C. Inheritance is the default behavior throughout the permission structure, unless a specific setting is created to override it. For example, a user who has Read and Write permissions in one folder will have that in all the subfolders unless a change has been made specifically to one of the subfolders. Modify access does not give users permissions to change permissions for others. Only Full Control allows that.
You want to see events that your Windows 8.1 workstation has logged. Which of the following is not a type of log that is contained in Event Viewer? A. Security B. System C. Login D. Application
C. The Windows Event Viewer utility provides information about what's been going on with the whole system to help you troubleshoot problems. Event Viewer shows warnings, error messages, and records of things that have happened successfully. It's found in all current versions of Windows. The three most commonly referenced logs are Security (which includes information about logins), System, and Application.
A small business with two servers in a server closet wants you to find a solution to a problem. The business frequently has power outages and has lost important data on the servers as a result. The business wants some type of battery backup. What type of device should you install to protect against this problem? A. Surge protector B. Power strip C. UPS D. Voltage conserver
C. The best device for power protection is an uninterruptible power supply (UPS). These devices can be as small as a brick or as large as an entire server rack. Inside the UPS is one or more batteries and fuses. Much like a surge suppressor, a UPS is designed to protect everything that's plugged into it from power surges. UPSs are also designed to protect against power sags and even power outages. Energy is stored in the batteries, and if the power fails, the batteries can power the computer for a period of time so that the administrator can then safely power it down.
Your iPhone has been stolen. To ensure that the thief does not have access to your data, what should you do? A. Perform a remote backup. B. Enable full device encryption. C. Perform a remote wipe. D. Use a locator application.
C. The best way to remove data from the device is to perform a remote wipe. Ideally you have backed up or synced the device before then or you will lose data. Full device encryption is a good security practice, but that should have been completed prior to the phone being stolen.
You are at a Windows Vista command prompt. You need to terminate a process on a remote system named Sparky, and the process identifier is 14456. What is the right syntax to use to kill this process and any child processes started by it? A. taskkill /S Sparky /PID 14456 /C B. taskkill /T Sparky /PID 14456 /S C. taskkill /S Sparky /PID 14456 /T D. taskkill /C Sparky /PID 14456 /T
C. The taskkill command is used to terminate processes, just like you can do in Task Manager in Windows. To kill a process by its name, use the /IM switch. If you know the process ID, use the /PID switch. The /S switch is used to specify a remote system, and the /FI switch applies a filter to a set of tasks. The /T switch terminates child processes, and /F terminates the process forcefully.
You are going to install Windows 8 Pro on a workstation that is currently running Windows 7 Professional. If you want to keep user accounts, data, and apps that are currently on the workstation, which type of installation should you perform? A. Migration B. Clean C. Upgrade D. Custom
C. The two primary methods of installing Windows 8 (and most versions of Windows) are either a clean install or an upgrade. With a clean install, no traces of any previous operating system are kept. With an upgrade, the focus is on keeping something from the previous operating system that was installed earlier on the machine. That "something" can be user accounts, data, apps, or almost anything else. When the upgrade is done without removing the existing operating system (the norm), this is known as an in-place upgrade. A custom installation implies a clean installation.
You have just installed a second and third hard drive into a Windows 8.1 workstation. Each drive is 500GB. The user wants to combine their space into one 1TB volume. What should you create to accomplish this and also give the user a disk read and write performance boost? A. A new simple volume B. A new spanned volume C. A new striped volume D. A new mirrored volume
C. To combine both hard drives into one volume, you need to create a spanned, striped, or mirrored volume. A mirrored volume, like a RAID 1 array, will make one of the disks redundant, so in this case it would not give the user 1TB of storage. A striped volume is like RAID 0 and will give you a slight performance boost.
You open a command prompt on a Windows 7 workstation and type in the sfc command. You receive an error message telling you that you need to be an administrator to run the command. What should you do next? A. Run the sfc /admin command. B. Run the sfc /elevate command. C. Click Start ➢ All Programs ➢ Accessories; then right-click Command Prompt and choose Run As Administrator. Then run the sfc command. D. Click Start ➢ All Programs ➢ Accessories; then right-click Command Prompt and choose Run With Elevated Privileges. Then run the sfc command.
C. To run the SFC, you must be logged in as an administrator or have administrative privileges. If you attempt to run SFC from a standard command prompt, you will be told that you must be an administrator running a console session in order to continue. Rather than opening a standard command prompt, choose Start ➢ All Programs ➢ Accessories; then right-click Command Prompt and choose Run As Administrator. The UAC will prompt you to continue, and then you can run SFC without a problem.
The police have come to you with a request for help. They have recovered a suspected criminal's iPhone and want to get information off of it, and they have a warrant. The suspected criminal will not give them the passcode, and therefore the system is locked out. What advice can you give them on how to retrieve data from the device? A. They can perform a reset to factory defaults, which will reset the passcode. Then they can retrieve the data. B. They can perform a hard reset, which will reset the passcode. Then they can retrieve the data. C. There is no way to unlock the device and get the data without the appropriate passcode. D. They can crack the phone using backdoor code from Apple.
C. Unfortunately, the only solution to a locked phone (or system lockout) is to perform a reset to factory specifications. That means that all of the data on the phone is gone. There is no backdoor. In 2016, there was a publicized case of law enforcement wanting to do this in California, and there was even some discussion of the case going to the U.S. Supreme Court. But Apple was steadfast that there is no backdoor, and they do not believe it's appropriate to create one, which would also create a potential security hole.
A user reports that his Windows 8.1 installation keeps on crashing. He has installed numerous third-party apps on the computer, and you believe that some of these apps are causing the instability. After entering the Windows Recovery Environment, which option should you choose to repair Windows and delete all but the default apps? A. Recover B. Refresh C. Reset D. Restore
C. When a problem pops up with the Windows 8 operating system, you can boot into the Windows Recovery Environment (Windows RE) and repair it by choosing to refresh, reset, or restore it. Refreshing it keeps personal files and settings along with the default apps and those that you installed from the Windows Store. Resetting reinstalls Windows and deletes all but the default apps (meaning that you lose your personal files and settings). Restoring allows you to just undo recent system changes.
A user's NTFS permissions for the docs folder are Read & Execute. His share permissions are Full Control. What is his effective access when connecting to the resource across the network? A. No access B. Full Control C. Read & Execute D. Read only
C. When accessing the NTFS-based resource over the network, both NTFS and Share permissions are applied. If there is a difference between the two of them, the most restrictive permissions are used. Therefore, the user has Read & Execute access.
A friend is recycling his old computer and wants to be sure that no one can access his private information. He decides to format the hard drive and chooses a quick format. Which of the following statements are true? A. His private information is safe because the old data has been permanently removed from the hard drive. B. His private information is safe because once the file allocation table has been removed, none of the old data is accessible. C. His private information is not safe because the quick format only writes a new file allocation table. D. His private information is not safe because the quick format only removes the old operating system files.
C. When formatting a hard drive, you can usually choose between a quick format or a full format. With a quick format, a new file table is created on the hard disk, but files are not fully overwritten or erased from the disk. Someone with data recovery software could easily access the data. A full format removes old files, creates a new file allocation table, and scans the hard drive for bad sectors.
You clicked a link in an email, and it took you to a site you were not familiar with. Later that day, you receive a pop-up message on your computer telling you that all the files on your hard drive have been encrypted, and you can no longer access any of your key documents. If you want the files to be decrypted, you need to pay a fee by entering a credit card number. What have you been infected with? A. Spyware B. Trojan C. Ransomware D. Worm
C. With ransomware, software—often delivered through a Trojan horse—takes control of a system and demands that a third party be paid. The "control" can be accomplished by encrypting the hard drive, by changing user password information, or via any of a number of other creative ways. Users are usually assured that by paying the extortion amount (the ransom), they will be given the code needed to revert their systems to normal operations. Even among malware, ransomware is particularly nasty.
Your company has decided to stop purchasing commercial cloud services and enter into a cloud partnership with a sister company. What type of cloud will your company and the sister company create? A. Public B. Private C. Hybrid D. Community
D. A community cloud is created when multiple organizations with common interests combine to create a cloud. In a sense, it's like a public cloud with better security. The clients know who the other clients are and, in theory, can trust them more than they could trust random people on the Internet. The economies of scale and flexibility won't be as great as with a public cloud, but that's the trade-off for better security.
Which of the following statements best describes the purpose of a virtual private network? A. It walls off one network from another, making it inaccessible. B. It examines incoming network packets and forwards only those that match criteria in an access control list. C. It makes network requests on behalf of a user, effectively masking the user's identity from the computer receiving the request. D. It creates a private, secure network connection through a public network.
D. A virtual private network (VPN) is a private network connection that occurs through a public network. A private network provides security over an otherwise unsecure environment. VPNs can be used to connect LANs together across the Internet or other public networks. With a VPN, the remote end appears to be connected to the network as if it were connected locally.
A network architect recommended that you install an IDS on your network. Which of the following statements best describes what an IDS does? A. It allows or denies incoming network traffic based on a set of rules. B. It detects anomalies in network traffic, logs the activity, and takes actions to stop the activity. C. It detects viruses transmitted across the network, logs the activity, and deletes the network packets infected with the virus. D. It detects anomalies in network traffic, logs the activity, and sends an alert to the administrator.
D. An Intrusion Detection System (IDS) is a passive device. It watches network traffic, and it can detect anomalies that might represent an attack. For example, if an attacker were to try to flood a network with traffic on a specific port, the IDS would sense that the additional traffic on that port was unusual. Then the IDS would log the anomaly and send an alert to an administrator. Note that it does nothing to prevent the attack; it simply logs relevant information pertaining to the attack and sends an alert.
With Windows Vista, Microsoft introduced a user interface that was a departure from its previous interfaces. What is the name of the Windows Vista interface? A. Windows Explorer B. WinPE C. Metro D. Aero
D. Between the older interfaces and Windows 7, Microsoft released Windows Vista and the Aero interface. This was a departure from the usual and not one that met with as warm a reception as Microsoft had hoped.
You are working on your Windows 8.1 computer and a security alert pops up, as shown here. What should your next action be? A. Click the Continue Unprotected button. B. Click the Remote All Threats Now button. C. Create a restore point and then click the Remove All Threats Now button. D. Shut down your computer. Reboot, and initiate a virus scan using your antivirus software.
D. Don't click the buttons! This is some sort of hoax. When you click either button, something bad will happen—something like malware being installed on your computer. Attackers are very creative about making their pop-ups look like legitimate security alerts. Shut your computer down, and after you reboot, run a virus scan.
You are installing client-side virtualization on a Windows 7 workstation. The workstation will support two additional OSs. What is the recommended cost-effective way to ensure that each OS obtains proper network access to the rest of the physical network? A. Each OS will have a virtual NIC, which is connected to the physical NIC. B. Each OS will have its own physical NIC. C. Each OS will have a virtual switch connected to the physical NIC. D. Each OS will have a virtual NIC, connected to a virtual switch, which is connected to the physical NIC.
D. From a networking standpoint, each of the virtual desktops will typically need full network access. The VM will create a virtual NIC and manage the resources of that NIC appropriately. The virtual NIC doesn't have to be connected to the physical NIC. Administrators will often configure a virtual switch within the hypervisor to manage the traffic to and from the virtual NICs and logically attach the virtual switch to the physical NIC.
Your Windows 8.1 workstation just crashed, displaying a blue screen of death. You have not recently made any changes to the computer. What is the best way to restart Windows to see whether you can isolate the issue? A. Boot to the Windows installation CD and start the Recovery Console. B. Boot to Safe Mode. C. Boot to the Last Known Good configuration. D. Boot normally and see whether the error happens again.
D. If this is a first-time error, just reboot and see whether it goes away. Windows is pretty stable, but every once in a while it coughs up a hairball (not a technical term, just like blue screen of death is not a technical term) and you need to reboot. If it doesn't happen again, it's not a problem. If it continues to happen, boot into Safe Mode.
Your company has a policy prohibiting illegal content on work computers. You have identified and verified illegal content on a user's workstation. What is the next step you should take? A. Ask the user to delete the material. B. Delete the illegal material yourself. C. Document the situation. D. Report the incident through proper channels.
D. If you have your policy in place, then your incident response plan should be relatively scripted. Your first priority as the first responder is to identify the improper activity or content. Then you should always get someone else to verify the material or action so that it doesn't turn into a situation of your word against someone else's. Immediately report the situation through proper channels.
A user needs to travel for a presentation and wants to be sure his laptop does not run off battery power, so he wants to turn it off. However, he wants to leave his files and applications running, so when he turns it back on, the applications are already open. Which of the following statements is true? A. The user will be unable to do this. B. The user should put his computer into standby mode. C. The user needs to activate the sleep power plan. D. The user should have his computer hibernate.
D. In hibernate mode, the computer saves all the contents of memory to the hard drive, preserves all data and applications exactly where they are, and allows the computer to power off completely. When the system comes out of hibernation, it returns to its previous state.
On a MacBook Pro running macOS, what is the name of the bar of icons that runs along the bottom of the screen, allowing you to open apps? A. Launcher B. Finder C. Spotlight D. Dock
D. In macOS there is a bar of icons that runs along the bottom (or side, if so configured) of your screen. That set of icons is known as the Dock, and it provides easy access to key apps that come with the Mac (such as Safari, Mail, Videos, and Music) or others that you choose to add there.
You are performing a large-scale migration to Windows Vista and need to migrate user accounts and settings. You prefer to do this by configuring a script instead of doing it manually. Which utility should you use? A. User Accounts in Control Panel B. Windows Easy Transfer (WET) C. Windows Migration Tool (WMT) D. User State Migration Tool (USMT)
D. Microsoft Windows User State Migration Tool (USMT) allows you to migrate user file settings related to the applications, Desktop configuration, and accounts. It is intended to be used by administrators, and it requires a client computer connected to a Windows Server-based domain controller. USMT allows transfers to be scripted, whereas WET uses a GUI that requires user interaction.
The floor of a machine shop has several thin client computers on it. You want them to be able to boot a Windows 8 OS from a boot server on the network. What process will the thin clients need to use? A. PXE boot B. The WinPE process C. The WinRE process D. Netboot
D. Netboot is the process of booting the OS from the network, such as from a thin client. This can be done with Windows 8 using Microsoft Desktop Virtualization. This is a useful option for environments where hardware is kept to a minimum. After using DHCP to obtain network configuration parameters from a server, the thin client can locate a PXE boot server to send it the files that it needs to boot.
Which of the following statements best describes the functionality of privacy filters? A. To keep people from seeing inside the server room B. To keep a user from accessing another user's data on the server C. To help prevent the accidental release of personally identifiable information (PII) D. To keep people from seeing information on your computer screen
D. Privacy filters are either film or glass add-ons that are placed over a monitor or laptop screen to prevent the data on the screen from being readable when viewed from the sides. Only the user sitting directly in front of the screen is able to read the data.
Mobile device users on your network report unusually slow network access speeds when they use Wi-Fi. However, when they are using a cellular connection, the speeds seem fine. Which of the following is the least likely cause of slow data speeds in this case? A. Interference B. Weak signal C. Oversaturated access point D. Low battery
D. Slow data speeds can be caused by too much interference, a weak signal, or an over-saturated wireless access point. If there is too much interference, try changing the channel on Wi-Fi routers to less-used channels and performance should increase. Solve weak signals by installing more access points or by moving closer to an existing access point. More access points can also help the over-saturation problem. If it was just one user, a low battery could cause problems, but that seems unlikely if the problem is widespread.
You are troubleshooting a Windows 8.1 workstation that seems to have issues with its video card driver; only 16 colors will display. You try to boot the system into Safe Mode, but the F8 option does not seem to work. Which management tool can you use to force the system to boot into Safe Mode when it reboots? A. Task Scheduler B. Computer Management C. Task Manager D. System Configuration
D. The System Configuration tool allows you to force the operating system to boot into Safe Mode, using the Boot tab. System configuration (MSCONFIG.EXE) has five tabs: General, Boot, Services, Startup, and Tools.
You have a computer running Windows 7 Professional, and you want to upgrade to Windows 8 Enterprise. What should you run to determine whether your computer can support the new operating system? A. Windows Easy Transfer B. Hardware Compatibility List C. Windows Upgrade Advisor D. Windows Upgrade Assistant
D. The easiest way to see whether your current hardware can run another version of Windows is to download the utility that Microsoft creates for checking what you have. For Windows 7, this was called Upgrade Advisor. For Windows 8 and Windows 8.1, it has been renamed Upgrade Assistant.
Which of the following is an advantage of using Share permissions over using NTFS permissions? A. Share permissions will override NTFS permissions if there is a conflict. B. Share permissions apply when users access a resource across the network, but NTFS permissions apply only to local users. C. Share permissions are able to be set at the file level, whereas NTFS permissions can be set only at the folder level. D. Share permissions can be enabled to secure resources across the network that are not on an NTFS partition.
D. The one big advantage of Share permissions is that they can be used if the NTFS file system is not in place. Of course, share permissions are in effect only when the user connects to the resource via the network. NTFS permissions are able to protect you at the file level. Share permissions can be applied to the directory level only. NTFS permissions can affect users logged on locally or across the network to the system where the NTFS permissions are applied.
A Windows 7 workstation is not booting properly, and you believe it's a problem with system files. Which utility can scan and repair corrupt Windows 7 system files? A. MSCONFIG B. REGSVR32 C. ERD D. SFC
D. The purpose of the System File Checker (SFC) utility is to keep the operating system alive and well. SFC.EXE automatically verifies system files after a reboot to see whether they were changed to unprotected copies. If an unprotected file is found, a stored copy of the system file overwrites it.
When configuring NTFS permissions on a Windows workstation, what is the recommended method? A. Grant permissions to user accounts. B. Put user accounts into groups. Grant folder permissions to groups and file permissions to users. C. Put user accounts into groups. Grant folder permissions to users and file permissions to groups. D. Put user accounts into groups. Grant permissions to groups.
D. The recommended way to assign permissions on Microsoft systems is to grant them to groups. Then, users can be assigned to groups depending on their access needs. This is far less work than managing permissions on a user-by-user basis.
You have installed a second hard drive in a Windows 8.1 workstation. In Disk Management, what type of partition can you create that will allow you to create an unlimited number of logical partitions in it? A. Extended B. Dynamic C. Logical D. GPT
D. When you create a partition in Windows 8 or newer, it will ask if you want to create a Master Boot Record (MBR) or GUID Partition Table (GPT) one. GPT is newer and has far more features. One of those features is that you can create an unlimited number of logical partitions on it. Only the operating system will limit you; Windows will only allow 128 partitions on one drive.
On a Windows 7 workstation, there are two NTFS volumes. The Managers group has Modify access to the C:\mgmt directory. You move the folder to the D:\keyfiles folder, to which the Managers group has Read access. What level of permissions will the Managers group have to the new D:\keyfiles\mgmt directory? A. Full Control B. Modify C. Read & Execute D. Read
D. When you move a file or folder on the same NTFS volume, it will keep its original permissions. If you copy it or move it to a different volume, it will inherit permissions from its new parent directory.
One of your technicians just touched a plastic bottle containing chemicals you are not familiar with. His hand starts to feel like it's burning. Where can you find information on how to properly wash his hands without making the problem worse and how to dispose of the chemical? A. OSHA B. Bottom of the container C. Warning label D. MSDS
D. While it's possible that the disposal information and risks may be on the container somewhere, you will always find it on the product's Material Safety Data Sheet (MSDS). MSDSs include information such as physical product data (boiling point, melting point, flash point, and so forth), potential health risks, storage and disposal recommendations, and spill/leak procedures. With this information, technicians and emergency personnel know how to handle the product as well as respond in the event of an emergency.
