Software Troubleshooting

You have a user with an iPhone, and the device appears to be locked up. You need to tell him how to perform a hard reset. What do you tell him? A. Press and hold the Sleep/Wake and Home buttons for at least 10 seconds until you see the Apple logo and then let go. B. Press and hold the Sleep/Wake button until the red slider appears and then drag the slider to power off the device. C. Use a paperclip or pen point to press and hold the indented reset button on the bottom of the phone until you see the Apple logo and then let go. D. Open iTunes or iCloud, log in with his account, and enter recovery mode.

A. If the system is unresponsive, then a soft reset will not work. A hard reset is the next choice. With Apple's iPhone, iPad, and iPod Touch, forcing a restart on the device is done by pressing and holding the Sleep/Wake and Home buttons for at least 10 seconds until you see the Apple logo.

You have 20 Windows 7 workstations on your network. You want to create a bootable CD that will allow you to fix Windows boot issues, in the event that you do not have a Windows installation CD available. Where can you create such a disc? A. Backup and Restore B. Emergency Repair Disk creator C. System Recovery Options D. Recovery Console

A. If you want to recover your computer and bring it back to the point where it was when it was new (minus any files that you added since purchasing the machine), you can use the recovery CD set or DVD. In Windows, you can create a system repair disc from the Backup And Restore interface (beneath the Control Panel options for System And Security). The system repair disc can be used to boot the computer, and it will contain the system recovery tools.

You use the most recent version of Internet Explorer to browse the Internet on your Windows 8.1 workstation. Today when you try to visit any website, you receive an error message that there is an invalid certificate. It happens regardless of the site you visit. What should you do? A. Check your computer's time and date. B. Refresh your certificate through Control Panel ➣ Security. C. Refresh your certificate through Control Panel ➣ Internet Options. D. In Internet Explorer, set the security level for the Internet zone to Low.

A. If your computer is set to an incorrect time and date (we're talking years off, not just a few minutes), then it can cause invalid certificate errors for the websites you want to visit. It's never recommended to lower your security settings for the Internet zones.

A Windows 7 workstation will not boot properly. Windows starts to load but never finishes. After troubleshooting, you find that devices are not initializing. Which file is responsible for checking for installed devices and initializing them? A. WINRESUME B. WINLOAD C. BOOTMGR D. NTDETECT.COM

A. In Windows 8/7/Vista, WINRESUME checks the system for installed devices and device configurations and initializes the devices it finds. It passes the information to WINLOAD, which collects this information and passes it to the kernel after this file is loaded. WINRESUME.EXE replaces NTDETECT.COM from the Windows XP days.

You believe that someone has been trying to hack into a Windows 7 workstation by guessing passwords. Another administrator suggests you check the log files to be sure. Which utility can you use to see log files? A. Event Viewer B. Recovery Console C. Security Console D. System Monitor

A. Log files are created to record significant events. Those events can range from security incidents to system problems to just normal user activity. Windows includes Event Viewer for the purpose of looking at log files and identifying problems.

When booting a Windows 8.1 workstation, a user receives an error message about a missing DLL file. However, Windows still loads. Which utility should you use to attempt to fix the issue? A. SFC B. Recovery Console C. REGSVR32 D. REGEDIT

A. Numerous dynamic link library (DLL) files are required to boot, but usually the lack of corruption of one of them produces a noncritical error. Within the Windows toolkit, the best utility to use to tackle this problem is the System File Checker (SFC).

While working on a Windows 7 workstation, a user receives a flashing pop-up message saying that her computer has been infected with a virus, and she needs to download a virus scanner now to fix it. What will most likely happen when she clicks the button to download the recommended virus scanner? A. It will download a virus to her computer. B. It will download an antivirus program to her computer and remediate the virus. C. The antivirus program she downloads will scan her computer and find nothing, because her company already uses an antivirus program. D. It will take her to a website that will allow her to purchase an antivirus program to remediate the virus.

A. One of the more clever ways of spreading a virus is to disguise it so that it looks like an antivirus program. When it alerts the user to a fictitious problem, the user then begins interacting with the program and allowing the rogue program to do all sorts of damage. One of the trickier things for troublemakers to do is to make the program look as if it came from a trusted source—such as Microsoft—and mimic the Windows Action Center interface enough to fool an unsuspecting user.

On your network, you are concerned about mobile users accidentally granting unauthorized account access or root access. What step should you take to help prevent these security problems? A. Apply patches and upgrades as soon as they are available. B. Monitor resource utilization and remediate high usage. C. Install mobile firewalls on all devices. D. Disable location tracking, the camera, and the microphone.

A. Security holes in mobile device operating systems can leave back-doors into which users can get unauthorized account or root access. The majority of these holes are closed by patches and upgrades as soon as they are discovered, so be sure to keep operating systems current.

A Windows 8 user wants to see who has successfully loggedin or failed to log in to her workstation. What is the name of the specific log she should look for? A. Security B. Login C. System D. Authentication

A. The Windows Event Viewer utility provides information about what's been going on with the whole system to help you troubleshoot problems. Event Viewer shows warnings, error messages, and records of things that have happened successfully. It's found in all current versions of Windows. The three most commonly referenced logs are Security (which includes information about logins), System, and Application.

A technician is troubleshooting a Windows Vista computer that is acting strangely, and she suspects that it's infected with a virus. She has followed the best practices for malware removal and remediated the computer. What should she do next? A. Schedule scans and run updates. B. Educate the end user. C. Enable system restore and create a restore point. D. Disable system restore.

A. The best practices for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.

An iPad user reports that when he eats lunch in the garden next to the office building, he has intermittent wireless connectivity. What is the most likely cause of this? A. Weak signal. B. Retracted antenna. C. The iPad's signal receptivity is set to low. D. Low battery.

A. There are a number of causes why intermittent wireless connections can occur, but the two most common are lack of a good signal and interference. Increasing the number of repeaters, or being closer to them, can address the lack of a good signal.

A user has an iPhone and has forgotten the passcode. He has entered in the passcode several times, and it will not unlock. He turned the phone off and back on, and the passcode is still invalid. What can he do to unlock the phone? A. Perform a reset to the factory default. B. Crack the phone using a backdoor from Apple. C. Perform a hard reset. D. Perform a soft reset.

A. Unfortunately, the only solution to a locked phone (or system lockout) is to perform a reset to factory specifications. That means that all the data on the phone is gone, unless it was synced with iTunes or iCloud (or the appropriate Android equivalent).

Your MacBook Pro appears to be unresponsive, and the cursor has changed to a rotating pinwheel. What should you do next? A. Force a reboot of the system. B. Wait for the problem to clear and then resume working. C. Open Apple Diagnostics to see what the problem is. D. Reboot the Mac into Safe Mode.

A. When a Mac cursor turns into a pinwheel and stays there, the system will not respond. Opening Apple Diagnostics won't work. You need to force a reboot of the system. There is no need to boot into Safe Mode yet; see whether the problem goes away first.

On your mobile phone, you notice that you are connected to a Wi-Fi network that you don't recognize, instead of your normal home network. What is a possible consequence of this unintended Wi-Fi connection? A. More susceptible to hacking B. Better Internet access speed C. Battery drain D. Network interference

A. When autoconnect is enabled on mobile devices, it is possible for them to seek out open Wi-Fi networks and try to connect to them automatically. This setting should be disabled for all devices because an untrusted connection is a possible place for a DNS or man-in-the-middle attack to occur.

A Windows Vista workstation has started exhibiting slow system performance. Where can you go in Windows to find tools to help you troubleshoot this problem? A. Control Panel ➣ Performance Information and Tools B. Control Panel ➣ System Tools C. Control Panel ➣ Device Manager D. Control Panel ➣ Configuration and Settings

A. Windows Vista and Windows 7 have a Performance Information and Tools applet in the Control Panel. Once in there, click Advanced Tools to see a list of different tools that can help you monitor system performance. A lot of these tools are also located elsewhere, such as Event Viewer, Task Manager, Performance Monitor, Defrag, and others.

A user reports that a Word document he needs will not open. Other documents open as they should. He has not made a backup of this file. Which of the following statements is true? A. The file is probably corrupt, and its contents are lost. B. He can use a restore point to get the file back. C. He can reboot into the Last Known Good configuration and then open the file. D. He can use the Emergency Repair Disk to repair the file and then open it.

A. Windows comes with many tools to help protect and repair system files and configuration, such as Last Known Good, the Emergency Repair Disk, SFC, and others. But nonsystem files are not covered. The only way to protect usergenerated content is to back it up!

You are using an iPhone. When is it generally necessary to close running apps on the iPhone? (Choose two.) A. When you receive out-of-memory errors B. When the phone begins to overheat C. When an app locks up D. When you are done using them for the day

B, C. Generally speaking, there is no need to close running apps on mobile devices, unless there is a problem. A common misperception among iPhone users is that all apps in the "background" (when they double-tap the Home button) are still running, when in fact they are not. That is a list of recently used apps, and their preview windows are still visible, but they are not actually using system resources as if they were open. Swiping up on them to "close" them is the same motion you would need to do if an app was locked up and you needed to do a force quit.

You are training technicians on the shutdown methods of an iPhone. What are two key differences between a soft reset and a hard reset? (Choose two.) A. A hard reset will delete all data on the phone, and a soft reset will not. B. A hard reset will work if the touchscreen is unresponsive, and a soft reset will not. C. A soft reset will keep the data of running applications, and a hard reset will not. D. A soft reset will not reset the password, and a hard reset will.

B, C. Neither a soft reset nor a hard reset will delete all data on the phone or reset the password. A hard reset will work if the touchscreen is responsive, and a soft reset will keep the data of running applications. Hard resets should be performed only if the system is locked up or unresponsive.

You are training a class on the installation and repair of Windows Vista. What is the purpose of the Windows PE? (Choose two.) A. Runs as an operating system on thin clients B. Collects information during a Windows Vista install C. Launches the Windows RE for troubleshooting D. Repairs system files if any become corrupted

B, C. The Windows Preinstallation Environment (PE) is a minimal operating system, designed to prepare a computer for installation or to boot into for launching troubleshooting tools such as the Windows Recovery Environment (RE). It is not intended to be an operating system on a computer but rather as a stepping-stone to get an OS installed or repaired.

An iPad user reports that when he is in a certain part of the building, his wireless connection intermittently drops. What are the two most likely causes of this? (Choose two.) A. Poor wireless buffering in the iPad B. Interference with the wireless signal C. Weak signal strength from the wireless access point D. Retracted Wi-Fi antenna on the iPad

B, C. There are a number of causes why intermittent wireless connections can occur, but the two most common are lack of a good signal and interference. Increasing the number of repeaters, or being closer to them, can address the lack of a good signal. Interference can be addressed by reducing the number of devices competing for the same channel or by moving away from walls or obstacles.

Mobile device users on your network report that the network has very slow data speeds. Which of the following are likely contributors to this problem? (Choose two.) A. Low battery life B. Signal interference C. Unintended Wi-Fi connections D. Weak signal

B, D. Slow data speeds can be caused by too much interference or by a weak signal. If there is too much interference, try changing the channel on Wi-Fi routers to less-used channels; performance should increase. Solve weak signals by installing more access points or by moving closer to an existing access point.

Your Windows Vista workstation started running very slowly. Which of the following could cause that to happen? A. Rogue antivirus B. Malware C. Hijacked email D. Invalid certificate

B. A computer slowdown could happen because of many things, such as hardware failure, an excessively full hard drive, not enough virtual memory, or malware. Rogue antivirus, hijacked email, and invalid certificates will cause problems but not computer slowdowns.

Before you install a new antivirus program, a technician recommends that you manually create a restore point. What will the restore point do? A. It will create a copy of the entire hard drive. B. It will create a copy of system configuration data. C. It will create a copy of the Users folder and system configuration data. D. It will create a bootable disk with copies of key system files.

B. A restore point is a copy, or snapshot, of your system configuration at a given point in time. It's like a backup of your configuration but not your data. Snapshots are created within Windows from the System Restore program. If Windows will not load, Safe Mode can be used to run rstrui.exe, which will open a version of System Restore so you can use a snapshot.

You are training technicians on the creation and use of restore points. Which of the following is not a way in which restore points get created? A. Windows creates them automatically by default. B. Windows creates them before a system crash. C. You can manually create them. D. Some installation utilities will create them before installing a new program.

B. A restore point is a copy, or snapshot, of your system configuration at a given point in time. It's like a backup of your configuration but not your data. Snapshots are created within Windows from the System Restore program. Restore points are created in one of three ways. One, Windows creates them automatically by default. Two, you can manually create them yourself. Three, during the installation of some programs, a restore point is created before the installation (that way, if the install fails, you can "roll back" the system to a preinstallation configuration).

An iPhone user brings you her phone, and it's completely frozen. Neither the touchscreen nor the buttons respond. What should you try first to make the phone work again? A. Soft reset B. Hard reset C. Close running applications D. Reset to the factory default

B. A soft reset will not work, because the buttons do not respond, and neither does the touchscreen, so you can't swipe to turn it off. You need to do a hard reset; press and hold the Sleep/Wake and Home buttons on an iPhone for at least 10 seconds until you see the Apple logo. If the restart does not work, try plugging in the device and letting it charge (an hour or more is recommended) and try restarting again.

You are talking to a friend about purchasing a gift, and he recommends a website to purchase it. When you put the website's address into your browser, you receive a message stating that there is an invalid certificate. What should you do? A. Visit the website anyway; it's probably OK. B. Do not visit the website. C. Visit the secure version of the website by changing the address to start with HTTPS://. D. Visit the unsecure version of the website by changing the address to start with HTTP://.

B. An invalid certificate usually means that the certificate that you have (or the one the website has) has expired. It could mean that the site is fine. But it could also mean someone has set up a Trojan that imitates the site you are seeking. If it's a site you are not familiar with, the best bet is to avoid it altogether.

You have an Android mobile phone. When you go outside, the screen of your phone is dim, and you can't see anything. What should you do to resolve the problem? A. Power the device off and back on again. B. Adjust the screen brightness settings. C. Remove the screen protector. D. Add an external battery pack.

B. Check the settings on the device to see whether it is possible to brighten the screen. You can also change how quickly the phone dims with inactivity, as perhaps it's automatically dimming too quickly.

Your Windows Vista workstation performance has been slowing down, particularly when it comes to disk reads and writes. Which of the following tools is designed to help improve your hard disk performance? A. REGEDIT B. DEFRAG C. REGSVR32 D. Event Viewer

B. Defragmenting a disk involves analyzing the disk and then consolidating fragmented files and folders so that they occupy a contiguous space, thus increasing performance during file retrieval. In Windows, there are a few different ways that you can get to the Disk Defragmenter, but the command prompt version is DEFRAG.

You arrive at work in the morning to see that your inbox is full of automated replies and out-of-office messages. The subject line is for something you did not send. What is this a sign of? A. Ransomware B. Hijacked email C. Rogue email server D. Rogue antivirus

B. Hijacked email is when an attacker sends out an email from your address to your contacts or as spam to others. One of the easiest ways to spread malware is to capture the email contacts of a user and send it as an attachment to all of those in their circle. The recipient is more likely to open the attachment because it seemingly comes from a trusted source.

A Windows 7 workstation will not boot properly. It shows the Windows logo upon boot and then appears to lock up. No changes have recently been made to the workstation. What is most likely causing the problem? A. A missing or corrupt NTLDR file B. A missing or corrupt BOOTMGR file C. A missing or corrupt DLL file D. A corrupt file system driver

B. If Windows 7 (or Windows Vista/8) does not load properly, it could be a problem with the BOOTMGR file. That file starts the loading of the Windows OS. It replaces the NTLDR file, which was used by Windows XP and earlier Windows versions. Numerous dynamic link library (DLL) files are required to boot, but usually the lack of corruption of one of them produces a noncritical error.

A user just dropped his Android phone, and the screen now has a large crack in it. The touchscreen is unresponsive. He is in the field and needs contact information from his phone so he can call his client. What is his best option to get the phone working again? A. None, he will need to replace the phone. B. Reboot the phone. C. Perform a force stop. D. Reset the phone to the factory default settings.

B. If a touchscreen device is not responsive, the first step is to reboot the device. (If the screen is bad enough, he may need to replace the device, but that will not help in the short term.) A force stop just closes an app. Resetting the phone to the factory default settings will erase the data on the phone, which will not help in this situation.

You have a Windows 8.1 workstation that is running very slowly. When you look at the hard drive, you notice that very little space is available. Which tool should you run to attempt to free up space? A. DEFRAG B. Disk Cleanup C. REGSVR32 D. SFC

B. If the hard drive gets to be under 10 percent free space, its performance can slow down dramatically. The Disk Cleanup utility will show how much disk space is being taken up by temporary files, log files, the Recycle Bin, and other items that can easily be deleted. This could free up some disk space. You will possibly need to delete some files as well.

A user with a Linux workstation reported that she received an error that says "kernel panic." What should she do to resolve the issue? A. Close the program that caused the error and continue working. B. Reboot the workstation and see whether the issue persists. C. Reboot into Safe Mode and run Linux Diagnostics to determine the cause of the problem. D. Reinstall Linux.

B. In the UNIX/Linux world, a kernel panic is when the OS crashes, much like a blue screen of death in Windows. This occurs when the operating system detects an error from which it cannot safely recover—rather than one app crashing, the whole system does. First, reboot. If it comes back, solutions usually include updating hardware, firmware, software, and the OS itself. You can also check drives and RAM for errors that might be causing the crash and correct any problems that you uncover.

You are training new users on proper mobile device usage. In the class, you suggest that they disable their Bluetooth connection unless they need it. What is the biggest risk caused by an unintended Bluetooth pairing? A. Power drain B. Security risk C. Data transmission over-limit risk D. High resource utilization risk

B. It's true that enabling Bluetooth will cause more of a drain on the battery, but that's not the biggest risk here. When anonymous devices are allowed to connect to Bluetooth-enabled devices, this is known as unintended Bluetooth pairing, and it represents a security threat. Mobile security policies should be created and enforced to prevent this from occurring.

An iPhone user reports that his phone will not connect to his wireless headset for hands-free phone calls. His headset is powered on and has worked previously. His iPhone screen is shown here. What is most likely the problem? A. The headset is not paired with the iPhone. B. Bluetooth is turned off. C. Wi-Fi is turned off. D. Airplane mode is turned on.

B. Lack of Bluetooth connectivity is often caused when a device is not turned on and/or has an improper setting for discoverability. Make sure the device is turned on and discoverable (checking the manufacturer's documentation if necessary).

A user reports that his iPhone will not decrypt email. What is the most likely cause of this problem? A. iPhones can't read encrypted email. B. There's a problem with the S/MIME certificate. C. The user has a corrupt Mail app. D. Low memory. Restart the phone.

B. Mail decryption depends upon certificates, and problems can occur when those certificates expire or you have a configuration problem (which can accompany upgrades). To address the problem, try reimporting S/MIME certificates or deleting/importing them from the source.

You have an Android tablet. The screen does not seem to accurately sense where you are touching on the touchpad. You reboot and the problem is still there, what should you do? A. Replace the tablet. B. Calibrate the screen. C. Disable the gyroscope. D. Remove the screen protector.

B. One option for an inaccurate touchscreen is to clean the screen, but that doesn't often solve the problem. A better solution is to calibrate the screen. Each mobile OS handles it differently, so check the manufacturer's website for help.

A client has a Windows 8 computer with a virus on it. She has quarantined the system from the rest of her network. To follow malware removal best practices, what is the next step she should take? A. Identify malware symptoms. B. Disable system restore. C. Enable system restore. D. Update anti-malware software.

B. The best practice for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.

A technician is troubleshooting a Windows 7 workstation that has been infected with malware. He has disabled system restore. Following the best practices for removing malware, what should he do next? A. Quarantine the infected system. B. Remediate the infected system. C. Schedule a malware scan and run updates. D. Educate the end user.

B. The best practice for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.

You are working on a Windows 8.1 workstation that has dual monitors. For some reason, everything on the secondary monitor is upside down. What is the easiest solution to this problem? A. Turn the monitor over. B. Right-click the desktop, choose Screen Resolution, and change the monitor orientation. C. Reinstall the video card driver. D. Right-click the desktop, choose Video, and change the monitor orientation.

B. The easiest thing to try is to change the monitor orientation. This can be done through Control Panel, but an easy way to get to the setting is to right-click the desktop, choose Screen Resolution, and then change the orientation.

A user on your network is concerned about spyware. What should be installed to help stop this threat? A. Antivirus software B. Anti-malware software C. Firewall D. Proxy server

B. There are many other forms of malware in addition to viruses. While a true antivirus program will scan for viruses, anti-malware programs are a superset of virus scanners and will look for more than just traditional viruses. They can scan for spyware, ransomware, adware, and other malicious programs as well.

On your MacBook Pro, you use the Safari browser to surf the Internet. Yesterday a friend borrowed your laptop. Today, when you try to browse the Web, no matter what site you type in to the address bar, you are sent to a different website. What is most likely happening to your computer? A. A practical joke by your friend. B. Browser redirection. C. Rogue antivirus. D. It has been infected with spam.

B. This is a classic symptom of browser redirection. The perpetrator has one goal, which is to direct you to websites that he wants you to visit, regardless of what you actually want to see. Removing the redirector might be as simple as uninstalling an application (by dragging it to the Trash and emptying the Trash), or it might require full-scale virus (malware) mitigation.

The GPS app on your mobile phone has stopped responding. What should you do to resolve the issue? A. Perform a hard reset. B. Perform a force stop. C. Perform a soft reset. D. Uninstall and reinstall the app.

B. When an app is unresponsive, you can do a force stop to close it. With iOS, press the Home button twice quickly, and small previews of your recently used apps will appear. Swipe left to find the app that you want to close and then swipe up on the app's preview to close it using a force stop.

Your company purchases a custom database software package from an outside vendor. You install the client software on a Windows Vista workstation, and it crashes when you try to open it. You remove the software and reinstall it, but it still crashes when you open it. What should you do next? A. Run an antivirus remediation on the workstation. B. Contact the vendor to see whether an update or patch is available. C. Delete and reinstall Windows. D. Enable Software Compatibility through Control Panel.

B. When an application crashes, you want to isolate the cause of the crash—it could be a compatibility issue, hardware, or a host of other problems—and solve it. One step to take early on is to look for updates/patches/fixes to the application released by the vendor.

While driving through the remote countryside, you notice that your mobile phone battery has been quickly drained of power. What is the most likely cause of this? A. The battery needs to be replaced. B. The phone has been searching for a signal. C. You need to perform a soft reset. D. The phone needs to be replaced.

B. While apps, usage, and so on, can contribute to power drain, one of the biggest offenders is the search for a cellular signal.

You receive a notice from your wireless provider that you are about to exceed your data transmission limit for the month. What type of risk does this present? A. Your account may be deactivated. B. You may incur a security breach. C. You may have to pay high fees. D. Your phone may be locked.

C. Going over the limit on your phone's data plan is generally not a major risk, other than to your finances. Data overage charges can be high, depending on your provider and service plan.

Mobile device users on your network are required to use a VPN app to connect to the corporate network when they are out of the office. A user reports that the app will not open for her. She turned her tablet off and back on again, and the app still will not open. What should she try next? A. Perform a soft reset. B. Perform a hard reset. C. Uninstall and reinstall the app. D. Perform a force stop.

C. If an app does not load, the first thing to try is rebooting. If that does not work, attempt to remove and reload the app. Be sure to check the vendor's site for any similar problems (and solutions) encountered by others.

An Android phone user just received a new Bluetooth headset for phone calls. She reports that it does not work with her phone. Both devices are powered on and appear to be operational. What is most likely the problem? A. Bluetooth is turned off on the Android device. B. Bluetooth is turned off on the mobile headset. C. The devices need to be paired. D. Airplane mode is on.

C. If the Bluetooth devices have not been used together previously, they need to be paired to work. Pairing is usually a simple process where one device locates the other, a PIN is entered for security, and connectivity is tested. Then the two will work together. Otherwise, lack of Bluetooth connectivity is often caused when a device is not turned on and/or has an improper setting for discoverabilty.

A Windows 7 workstation will not boot properly. Instead, there is an error message stating that the operating system is missing. How do you fix this problem? A. Boot to the installation DVD, open a command prompt, and type Startup Repair. B. Boot to the installation DVD, open SFC, and choose Startup Repair. C. Boot to the installation DVD, open System Recovery Options, and choose Startup Repair. D. Boot to Safe Mode, open System Recovery Options, and choose Startup Repair.

C. If the operating system is missing, it could be due to a bad or corrupt boot sector on the hard drive, or the operating system may indeed be missing. If the hard drive is actually OK, then use the installation DVD (you may have to set the BIOS to use the DVD drive as your primary boot device) or the Windows Repair CD. In Windows 8/8.1, Windows 7, and Windows Vista, go to System Recovery Options and choose Startup Repair.

A workstation will not load Windows 7 properly after a driver was recently installed. The troubleshooting guide says to boot into Safe Mode. How do you do this in Windows 7? A. During the boot process, press F1. B. During the boot process, press Ctrl+Alt+Del. C. During the boot process, press F8. D. During the boot process, press F10.

C. If when you boot Windows won't load completely (it hangs or is otherwise corrupted), you can often solve the problem by booting into Safe Mode. To access Safe Mode, you must press F8 when the operating system menu is displayed during the boot process. You'll then see a menu of Safe Mode choices.

A Windows Vista workstation will not load Windows. Which file in the boot process is responsible for switching the system from real mode to protected mode? A. NTLDR B. BOOTMGR C. WINLOAD D. WINRESUME

C. In Windows 8/7/Vista, WINLOAD.EXE is responsible for switching the system from real mode (which lacks multitasking, memory protection, and those things that make Windows so great) to protected mode (which offers memory protection, multitasking, and so on) and enables paging. In Windows 8/7/Vista, WINLOAD.EXE replaces NTLDR from the Windows XP days.

A user with an iPhone reports that almost immediately after she touches her touchscreen, the screen becomes dark and hard to read. What should she do to fix this? A. Remove the screen protector. B. Replace the phone. C. Adjust the settings to keep it from dimming so quickly. D. Power the device off and back on again.

C. Light can quickly drain a battery on a mobile device, and thus most of them include the ability to dim the display both manually and automatically after a period of inactivity. While you normally want these actions, if the settings are incorrect, the screen can be too dim to work with. Check the settings on the device to see whether it possible to brighten the screen and/or keep it from automatically dimming within a short period of time.

Client computers on your network connect to the Internet through a proxy server. Recently, a Windows 8.1 client was infected with adware and a browser redirector. You have removed the malware, and now the computer will not connect to the Internet. What should you do to resolve the problem? A. Perform malware remediation again. B. Disable the network card. Reboot and enable the network card. C. Check the IP configuration to ensure it's pointing to the correct proxy server address. D. Disable the proxy server configuration to connect directly to the Internet.

C. Malware can change more settings than you might be aware of on a computer. For example, adware might be obvious because of the pop-ups and browser redirects, but it can also change the client-side IP settings that point to a DNS or proxy server. Check the IP configuration on the client and be sure it's set properly.

You have an iPhone that has been charging for an hour. When you unplug it from the charger, the phone feels very hot to the touch. What should your next step be? A. Replace the phone. B. Replace the phone charger. C. Turn the phone off and let it cool down. D. Turn on airplane mode.

C. Mobile devices will overheat on occasion. Sometimes it happens after it's been charging, but it can also happen because of excessive ambient temperatures or too much use over an extended period of time. When the device does overheat, it's best to power it off. And, you can often help it cool down quicker by removing any protective case that may be there—and putting it back on later.

Recently, users on your company network have been flooded with unrequested emails trying to sell them goods and services. Which solution will most likely resolve this issue? A. Install anti-malware on all client computers. B. Install antivirus on all client computers. C. Install a spam filter on the email server. D. Renew the invalid certificate on the email server.

C. Spam is defined as any unwanted, unsolicited email, and not only can the sheer volume of it be irritating, it can often open the door to larger problems. While spam is not truly a virus or a hoax, it is one of the most annoying things with which an administrator must contend. Installing or enabling a spam filter on the email server is the best solution.

You have a Windows 8 workstation that is not booting properly. You need to boot to the installation DVD to repair the installation. Where do you make the change to the boot settings? A. Recovery console B. Automated system recovery C. BIOS/UEFI D. MSCONFIG

C. The BIOS or UEFI will contain the boot order, which is what you need to change. You can set the system to boot to a hard drive, optical drive, network card, or other options.

Your Windows 7 workstation is having problems at startup. Too many applications are loading, and it is slowing the system down considerably. Which tool should you use to disable programs from loading automatically at startup? A. REGEDIT B. REGSVR32 C. MSCONFIG D. Safe Mode

C. The MSCONFIG utility helps troubleshoot startup problems by allowing you to selectively disable individual items that are normally executed at startup. There is no menu command for this utility; you must run it with the Run command (on the Start menu). Choose Start ➢ Run, and type MSCONFIG. It works in most versions of Windows, although the interface window is slightly different among versions.

You are troubleshooting a Windows 7 workstation and believe it has malware. To follow the best practices for malware removal, after you identify the malware symptoms, which step should you take? A. Update the anti-malware software. B. Disable system restore. C. Quarantine the infected system. D. Scan for and remove the malware.

C. The best practice for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.

You receive an email warning you of a new form of ransomware. It contains a link to receive more information on how to protect yourself from this terrible threat. What should you do next? A. Click the link to receive more information. B. Check to ensure that your system has a rogue antivirus installed. C. Check www.us-cert.gov for information on the threat. D. Forward the email to everyone in your contacts list.

C. The email could be real, but most likely it's a hoax. Worse yet, it could be malware itself, and by clicking the link you will activate it on your computer. Always check a reputable source, such as www.us-cert.gov, www.cert.org, or an anti-malware vendor (Symantec, McAfee, and so on) for information on the latest threats. At a minimum, delete the email and don't click the link!

You just installed a new sound card in a Windows 7 workstation. Now, the computer has crashed and given you a blue screen of death. You turn the computer off. What should you try to resolve the issue? A. Reinstall Windows. B. Boot to the Windows installation CD and start the Recovery Console. C. Boot to Safe Mode and uninstall the sound card driver. D. Remove the sound card from the computer and reboot.

C. The first rule with BSOD errors is to reboot. If the problem goes away, it could have just been a one-time problem. But since you just installed the sound card, it's most likely the sound card driver that caused the issue. Reboot into Safe Mode and uninstall the driver. After you reboot again, look on the manufacturer's site for an updated driver.

Your network has 24 Windows 8.1 workstations. The office manager is concerned about spyware. What does Windows 8.1 come with, if anything, that will help thwart spyware? A. Windows 8.1 does not come with spyware protection. B. Windows Firewall. C. Windows Defender. D. Windows Anti-malware.

C. There are many other forms of malware in addition to viruses. While a true antivirus program will scan for viruses, anti-malware programs are a superset of virus scanners and will look for more than just traditional viruses. One program included with Windows that falls into this category is Windows Defender, which is mainly a spyware detector (and incorporates Microsoft Security Essentials, or MSE, with it as of Windows 8 and later).

You have just purchased an Android mobile phone and are concerned about security threats. Which of the following statements is true? A. There are no viruses for Android-based mobile phones. B. Android-based phones come with an automatically enabled antivirus app. C. You should download and install an antivirus app. D. As long as you automatically install OS patches, you will not get an Android virus.

C. Viruses do exist for Android; some industry estimates say that 90 percent of mobile-based viruses are targeted at Android OSs. Install an antivirus app and make sure it's kept up-to-date, just like you would on a PC.

An employee with an iPhone quit, and you are giving his iPhone to a new employee. What should you do to the phone before giving it to the new user? A. Perform a hard reset. B. Perform a soft reset. C. Reset to the factory default. D. Adjust configurations/settings.

C. When you need to get to a safe state—such as when you are disposing of a device or assigning it to a new user—you can reset it to the factory default settings. To do this, tap Settings and then General. Scroll down until you see the Reset option and choose it. Tap Erase All Content And Settings. At this point, the iPhone or iPad will ask you to confirm the reset, and when you tap OK, it will start the process.

A Windows 7 workstation will boot only into Safe Mode. Even after multiple reboots, Windows will not load properly. Which tool should you use to scan for problems? A. REGEDIT B. MSCONFIG C. Event Viewer D. Recovery Console

D. At times, a system will become corrupted to the point where it will only boot into Safe Mode and not allow a normal boot. While a hardware issue can cause this, it can often be associated with a damaged/missing driver. To address the problem, boot into the Recovery Console and scan for problems. You can also choose to boot to the Last Known Good configuration or resort to the recovery DVD.

A user with a new iPhone wants to know how she can change her wallpaper, notifications, and battery configurations. Where should she do this? A. In iTunes or iCloud B. Using the Configuration app on the iPhone C. Using the Desktop, Messages, and Power apps on the iPhone D. Using the Settings app on the iPhone

D. Configurations and settings need to be personalized to the user using the device. Except for apps, choosing Settings on the device usually does this, followed by finding the areas that you want to modify and then making the desired changes and saving them.

A Windows 8 workstation will not load properly. During the Windows 8 boot process, the MBR is responsible for loading which key Windows file? A. BOOTMGR B. NTLDR C. WINRESUME D. WINLOAD

D. During the Windows 8/7/Vista boot process, the master boot record (MBR) determines the file system and loads WINLOAD.EXE, which starts the official Windows boot process. In Windows 8/7/Vista, WINLOAD.EXE replaces NTLDR from the Windows XP days.

A Windows 8.1 workstation boots with this error message: Security Center service cannot be started. You try to start the service manually, but it still refuses to start. What should you do to try to fix the issue? A. Use Event Viewer to see whether it produced any error codes. B. Use automated system recovery to fix the service. C. Run REGSVR32 to fix the issue. D. Run SFC /scannow to fix the issue.

D. If the service refuses to start, even manually, it is possibly corrupt. (It is also possible that you have malware, but we'll focus on it being corrupt first.) The system file checker (SFC) utility can fix the key system files needed to run this Windows service. If that doesn't fix it, then follow the steps needed to mitigate malware, or reinstall Windows.

A technician is describing a situation he had yesterday where the workstation gave him a kernel panic error and locked up. What operating system was the technician most likely dealing with? A. Windows 8.1 B. macOS C. Windows Vista D. Linux

D. In the UNIX/Linux world, a kernel panic is when the OS crashes, much like a blue screen of death in Windows. This occurs when the operating system detects an error from which it cannot safely recover—rather than one app crashing, the whole system does. The first step in troubleshooting a kernel panic is to reboot and see whether the error persists.

You are visiting a website using Internet Explorer, and without you clicking anything, a new Internet Explorer window opens in front of it with an advertisement. Which of the following is the most likely explanation? A. Your computer has been infected with adware. B. Your computer has been infected with spyware. C. Your computer has been infected with a virus. D. The website is programmed to show a pop-up advertisement.

D. Pop-ups are annoying but not necessarily an indication that your computer is infected with anything. Adware pop-ups usually spam your desktop with multiple (if not dozens of) windows at the same time. Spyware generally doesn't announce its presence, and viruses generally do more damage than a simple pop-up ad does.

You have one Linux workstation on your network. Another administrator gives you advice on how to enable an antivirus program, and she tells you that you need to type in the commands. What is the name of the interface where you do this? A. Shell B. Bash C. Cmd D. Terminal

D. The Linux terminal is where commands are typed into. (It's the equivalent of a Windows command prompt.) Then, the commands are processed by the shell. The most common shell in Linux systems is bash, which stands for Bourne Again Shell.

A technician is working on a Windows Vista workstation. Which command should she use to scan and fix corrupted system files? A. SFC /SCANFIX B. SFC /OFFBOOTDIR C. SFC /VERIFYFILE D. SFC /SCANNOW

D. The SFC /SCANNOW command checks all system files and repairs any problems found. SFC /OFFBOOTDIR allows you to set the location of an offline boot directory that can then be used for offline repair. SFC /VERIFYFILE specifies a file to be scanned but not repaired if errors are found. SFC /SCANFIX is not a valid option.

You are visiting a customer's office in a large city high-rise building. You need to make a call on your mobile phone, but you have only one bar. The call will not complete. What should you do? A. Wait a few minutes and try again. B. Perform a soft reset. C. Perform a hard reset. D. Step outside or near a window to see whether your signal improves.

D. Weak signals are a common culprit behind dropped signals. Before engaging in communication, signal strength on the device should be evaluated. If the signal is low (for example, no bars), then change location (step outside, drive out of the tunnel, exit the elevator, and so forth) and try for a better signal. A low battery can affect signal strength, so keep the battery charged as much as possible.

You are educating network users about software security challenges. A user asks what the best way to avoid spam is. What should you recommend to the group? A. Install an antivirus program on your computer. B. Install anti-malware on your computer. C. Only visit websites that have a secure site (that start with HTTPS://). D. Don't give your email address to websites.

D. While spam is not truly a virus or a hoax, it is one of the most annoying things with which an administrator must contend. Spam is defined as any unwanted, unsolicited email, and not only can the sheer volume of it be irritating, it can often open the door to larger problems. Administrators can help stop spam with spam filters on email servers. In addition, users can help themselves by not giving out their email addresses to websites that ask for them. Some companies will sell their lists of email addresses to other firms for "marketing" purposes, and then you start to get piles of spam.

You have a Windows 8.1 workstation that will not boot properly. After the POST, the screen displays a message saying "Operating System Not Found." What is most likely causing the problem? A. NTLDR B. BOOTMGR C. BOOT.INI D. BCD

D. Windows 8/7/Vista use Boot Configuration Data (BCD), which holds information about which OSs are installed on the computer. If BCD isn't able to find the OS bootstrap files (BOOTMGR in this case), then Windows won't load. BCD, which is edited with BCDEDIT.EXE, replaces the BOOT.INI file, which was used in Windows XP and other older versions of Windows.

You want to display the contents of your iPad on a full-sized computer monitor. The monitor has a DVI connector. What do you need to do? A. Turn on video broadcast mode. B. Plug the monitor in to the iPad's DVI port. C. Purchase a USB to DVI adapter. D. Purchase a Lightning to DVI adapter.

D. iPads and iPhones are not large enough to have external DVI or other video ports. If you want to project to an external monitor, you need an adapter or an app that will allow you to broadcast to the monitor over Wi-Fi or Bluetooth.

An iPhone user is concerned about her privacy. She wants to ensure that others can't hack into her phone and track her location without her knowing about it. Which of the following actions will provide her with the least amount of protection to help prevent this from happening? A. Install an iPhone anti-malware app. B. Update iOS as soon as updates or patches are available. C. Disable Location Services. D. Enable sync with iCloud.

D. iPhones are susceptible to malware, just like any other computer device. Some malware can be configured to perform unauthorized location tracking. To help prevent this, always patch and update iOS as soon as updates are available and install anti-malware software. She can also disable Location Services in Settings ➢ Privacy ➢ Location Services.

You use an iPad and an iPhone at work. Which of the following represents the greatest threats to leaking personal files or data? (Choose two.) A. Unauthorized root access B. Unintended Wi-Fi connections C. Unauthorized location tracking D. High resource utilization

A, B. When authorized users access devices through unintended connections or unauthorized users access absconded devices (such as with root access), they can access the data on the device. Every firm should have a policy for protecting data (encryption) and dealing with leaks when they occur.

A user reports that his mobile phone has been experiencing high resource utilization for about a week. What two things should you immediately suspect could be causing the problem? (Choose two.) A. Unauthorized root access B. Failing battery C. Excessive open apps D. Stuck sync operation

A, C. High resource utilization can be a telltale sign that a device is running more than you think it should be—perhaps the drives are being searched or the camera is recording your every move. Or, it could be that the user has too many apps open and the device is struggling with available resources.

You have a workstation that dual-boots between Windows XP and Windows 8.1. When choosing to boot Windows XP, you receive an error message saying that NTLDR is missing. Which utilities will let you repair or replace this file? (Choose two.) A. Recovery Console B. REGSVR32 C. Repair disk D. Safe Mode

A, C. The NTLDR loader file is a key component of the Windows XP boot process, and the system will not boot without it. The file can be retrieved from the Recovery Console, from SFC, or from bootable media (recovery DVD, repair disk, and so on).

A user reports that the battery life on his iPhone is very short. It works for only about three hours before it needs to be recharged. What can you recommend he do to extend the battery life? (Choose two.) A. Turn off unnecessary wireless connections. B. Perform a reset to the factory defaults. C. Set the screen to automatically dim. D. Install an antivirus app.

A, C. Tips for increasing battery life include keeping OS updates applied (they may include energy-saving patches), avoiding ambient temperatures that are too high or too low, letting the screen automatically dim, and turning off location-based services. You should also disconnect peripherals and quit applications not in use (Bluetooth, for example, uses power when enabled, even if you are not using it to connect to anything).

You want to broadcast the contents of your iPhone screen to a computer monitor. What are two ways you can accomplish this? (Choose two.) A. Use Apple TV. B. Enable iBroadcast on the iPhone. C. Download an app that lets you broadcast wirelessly. D. Plug the computer monitor in to the iPhone's video port.

A, C. iPads and iPhones are not large enough to have external DVI or other video ports. If you want to project to an external monitor, you need an adapter, Apple TV, or an app that will allow you to broadcast to the monitor over Wi-Fi or Bluetooth.

You are training new company employees on the proper use of Windows 8.1 workstations. What are two problems that could likely arise from improperly shutting down a workstation? (Choose two.) A. Data loss in important files. B. Corrupt DLL files. C. Corrupt device drivers. D. Windows may fail to start.

A, D. Not shutting down properly can result in lost data from open applications or corrupted operating system files. Neither option is good. Train all users on how to shut down properly.

Your iPad is experiencing slow performance. What are the best two options to increase performance speed? (Choose two.) A. Close open apps. B. Perform a reset to the factory default. C. Increase the RAM. D. Perform a soft reset.

A, D. Slow performance is often related to RAM. Look for any apps that are running and can be closed, or perform a soft reset to try to free up memory. Resetting to the factory default will delete all data on the device. You can't upgrade the RAM in an iPad.

Your network has several dozen mobile device users. Several of them have reported that there are areas within your office where network access is very slow. What can you use to test wireless access? A. Wi-Fi analyzer B. Cell tower analyzer C. Data transmission analyzer D. Hot spot analyzer

A. A Wi-Fi analyzer can be used on your network to see signal strength, channels used, and various other network metrics. Any company with a wireless network should have one for troubleshooting purposes.

A user with an Android phone reports that she is running out of memory on her phone. Which of the following will help resolve that issue? A. Uninstall apps. B. Perform a soft reset. C. Perform a hard reset. D. Perform a force stop.

A. Apps that are not used should be removed from a device to free up resources, namely, memory. To be fair, when users run out of storage space on their mobile devices, it's usually more because of videos, music, or pictures than apps. But apps do take up space and should be deleted if they are not being used.

A network user with an Android tablet wants to back up and synchronize her data with her phone. Which service should she use to perform these tasks? A. Google Sync B. Google Cloud C. Android Sync D. Android Cloud

A. Because problems tend to happen no matter how careful you may be, it is important to back up devices and be able to restore from those backups after an incident. Google Sync is available for backups and synchronization of data between Android-based devices and PCs.

A user just tried to boot his Windows 7 workstation, and Windows will not load. When you investigate, you notice that several key boot files for Windows have been deleted. What is this a sign of? A. Virus infection B. Ransomware infection C. Rogue antivirus D. OS expiration

A. Creators of malware have a number of methods by which they can wreak havoc on a system. One of the simplest ways is to delete key system files. Then, the operating system will not work.

You are working on a Windows workstation. When it boots up, it produces an error message that says Missing BOOT.INI and does not boot any further. What is the purpose of the BOOT.INI file? A. In Windows XP and older, it identifies where the boot files are for the operating system. B. In Windows Vista and newer, it identifies where the boot files are for the operating system. C. In Windows XP and older, it starts the bootstrapping of the operating system. D. In Windows Vista and newer, it starts the bootstrapping of the operating system.

A. Different versions of Windows use different files to identify what operating systems are installed and where their boot files can be found. With Windows XP and earlier versions (something you need to know only because NTLDR is an objective), the text file BOOT.INI is used to identify the operating systems installed, their locations, and the boot options to use. Windows 8, Windows 7, and Windows Vista use the Windows Boot Configuration Data (BCD) file instead.

The GUI fails to load on a Windows 8.1 workstation. The Windows logo appears during boot and then disappears, and the workstation appears to hang. What should you do to resolve the issue? A. Boot to the installation DVD, open System Recovery Options, and choose Startup Repair. B. Boot to Safe Mode, open System Recovery Options, and choose Startup Repair. C. Boot to the installation DVD, open a command prompt, and type Startup Repair. D. Boot to the installation DVD, open SFC, and choose Startup Repair.

A. Fixing this issue is just like fixing a missing operating system or missing system files. Using the installation DVD (you may have to set the BIOS to use the DVD drive as your primary boot device) or the Windows Repair CD, go to System Recovery Options and choose Startup Repair.

In the afternoon, you start receiving email responses from co-workers and friends. They want to know why you are trying to directly sell them electronics through a suspicious-sounding website. What is most likely the cause of this? A. Hijacked email B. Poisoned email server C. Rogue antivirus D. Invalid certificate

A. Hijacked email is when an attacker sends out an email from your address to your contacts or as spam to others. One of the easiest ways to spread malware is to capture the email contacts of a user and send it as an attachment to all of those in their circle. The recipient is more likely to open the attachment because it seemingly comes from a trusted source.

The touchscreen on a user's iPhone is not responding, and the phone is powered on. What should you recommend she do as a next step to get the phone working again? A. Perform a hard reset. B. Perform a soft reset. C. Remove the battery to power it off. Reinsert the battery and turn it back on. D. Perform a force stop.

A. If a touchscreen device is not responsive, the first step is to reboot the device. In the case of an iPhone, a soft reset won't likely work (because the touchscreen is not responsive), so try a hard reset. Press and hold down the Home and Sleep/Wake buttons for about 10 seconds, and then the Apple logo will appear. The phone will shut off. Then use the Sleep/Wake button to power it back on.

A network user with an iPad wants to back up her data. Which of the following are options for her to use? (Choose two.) A. iSync B. iPadPlus C. iTunes D. iCloud

C, D. Because problems tend to happen no matter how careful you may be, it is important to back up devices and be able to restore from those backups after an incident. In the Apple world, there is iTunes and iCloud. iTunes is installed on a desktop or laptop PC, and iCloud is cloud-based storage, as its name implies. Be sure that your computer meets the necessary hardware and software requirements to install iTunes or other mobile synchronization software.

You install an updated video card driver, and your Windows Vista workstation crashes with a blue screen of death. What are the quickest two options for getting your system running again? (Choose two.) A. Reinstall Windows. B. Boot to the Windows installation CD and start the Recovery Console. C. Boot to Safe Mode and uninstall the video card driver. D. Boot to the Last Known Good configuration.

C, D. It's most likely the driver that's causing the problem. One of the quickest (and best) ways to proceed is to boot to Safe Mode, which loads a standard VGA driver. Then you can uninstall the new video card driver. The other way is to boot to the Last Known Good configuration. Last Known Good will roll back the system to the state it was in when the last person logged in. So, if that was before the faulty driver was installed, it might solve the problem.

You are troubleshooting a Windows 8.1 workstation that has contracted a virus. According to the best practices for malware removal, which two steps are part of remediating the infected system? (Choose two.) A. Disable system restore. B. Schedule scans and run updates. C. Scan for and remove the virus. D. Update antivirus software.

C, D. The best practice for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.

An iPhone user calls to report that his phone has no wireless connectivity. What is the first thing you should tell him to do? A. Turn the phone off and back on. B. Perform a reset to the factory default. C. Check whether airplane mode is on. D. Adjust the Wi-Fi signal receptivity.

C. A common cause for lack of wireless connectivity is for a device to be in airplane mode. Make sure the device is not in that mode, and do a hard reboot if necessary.

You are concerned about workstations on your network getting viruses. You configure each machine with antivirus software. How often should the antivirus software update its database? A. Once per year B. Once per month C. Once per week D. Only as new threats are discovered

C. Antivirus databases should be updated frequently (about once a week, although more often is better) to keep your antivirus program up-to-date with all the possible virus definitions. Most antivirus programs will automatically update themselves (if configured properly) just as Windows Update will update Windows, provided the computer has a live Internet connection. It's a good idea to let them automatically update.

You power on your Windows 8.1 client computer, and Windows will not load. When you investigate, you notice that the BOOTMGR file has been renamed to DASBOOTMGR. You were the last one to use this workstation. What is the most likely cause? A. Practical joke B. Rogue antivirus C. Malware infection D. Quarantined boot files

C. Creators of malware have a number of methods by which they can wreak havoc on a system. One of the simplest ways is to delete or rename key system files. Then, the operating system will not work. Just as harmful as deleting or renaming a file is to change the permissions associated with it so that the user can no longer access it or perform those operations.

You are working on your Windows 7 computer and a security alert pops up, as shown here. What should your next action be? A. Click the Protect Now button. B. Click the X in the upper-right corner to close the alert. C. Shut down your computer. Reboot, and initiate a virus scan using your antivirus software. D. Use System Restore to create a snapshot and then click the Protect Now button.

C. Don't click the button! This is some sort of hoax. When you click the button, something bad will happen—something like malware being installed on your computer. Attackers are very creative about making their pop-ups look like legitimate security alerts. Clicking the X to close the window may work, but clicking anything related to this box is an unpleasant prospect.

On a Windows 7 workstation, you receive an error message that says Security Center service cannot be started, but Windows still loads. What is the first step you should try in troubleshooting the problem? A. Reinstall the service with SFC. B. Reinstall the service with MSCONFIG. C. Check to see whether the service is set to be started automatically in Services. D. Check to see whether the service is set to be started automatically using REGEDIT.

C. First, make sure that the service is configured to start properly. You can do this in the Services MMC app. An easy way to open Services is to click Start and type services in the search box. Then find Security Center and see what it's set to. It should be set to a Startup type of Automatic (Delayed Start).

D. The best practices for malware removal is a seven-step process. Identify malware symptoms, quarantine infected system, disable system restore (in Windows), remediate infected systems (including update anti-malware software and scan and remove the malware), schedule scans and run updates, enable system restore and create a restore point (in Windows), and educate the end user.

You are troubleshooting a Windows Vista workstation that could have malware on it. To follow the best practices for malware removal, what is the first step you should take? A. Quarantine the infected system. B. Update the anti-malware software. C. Enable system restore and create a restore point. D. Identify malware symptoms.