Comptia 220-1102 Practice Exam #3 Amazon

A user contacts the help desk and complains they are getting an error when they attempt to open a 4 GB .dmg file on their Windows 10 workstation. Which of the following should you tell them? "You need to use macOS to open DMG files" "Your hard drive must not have enough free space" "You must be an administrator to open that file" "Your workstation need to have 16 GB of RAM to open the file"

"You need to use macOS to open DMG files". OBJ-3.2: A .dmg file is a disk image file on a macOS computer. These file types normally are used to download and install applications for macOS. Essentially, a .dmg file on a macOS computer is like a .iso file on a Windows computer. Windows cannot open .dmg files without using special software tools.

Which of the following file types are commonly used by scripts in a web page? .sh .ps1 .js .vbs

.js. OBJ-4.8: JavaScript is a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. JavaScript is stored in a .js file or as part of an HTML file. VBScript is a scripting language based on Microsoft's Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line. A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, c

Which of the following file types are commonly used to create applications that can be run on Linux, macOS, and Windows? .ps1 .py .sh .vbs

.py. OBJ-4.8: Python is a general-purpose programming language that can develop many different kinds of applications. It is designed to be easy to read, and the programs use fewer lines of code compared to other programming languages. The code runs in an interpreter. Python is preinstalled on many Linux distributions and can be installed on Windows. Python scripts are saved using the .py extension. A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files. VBScript is a scripting language based on Microsoft's Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with

Which of the following file types are commonly used by scripts in a Linux command line environment? .sh .vbs .ps1 .js

.sh. OBJ-4.8: A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files. VBScript is a scripting language based on Microsoft's Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line. JavaScript is a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. Ja

What is the minimum amount of memory required to install Windows 10 (x86) on a device? 1 GB 2 GB 8 GB 4 GB

1 GB. OBJ-1.7: For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 16 GB of hard drive space. For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 20 GB of hard drive space. For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.

What is the minimum processor required to install Windows 10 (x64) on a device? 2 GHz single-core processor 1 GHz single-core processor 2 GHz dual-core processor 1 GHz dual-core processor

1 GHz single-core processor. OBJ-1.7: For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor and 1 GB of RAM. For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor and 2 GB of RAM. For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor and 4 GB of RAM.

Which of the following IP addresses is considered an APIPA address? 10.5.34.15 172.16.13.12 169.254.125.154 192.168.2.14

169.254.125.154. OBJ-1.6: Private IP addresses are any addresses in a specified range that are not allowed to be routed over the Internet. This allows companies to use these private IP addresses in their local area networks without having to purchase them from an internet registry. The class A private IP address range contains the addresses from 10.0.0.0 to 10.255.255.255.255. The class B private IP address range contains the addresses from 172.16.0.0 to 172.31.255.255. The class C private IP address range contains the addresses from 192.168.0.0 to 192.168.255.255. The APIPA/link-local autoconfiguration range is from 169.254.0.0 to 169.254.255.255.

Your company has just installed a brand new email server, but you determined that the server cannot send emails to another server during your initial testing. You decide to check the firewall's ACL to see if the server's outgoing email is being blocked. Which of the following ports should you ensure is open and not blocked by the firewall? 22 25 143 110

25. OBJ-2.1: The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system.

Which of the following backup rotation schemes requires backups to be stored to at least two different types of media? Tower of Hanoi FIFO Backup Grandfather-father-son 3-2-1 backup

3-2-1 backup. OBJ-4.3: The 3-2-1 backup rule states that an organization should create (3) one primary backup and two copies of the data, (2) save the backups to two different types of media, and (1) keep at least one backup copy off-site. The grandfather-father-son (GFS) backup rotation scheme is widely used to combine full and incremental backups to reduce backup time and enhance storage security. The grandfather is a full backup that is stored off-site once per month. The father is a weekly full backup that is conducted. The son is an incremental or differential backup conducted each day. For example, each Monday a full backup can be conducted which becomes the father. Then, each day of the week a son is created by performing an incremental or differential backup. Once per month, a full backup is conducted to become the grandfather. The Tower of Hanoi is a backup rotation scheme that rotates backup media sets throughout the backup process to minimize wear and failure of tape backup media. For example, when using this method with four backup tapes labeled A, B, C, and D, a total of 16 days of backups can be maintained with just 4 tapes. Tape A is used every odd-numbered day for 16 days. Tape B is used on days 2, 6, 10, and 14. Tape C is used on days 4 and 12. Tape D is used on days 8 and 16. This allows Tape A to be overwritten every other day, while Tapes B is overwritten every four days and Tapes C and D are overwritten every 8 days. The First In First Out (FIFO) backup scheme uses a set number of tapes and overwrites the oldest tape with the newest information. For example, if there are 7 tapes in use, every evening a new backup is conducted over the previous week's daily backup. To have a longer amount of days of backups, a technician simply needs to increase the number of tapes from 7 to 14 or 21.

How would you represent r-xrw-r-- in octal notation? 564 754 624 541

564. OBJ-2.6: R-X is 5, RW- is 6, and R-- is 4. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the owner's permissions, the group's permissions, and the other user's permissions.

You run the command ipconfig on your laptop and see that you have been assigned an IP address of 169.254.0.56. Which category of IPv4 address is this? Private Static Public APIPA

APIPA. OBJ-3.5: APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client if the DHCP server is unavailable. A static IP address is used when the DHCP server is disabled and clients are configured manually to join the network properly. A public IP address is the outward-facing (public-facing) IP address assigned to a client. A private IP address lets a router correctly direct traffic within its network and allows devices within a network to communicate with one another, but private IP addresses cannot be used to route traffic across the internet.

You are helping to set up a backup plan for your organization. The current plan states that all of the organization's Linux servers must have a daily backup conducted. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when needed for restoration. Which of the following should you recommend? Attempt to restore to a test server from one of the backup files to verify them Create an additional copy of the backups in an off-site datacenter Set up scripts to automatically reattempt any failed backup jobs Frequently restore the server from backup files to test them

Attempt to restore to a test server from one of the backup files to verify them. OBJ-4.3: The only way to fully ensure that a backup will work when needed is to restore the files from the backups. To do that, it is best to restore them to a test server since this will not affect your production environment.

Which of the following data types would be used to store the value of TRUE? Integers String Boolean Floating point

Boolean. OBJ-4.8: A boolean stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one). An integer stores a whole number, such as 21, 143, or 1024. An integer data type usually consumes 8 bytes of storage. A floating-point number stores a fractional or decimal number, such as 3.14, 45.5, or 333.33. A floating-point number data type usually consumes 4 to 8 bytes of storage. A string stores a group of characters, such as Hello, PYTHON, or JasonDion. A string data type usually consumes as much storage as necessary. Each character in the string usually requires 1 byte of storage.

A developer uses a MacBook Pro when working from home, but they need access to both a Windows and macOS system to test their programs. Which of the following tools should be used to allow both operating systems to exist on their MacBook Pro? Boot Camp Mission Control Terminal Device Manager

Boot Camp. OBJ-1.10: Boot Camp is used to allow dual booting on a Macintosh computer. It allows the user to boot into either macOS (OS X) or Windows as the computer is rebooted. Boot Camp is only supported on Intel-based macOS systems, though. The terminal in macOS is the equivalent to the Windows Command Prompt window. The terminal is used to run network troubleshooting utilities such as the ping command and other advanced commands to modify the macOS environment. Mission Control is an application for facilitating multiple desktops in the macOS environment. The Device Manager is used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.

What type of structure is "IF THEN ELSE" in scripting? Loop Variable Constant Branch

Branch. OBJ-4.8: A branch is used to control the flow within a computer program or script, usually based on some logic condition. Often, these are implemented with IF THEN ELSE statements. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9.

Your Android device's battery is advertised to last 12 hours, but it drains almost completely within 90 minutes. What should you do FIRST to try and solve this problem? Reboot your phone Enable airplane mode to save battery Dim your phone's display Check which apps are using the most battery life

Check which apps are using the most battery life. OBJ-3.4: If your battery is dying faster than in the past, see whether apps are using too much battery. You can force stop or uninstall problem apps. If your device is infected with malware, this can also drastically reduce your battery life, and the malware should be removed. The display on a smartphone is normally one of the largest users of battery life, but even a brightly lit display will not consume the entire battery in only 90 minutes.

Dion Training wants to upgrade its employees' workstations from Windows 10 to Windows 11. All of the employees' data and files are saved to the company's shared drive. The technician has been told to choose an installation type that will delete all of the existing data, settings, and applications on the workstations during the upgrade. Which of the following types of upgrades or installations should you perform on the workstations? In-place upgrade Repair installation Clean install Refresh installation

Clean install. OBJ-1.9: A clean install is an installation of the new operating system on a new computer or a computer that has been recently formatted. A clean install will completely replace the operating system software on the computer with the new operating system. During a clean install, all of the user's data, settings, and applications will be deleted. An in-place upgrade is an installation of the new operating system on top of an existing version of the operating system. An in-place upgrade will preserve the applications, user settings, and data files that already exist on the computer. A refresh installation is a type of installation that will recopy the system files and revert most system settings to their default configuration while preserving user personalization settings, data files, and applications installed through the Windows Store. Repair installation is a type of installation that attempts to replace the existing version of the operating system files with a new copy of the same version. A repair installation is useful when trying to repair a Windows computer that will not boot or when you believe the system files have become corrupted since it will keep all of the existing user data, settings, and applications during the repair.

You are working as a mobile device technician for a large corporation's enterprise service desk. A user complains that every time they attempt to launch the company's mobile email application, it crashes and displays an error message of Code123. Which of the following should you do FIRST to attempt to solve this problem? Update the smartphone's OS Rollback the app to an earlier version Reinstall the email app Clear the app's cache

Clear the app's cache. OBJ-3.4: Clearing the app cache addresses potential issues with temporary files or data that might be causing the app to crash. This is quick and non-disruptive action can often resolve minor app-related problems without the need for more time-consuming or complicated solutions. By starting with this step, you ensure a simpler and more efficient troubleshooting process before moving on to other, more complex actions if needed from the given options.

An employee's inbox is now filled with unwanted emails after their email password had been compromised last week. You helped them reset their password and regain access to their account. Many of the emails are coming from different email addresses ending in spamyou.com. Which of the following actions should you take to help reduce the amount of spam this and other users in your organization are receiving? Click the unsubscribe button of each email Create a domain-based email filter Mark each email as spam or junk Establish an allow list of trusted senders

Create a domain-based email filter. OBJ-3.2: Email filtering is any technique used to prevent a user from being overwhelmed with spam or junk email. By creating a domain-based email filter, all emails from the spamyou.com domain could be blocked and prevented from being delivered to the user. Spam can be blocked from reaching an organization using a mail gateway to filter messages. At the user level, the software can redirect spam to a junk folder or similar. Anti-spam filtering needs to balance blocking illegitimate traffic with permitting legitimate messages. Anti-spam techniques can also use lists of known spam servers by establishing a blocklist. If an allow list is used, only a small number of senders could send emails to the user.

You are working as a military defense contractor and have been asked to dispose of 5 laptop hard drives used in systems that processed classified information. Which of the following physical data destruction and disposal methods is MOST appropriate to ensure the data cannot be recovered? Degaussing of the HDDs Low-level formatting of the HDDs Drill/hammer the HDD platters Standard formatting of the HDDs

Degaussing of the HDDs. OBJ-2.8: The best option is to use degaussing on the hard drives. Degaussing exposes the disk to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. This renders the data on the disk inaccessible, but the disk will become unusable for other purposes. If the drive needs to be reused, repurposed, or recycled, you should not use degaussing. If the drive contains sensitive or classified information, then it should be degaussed or shredded. Standard formatting of the drives could allow the data to be restored and make the data vulnerable to exposure. Low-level formatting is a hard disk operation that will make recovering data from your storage devices difficult once the operation is complete.

A cybersecurity analyst is applying for a new job with a penetration testing firm. He received the job application as a secured Adobe PDF file, but unfortunately, the firm locked the file with a password so the potential employee could not fill in the application. Instead of asking for an unlocked copy of the document, the analyst decides to write a script in Python to attempt to unlock the PDF file by using passwords from a list of commonly used passwords until he can find the correct password or attempts every password in his list. Based on this description, what kind of cryptographic attack did the analyst perform? Session hijacking Brute-force attack On-path attack Dictionary attack

Dictionary attack. OBJ-2.4: A dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary. The key to answering this question is that they were using passwords from a list. A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. A session hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the webserver. An on-path attack is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

Your home network is configured with a long, strong, and complex pre-shared key for its WPA2 encryption. You noticed that your wireless network has been running slow, so you checked the list of "connected clients" and see that "Bob's Laptop" is connected to it. Bob lives downstairs and is the maintenance man for your apartment building. You know that you never gave Bob your password, but somehow he has figured out how to connect to your wireless network. Which of the following actions should you take to prevent anyone from connecting to your wireless network without the proper WPA2 password? Disable SSID broadcast Enable WEP Disable WPA3 Disable WPS

Disable WPS. OBJ-2.9: WPS was created to ease the setup and configuration of new wireless devices by allowing the router to automatically configure them after a short eight-digit PIN was entered. Unfortunately, WPS is vulnerable to a brute-force attack and is easily compromised. Therefore, WPS should be disabled on all wireless networks. If Bob could enter your apartment and press the WPS button, he could have configured his laptop to use your wireless network without your WPA2 password. While disabling the SSID broadcast could help prevent someone from seeing your network, the issue was someone connecting to your network without having the password. Disabling the SSID broadcast would not solve this issue.

Dion Training will be hiring 10 college students as interns to work over the summer. Each year, the same interns will work for the company for 8 weeks, but then they will return to school. Next summer, they will return to the company and will need to reaccess their accounts. What is the BEST policy to use so that the interns can use the accounts during the summer but cannot log in during the school year? Restrict the user accounts using login hours Reset the user accounts at the end of each summer Disable the user accounts at the end of each summer Delete the user accounts at the end of each summer

Disable the user accounts at the end of each summer. OBJ-2.6: If the accounts are disabled at the end of the summer, the interns will be unable to log in again until their accounts are enabled again when they return next summer. This is the best method since deleting the accounts would require the interns to get new accounts each summer, and they would lose all their data and configurations.

Which of the following macOS features is the equivalent of the Taskbar in Windows? Dock Mission Control Finder Boot Camp

Dock. OBJ-1.10: Dock is a macOS feature for managing applications from the desktop that is similar to the Windows taskbar. A technician can change the way the dock behaves by right-clicking near the vertical line at the right of the dock. For example, they can configure the dock to autohide or position itself on another edge of the screen. Mission Control is an application for facilitating multiple desktops in the macOS environment. The Finder is the first thing that you see when your Mac finishes starting up. It opens automatically and stays open as you use other apps. It includes the Finder menu bar at the top of the screen and the desktop below that. It uses windows and icons to show you the contents of your Mac, iCloud Drive, and other storage devices. According to Apple, it is called the Finder because it helps you to find and organize your files. Boot Camp is used to allow dual booting on a Macintosh computer. It allows the user to boot into either macOS (OS X) or Windows as the computer is rebooted. Boot Camp is only supported on Intel-based macOS systems, though.

You are working as part of a penetration testing team during an assessment of Dion Training's headquarters. Your boss has requested that you search the company's recycling bins for any information that might be valuable during the reconnaissance phase of your attack. What type of social engineering method are you performing? Phishing Impersonation Whaling Dumpster diving

Dumpster diving. OBJ-2.4: Dumpster diving involves searching through publicly accessible garbage cans or recycling bins to find discarded paper, manuals, or other valuable types of information from a targeted company. This is often done as part of the reconnaissance phase before an attack is performed. Whaling is an email-based or web-based form of phishing that targets senior executives or wealthy individuals. Phishing is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim. Impersonation is the act of pretending to be someone or something else. Malicious actors often couple pretexting and impersonation to craft a believable scenario and impersonate people in authority during a social engineering attack.

You are working as a defense contractor for the U.S. Army. The Army is looking to purchase Microsoft Office for all of its employees to use. Which of the following licenses would be BEST for this sized organization to purchase? Personal Open-source Enterprise Business

Enterprise. OBJ-4.6: An enterprise license is like a business license, but for an unlimited number of users and is designed for large corporate and government networks. A business license is the standard licensing option for organizations and business entities. With Microsoft, a company can purchase anywhere from 1 to 300 user licenses under the business license program. A Personal license is an option for private individuals who purchase a license with their own funds and solely for their own use. Personal licenses are not to be purchased, refunded, or in any way financed by companies. Open source is software that also makes the program code used to design it available. Generally, open-source software is free to use and distribute, but you may need to pay for ongoing support if you have technical issues. The idea is that other programmers can investigate the program and make it more stable and useful. An open-source license does not forbid commercial use of applications derived from the original, but it is likely to impose the same conditions on further redistributions.

Which of the following is used to communicate data and preferences to child processes within a script or batch file? Correct answer Environmental variables Constants Comments Variables

Environmental variables. OBJ-4.8: Shell scripts and batch files use environment variables to communicate data and preferences to child processes. They can also be used to store temporary values for reference later in a shell script. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A comment is written into the code to help a human understand the initial programmer's logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9.

A customer is complaining that there is are intermittent problems with their PC. As a technician, you don't know exactly what the errors are, so which tool should you use to determine what errors have previously occurred? Performance Monitor Event Viewer System Information Device Manager

Event Viewer. OBJ-1.3: You should use the Event Viewer to read the log entries within Windows to determine what errors have occurred in the past. Logs are a treasure trove of information on any workstation or server. The event viewer shows a log of application and system messages, including errors, information messages, and warnings. It's a useful tool for troubleshooting all kinds of different Windows problems. If you use the Event Viewer, you can identify what was occurring at or around 2:35 am each day before the server crashed and use this to troubleshoot the problem. Performance monitor (perfmon.msc) is a performance monitoring and system monitoring utility in Windows that is used to monitor the activities on CPU and memory activity on a computer. The performance monitor is used to view performance data either in real-time or from a log file. The performance monitor can only monitor the resource utilization, but it cannot manage or terminate those processes. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues. Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.

Which attack utilizes a wireless access point made to look as if it belongs to the network by mimicking the corporate network's SSID to eavesdrop on the wireless traffic? Evil twin Shoulder surfing Rogue access point WEP attack

Evil twin. OBJ-2.4: An evil twin is meant to mimic a legitimate hotspot provided by a nearby business, such as a coffee shop that provides free Wi-Fi access to its patrons. An evil twin is a type of rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the user's knowledge. This type of attack may be used to steal the passwords of unsuspecting users by monitoring their connections or phishing, which involves setting up a fraudulent website and luring people there. A rogue access point is an access point installed on a network without the network owner's permission. For example, if an employee connected a wireless access point to a wall jack in their office so that they can use their smartphone or tablet, this would be considered a rogue access point. Therefore, an evil twin is the better answer to this question since it is specifically being made to look like it belongs on the network by mimicking the SSID of the corporate network. A WEP attack is a brute force password attack conducted against a wireless network that relies on WEP for its encryption and security. Shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers, passwords, and other confidential data by looking over the victim's shoulder.

Dion Training has configured Windows Defender Firewall on all of its corporate Windows 10 workstations. When connected to a private network, the firewall has been configured to only allow inbound connections that match an existing rule and to only allow outbound connections that do not match any existing rules. What type of security posture has Dion Training implemented? Implicit allow for inbound, implicit allow for outbound Explicit allow for inbound, implicit allow for outbound Implicit allow for inbound, explicitly allow for outbound Explicit allow for inbound, explicit allow for outbound

Explicit allow for inbound, implicit allow for outbound. OBJ-1.4: The Windows Defender Firewall is a software-based firewall that is installed by default on Windows workstations. The Windows Defender firewall is used to prevent hackers and malicious software from gaining access to the workstation over the Internet or the local area network. Explicit allow refers to a security posture where the system will only allow an item to traverse the firewall if the traffic matches an existing rule. Implicit allow refers to a security posture where the system will allow all traffic to traverse the firewall unless there is a specific rule to prevent it.

Which of the following types of screen locks uses a biometric authentication mechanism that relies upon mapping the geography of a user's eyes, nose, mouth, and other features before granting access to a mobile device? FaceID Passcode Swipe TouchID

FaceID. OBJ-2.7: Apple developed FaceID as a facial recognition biometric authentication system. It creates a map of a user's face using an infrared image. This also accounts for changes in a user's appearance, such as wearing sunglasses, makeup, or even changes in the lighting of the environment. With over 30,000 individual, invisible dots that create the mapping of the user's face, the FaceID system is extremely secure. Based on tests, it has a false positive rate of less than 1 in 1 million attempts. Touch ID is an electronic fingerprint recognition feature designed and released by Apple. A swipe lock is a term for unlocking a device by tracing a predetermined on-screen pattern or joining dots on the screen. This was commonly used in Android devices until biometric methods like fingerprint scanners and facial recognition became more prevalent. A passcode unlock is a term for unlocking a device by entering a 4 to 6 digit pin.

Which of the following options in Windows 10 would create a small hibernation file saved on the storage device before shutting down the computer so that it reduces the time to boot up when powered on? Fast startup USB selective suspend Lock mode Sleep mode

Fast startup. OBJ-1.4: Fast startup is a mode in between a full shutdown and a hibernation mode. With a fast startup, the computer will log out of the computer close all of its open files when being shut down. Before the system powers off, though, a small hibernation file is created to help speed up the bootup process when the computer is powered on again. The USB selective suspend feature allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time. Sleep or standby mode is used to save the current session to memory and put the computer into a minimal power state to save battery life when the system is not being used. The computer takes less time to start up again from the sleep or standby mode than it does from the hibernate mode. A lock will secure the desktop with a password while leaving programs running.

Which of the following types of backup would require the MOST time to complete? Full Synthetic Incremental Differential

Full. OBJ-4.3: A full backup creates a copy of all the selected data regardless of when it was previously backed up. It takes the most time to complete a backup but is the fastest when conducting a restoral of all the data on a hard drive. A differential backup only creates a copy of the selected data that has been modified since the last full backup. It is a good compromise in speed between a full backup (which takes the longest to backup and the least to restore) and an incremental backup (which takes the least to backup and the longest to restore). An incremental backup only creates a copy of new files and files modified since the last full, incremental, or differential backup. Therefore, it takes the least amount of time to complete a backup. Unfortunately, it also takes the most time to restore since you have to first restore the full backup, then any differential and incremental backups until all your data is restored. Synthetic backup is the process of generating a file from a complete copy of a file created at some past time and one or more incremental copies created at later times. The expression synthetic in this context refers to the fact that the assembled file is not a direct copy of any single current or previously created file. Instead, a synthetic file is merged or synthesized by a specialized application program from the original file and one or more modifications to it.

Which of the following security controls provides Windows system administrators with an efficient way to deploy system configuration settings across many devices? GPO Anti-malware Patch management HIDS

GPO. OBJ-2.1: Microsoft's Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users. A Group Policy is the primary administrative tool for defining and controlling how programs, network resources, and the operating system operate for users and computers in an organization. In an active directory environment, Group Policy is applied to users or computers based on their membership in sites, domains, or organizational units. A host-based intrusion detection system (HIDS) is a device or software application that monitors a system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system. Anti-malware software is a program that scans a device or network for known viruses, Trojans, worms, and other malicious software. Patch management is the process of distributing and applying updates to the software to prevent vulnerabilities from being exploited by an attacker or malware. Proper patch management is a technical control that would prevent future outbreaks.

Gina just installed a 4 TB HDD into her Windows 10 computer and wants to assign the drive letter "M" to store her media files. Which type of partition should Gina use if she wants to mount the drive as a single partition? GPT ISO FAT32 MBR

GPT. OBJ-1.1: GPT is a newer way to partition disks that allows partition sizes over the 2 TB limit imposed by MBR. The GUID partition table (GPT) is a modern disk partitioning system allowing large numbers of partitions and very large partition sizes. The GPT is used in modern computers that support the UEFI standard and can support a maximum capacity of up to 9.7 ZB and up to 128 partitions. The master boot record (MBR) is a sector on a hard disk storing information about partitions configured on the disk. The MBR holds the information on how the logical partitions that contain the file systems are organized on the physical disk. Systems that rely on BIOS utilize the MBR to determine which partitions are on a given hard disk. MBR partition tables have a maximum capacity of 2 TB and only 4 separation partitions. An optical disc image (ISO) file is a file that contains all of the contents from an optical disc in a single file which can be mounted to the file system as though it were a physical optical drive. An ISO is a disk image that contains everything that would be written to an optical disc, disk sector by disc sector, including the optical disc file system. The file allocation table 32-bit (FAT32) is the 32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.

Sally was checking her email when she noticed that she has several automated replies from emails she doesn't remember sending. What type of attack was Sally MOST likely the victim of? Phishing Vishing Spear phishing Hijacked email

Hijacked email. OBJ-3.2: Sally is MOST likely the victim of hijacked email. Hijacked email occurs when someone takes over your email account and sends out messages on your behalf. Hijacked emails can trigger automated replies indicating that the intended recipient's messages were rejected or that the recipient was out of the office. These "bounce back" emails indicate to the victim that they have lost control of their email account. Phishing is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim. Phishing attacks target an indiscriminate large group of random people. Spear phishing is the fraudulent practice of sending emails from a seemingly known or trusted sender to induce targeted individuals to reveal confidential information. Vishing is a social-engineering attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services (VoIP).

Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that "Invalid credentials" were entered. Chris assumes he must have forgotten his password, so he resets his email username and password and then reenters them into the email client. Again, Chris receives an "Invalid credentials" error. What is MOST likely causing the "Invalid credentials" error regarding Chris's email client? His email account is locked out His smartphone has full device encryption enabled His email account requires a strong password to be used His email account requires multi-factor authentication

His email account requires multi-factor authentication. OBJ-2.7: If a user or system has configured their email accounts to require two-factor authentication (2FA) or multifactor authentication, then even if they enter their username and password correctly in the third-party email client, they will receive the "Invalid credentials" error message. Some email servers will allow the user to create an application-specific password to bypass the multifactor authentication requirement to overcome this. If not, then the user will have to use an email client that supports multifactor authentication. His email account is not locked out or requiring a stronger password, otherwise, those issues would have been solved when he reset the password. Full device encryption on the smartphone would not affect the use of the email client since the device is unencrypted once a user enters their PIN, password, TouchID, or FaceID as authentication.

You are working at the Dion Training headquarters in Puerto Rico. The island just suffered a power outage due to a hurricane. The server room in the headquarters has power, but the rest of the office does not. You verify that the diesel generator is running at full electrical load capacity. Which of the following solutions should you recommend to Dion Training to allow them to continue working during a long-term power outage? Replace all the lightbulbs in the building with LEDs to reduce the electrical load Increase the capacity of their backup generator to support a larger load Migrate their servers to the cloud whenever a hurricane is approaching Purchase a 1500VA battery backup for each workstation in the office

Increase the capacity of their backup generator to support a larger load. OBJ-4.5: When a hurricane causes a power outage on an island, it can be hours, days, or even months before the power is fully restored. Since the Dion Training headquarters is located in Puerto Rico, they should have a large capacity diesel generator to power their entire office during a long-term power outage. After Hurricane Maria in 2017, some parts of Puerto Rico went without grid power for nine-month. We have multiple redundant and high-capacity power sources at the Dion Training offices to ensure we can remain online and work even without any grid power available.

Jason wants to configure his Windows 10 workstation to automatically block pop-ups when searching for websites online. Which of the following Control Panel sections should he use to achieve this? Power Options Indexing Options Internet Options File Explorer Options

Internet Options. OBJ-1.4: The Internet Options section of the Control Panel allows a technician to manage the Internet settings for their computers, including the security settings, access settings, and add-on control settings. Using Internet Options, a technician can set the homepage of the browser, set up the proxy server connection details, and change the trust and security settings used by the system. The Indexing Options is used to configure the method used by Windows when searching for content within the storage devices. When indexing is properly configured, the system will catalog the information on the computer using the words within the files and their metadata to more easily find the content when requested by a user. The Power Options section of the Control Panel allows technicians to customize how a computer manages its power to either conserve energy at the expense of performance or to maximize performance at the expense of energy savings by creating a power plan. The File Explorer Options section of the Control Panel allows technicians to customize the display of files and folders. For example, the File Explorer Options can enable or disable the ability to show hidden files, hide file extensions, and more.

What is the FIRST step of the seven-step malware removal process? Investigate and verify malware symptoms Enable System Restore and create a restore point in Windows Update the applications and the operating system Quarantine the infected system

Investigate and verify malware symptoms. OBJ-3.3: The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

Tim has created a new iOS application that he wants to install on an iPad without having to install it through the official App Store. To save some money, he has not purchased a developer certificate from Apple since he isn't planning to sell this app to others. Which of the following would allow Tim to install this unofficial app on his own iPad for testing? Rooted device APK installer Jailbroken device Developer mode

Jailbroken device. APK installer. OBJ-3.5: Jailbreaking is conducted on an iOS device to remove manufacturer restrictions on the device and allow other software, operating systems, or networks to work with a device. An android application package (APK) is a third-party or custom program that is installed directly on an Android device to give users and business the flexibility to install apps directly on Android devices. Android supports sideloading through the APK package format. An APK file contains all of that program's code, including .dex files, resources, assets, certificates, and manifest files. A rooted device is an Android device that has been hacked to provide the user with administrative rights to install unapproved apps, update OS, delete unwanted apps, underclock or overclock the processor, replace firmware and customize anything else. A rooted device is not required just to install an APK outside of the Play Store, though, on an Android device. Devleoper mode is used on an Android device to show additional diagnostic information when using apps or making network connections.

A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network. The FTP server must be accessible from the Internet. The security team is concerned that the FTP server could be compromised and used to attack the domain controller hosted within the company's internal network. What is the BEST way to mitigate this risk? Migrate the FTP server from the internal network to a screened subnet Upgrade the FTP server to an SFTP server since it is more secure Configure the firewall to utilize an implicit deny statement Add a deny rule to the firewall's ACL that blocks port 21 outbound

Migrate the FTP server from the internal network to a screened subnet. OBJ-2.9: A screened subnet (formerly called a demilitarized zone or DMZ) is a perimeter network that protects an organization's internal local area network (LAN) from untrusted traffic. A screened subnet is placed between the public internet and private networks. Public servers, such as the FTP server, should be installed in a screened subnet so that additional security mitigations like a web application firewall or application-aware firewall can be used to protect them. SFTP (Secure File Transfer Protocol) is a file transfer protocol that leverages a set of utilities that provide secure access to a remote computer to deliver secure communications by leveraging a secure shell (SSH) connection to encrypt the communication between the client and the server. This will prevent an attacker from eavesdropping on the communications between the SFTP server and a client, but it will not prevent an attacker from exploiting the SFTP server itself. An implicit deny is when a user or group is not granted specific permission in the security settings of an object, but they are not explicitly denied either. This is a best practice to enable, but the FTP server would still have some open ports, such as ports 20 and 21, to operate. These ports could then be used by the attacker to connect to the FTP server and exploit it. Adding a deny rule to the firewall's ACL that blocks port 21 outbound would simply prevent internal network users and servers from accessing external FTP servers. This would in no way prevent the exploitation of the company's FTP server since it has port 21 open and listening for inbound connections.

A small doctor's office has asked you to configure their network to use the highest levels of wireless security and desktop authentication. The office only uses cloud-based SaaS applications to store their patient's sensitive data. Which TWO of the following protocols or authentication methods should you implement for the BEST security? Multifactor WPA2 WPS WEP RADIUS SSO

Multifactor. WPA2. OBJ-2.2: Since everything is being stored within a cloud-based SaaS application, the doctor's office needs to ensure their network connection uses the highest encryption level (WPA2), and their desktop authentication should use a multifactor authentication system. Multifactor authentication relies on using at least 2 of the following factors: something you know (password or pin), something you have (smart card or key fob), something you are (fingerprint or retinal scan), or something you do (draw a pattern or how you sign your name). Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. The Wi-Fi Protected Setup (WPS) is a mechanism for auto-configuring a WLAN securely for home users. On compatible equipment, users push a button on the access point and connect adapters to associate them securely. WPS is subject to brute force attacks against the PIN used to secure them, making them vulnerable to attack. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes th

Which file system type is used to mount remote storage devices on a Linux system? exFAT NFS NTFS APFS

NFS. OBJ-1.8: The Network File System (NFS) is used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system. The extensible file allocation table (exFAT) is a file system optimized for external flash memory storage devices such as USB flash drives and SD cards. exFAT supports a maximum volume size of up to 128 PB with a recommended maximum volume size of 512 TB for the best reliability. The Apple file system (APFS) is the default file system for Mac computers using macOS 10.13 or later and features strong encryption, space sharing, snapshots, fast directory sizing, and improved file system fundamentals. The NT file system (NTFS) is a Windows file system that supports a 64-bit address space and can provide extra features such as file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas. NTFS can support a maximum volume size of up to 8 PB.

Which of the following tools should a technician use to modify the HOSTS file on a Windows 10 system to solve a website address resolution issue? Regedit Notepad MMC Services

Notepad. Regedit? OBJ-3.2: Browser redirection usually occurs if the browser's proxy is modified or the hosts.ini file is modified. If the redirection occurs only for a small number of sites or occurs in all web browsers on a system, it is most likely a maliciously modified hosts.ini file. The hosts.ini file is a local text file that allows a user to specify specific domain names to map to particular addresses. It can be edited using any basic text editor, such as notepad. It works as an elementary DNS server and can redirect a system's internet connection. For example, if your children are overusing YouTube, you can change YouTube.com to resolve to YourSchool.edu for just your child's laptop. The Microsoft management console (MMC) is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer. The task manager is an advanced Windows tool that has 7 tabs that are used to monitor the Processes, Performance, App History, Startup, Users, Details, and Services on a computer. By clicking the Services tab, the technician can list all of the services installed on the computer, display their status, and start/stop/restart those services. The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn't be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit.

Which of the following concepts is the MOST important for a company's long-term health in the event of a disaster? Vulnerability scanning Off-site backups Implementing an acceptable use policy Uninterruptible power supplies

Off-site backups. OBJ-4.3: In case of a disaster, you must protect your data. Some of the most common strategies for data protection include backups made to tape and sent off-site at regular intervals or the use of cloud-based backup solutions. All of the other options are good, too, but the MOST important is a good backup copy of your company's data.

A customer runs frantically into your computer repair store. He says that his smartphone fell into a puddle, and now it won't turn on. He excitedly tells you that he needs the smartphone working again "right now" and cannot wait. What should you do? Post about the experience on Facebook after the customer leaves Tell the customer to calm down because it is just a phone Explain that phones are fragile and water damages them so they shouldn't be dropped in puddles Offer the customer the option to replace his phone

Offer the customer the option to replace his phone. OBJ-4.7: In this case, you should offer the customer the option to replace his phone. It is important to set and meet expectations and timelines when dealing with a customer. If you cannot meet the timeline needed, you should offer different repair/replacement options (if applicable). The other options violate the principles of good customer service: (1) Do not argue with customers and/or become defensive; (2) Avoid dismissing customer problems; (3) Avoid being judgmental; (4) Clarify customer statements (ask open-ended questions to narrow the problem's scope, restate the issue, or question to verify understanding); and (5) Do not disclose experiences via social media outlets.

What kind of attack is an example of IP spoofing? Cross-site scripting On-path attack ARP poisoning SQL injections

On-path attack. OBJ-2.4: An on-path attack (formerly known as a man-in-the-middle attack) intercepts communications between two systems. For example, in an HTTP transaction, the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server. This often uses IP spoofing to trick a victim into connecting to the attack. SQL injection is a code injection technique used to attack data-driven applications. Malicious SQL statements are inserted into an entry field for execution, such as dumping the database contents to the attacker. An on-path attack is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other. ARP Poisoning, also known as ARP Spoofing, is a type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN to change the pairings in its IP to MAC address table. Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in a browser side script, to a different end-user.

Karen, a salesperson in your company, is currently on travel this week. She calls your company's help desk and is yelling because she cannot connect to her email using her hotel room's WiFi. Her laptop shows that it is connected to the "HotelWiFi" network, but Windows states it has "Limited or no connectivity." What action should Karen perform to fix this issue? Disable and enable her wireless adapter Purchase an ethernet cable and use her room's wired connection Reboot into Safe Mode and perform an antivirus scan Open a web browser and agree to the hotel's capture page AUP

Open a web browser and agree to the hotel's capture page AUP. OBJ-3.5: The "Limited or no connectivity" message appears when a computer detects that the wireless network is present and operating, but the system cannot connect to the Internet. This is a common occurrence when connecting to a hotel or other public wireless networks. Many of these networks have a capture page that requires the user to agree to the company's privacy policy or acceptable use policy before connecting the device to the internet. If the capture page doesn't appear automatically, the user should open their web browser and visit any website to force the page to load.

What is the BEST way to update an app purchased from the Mac App Store on a Macbook? Open the terminal and use the "apt-get update" command Download the latest version from the manufacturer's website Open the Mac App Store and select the Updates button Open the app and run the "Download Update" command

Open the Mac App Store and select the Updates button. OBJ-1.10: You can open the Mac App Store and click the Updates button to see any applications that require a software update. This will work for all macOS software, built-in apps like Safari, and third-party apps downloaded from the App Store. You can use the Software Update tool in the System Preferences area of your system to update these apps. The apt-get utility is a powerful package management command-line program that works with Ubuntu's APT (Advanced Packaging Tool) library to install new software packages, remove existing software packages, upgrade existing software packages, and even upgrade the entire operating system. The apt-get utility works with Ubuntu and Debian-based Linux distributions.

Which of the following is considered a form of regulated data? PII DMCA DRM AUP

PII. OBJ-4.6: The four forms of regulated data covered by the exam are PII (Personally Identifiable Information), PCI (Payment Card Industry), GDPR (General Data Protection Regulation), and PHI (Protected Health Information). Personally identifiable information (PII) is data used to identify, contact, or locate an individual. Information such as social security number (SSN), name, date of birth, email address, telephone number, street address, and biometric data is considered PII. An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. While some items in the AUP might help prevent a malware infection (such as not allowing users to download and run programs from the internet), it is considered an administrative control, and choosing a technical control like patch management would better protect the network. Digital rights management (DRM) is a copyright protection technology for digital media. DRM solutions usually try to restrict the number of devices allowed for playback of a licensed digital file, such as a music track or ebook. The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization that criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works.

Which of the following policies or plans would dictate the complexity requirements for a wireless network's shared secret key? Password policy Data loss prevention policy Acceptable use policy Remote access policy

Password policy. OBJ-2.6: A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used. A data loss prevention policy is a document that defines how organizations can share and protect data. It guides how data can be used in decision-making without it being exposed to anyone who should not have access to it. The goal of a data loss prevention policy is to minimize accidental or malicious data loss. A remote access policy is a document that outlines and defines acceptable methods of remotely connecting to the internal network.

Samantha works in the human resource department in an open floorplan office. She is concerned about the possibility of someone conducting shoulder surfing to read sensitive information from employee files while accessing them on her computer. Which of the following physical security measures should she implement to protect against this threat? Hardware token Privacy screen Biometric lock Badge reader

Privacy screen. OBJ-2.1: A privacy screen is a filter placed on a monitor to decrease the viewing angle of a monitor. This prevents the monitor from being viewed from the side and can help prevent shoulder surfing. The standard type of anti-glare filter consists of a coating that reduces the reflection from a glass or plastic surface. A biometric lock is any lock that can be activated by biometric features, such as a fingerprint, voiceprint, or retina scan. Biometric locks make it more difficult for someone to counterfeit the key used to open the lock or a user's account. A smart card is a form of hardware token. A smart card, chip card, or integrated circuit card is a physical, electronic authorization device used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit chip. In high-security environments, employee badges may contain a smart card embedded chip that must be inserted into a smart card reader to log in or access information on the system. A badge reader is used to read an employee's identification badge using a magnetic stripe, barcode, or embedded RFID chip.

You have just completed a repair for a customer's smartphone that took you three days. The customer complained that the repair took too long and began to question you about the steps you took to repair the device. What should you do NEXT? Provide documentation of the repair to the customer and thank them for their patience Listen to the customer's complaints with concern and then post about the encounter on Facebook Clearly tell the customer that if they had been more careful with the device then it wouldn't have needed to be fixed in the first place Become defensive and explain why each step was necessary to repair the device

Provide documentation of the repair to the customer and thank them for their patience. OBJ-4.7: When dealing with a difficult customer or situation, you should follow five key principles: (1) Do not argue with customers and/or become defensive; (2) Avoid dismissing customer problems; (3) Avoid being judgmental; (4) Clarify customer statements (ask open-ended questions to narrow the problem's scope, restate the issue, or question to verify understanding); and (5) Do not disclose experiences via social media outlets. The only option provided that follows these principles is to provide documentation of the repair to the customer and thank them for their patience. The other three options all violate these principles.

Joanne is having a drink at the coffee shop near her office. She takes out her Windows 10 laptop and connects it to the coffee shop's wireless network to check her email. Which type of network should she select to hide their computer from other devices on the network and prevent file sharing with other patrons of the coffee shop? Private Work Home Public

Public. OBJ-1.6: Joanne should select the public network type when connecting to this coffee shop's wireless network. The Network and Sharing Center in the Control Panel allows a technician to see information and modify the configuration settings of the network adapters in the workstation. The Network and Sharing Center is used to connect to a network using broadband, dial-up, or VPN connection, or add/remove file and printer sharing over the network on the workstation. When connecting to a network for the first time, the user must select if it is a public or private network. A public network will hide your computer from other devices on the network and prevent file and printer sharing. A private network is considered trusted, allows the computer to be discoverable to other devices on the network, and supports the use of file and printer sharing. In older versions of Windows, there were also Home and Work network types, but those have since been merged into public and private network types, as well.

A recently hired security employee at a bank was asked to perform daily scans of the bank's intranet to look for unauthorized devices. The new employee decides to create a script that scans the network for unauthorized devices every morning at 2:00 am. Which programming language would work best to create this script? C# PHP Python ASP.NET

Python. OBJ-4.8: Python is a commonly used scripting language used in cybersecurity. Python is a general-purpose programming language that can develop many different kinds of applications. It is designed to be easy to read, and the programs use fewer lines of code compared to other programming languages. The code runs in an interpreter. Python is preinstalled on many Linux distributions and can be installed on Windows. Python scripts are saved using the .py extension. PHP is used as a scripting language for web applications. C# and ASP.NET are both compiled languages, not scripting languages.

Your mother says there is something wrong with her computer, but unfortunately, she doesn't know how to fix it. She asks if you can remotely connect to her computer and see if you can fix it. Which of the following technologies would BEST allow you to remotely access her computer and interact with her Windows 10 laptop? VPN SSH Telnet RDP

RDP. OBJ-4.9: Remote Desktop Protocol (RDP) is a Microsoft protocol designed to facilitate application data transfer security and encryption between client user devices and a virtual network server. It enables a remote user to add a graphical interface to the desktop of another computer. Whether across the house or the country, you can now help solve your mother's computer problems anytime with RDP. Telnet should not be used in a network due to its weak security posture. Telnet transmits all of the data in plain text (without encryption), including usernames, passwords, commands, and data files. For this reason, it should never be used in production networks and has been replaced by SSH in most corporate networks. SSH (Secure Shell) is used to remotely connect to a network's switches and routers to configure them securely. SSH is typically used for logging into a remote machine and executing commands, but it also supports tunneling, forwarding TCP ports, and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP) protocols. SSH uses the client-server model. A remote-access VPN connection allows an individual user to connect to a private network from a remote location using a laptop or desktop computer connected to the internet. A remote-access VPN allows individual users to establish secure connections with a remote computer network. Once established, the remote user can access the corporate network and its capabilities as if they were accessing the network from their own office spaces.

When Jonathan opens the web browser on his computer, the initial page loads up to a search engine that he does not recognize. Jonathan attempts to use the search engine, but the results are abysmal, and the browser creates numerous pop-ups. Jonathan asks for your assistance in fixing this issue. Which TWO of the following actions do you recommend Jonathan perform first? Tell Jonathan to switch to a different web browser Reset the web browser to the default settings and configuration Delete the web browser's cache, temporary files, and cookies Reboot Jonathan's computer and install a second anti-virus program Uncheck any unapproved applications from the Startup tab in the Task Manager Update Jonathan's web browser to the latest version

Reset the web browser to the default settings and configuration. Uncheck any unapproved applications from the Startup tab in the Task Manager. OBJ-3.2: Browser redirection and pop-ups are common symptoms of malware being installed on a computer. It is recommended that the web browser be reset to its default settings and configurations to remove any redirection settings that the malware may have made to the browser. Additionally, any unapproved applications should be unchecked from the Startup tab in Task Manager to ensure the malware isn't reloaded during the next reboot.

A system administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The server manager decides to initiate a rollback. Which describes what the system administrator should do next? Request additional time since the change is near completion Leave the change as is and inform users of a workaround Return the system to the original state before the change Return the system to step four since this was the last working step

Return the system to the original state before the change. OBJ-4.2: By performing a rollback, the administrator will change everything back to the last known good configuration before the change is started. Every change should be accompanied by a rollback (or backout) plan so that the change can be reversed if it has harmful or unforeseen consequences. Changes should also be scheduled sensitively if they are likely to cause system downtime or other negative impacts on the workflow of the business units that depend on the IT system being modified. Most organizations have a scheduled maintenance window period for authorized downtime.

What is the FIFTH step of the seven-step malware removal process? Remediate the infected systems Investigate and verify malware symptoms Schedule scans and run updates Enable System Restore and create a restore point in Windows

Schedule scans and run updates. OBJ-3.3: The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

What does the command "shutdown /s" do on a Windows workstation? Shutdown the workstation Log off the workstation Reboot the workstation Enter sleep mode

Shutdown the workstation. OBJ-1.2: The shutdown command allows a user or administrator to shut down or restart local or remote computers, one at a time. Using the /r option will reboot the computer. Using the /s option will shut down the computer. Using the /l option will log off the current user. Using the /h option will enter sleep or hibernation mode.

Jason has built a custom Android application that he wants to install on an Android tablet without having to install it through the Play Store. Which of the following would be required to allow him to install the app's APK on the device? Sideloading Developer mode Jailbroken device Rooted device

Sideloading. Developer mode? OBJ-3.5: An android application package (APK) is a third-party or custom program that is installed directly on an Android device to give users and business the flexibility to install apps directly on Android devices. Android supports sideloading through the APK package format. An APK file contains all of that program's code, including .dex files, resources, assets, certificates, and manifest files. Jailbreaking is conducted on an iOS device to remove manufacturer restrictions on the device and allow other software, operating systems, or networks to work with a device. A rooted device is an Android device that has been hacked to provide the user with administrative rights to install unapproved apps, update OS, delete unwanted apps, underclock or overclock the processor, replace firmware and customize anything else. A rooted device is not required just to install an APK outside of the Play Store, though, on an Android device. Devleoper mode is used on an Android device to show additional diagnostic information when using apps or making network connections.

Question 18Correct Maria is trying to log in to her company's webmail and is asked to enter her username and password. Which type of authentication method is Maria using? Multifactor TACACS+ Single-factor RADIUS

Single-factor. OBJ-2.2: Single-factor authentication (SFA) is a process for securing access to a given system, such as a network or website, that identifies the party requesting access through only one category of credentials (something you know, something you have, something you are, something you do, or somewhere you are). The most common example of single-factor authentication occurs when a user is prompted to enter their username and password to authenticate. Multifactor authentication requires credentials that include at least 2 of the 5 authentication factors. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request. The Terminal Access Controller Access Control System (TACACS+) is a proprietary alternative to RADIUS developed by Cisco for handling authentication.

Which of the following Control Panel options should a technician configure to automatically adjust the volume of different sounds when the computer is being used to place or receive telephone calls? Programs and Features Ease of Access Sound USB selective suspend

Sound. OBJ-1.4: The Sound section of the Control Panel allows technicians to configure settings for the playback, recording, and sound effects on the computer. Under the communications tab of the Sound section, a technician can adjust whether or not the computer should adjust the volume of other sounds when a telephone call is occurring. The Ease of Access section of the Control Panel brings together the functionality for the accessibility features in Windows, including visual, tactile input, and speech recognition settings to assist those with disabilities. The USB selective suspend feature allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time. The Programs and Features section of the Control Panel allows a technician to install or remove applications, software packages, and features in the Windows operating system.

Which of the following contains virtual memory that can supplement the physical system memory in a Linux system? NFS Swap partition ext4 ext3

Swap partition. OBJ-1.8: The swap partition on a Linux system is a portion of the hard disk formatted with a minimal kind of file system and used in situations when the operating system runs out of physical memory and needs more of it. It can only be used by the memory manager and not for the storage of ordinary data files. The third extended filesystem (ext3) is a journaled file system commonly used by the Linux kernel. The ext3 file system can support a maximum volume size of up to 32 TB. The fourth extended filesystem (ext4) is a journaled file system that is used natively by modern Linux operating systems such as Debian and Ubuntu. The ext4 file system can support a maximum volume size of up to 1 EB. The network file system (NFS) is used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system.

Which of the following encryption types was used by WPA to better secure wireless networks than WEP? AES CCMP TKIP IV

TKIP. OBJ-2.2: Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.

You are troubleshooting a network printer when a document is printed with sensitive employee data on it. Which of the following actions should you take? Take the document to the office manager Remove the document and shred it Leave the document in the output tray Continue to troubleshoot the printer

Take the document to the office manager. OBJ-4.7: The document contains sensitive employee information; therefore, you should not leave it on the printer. Instead, it would be best if you took it to the office manager so they can deliver it to the owner or they can securely dispose of it.

Malware infected Natalie's iMac. The malware has deleted numerous files from the system and corrupted the operating system. Natalie needs to access some of her files from the computer that have been deleted by the malware. Which of the following built-in utilities could restore access to those files? Keychain Snapshot System Restore Time Machine

Time Machine. OBJ-1.10: Time Machine is the built-in backup feature of the macOS operating system. Time Machine automatically backs up all of the system's files, including apps, music, photos, email, documents, and system files. Once a user has a valid backup in Time Machine, they can restore files from the backup if the original files are ever corrupted or deleted on their Mac or if the hard disk (or SSD) is erased or replaced. A snapshot is used to backup virtual machines by creating a state of the disk at a particular point in time. Snapshots allow a technician to roll back any changes made to a VM during a session if needed. System restore is a Windows feature that creates configuration backups of the operating system. If there are any changes or file corruptions that damage the information in the registry or if the technician needs to reverse changes made when they installed an application or device driver, then System restore can be used to reset the configuration to an earlier point in time. Keychain is a ​​macOS app for managing passwords cached by the OS and supported browser/web applications.

Your smartphone's battery has been draining quickly. You have looked at the applications that are causing the drain and notice that a free game runs in the background, collecting GPS data even when you aren't using it. Which of the following threats is this an example of? Unintended Bluetooth pairing Unauthorized microphone activation Unauthorized account access Unauthorized location tracking

Unauthorized location tracking. OBJ-3.4: While location-based data can be valuable when using maps and trying to find sites, it can also give away sensitive information if accessed by someone who should not have it. You can optimize your battery life and protect yourself by turning off Location Services. On an iPhone, turn it off in Settings > Privacy > Location Services. There you will see each app listed along with its permission setting. Apps that recently used location services have an indicator next to the on/off switch, and you can configure them accordingly. Unauthorized account access can give users access to personal files and data they should not have access to. Therefore, you should closely monitor your account usage. When files are accessed without authorization from your cloud storage service, it can lead to the leaking of your personal files and data. The microphone can be activated remotely and allow a troublemaker to spy on you. It is suggested that, when not in authorized use, you cover the microphone of your device to keep them from providing any data if remotely accessed. When anonymous devices are allowed to connect to Bluetooth-enabled devices, this is known as unintended Bluetooth pairing, and it represents a security threat. Mobile security policies should be created and enforced that prevent this from occurring.

A laptop is running Windows 10 with Windows Defender on it. A user believes their laptop may have become infected with malware, so they install a second antivirus program that supposedly includes real-time protection. Now, the laptop is sluggish and sometimes non-responsive. Which of the following should you do FIRST to resolve this problem? Uninstall the real-time protection antivirus Run the Windows Update utility Enable real-time protection in Windows Defender Install and run Spybot Search & Destroy on the laptop

Uninstall the real-time protection antivirus. OBJ-3.2: You should not have two antivirus or antimalware solutions running simultaneously on a single computer. Since the issues began for the user when they installed the real-time protection scanner, it should be uninstalled FIRST. Then, you could enable real-time protection in Windows Defender to provide this functionality. While you can have two antivirus and antimalware solutions installed, you should only have one set up for real-time protection at a time. The other could be used to scan the computer during the bootup process if desired. Windows Defender, by default, already has real-time protection enabled. This is why the installation of the second real-time protection service was causing issues on this laptop.

Karen lives in an area that is prone to hurricanes and other extreme weather conditions. She asks you to recommend an electrical conditioning device that will prevent her files from being corrupted if the building's power is unstable or lost. Additionally, she would like the computer to maintain power for up to an hour of uptime to allow for a graceful shutdown of her programs and computer. Which of the following should you recommend? Line conditioner Surge protector Uninterruptible power supply Power distribution unit

Uninterruptible power supply. OBJ-4.5: An uninterruptible power supply or uninterruptible power source (UPS) is an electrical apparatus that provides emergency power to a load when the input power source becomes too low or the main power fails. A UPS provides near-instantaneous protection from input power interruptions by using a battery backup. The on-battery run-time of most uninterruptible power sources is usually short (less than 60 minutes) but sufficient to properly shut down a computer system. A line conditioner is a device that adjusts voltages in under-voltage and overvoltage conditions to maintain a 120 V output. Line conditioners raise a sag or under-voltage event back to normal levels, but they cannot protect the line from a complete power failure or power outage. A surge protector defends against possible voltage spikes that could damage your electronics, appliances, or equipment. A power strip will not protect against voltage spikes. A UPS or line conditioner could protect against voltage spikes, but they cost much more than a surge protector. A power distribution unit (PDU) is a device designed to provide power to devices that require power, and may or may not support remote monitoring and access.

You are working as a mobile device technician for a large corporation's enterprise service desk. A user complains that every time they attempt to launch the company's mobile email application, it crashes and displays an error message of Code123. This is the third user with this error on an Android (model DTA) smartphone. The same app is working on your smartphone, but it is a model DTX. Which of the following should you do FIRST to attempt to solve this problem? Clear the app's cache Rollback the app to an earlier version Update the smartphone's OS Reinstall the email app

Update the smartphone's OS. OBJ-3.4: Normally, your first step would be to uninstall and reinstall the application. But, since this issue is occurring on multiple devices with the same model, it would be a better first step to update the smartphone's OS. Based on the scenario, you know that the app works on a different smartphone model. With Android devices, the OS is usually modified by the smartphone manufacturer, specifically for their devices. If the app doesn't work on one model, but it does on another, it may be an operating system issue.

Your Windows 10 workstation is currently running version 1909 and was flagged by the cybersecurity team as a threat to the network due to its outdated operating system. Which of the following actions should be performed to remediate this issue? Enable System Restore in Windows Disable the Windows Update service to prevent future issues Rollback any system updates or changes Use the Windows Update to install the latest OS version

Use the Windows Update to install the latest OS version. OBJ-3.1: Windows Update hosts critical updates and security patches (code to fix security vulnerabilities in Windows and its associated software) plus optional software and hardware updates to add or change features or drivers. There is also a complementary program, called Microsoft Update, which can be used to keep Microsoft Office software patched at the same time. If you are working on a small network, you will likely use Windows Update to keep your systems patched and secure. If you work for a large organization, you will likely use the Microsoft Endpoint Configuration Manager (MECM) to conduct patch management across all your devices, instead.

A programmer is writing a script to calculate the disk space needed to perform a daily backup. The programming needs to store the amount of disk space in a temporary placeholder within the program that can be updated and changed during the script's execution. Which of the following would be used to store the value of the disk space needed? Loop Variable Constant Comment

Variable. OBJ-4.8: A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9. A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A comment is written into the code to help a human understand the initial programmer's logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed.

Your boss from work just sent you an important email, but you are not in the office. You tried to open the email from your smartphone, but it is encrypted and won't open. What should you do? Ask your boss to resend the email in an unencrypted format Verify the digital certificate is installed on the device Open the email using your device's web browser and your corporate webmail Ask your boss to resend the email to your Gmail account instead

Verify the digital certificate is installed on the device. OBJ-3.5: If an encrypted email does not open in your mail app, you most likely need to verify that your digital certificates are properly installed on the device as these are used to decrypt encrypted emails. If the email was sent to your Gmail account, it would be sent unencrypted. You should not ask for the email to be sent unencrypted since it removes the confidentiality and privacy of the email. Regardless of whether you are using the email client or the mobile web browser, if the digital certificate is not properly installed then the encrypted email will not be able to be read.

Which of the following types of encryption uses a 128-bit encryption key but is considered weak due to its use of a 24-bit initialization vector? WPA WPS WPA2 WEP

WEP. OBJ-2.2: Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. The Wi-Fi Protected Setup (WPS) is a mechanism for auto-configuring a WLAN securely for home users. On compatible equipment, users push a button on the access point and connect adapters to associate them securely. WPS is subject to brute force attacks against the PIN used to secure them, making them vulnerable to attack.

Which of the following is the LEAST secure wireless security and encryption protocol? WEP WPA3 WPA WPA2

WEP. OBJ-2.2: Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications that was designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. Wi-Fi protected access version 3 (WPA3) has replaced WPA2 as the most secure wireless encryption method. WPA3 uses the simultaneous authentication of equals (SAE) to increase the security of preshared keys. WPA3 provides the enhanced open mode that encrypts transmissions from a client to the access point when using an open network. WPA3 Enterprise mode supports the use of AES with the Galois/counter mode protocol (GCMP-256) for the highest levels of encryption.

Which of the following is the MOST secure wireless security and encryption protocol? WPA WEP WPA2 WPA3

WPA3. OBJ-2.2: Wi-Fi protected access version 3 (WPA3) has replaced WPA2 as the most secure wireless encryption method. WPA3 uses the simultaneous authentication of equals (SAE) to increase the security of preshared keys. WPA3 provides the enhanced open mode that encrypts transmissions from a client to the access point when using an open network. WPA3 Enterprise mode supports the use of AES with the Galois/counter mode protocol (GCMP-256) for the highest levels of encryption. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key.

Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the company's owner if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donating them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer's hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend? Degaussing Shredding Purging Wiping

Wiping. OBJ-2.8: Data wiping or clearing occurs by using a software tool to overwrite the data on a hard drive to destroy all electronic data on a hard disk or other media. Data wiping may be performed with a 1x, 7x, or 35x overwriting, with a higher number of times being more secure. This allows the hard drive to remain functional and allows for hardware reuse. Degaussing a hard drive involves demagnetizing a hard drive to erase its stored data. You cannot reuse a hard drive once it has been degaussed. Therefore, it is a bad solution for this scenario. Purging involves removing sensitive data from a hard drive using the device's internal electronics or an outside source such as a degausser, or by using a cryptographic erase function if the drive supports one. Shredding involves the physical destruction of the hard drive. This is a secure method of destruction but doesn't allow for device reuse.

A file currently has permissions of 755. Which of the following commands would change file permission to r-xr--r--? chmod u+w,go+x filename chmod r-wr--r-- filename chmod u-rx,go-r filename chmod 544 filename

chmod 544 filename. OBJ-1.11: The chmod command is used to change a file or directory's permissions from the command line or terminal. A technician can either use u+ to add user permission and g+ to add group permissions, or they can use the octal value. In this case, the octal value of r-wr--r-- is 544. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the owner's permissions, the group's permissions, and the other user's permissions.

Which of the following commands is used on a Linux system to convert and copy files from one hard disk to another? cd ls dd mv

dd. OBJ-1.11: The dd command is used to convert and copy files. On Unix and Unix-like operating systems like Linux, almost everything is treated as a file, even block devices like a hard disk drive. This makes dd useful to clone disks or wipe data from a drive. The mv command is a command-line utility that moves files or directories from one place to another. The mv command supports moving single files, multiple files, and directories. The mv command can prompt before overwriting files and will only move files that are newer than the destination. When the mv command is used, the file is copied to the new directory and removed from the old directory. The ls command lists the files or directories in the current path of a Unix, Linux, or Mac operating system. When invoked without any arguments, ls lists the files in the current working directory. The cd command is used to change the directory. If used with the "cd .." option, it will move up one directory in the file system's directory structure. If used with the "cd ."

Which command is used to create a new disk partition on a Windows system? dd chkdsk diskpart format

diskpart. OBJ-1.2: The diskpart command is a command-line disk-partitioning utility available for Windows that is used to view, create, delete, and modify a computer's disk partitions. The chkdsk command is used to check the file system and file system metadata of a volume for logical and physical errors. If used without parameters, chkdsk displays only the status of the volume and does not fix any errors. If used with the /f, /r, /x, or /b parameters, it fixes errors on the volume. The format command creates a new root directory and file system for the disk. It can check for bad areas on the disk, and it can delete all data on the disk. To use a new disk, you must first use the format command to format the disk. The dd command is a Linux utility that is used to copy and convert raw data from one source to another such as a hard disk to an image file.

Question 42Correct Which command-line tool is used on a Linux system to display a list of the files and directories within the current path? chkdsk pwd ls sfc

ls. OBJ-1.11: The ls command lists the files or directories in the current path on a Linux system. When invoked without any arguments, ls lists the files in the current working directory. The pwd command displays the present working directory (current directory) path to the terminal or display. If you are working on a Linux system and are unsure of where you are in the directory structure, type "pwd" and hit enter to display the path to the screen. The chkdsk command is used to check the file system and file system metadata of a volume for logical and physical errors. The system file checker (SFC) command is a utility in Windows that allows users to scan for and restore corrupted Windows system files from the command line.

A workstation at Dion Training's office is taking a long time to boot up. Once it finishes booting to the Windows 10 desktop, which of the following tools can a technician use to diagnose and fix the boot issues? msinfo32.exe resmon.exe perfmon.msc msconfig.exe

msconfig.exe. OBJ-1.3: System configuration (msconfig.exe) is a system utility to troubleshoot the Microsoft Windows startup processes. MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters. PerfMon is a performance monitoring and system monitoring utility in Windows that is used to monitor the activities on CPU and memory activity on a computer. Performance monitor is used for viewing performance data either in real-time or from a log file. The performance monitor can only monitor the resource utilization, but it cannot manage or terminate those processes. Resource monitor is a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time. The resource monitor helps check the performance counters of specific resources and decide a course of action to improve the performance. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues.

Which command-line tool could you use on a Windows system to enable an inactive administrator account? net user gpresult taskkill robocopy

net user. OBJ-1.2: There are several net command utilities that you can use to view and configure shared resources on a Windows network. The net user command allows system administrators to manage user accounts on Windows PCs. You can use the command to display account information or make changes to user accounts. It can be used, among other things, to enable the inactive administrator account of a Windows system. The robocopy tool is used to mirror or synchronize directories and their contents. Robocopy will check the destination directory and remove files no longer in the main tree. It also checks the files in the destination directory against the files to be copied and doesn't waste time copying unchanged files. The taskkill command is used to end one or more tasks or processes on a Windows system. Processes can be ended by process ID or image name. You can use the tasklist command to determine the process ID (PID) for the process to be ended. The gpresult command is used to display the Resultant Set of Policy (RSoP) information for a remote user and computer. Because you can apply overlapping policy settings to any computer or user, the Group Policy feature generates a resulting set of policy settings when the user logs on. The gpresult command displays the resulting set of policy settings that were enforced on the computer for the specified user when the user logged on.

Which command would a Linux user need to enter to change their password? passwd ps pwd chown

passwd. OBJ-1.11: The passwd command changes passwords for user accounts. A normal user may only change the password for their account, while the superuser may change the password for any user. The chown command is used to change the owner of the file, directory, or link in Linux. The pwd command displays the present working directory (current directory) path to the terminal or display. If you are working on a Linux system and are unsure of where you are in the directory structure, type "pwd" and hit enter to display the path to the screen. The ps command is used to list the currently running processes, and their PIDs and some other information depend on different options. It reads the process information from the virtual files in the /proc file system. The /proc directory contains virtual files and is known as a virtual file system.

Which of the following Windows tools can a technician use to display information about the performance of hardware and software resources in real-time? devmgmt.msc resmon.exe msinfo32.exe dxdiag.exe

resmon.exe. OBJ-1.3: Resource monitor (resmon.exe) is a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time. The resource monitor helps check the performance counters of specific resources and decide a course of action to improve the performance. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues. The DirectX diagnostic (dxdiag.exe) utility is used to collect info about devices to help troubleshoot problems with DirectX sound and video. It is a diagnostics tool used to test DirectX functionality and troubleshoot video-related or sound-related hardware problems. DirectX diagnostic can save text files with the scan results. Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.

While troubleshooting the reason that the File Explorer is crashing on a Windows 10 machine, you determine that some of its files may have become corrupt. Which of the following utilities should you use to correct this? dxdiag gpupdate sfc regedit

sfc. OBJ-3.1: The system file checker (SFC) command is a utility in Windows that allows users to scan for and restore corrupted Windows system files from the command line. System files (and shared program files) are maintained and version-controlled in the WINSxS system folder. Since the File Explorer is part of the Windows 10 operating system files, it would be repaired or replaced by running the system file checker (SFC). The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn't be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit. The gpupdate command-line tool is used to update the group policy settings on a Windows system. For an administrator to force a background update of all Group Policy settings regardless of whether they have changed, they need to run "gpupdate /force" from the command line. The DirectX diagnostic (dxdiag.exe) utility is used to collect info about devices to help troubleshoot problems with DirectX sound and video. It is a diagnostics tool used to test DirectX functionality and troubleshoot video-related or sound-related hardware problems. DirectX diagnostic can save text files with the scan results.

You are troubleshooting a network connectivity issue and need to determine the packet's flow path from your system to the remote server. Which of the following tools would best help you identify the path between the two systems? ipconfig tracert nbtstat netstat

tracert. OBJ-1.2: The tracert (trace route) diagnostic utility determines the route to a destination by sending Internet Control Message Protocol (ICMP) echo packets to the destination. In these packets, tracert uses varying IP Time-To-Live (TTL) values. When the TTL on a packet reaches zero (0), the router sends an ICMP "Time Exceeded" message back to the source computer. The ICMP "Time Exceeded" messages that intermediate routers send back show the route. The ipconfig tool displays all current TCP/IP network configuration values on a given system. The netstat tool is a command-line network utility that displays network connections for Transmission Control Protocol, routing tables, and some network interface and network protocol statistics on a single system. The nbtstat command is a diagnostic tool for NetBIOS over TCP/IP used to troubleshoot NetBIOS name resolution problems.

Which of the following tools is used to duplicate all of the files in one directory to another in the Windows command line? format netstat dir xcopy

xcopy. OBJ-1.2: The xcopy tool copies all of the files from one directory to another. The format command creates a new root directory and file system for the disk. It can check for bad areas on the disk, and it can delete all data on the disk. To use a new disk, you must first use the format command to format the disk. The dir command is used to list a directory's files and subdirectories. If used without parameters, this command displays the disk's volume label and serial number, followed by a list of directories and files on the disk (including their names and the date and time each was last modified). The netstat command is used to display active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics, and IPv6 statistics on a Windows machine.