CompTIA A+ Core 1 Practice Test 2023
Which of the following extensions combines a scripting language with hundreds of prebuilt modules called cmdlets that can access and change most components and features of Windows and Active Directory components and features? js .py .ps1 .sh
.ps1 - .ps1 is the PowerShell script file. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) for rapid development. .sh is the Linux shell script extension by convention. Every shell script starts with a shebang line that designates which interpreter to use, such as Bash or Ksh. .js is the JavaScript file extension. JavaScript is a scripting language designed to implement interactive web-based content and web applications. Most web servers and browsers are configured with a JavaScript interpreter. .py is the Python file extension. Python is a general-purpose scripting and programming language that can develop both automation scripts and software applications.
A technician is implementing a Linux shell script that each statement comprising the actions that the script will perform is then typically added on separate lines. Which of the following is this? .bat .vbs .sh .ps1
.sh - .sh is the Linux shell script extension by convention. Every shell script starts with a shebang line designating which interpreter to use, such as Bash or Ksh. It includes a series of commands that run consecutively to carry out tasks. .ps1 is the PowerShell script file. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) for rapid development. .vbs is the VBScript file extension. VBScript predates Powershell. The wscript.exe interpreter executes VBScript by default. .bat is the Windows batch file extension. A shell script for the basic Windows CMD interpreter is often described as a batch file.
A user uses a scripting language based on Microsoft's Visual Basic programming language. Which of the following extensions is used? .py .js .vbs .bat
.vbs - .vbs is the VBScript file extension. VBScript predates PowerShell. The wscript.exe interpreter executes VBScript by default. .bat is the Windows batch file extension. A shell script for the basic Windows CMD interpreter is often described as a batch file. .js is the JavaScript file extension. JavaScript is a scripting language designed to implement interactive web-based content and web applications. Most web servers and browsers are configured with a JavaScript interpreter. .py is the Python file extension. Python is a general-purpose scripting and programming language that can develop both automation scripts and software applications.
A teenager hears from friends about a legitimate website to download games to their Samsung Galaxy phone that is not in the Google Play store. The teenager goes to the site and downloads some games. What best describes the teenager's behavior? Bootlegging Rooting APK sideloading Jailbreaking
APK sideloading - APK (Android Package) is the file format for Android apps. APK sideloading refers to downloading apps from a source other than Google's Play store. Jailbreaking removes the protective seal and any operating system-specific restrictions to give users greater control over the device. iOS jailbreaking is accomplished by booting the device with a patched kernel. Rooting or gaining root access on an Android-based phone means gaining super user-level access over the device. A bootleg app is a software that illegally copies or imitates a commercial product or brand. In this scenario, the teenager used a legitimate site.
A technician needs this skill to give full attention to the customer, so there is no disagreement or misinterpretation of what was said. What is this skill? Open-end questions Active listening Proper language Cultural sensitivity
Active listening - Active listening is the skill of listening to an individual giving that person the full attention and not arguing with, commenting on, or misinterpreting what they have said. Proper language is not being overly familiar with customers. Do not use slang phrases and any language that may cause offense. When active listening, the employee makes a conscious effort to focus on what the other person is saying. Cultural sensitivity means being aware of other people's customs and habits, not judging the customer. Open-ended questions invite the other person to compose a response.
A user wants to share their printer with other teams, but not all teams use the same operating system. What can the user do to configure functionality with the other teams? Additional drivers Mapped drive Proxy settings File server
Additional drivers - Use the additional drivers' button to make drivers available for different client operating systems. For example, if the print server is Windows 10 64-bit, it can make 32-bit Windows 7 drivers available. Configuring the proxy settings will not help with printer functionality. The settings for proxy information can be found in internet options. A mapped drive is a share that has been assigned to a drive letter on a client device. To map a share as a drive, right-click it and select Map Network Drive. A file server would not help with printer functionality, although a printer server could assist with this endeavor.
A curious IT administrator notices issues with certain applications invoking the kernel. Which operating system would allow the administrator to change the underlying operating system? Android macOS iPadOS iOS
Android - Android is a smartphone/tablet OS developed by the Open Handset Alliance, primarily driven by Google. Unlike iOS, it is an open-source OS based on Linux. iOS is the operating system for Apple's iPhone smartphone and original models of the iPad tablet. Like macOS, iOS is also derived from UNIX and developed as a closed-source operating system. The iPadOS has been developed from iOS to support the functionality of the latest iPad models (2019 and up). The macOS is a closed-source operating system that does not allow users to make changes.
What component storage prevents static electricity from discharging? Antistatic bags Dissipative packaging ESD straps ESD mats
Antistatic bags - Antistatic bags are packages that reduce the risk of ESD because it is coated with a conductive material. Anti-electrostatic discharge (ESD) straps are worn to dissipate static charges effectively. The band should fit snugly around the wrist or ankle so that the metal stud contacts the skin. Electrostatic discharge (ESD) mats are used to organize sensitive components. The mats contain a snap connected to the wrist or leg strap. Dissipative packaging is light pink or blue packaging that reduces the buildup of static in the general vicinity of the contents by being slightly more conductive than normal.
A company's IT support specialist is ready to start recommissioning a system as part of the malware removal process. What is the last step before removing the computer from quarantine? Create a fresh restore point. Verify DNS configuration. Re-enable System Restore. Antivirus scan
Antivirus scan - Before removing a computer system from quarantine, the final step is to run another antivirus scan to make sure the system is clean. Creating a new restore point (or system image) is one component of recommissioning and is done after re-enabling the System Restore but before running a final antivirus scan. Re-enabling the System Restore is the beginning of the recommissioning process, along with re-enabling any disabled automatic backups. Verifying Domain Name System (DNS) configuration to prevent reinfection is part of recommissioning, but it comes before the final antivirus scan.
A user is conscientious about security after hearing about breaches in the news. The user wants to see if they are up to date on patches for their Apple computer. Where should the user go to check? System Preferences Printers & Scanners Displays App Store
App Store - The App Store checks daily for new updates/patches and releases of installed apps in macOS. If a new version is available, a notification will be shown against the App Store icon in the dock. The Displays preference pane allows users to scale the desktop, set the brightness level, calibrate to a given color profile, and configure Night Shift settings to make the display adapt to ambient light conditions. Use the Printers & Scanners preference pane to add and manage print and scan devices. Users can manage network settings either from the Status menu on the right-hand side of the menu bar or via System Preferences.
A Windows security lod shows numerous login atempts with passwords containing basketball lingo
Attach Type: Dicitionary attack Prevention Method: Account lockouts
An internet-facing web application is bombarded with request and is rendered unusable
Attack Type: Denial of service (DoS) Prevention Method: Traffic analysis, you can prevent this to fileter legitimate traffic from spoofed requests.
A malicious email is sent to all employees in an attempt to gain information about their system
Attack Type: Phishing Prevention Method: Email message filtering
An SSID similar to the company-managed SSID is being broadcast as an open wireless network.
Attack Type: evil twin Prevention Method: can be done with strong 802.1x enterprise authenticaiton methods, like installing certificates on company devices.
A user is attempting to gain condifential infoormation by talking to the receptionist
Attack type: Social engineering Prevention Method: user education
A user has owned the same personal computer for a while and thinks it might be time for an upgrade. Which of the following are upgrade considerations? (Select all that apply.) Backup files Hardware compatibility Application support PXE support
Backup files Hardware compatibility Application support Hardware compatibility is a consideration. The user must make sure that the central processing unit (CPU), chipset, and RAM components are sufficient to run the OS. Application and driver support and backward compatibility are other considerations. Most version upgrades try to maintain support for applications and device drivers developed for older versions. Backup files and user preferences are a consideration. If the user is installing a new operating system or doing a clean install, the user should back up any necessary data and settings. Most computers now come with a Preboot eXecution Environment (PXE)-compliant firmware and network adapter to support this boot option and is not necessarily a consideration. previous
A security engineer researches how to make backup and antivirus apps available to their iOS mobile devices. Where should the apps be pushed? Business Manager Security & Privacy Finder iCloud
Business Manager - A supervised macOS can be restricted in terms of app installation and uninstallation policies. Corporate apps can be pushed to devices via the Business Manager portal. By default, macOS will only allow apps to be installed if downloaded from the Mac App Store. To allow the installation of download apps, go to System Preferences > Security & Privacy. The Finder is the macOS equivalent of File Explorer in Windows. It lets the user navigate all the files and folders on a Mac. iCloud is Apple's online storage solution for its users. It provides a central, shared location for mail, contacts, calendar, photos, notes, reminders, and more across macOS and iOS devices.
A new employee calls the help desk because their phone will not connect to the office Wi-Fi. When the technician asks about the phone model, the employee says it is an iPhone 5. The technician immediately knows the problem. Which of the following could be the problem? Throttling Signal strength Interference Configuration
Configuration - Since the technician knew the problem based on the phone model, the most likely cause would involve configuration issues between the device and the wireless access point related to the 802.11 standard or the GHz band. Signal strength can be affected by distance but not likely by the phone model. The phone model would not impact interference from other devices or thick walls or metal. Concerning smartphones, throttling refers to a purposeful reduction in phone performance by a manufacturer's update to the device that instructs it not to perform at its maximum capabilities.
When making major adjustments to a project, a security technician will have to assess the business and technical merits as well as the risks of the adjustment plan. What documentation will need to be submitted? Sandbox testing Risk levels Change board approval Rollback plan
Change board approval - Change board approvals are when a serious change request is made, and approvals go to a change advisory board (CAB). The CAB should include stakeholders for departments, users, or customers whom the change will impact and those proposing it, technicians responsible for implementing it, and managers/directors who can authorize the budget. Sandbox testing is a computing environment designed to replicate the production environment but isolated from it. A rollback plan is when a change can be reversed if it has harmful or unforeseen consequences. Risk levels are included in the risk assignment that could be expressed as a discrete value or as a traffic light-type of indicator, where red is high, orange is moderate risk, and green is minimal risk.
A technician needs to set up a method that blocks URLs or search terms using keywords and phrases. What is this method? Disable guest access Changing channels Content filtering Encryption setting
Content filtering - Content filtering means that the firewall downloads curated reputation databases that associate IP address ranges, Fully Qualified Domain Names (FQDNs), and URL web addresses with sites known to host various categories of content. Changing channels can be accessed by using a Wi-Fi analyzer to identify which channel within the access point's range is least congested. Disable guest access when a user does not want a guest network. The guest network is usually isolated from the other local devices. Guests can connect to this network and access the internet without a password. Encryption settings allow users to set the authentication mode.
The IT Department has learned that a new employee starts on Monday and will need a computer just before the weekend. There is a used PC in the storeroom. A " no operating system found " message appears when the computer is rebooted after a technician installs Windows 10 on the computer with the hard drive partition style set to support Unified Extensible Firmware Interface (UEFI). Determine which of the following scenarios would generate that message. Application crash Faulty motherboard Corrupted MBR Damaged hard drive
Damaged hard drive - The hard drive stores the files for the operating system, so a damaged hard drive will generate the "no operating system found" message. Applications do not load until after login, and the operating system would have to be found to load and display a login screen. It is unlikely that a faulty motherboard would lead to a "no operating system found" error. It is more likely to cause the system not to boot, not recognize peripherals, or suffer the blue screen of death (BSOD). Unified Extensible Firmware Interface (UEFI) generally does not interact with the Master Boot Record (MBR). The MBR is part of the legacy BIOS boot process.
What is referred to as data on persistent storage like HDDs, SSDs, and thumb drives? Disable AutoRun Disable Autoplay Data-at-rest encryption Use timeout/screen lock
Data-at-rest encryption - Data on persistent storage, like HDDs, SSDs, and thumb drives, is known as data-at-rest. To protect data-at-rest against these risks, the information stored on a disk can be encrypted. Disable AutoRun so that malware can not be installed automatically. Some versions of Windows require an optical disc inserted or USB drive to be attached so that the AutoRun command installs. Disabling Autoplay will make the computer unable to play new content automatically. Use timeout/screen lock is when the desktop is locked if the system detects no user-input device activity. Users should not rely on this and lock the computer manually when leaving it unattended.
What method uses the process of immersing the device into a high-intensity magnetic field that leaves the object magnetically impartial? Degaussing Erasing/wiping Incinerating Certificate of destruction
Degaussing - Degaussing is when a hard disk is exposed to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. Incinerating is when the disk is exposed to high heat to melt its components. This should be performed in a furnace designed for media sanitization. Municipal incinerators may leave remnants. Erasing/wiping software ensures that old data is removed using zeroes or random patterns, leaving the disk in a "clean" state, ready to be passed to the new owner. A certificate of destruction shows the make, model, and the serial number of each drive that was handled, plus the date of destruction and how it was destroyed.
A software company hires a new app developer. The corporate network denies access when the developer tries to connect their phone. Why would the network deny access from the developer's mobile phone? App spoofing Developer mode Sluggish response time High network traffic
Developer mode - The developer's phone is in developer mode. The company's Mobile Device Management (MDM) system blocks access to the network because developer mode can be used to install bootleg apps. High network traffic is a bandwidth utilization issue; it would not cause access to the network to be denied. App spoofing is when a malicious app will typically spoof a legitimate app by using a similar name and fake reviews and automated downloads to boost its apparent popularity. Sluggish response time on a mobile device could be caused by malware, too many open apps, and a low battery charge, among other things. It would not cause the device to be denied network access.
A helpdesk technician is helping a user experiencing printer problems. After several troubleshooting steps, the technician thinks the user may have installed the wrong driver. Where can they go to install a different one? Device Manager Network and Sharing Programs and Features Indexing Options
Device Manager - Device Manager allows users to view and edit the properties of installed hardware. They can change hardware configuration settings, update drivers, or remove/disable devices. The Programs and Features Control Panel applet is the legacy software management interface. Users can use it to install and modify desktop applications and Windows Features. Network and Sharing Center is a Control Panel applet that shows status information. Printer drivers will not be located here. Search is also governed by settings configured in the Indexing Options applet. A corrupted index is a common cause of search problems.
A software engineer uses the "data protection" option for the apps on their mobile device. This option is subject to the second round of encoding using a key derived from and protected by the user's credentials. What is this method? Locator application Remote backup application Device encryption Profile security requirements
Device encryption - Device encryption is enabled automatically when a user configures a passcode lock on the device. A remote backup application is the backup of data, apps, and settings to the cloud. A user may choose to use a different backup provider or a third-party provider like Dropbox. Profile security requirements document the details of the secure implementation of a device. These policies are applied to different employees and different sites or areas within the site. A locator application finds a device if it is lost or stolen. Once set up, the phone's location can be tracked from any web browser when it is powered on.
A user has a Mac computer but likes Windows better for functionality and compatibility purposes. The user wants to sell their computer on an online marketplace and wipe their presence from the computer. Which of the following will help them accomplish this? Disk Utility Remote Disc Dock Finder
Disk Utility - The Disk Utility app can be used to verify or repair a disk or file system. It can also be used to erase a disk with security options if users are selling or passing on a Mac. The Finder is the macOS equivalent of File Explorer in Windows. It lets the user navigate all the files and folders on a Mac. Since 2016, no Apple Mac has been sold with an inThe Remote Disc app, which lets users access a CD/DVD drive on another Mac or Windows computer. The Dock at the bottom of the screen gives one-click access to users' favorite apps and files, similar to the taskbar in Windows.
An attacker uses a technique against a wireless network that allows them to flood access points with too many packets. What is this called? Insider threat On-path attack DDoS DoS
DoS - A denial of service (DoS) attack causes a service at a given host to fail or become unavailable to legitimate users. An on-path attack is a specific type of spoofing where the threat actor can covertly intercept traffic between two hosts or networks, allowing the threat actor to read and possibly modify the packets. An insider threat is an employee or other person with immediate access to internal components of the company or organization. Distributed DoS (DDoS) means that the attacks are launched from multiple compromised systems, referred to as botnet, to perform the attack against its target.
To ensure the authenticity and authorization of a mobile app, a service provider issues a certificate to valid developers. Developers can use this certificate to sign their app, and to establish trust. Which of the following attributes of an app would likely disqualify as trustworthy? Duplicates the function of IoT. Duplicates the function of a VPN. Duplicates the function of core OS apps. Duplicates the function of MDM.
Duplicates the function of core OS apps. - A mobile app that duplicates the function of core operating system (OS) apps would be at risk of not receiving trusted app status. A virtual private network (VPN) is a secure tunnel created between two endpoints connected via an unsecured transport network. VPNs are not proprietary. Mobile-device management (MDM) is a software tool for tracking, controlling, and securing an organization's mobile infrastructure. MDMs are not proprietary. Internet of Things (IoT) is a global network of personal devices, home appliances and control systems, and other items with network connectivity. An app could not duplicate IoT.
Which of the following are proper component handling tools and techniques to protect electronic components against electronic discharge when fixing a PC or mobile device? (Select all that apply.) Safety goggles ESD mats ESD straps Air filter mask
ESD mats ESD straps Anti-electrostatic discharge (ESD) straps are worn to dissipate static charges effectively. The band should fit snugly around the wrist or ankle so that the metal stud contacts the skin. Electrostatic discharge (ESD) mats are used to organize sensitive components. The mats contain a snap connected to the wrist or leg strap. Safety goggles are used to minimize the risk of burns from corrosive materials such as broken batteries, cellphones, tablets, or irritation from particles such as toner or dust. An air filter mask that fits over the mouth and nose is a recommended face covering when working with compressed air, toner spills, or working in a dusty environment. An air filter mask will not protect the eyes.
A technician makes sure that there is no faulty electrical equipment that can pose a risk and places extinguishers nearby. What is this called? Proper power handling Fuse Electrical fire safety Equipment grounding
Electrical fire safety - Electrical fire safety ensures that equipment is properly stored and away from any flammable material and electrical wires do not start a fire. Electrical equipment must be grounded. The power plug connects devices such as PCs and printers to the building ground. Proper power handling is done with the correct training. PC power supply units can carry dangerously high levels of voltage. Disconnection of power should be done before repairing a PC. An electrical device has a fuse appropriate to its maximum current. If the current increases past the fuse capacity, the fuse will blow. However, if the fuse fitted is rated too low, the fuse will blow too easily.
What ensures that old data is destroyed by writing to each location on a hard disk drive? Erasing/wiping Incinerating Low-level formatting Standard formatting
Erasing/wiping - Erasing/wiping software ensures that old data is removed using zeroes or random patterns, leaving the disk in a "clean" state, ready to be passed to the new owner. This overwriting method is suitable for all but the most confidential data. The standard formatting tool deletes partitions and writes a new file system that will only remove references to files and mark all sectors as useable. A low-level formatting tool resets a disk to its factory condition. Most of these tools will now incorporate some sanitize function. Incinerating is when the disk is exposed to high heat to melt its components. It is performed in a furnace designed for media sanitization. Municipal incinerators may leave remnants.
A vulnerability and risk manager reviews older systems that can only receive critical patches. What are these systems classified as? Beta End of life Supported Extended support
Extended support - During the extended support phase, the product is no longer commercially available, but the vendor issues critical patches. An end-of-life (EOL) system is one that its developer or vendor no longer supports. EOL systems no longer receive security updates and therefore represent a critical vulnerability. A public beta phase might be used to gather user feedback. Microsoft operates a Windows Insider Program where users can sign up to use early release Windows versions and feature updates. When the product is being actively marketed during the supported phase, the vendor releases regular patches to fix critical security and operational issues and feature upgrades to expand OS functionality.
A server administrator looks at which Linux supports file systems to show all available options. Which of the following are supported by Linux? (Select all that apply.) NTFS FAT32 ext4 APFS
FAT32 ext4 Most Linux distributions use some version of the extended (ext) file system. ext4 delivers better performance than ext3 and would usually represent the best choice for new systems. Linux can also support FAT/FAT32 (designated as VFAT). Additional protocols such as the Network File System (NFS) can mount remote storage devices into the local file system. Where Windows uses NTFS and Linux typically uses ext3 or ext4, Apple Mac workstations and laptops use the proprietary Apple File System (APFS). The New Technology File System (NTFS) is a proprietary file system developed by Microsoft for use with Windows.
-rw-rwpp 1 root root Coupon_text.txt This text give read and wrtie permissions to the other users. True or False
False
A user just installed a new application on their workstation, but the application has issues even starting up. The user has been working on the machine regularly up to this point without any prior issues. Which of the following is most likely the issue? Proxy Personalization Firewall DNS
Firewall - In this scenario, one place to troubleshoot is the host-based firewall. Select "Allow an app through the firewall" to allow or block programs (configure exceptions) from the Windows Firewall status page. While proxy settings could be an issue, if the user is working fine beforehand, proxy settings are not likely to be an issue. If the user has been using the machine without any previous problems it is unlikely that the domain name system (DNS) is the issue. The Personalization settings allow the users to select and customize themes, which set the appearance of the desktop environment.
What allows a user to download from a vendor's website and select the correct patch for their device's make and model? Change default password Firmware updates Encryption setting Physical placement
Firmware updates - Firmware updates are important because it allows the user to fix security holes and support the latest security standards. Change the default password to secure the administrator account. Choose a new strong password of 12 characters or more. This is more secure than leaving the default where someone may be able to easily access. Physical placement of any type of router or network appliance should be made to a secure location. A non-malicious threat actor could damage or power off an appliance by accident. Encryption settings allow users to set the authentication mode.
A client administrator for a video game development company wants to upgrade machines to support five primary partitions. The developers work with a lot of large files and might even need partitions larger than 2 TB. Which of the following should the administrator use? MBR GPT NTFS APFS
GPT - One of the features of GPT is support for more than four primary partitions. Windows allows up to 128 partitions with GPT. GPT also supports larger partitions (2 TB+) and a backup copy of the partition entries. An OS must be installed to a partition formatted using a compatible file system. For Windows, this means using the New Technology File System (NTFS). The master boot record (MBR) partition style stores a partition table in the first 512-byte sector on the disk. Where Windows uses NTFS and Linux typically uses ext3 or ext4, Apple Mac workstations and laptops use the proprietary Apple File System (APFS).
Rooting is typically an action related to Android, while jailbreaking is associated with iOS. They are both trying to do the same thing. What is that? Bootlegging Publish malicious apps. Spoofing Gain unrestricted access.
Gain unrestricted access. - The goal of rooting and jailbreaking is to gain unrestricted access, or privilege escalation, by subverting the security controls built into iOs or Android. This also has the side effect of leaving many security measures permanently disabled. Publishing malicious apps is the purview of rogue developers. It is not the goal of rooting and jailbreaking. Bootlegging is developing software that illegally copies or imitates a commercial product or brand. Spoofing is developing a malicious app that spoofs a legitimate app by using a similar name and fake reviews, and automated downloads to boost its apparent popularity.
A user wants to maximize resource dedication to 3D performance and frame rate. Where should the user go to do this? Devices Apps System Gaming
Gaming - Game mode suspends Windows Update and dedicates resources to supporting the active game app's 3D performance and frame rate rather than other software or background services. The System Settings page in the Settings app presents options for configuring input and output devices, power, remote desktop, notifications, and clipboard (data copying). The Devices settings pages contain options for input devices (mice, keyboards, and touch), print/scan devices, and adding and managing other peripherals attached over Bluetooth or USB. In the Settings app, the Apps group is used to view and remove installed apps and Windows Features.
An administrator for Apple endpoints has heard about roaming profiles on Windows where users can sync certain settings from different devices. Which of the following offers a similar functionality? Keychain Spotlight iCloud keychain Gestures
Gestures - The keychain feature is also available as an iCloud keychain, making the same passwords securely available across all macOS and iOS devices. The keychain feature helps users manage passwords for these accounts, other websites, and Wi-Fi networks. The regular keychain is just local. Spotlight Search can be used to find almost anything on macOS. To start a new search, click the magnifying glass in the menu bar. Macs do not support touch screen interfaces, but they support gesture-enabled Magic Mouse and Magic Trackpad peripherals. To see what gestures are available on the Mac or change any settings, open the Trackpad preference pane.
The System Restore tool in Windows is used to roll back configuration changes to an earlier date or restore point. One option for creating restore points is to use Task Scheduler. What other actions will create a restore point? (Select all that apply.) Deleting a file Installing a program Updating an application Rebooting
Installing a program Updating an application Whenever an application or program is installed, a restore point is created. A restore point is also created whenever an application or program is updated. Deleting a file will not create a restore point. Likewise, when using System Restore to roll back to an earlier date, the user's documents, pictures, and other data are not deleted. However, software and drivers installed after the restore point will be uninstalled. A restore point is not created when a computer is rebooted, but Windows will create a restore point if one has not occurred in seven days.
An attacker can access a computer by executing a lunchtime attack. Which of the following principles were NOT followed that led to this attack? Secure/protect critical hardware. Log off when not using the computer. Disable guest accounts. Secure PII and passwords.
Log off when not using the computer. - Log off when not in use is a habit that users must develop each time they leave a computer unattended. Policies can configure a screensaver that locks the desktop after a period of inactivity. Secure personal identifiable information (PII) and passwords are when paper copies of personal and confidential data must not leave where they could be read or stolen. Secure/protect critical hardware should be a must for users to be alert to the risk of physical theft of devices. Disabling guest accounts allow unauthorized access to the computer and may provide some sort of network access too. It is only enabled to facilitate password-less file sharing in a Windows workgroup.
What technique is used on hard drives that reset them to factory condition and the hard drives only contain the information necessary to interact with a file system? Certificate of destruction Erasing/wiping Third-party vendor Low-level formatting
Low-level formatting - A low-level formatting tool resets a disk to its factory condition. Most of these tools will now incorporate some sanitize function. Secure erase (SE) and instant secure erase (ISE) are two functions under this tool. Third-party vendors may use overwriting or crypto-erase and issue a certificate of recycling rather than destruction. A certificate of destruction shows the make, model, and the serial number of each drive that was handled, plus the date of destruction and how it was destroyed. Erasing/wiping software ensures that old data is removed using zeroes or random patterns, leaving the disk in a "clean" state, ready to be passed to the new owner.
Which of the following contains information about ingredients, health hazards, precautions, and first aid information and what to do if the material is spilled or leaks? MSDS Electrical fire safety Proper power handling Surge suppressor device
MSDS - A material safety data sheet (MSDS) includes information about recycling any waste product or disposing of it safely by government regulations. Electrical fire safety ensures that equipment is properly stored and away from any flammable material and electrical wires do not start a fire. Surge suppressor devices come in the form of adapters, trailing sockets, or filter plugs, with the protection circuitry built into the unit. These devices offer low-cost protection to one or two pieces of equipment. Proper power handling is done with the correct training. PC power supply units can carry dangerously high levels of voltage. Disconnection of power should be done before repairing a PC.
What are their options when a company wants to create and deliver a custom app for their employees without using a public store? (Select all that apply.) Developer Mode Managed Google Play Apple Business Manager Bootleg App Store
Managed Google Play Apple Business Manager Apple operates enterprise developer and distribution programs to allow private app distribution via Apple Business Manager. Google's Play Store has a private channel option for enterprise app distribution called Managed Google Play. Developer mode is a mobile-device feature designed for testing apps during development. It has no connection to how an app is delivered, whether publicly or privately. A bootleg app store is where users can find bootleg apps that closely mimic legitimate apps; this is a way of pirating apps without paying for them. It is not a private distribution channel.
Microsoft provides a repository of information about threats that Windows Defender discovers. What is the name of the repository? Microsoft 365 Windows Hello Windows Recovery Environment Microsoft Knowledge Base
Microsoft Knowledge Base - Windows Knowledge Base can be used to obtain additional information about threats discovered by Windows Defender Antivirus. The Knowledge Base has more than 150,000 articles created by support professionals about topics such as indicators for manual verification, the impact of infection, and the likelihood of other systems being compromised. Microsoft 365 is an office productivity and data storage suite operated by Microsoft. Windows Hello is a feature that supports passwordless sign-in for Windows. Windows Recovery Environment (WinRE) is a troubleshooting feature that installs a command shell environment to a recovery partition to remediate boot issues.
A technician is cleaning a computer and notices dust forming over the fan blades and ventilation slots. What can the technician use to perform dust cleanup? (Select all that apply.) Domestic vacuum PC vacuum cleaner Natural bristle brush Compressed air blaster
Natural bristle brush - A compressed air blaster can be used to dislodge dust from difficult-to-reach areas. When performing this sort of maintenance within a controlled area, wear an appropriate air-filter mask and goggles. The PC vacuum cleaner can be used to blow air and suction to replace the need for the compressed air canister. Such vacuums should be labeled as toner safe. Natural bristle brushes remove dust from inside the system unit, especially from the motherboard, adapter cards, and fan assemblies. Domestic vacuum appliances should not be used as they can produce high levels of static electricity.
An administrator in charge of user endpoint images wants to slipstream and use image deployment. Which boot method would best support this? Optical Internal hard drive Network Internet
Network - Network boot setup means connecting to a shared folder containing the installation files, which could be slipstreamed or use image deployment. A computer that supports network boot could also be configured to boot to set up over the internet. To set that up the local network's DHCP server must be configured to supply the DNS name of the installation server. Historically, most attended installations and upgrades were run by booting from optical media (CD-ROM or DVD). Once the OS has been installed, the administrator will usually want to set the internal hard drive as the default (highest priority) boot device and disable any other boot devices.
Management provides employees with written policies and procedures to help them fulfill their tasks. Which of the following procedures requires employees to enroll and identify themselves using secure credentials? Assigned users End-user termination checklist New-user setup checklist Procedures for custom installation of software package
New-user setup checklist - The new-user setup checklist is part of the onboarding process for new employees and employees changing job roles. The end-user termination checklist is part of the offboarding process for employees who are retiring, changing job roles, or fired. Typical tasks include returning and sanitizing devices, releasing software licenses, and disabling account permissions/access. Procedures for custom installation of software packages include verifying system requirements, validating download/installation source, confirming license validity, adding the software to change control/monitoring processes, and developing support/training documentation. Assigned users are when hardware assets such as workstations, laptops, smartphones, tablets, and software licenses might be assigned to an individual user account, including an inventory list of all products that the user may be using.
A user finds that their iPhone 5 starts to run slowly, and a reboot does not solve the slow performance. Which of the following issues could be causing the problem? (Select all that apply.) Mesh network OS update Too many apps open Low battery charge
OS update Too many apps open Low battery charge If a battery is almost out of charge, it could cause slowness, as will a faulty battery or other faulty hardware. If too many apps are open, a phone could become slow because the open apps are consuming most of the phone's resources. An operating system (OS) update on an older phone can severely impact performance. A mesh network provides communication between devices or nodes using some type of mesh networking, such as Z-Wave or Zigbee, which uses less power and makes it easier for smart devices to forward data between nodes.
A curious user looks through their local logs and sees errors in region-coding copy-protection mechanisms. What type of device is generating these logs? Optical media USB SSD External drive
Optical media - Consumer DVDs and Blu-rays feature digital rights management (DRM) and region-coding copy-protection mechanisms. A flash drive is also called a USB drive, thumb drive, or pen drive. It is simply a flash memory board with a USB connector and protective cover. A solid-state drive (SSD) uses flash memory technology to implement persistent mass storage. Flash memory performs much better than the mechanical components used in hard disk drives. External storage devices are also used for backup and data transfer or provide a drive type not available as an internal unit.
A company is using a credit card transaction that guarantees both customer's card data and the company's system are safe against fraudulent purchases and identity theft. What is this? IRP PCI DSS Open-source license Chain of custody
PCI DSS - Payment card industry data security standard (PCI DSS) regulations protect credit card transactions from fraud. There are specific cybersecurity control requirements; others mandate "best practices," as represented by a particular industry or international framework. An open-source license makes it free to use, modify, and share and makes the program code used to design it available. An incident response plan (IRP) sets our procedures and guidelines for dealing with security incidents. A chain of custody form records who collected the evidence, who has handled it subsequently, where they stored it, and must show access to the evidence at every point.
A threat actor poses as a hiring manager for a company and asks a user for their personal credentials and to log in to a spoofed website that looks genuine. When the user confirms log-in with the spoofed website, their information is obtained. Which of the following is this attack? Shoulder surfing Tailgating Phishing Whaling
Phishing - Phishing uses social engineering techniques to make spoofed electronic communications seem authentic to the victim. A phishing message might convince the user to perform actions, such as installing malware disguised as an antivirus program. Tailgating is when entering a secure area without authorization by following closely behind the person who has been allowed to open the door or checkpoint. Whaling is an attack directed specifically against levels of management in the organization. Upper management may also be more vulnerable to common phishing attacks because of their reluctance to learn basic security procedures. Shoulder surfing attacks are when the attacker learns a password, PIN, or any secure information by watching the user type it.
What will block third-party cookies and enable strict tracking protection? Clearing cache Private browsing mode Ad blockers Pop-up blockers
Private browsing mode - Private browsing mode disables the caching features of the browser so that no cookies, browsing history, form fields, passwords, or temp files will be stored when the session is closed. Clearing cache is used to delete browsing history. Browsers will maintain a history of pages visited, cache files to speed up browsing, and save text typed into form fields. Ad blockers use more sophisticated techniques to prevent displaying anything that does not seem to be part of the site's main content or functionality. Pop-up blockers prevent a website from creating dialogs or additional windows. The pop-up technique was used to show fake advertisements and security warnings.
Which of the following is to use clear and concise statements that avoid jargon, abbreviations, acronyms that a user might not understand? Business attire Cultural sensitivity Proper language Formal attire
Proper language - Proper language is not being overly familiar with customers. Do not use slang phrases and any language that may cause offense. When active listening, the employee makes a conscious effort to focus on what the other person is saying. Cultural sensitivity means being aware of customs and habits used by other people. Formal attire means matching suit clothes in sober color and minimal accessories or jewelry. This is used for business meetings. Business casual means smart clothes. Jeans, shorts and short skirts, and T-shirts are not smart workwear. Business casual is typically sufficient for troubleshooting appointments.
A server administrator wants to run the latest technologies. What technology should the administrator start using which will replace the New Technology File System (NTFS)? ReFS exFAT APFS ext3
ReFS - Resilient File System (ReFS) is being developed to replace NTFS. ReFS is only available for Pro for Workstations and Enterprise editions and cannot currently be used for the boot volume. Most Linux distributions use some version of the extended (ext) file system to format partitions on mass storage devices. ext3 is a 64-bit file system with journaling support. Where Windows uses NTFS and Linux typically uses ext3 or ext4, Apple Mac workstations and laptops use the proprietary Apple File System (APFS). exFAT is a 64-bit version of FAT designed for use with removable hard drives and flash media.
A user's phone begins to act strangely, with apps responding slowly and pop-up ads appearing frequently. When the user calls the help desk and explains the issues, the technician says it sounds like malware. What other symptoms would be common to a malware infection on a mobile phone? (Select all that apply.) Increased Response Times APK sideloading Redirection Fake security warnings
Redirection Fake security warnings Fake security warnings are a common symptom of malware infection. Scareware uses these to persuade users to install an app or give a Trojan app additional permissions. Redirection attacks are a common symptom, where malware corrupts the Domain Name System (DNS) and search provider to force users to spoofed sites. This might disrupt access to legitimate sites, generate certificate warnings, and cause slow network performance. APK (Android Package) sideloading refers to downloading apps for Android phones from a source other than Google's Play store. A lockout occurs after a maximum number of failed sign-in attempts.
Which of the following alternatives can a customer select from when an issue cannot be resolved remotely? (Select all that apply.) Repair Replace Proper documentation Clarify customer statements
Repair Replace The repair option for the customer will need clear instructions about how to pack and return the item to a repair center along with a ticket-tracking number and returned-merchandize authorization (RMA). The replacement option for the customer must be given clear instructions for how the product will be delivered or how it can be re-ordered, and whether the broken product must be returned. Proper documentation should be provided so that the customer knows what to expect in terms of supported items, how long incidents may take to resolve, and so on. Clarify customer statements by asking the customer's expectations of what will be done and when the problem will be fixed.
What method gets a system back up and running before the recommended amount of time elapses? Risk levels Rollback plan Change board approval Sandbox testing
Rollback plan - A rollback plan is when a change can be reversed if it has harmful or unforeseen consequences. Change board approvals are when a serious change request is made, and approvals go to a change advisory board (CAB). The CAB should include stakeholders for departments, users, or customers whom the change will impact and those proposing it, technicians responsible for implementing it, and managers/directors who can authorize the budget. Sandbox testing is a computing environment designed to replicate the production environment but isolated from it. Risk levels are included in the risk assignment that could be expressed as a discrete value or as a traffic light-type of indicator, where red is high, orange is moderate risk, and green is minimal risk.
An attacker uses a set of tools designed to gain control of a computer and can create a backdoor with system-level privileges without the user noticing. What is this called? Cryptominer Rootkit Keylogger Ransomware
Rootkit - A rootkit is a malware that uses an exploit to escalate privileges after installation. The malware runs as a root with unrestricted access to everything from the root of the file system. Ransomware is malware that tries to extort money from the victim. Keylogger is spyware that actively attempts to steal confidential information by recording keystrokes. The attacker will usually hope to discover passwords or credit card data. Cryptominer hijacks the resources of the host to perform cryptocurrency mining. Cryptomining is often performed across botnets which are also referred to as cryptojacking.
A user likes to watch Netflix on their phone while on the treadmill. The user turns the phone sideways for better viewing, but this time, the picture did not orient to landscape as it always has. Which of the following could cause this issue? Screen lock is disabled. Screen lock is enabled. Rotation lock is disabled. Rotation lock is enabled.
Rotation lock is enabled. - When a screen does not autorotate, it could be that the rotation lock is enabled. In iOS, the rotation lock is found in the Control Center. In Android, the rotation lock is found in the navigation bar. If the rotation lock is disabled, the screen should autorotate. If it does not, the problem is probably hardware-related. Screen Lock is a security feature for mobile devices. If enabled, it activates if the device is unused or the user activates it. Most devices require a pin or password to unlock the screen. Screen Lock is a security feature for mobile devices. If it is disabled, no pin or password is required. Generally, some swipe gestures will unlock the screen.
A customer uses their computer at a café, and an attacker watches the customer typing their login information. What is this called? Vishing Phishing YOU WERE CORRECT Shoulder surfing Tailgating
Shoulder surfing - Shoulder surfing attacks are when the attacker learns a password, PIN, or any secure information by watching the user type it. Tailgating is when entering a secure area without authorization by following closely behind the person allowed to open the door or checkpoint. Phishing uses social engineering techniques to make spoofed electronic communications seem authentic to the victim. A phishing message might convince the user to perform actions, such as installing malware disguised as an antivirus program. Vishing is an attack through a voice channel like a telephone. It can be much more difficult for someone to refuse a request made in a phone call than one made in an email.
A user wants to connect to multiple systems after a single login at only one of the devices. What is this called? Fingerprint PIN SSO UAC
SSO - Single sign-on (SSO) means that a user authenticates once to a device or network to access multiple applications or services. User account control (UAC) is a Windows security feature designed to protect the system against malicious scripts and attacks that could exploit the powerful privileges assigned to members of the Administrators group. A personal identification number (PIN) can contain letters and symbols. It is a passcode used to process authentication of a user accessing a system. A fingerprint is the type of bio gesture authentication that uses a sensor to scan the unique features of the user's fingerprint.
An employee is working with a substance that can potentially harm them. Which of the following should they use? (Select all that apply.) Safety goggles Lifting techniques Air filter mask Fuse
Safety goggles Air filter mask Safety goggles are used to minimize the risk of burns from corrosive materials such as broken batteries, cellphones, tablets, or irritation from particles such as toner or dust. An air filter mask that fits over the mouth and nose is a recommended face covering when working with compressed air, toner spills, or working in a dusty environment. An air filter mask will not protect the eyes. Lifting techniques are included in safety handbooks; the guidance sets out to show employees lifting heavy objects incorrectly can cause muscle strains, back injuries, and damage the object. An electrical device has a fuse appropriate to its maximum current. If the current increases past the fuse capacity, the fuse will blow. However, if the fuse fitted is rated too low, the fuse will blow too easily.
An administrator uses a method that assigns permissions and rights to a collection of user accounts. What is this called? MFA Security group Least privilege ACL
Security group - A security group is a collection of user accounts, as it is more efficient to assign permissions to a group than to assign them individually to each user. Access control list (ACL) allows each access control entry (ACE) to identify a subject and its permissions for the resource. A subject could be a human user, a computer, or a software service. Least privilege means that a user should be granted the minimum possible rights necessary to perform that job which can be complex to apply in practice. Multifactor authentication (MFA) means that the user must submit at least two different credentials.
A security administrator for a defense contracting company wants to disable external devices. The administrator pushes out a group policy setting to disable such devices but worries that attackers might elevate privileges and reenable them. What other setting will help the administrator accomplish the objective? Modern standby Fast startup Selective suspend Hibernate
Selective suspend - The administrator can enable Universal Serial Bus (USB) selective suspend to turn off power to peripheral devices. The fast startup uses the hibernation file to instantly restore the previous system RAM contents and make the computer ready for input more quickly than the traditional hibernate option. Hibernate mode suspends to disk. It saves any open but unsaved file data in memory to disk (as hiberfil.sys in the root of the boot volume) and then turns the computer off, which is also referred to as ACPI mode S4. Modern standby utilizes a device's ability to function in an S0 low-power idle mode to maintain network connectivity without consuming too much energy.
A security analyst notices a critical incident that has a widespread effect on customers that can eventually involve a potential data breach. The analyst creates a ticket with the vendor and sets the importance in order to trigger a faster response time. What describes what attribute of the ticket the analyst set? Problem resolution Severity levels Escalation levels Categories
Severity levels - The severity level is a way of classifying tickets into priority order. Severity levels are not over-complex. There are three severity levels based on impact: critical incidents, major incidents, and minor incidents. Categories and subcategories group related tickets together, useful for assigning tickets to the relevant support section or technician and for reporting and analysis. Escalation levels occur when an agent cannot resolve the ticket. The support team can be organized into tiers to clarify escalation levels. Problem resolution sets out the plan of action and documents the successful implementation and testing of the plan and full system functionality.
A technician is tasked to figure out why a user's Gmail app will not update on their mobile phone. The technician knows several reasons that would cause this to occur. Which of the following would be one of the reasons for this problem? GPS Storage Accelerometer Bluetooth
Storage - If an app fails to update, there may be insufficient storage space (Gmail uses a lot of storage). It could also be that the update is incompatible with the existing operating system version, or there is no internet connection. An accelerometer is a technology that detects when a device changes position and adjusts the screen orientation appropriately. Bluetooth is used to connect peripheral devices to PCs and mobiles and to share data between two systems. Global Positioning System (GPS) is a means of determining a receiver's position based on information received from satellites.
Used to avtivate a partition as swap space
Swapon
Which of the following scenarios would result in a website having an untrusted or invalid certificate? (Select all that apply.) The certificate is revoked. The certificate is issued by a trusted CA. The certificate has expired. The certificate is self-signed.
The certificate is revoked. The certificate has expired. Certificate warnings occur when a certificate is untrusted, such as a self-signed certificate, the padlock icon is replaced by an alert icon, the URL is displayed with strikethrough formatting, and the site content is likely to be blocked by a warning message. Certificate warnings occur with an invalid certificate, such as an expired certificate. Certificate warnings occur when a certificate is invalid, such as a revoked certificate. A certificate could be revoked because the site is misconfigured or malware attempts to direct the browser to a spoofed page. Certificate warnings occur when a certificate is untrusted. A certificate issued by a trusted Certificate Authority (CA) would be a trusted certificate.
Two friends want to share photos with each other from their iPhones. The first friend selects their photos and uses AirDrop to share with the second friend. However, the first friend gets a message that there is no one nearby to share with. Why would that message appear? The first friend has Nearby Share disabled. The second friend has Bluetooth disabled. The first friend has Bluetooth disabled. The second friend has Wi-Fi disabled.
The second friend has Bluetooth disabled. - AirDrop is an iOs feature that allows file transfer between iOs devices and macOS devices over a Bluetooth connection. If the second friend had Bluetooth disabled, the first friend's iPhone would not discover it when trying to share the photos. AirDrop uses Bluetooth to transfer files, not Wi-Fi. Disabled Wi-Fi would not affect a Bluetooth connection. Nearby Share is the Android version of AirDrop. It is used for simple file sharing via Bluetooth. If the first friend had Bluetooth disabled, they would be alerted to turn Bluetooth on before sharing files.
A marketing professional normally sends large files to other team members. The IT department recommended using a shared drive and assisted them in setting it up. The project was a very high priority, so the professional collaborated with several members but started receiving reports that some users could not access it sometimes and others could. They eventually figured out that only 20 people at a time seemed to be able to access it. What is causing the issue? The share was created on a Windows desktop. The proxy settings are not properly configured on client machines. DNS settings are intermittent. The file server was not properly configured.
The share was created on a Windows desktop. - The Share tab in the folder's Properties dialog can customize permissions, change the share name, and limit the number of simultaneous connections. Windows desktop versions are limited to 20 inbound connections. If more than 20 users access the share, the data should be stored on file servers rather than local client computers. The proxy settings will not affect users' ability to access the file share in this scenario. It could cause issues accessing the internet, however. If the domain name system (DNS) were causing an issue, the users would not be limited to 20 people. It is possible that load-balanced DNS servers could cause issues if one is incorrect.
A user requests a site's certificate, but an evil twin intercepts the request and presents a spoofed certificate, which the user's browser accepts. What has just happened? (Select all that apply.) The user thinks they have a secure connection. A rootkit attack Malware is in the middle of the session. An on-path attack
The user thinks they have a secure connection. Malware is in the middle of the session. An on-path attack An on-path attack is when a threat actor, such as an evil twin, intercepts traffic between two hosts. In this case, it was via a spoofed digital certificate. In the middle of the session, the evil twin intercepts traffic between two hosts; this was known as a "Man-in-the-Middle" attack in a former time. Since the user's browser has accepted the spoofed digital certificate, the user believes they have a secure session, even though they do not. A rootkit is a malware that modifies system files, often at the kernel (root) level.
An IT specialist found a damaging package on a client's computer disguised as something else. What did the specialist find? Boot sector virus Trojan Spyware Virus
Trojan - Trojans are malware concealed within an installer package for software that appears to be legitimate. Viruses are concealed within the code of an executable process image stored as a file on a disk. Boot sector viruses can infect the boot sector code or partition table on a disk drive. When the disk is attached to a computer, the virus hijacks the bootloader process to load itself into memory. Spyware is malware that can perform browser reconfigurations, such as allowing tracking cookies, changing default search providers, opening arbitrary pages at startup, adding bookmarks, and more.
Chmod755 Managed_list.pdf after typing in this command, the PDF give the owner rwx permission. True or False
True
A user needs to install a desktop application and use an application store that is reputable. What type of vendor is this store? Untrusted source Browser sign-in Trusted source Secure connection
Trusted source - As the browser is a security-critical type of software, it is particularly important to use a trusted source, such as an app store. Likewise, if installed as a desktop application, the user should ensure using a reputable vendor. An untrusted source is when an installer cannot be verified through a digital signature or has been a security risk and is likely to expose the user to unwanted adverts. A secure connection validates the host's identity running a site and encrypts communications to protect against snooping. Browser sign-in allows the user to synchronize settings between instances of the browser software on different devices.
Which of the following uses a security shield icon for tasks that are protected under them? SSO Fingerprint PIN UAC
UAC - User account control (UAC) is a Windows security feature designed to protect the system against malicious scripts and attacks that could exploit the powerful privileges assigned to members of the Administrators group. A personal identification number (PIN) can contain letters and symbols. It is a passcode used to process authentication of a user accessing a system. A fingerprint is the type of bio gesture authentication that uses a sensor to scan the unique features of the user's fingerprint. Single sign-on (SSO) means that a user authenticates once to a device or network to access multiple applications or services.
A user performs a technique that allows them to connect their PlayStation to their network. What is this technique? Encryption setting UPnP Screened subnet Static IP
UPnP - The universal plug-and-play (UPnP) framework sends instructions to the firewall with the correct configuration parameters to allow applications to work. A screened subnet establishes a more secure configuration. The idea of a screened subnet is that some hosts are placed in a separate network segment with a different IP subnet address range than the rest of the local area network (LAN). Static IP can be auto configured as a DHCP reservation, but if manual configuration is required, follow the service provider's instructions to configure the correct address on the router's Wide Area Network (WAN) interface. Encryption settings allow users to set the authentication mode.
The Snapchat app on an iOS phone will not close. The user rebooted the device, but that was unsuccessful. Which of the following options would be the best for the user to try to fix the problem? Uninstall then reinstall Wiping System updates Factory Reset
Uninstall then reinstall - Uninstalling and then reinstalling an app can fix issues such as failing to close. To uninstall an iOS app, tap-and-hold it until it wiggles, then press the X icon and confirm by pressing Delete. System updates is an Android option. The comparable iOS option is Software Update. Wiping a device performs a factory default reset and clears all data, apps, and settings. This is an extreme solution for an app issue. A device wipe is typically used if a device is lost to protect data and account credentials. A factory reset removes all user data, apps, and settings. This is a last resort since the device will have to be manually reconfigured or restored from a backup configuration, if available.
After installing Windows 10 on an old computer, a computer technician is stumped when the computer continues to boot to a blank screen. Determine which ones could conceivably fix the blank screen from the available solutions. (Select all that apply.) Update the graphics adapter driver. Defrag the hard drive. Run the IDLE debugger. Repair Windows.
Update the graphics adapter driver. Repair Windows. A blank screen following a Windows installation could be caused by several factors, including an interruption to the installation process and an incomplete install. Repairing Windows could address this. Updating the graphics driver is another possible remedy since the driver may be outdated and incompatible with Windows 10. IDLE is the Python Integrated Development and Learning Environment. While IDLE does have a debugger, it is for Python scripts, not Windows issues. Defragging the hard drive is done to optimize file storage and improve sluggish performance. It would not fix a blank screen.
Which of the following avoids opening remote desktop ports on the network's firewall? VNC SSH RMM VPN
VPN - A virtual private network (VPN) establishes a tunneled link that joins a local computer to a remote network. Establish a VPN link and then use a remote desktop to connect to a host on the private network. Secure shell (SSH) is also a remote access protocol, but it connects to a command interpreter rather than a desktop window manager. Virtual network computing (VNC) is a freeware product with similar functionality to RDP. It works over TCP port 5900. Not all versions of VNC support connection security. Remote Monitoring and Management (RMM) tools are principally designed for managed service providers (MSPs).
What uses a 4-way handshake to allow a station to associate with an access point, authenticate its credential, and exchange a key to use for data encryption? WPA2 TKIP MFA WPA3
WPA2 - Wi-Fi protected access 2 (WPA2) was designed to fix critical vulnerabilities in the earlier WEP standard. WPA2 used the AES cipher deployed within the counter mode, blocking the changing message CCMP. Temporal key integrity protocol (TKIP) tries to mitigate the various attacks against WEP developed by producing a new 128-bit encryption key for every packet sent on the network. Multifactor authentication (MFA) allows the machine to establish a trust relationship and create a secure tunnel to transmit the user credentials or perform smart card authentication without a user password. Wi-Fi protected Access (WPA3) uses passphrase-based group authentication of stations in private mode; it changes the method this secret is used to agree with session keys.
An administrator uses a method that uses simultaneous authentication of equals (SAE) instead of the 4-way handshake. What is this method? TKIP AES MFA WPA3
WPA3 - Wireless protected access (WPA3) uses passphrase-based group authentication of stations in private mode; it changes the method by which this secret is used to agree with session keys. The simultaneous authentication of equals (SAE) protocol replaces the 4-way handshake. Multifactor authentication (MFA) allows the machine to establish a trust relationship and create a secure tunnel to transmit the user credentials or perform smart card authentication without a user password. Temporal key integrity protocol (TKIP) tries to mitigate the various attacks against WEP developed by producing a new 128-bit encryption key for every packet sent on the network. Advanced encryption standard (AES) is the standard encryption used by WPA2 and the strongest encryption standard to use by Wi-Fi.
A helpdesk professional assists a user with issues booting up their Mac computer. The user reports that there is no drive to boot from. Where will the computer boot from? Web FileVault Terminal Force Quit
Web - When users reboot an Apple Mac, if the startup drive is not available for any reason and it is connected to the internet, the computer will try to boot from a web-based drive. The Terminal can be used to access the command-line environment, which uses either the Z shell (zsh) or Bash. Older macOS versions use Bash, while zsh is the default from Catalina up. If a macOS app stops responding, it should be possible to close it down and restart without restarting the computer, using Run Force Quit from the Apple menu or press COMMAND+OPTION+ESC. FileVault is a disk encryption product. Encryption protects the data stored on a disk against the possibility that a threat actor could remove it.
Multiple uses, including the ability to clone a disk
dd
A penetration tester conducts the initial reconnaissance phase and is currently targeting externally facing servers for a certain company. Currently, they are trying to enumerate the domain name system (DNS) servers. Which built-in tool will help them perform this? find nano dig cat
dig - dig is a powerful tool for gathering information and testing name resolution, installed on most Linux distributions. Output is displayed in an answer section and includes the IP address mapped to the domain name. The find command is used to search for files. This basic syntax is found in a path expression. cat returns the contents of the files listed as arguments. The -n switch adds line numbers to the output. Often, cat output is piped to a pager (cat | more or cat | less) to control scrolling. There are numerous text file editors. The Nano text editor is a basic example often preferred by those from a Windows environment.
Creates and manages Partitions on a hard disk
fdisk
An administrator automates the creation of folders during a Windows install process. Which command should they use in their script? cd md rmdir dir
md - To create a directory, use the MD command. For example, to create a directory called Data in the current directory, type MD Data. To delete an empty directory, enter rd Directory or rmdirDirectory. If the directory is not empty, users can remove files and subdirectories using the /s switch. The cd command sets the focus to a different working directory. Users can change to any directory by entering the full path. Use the dir command to list the files and subdirectories from the working drive and directory or a specified path.
Used to format a partition
mkfs
A network administrator troubleshoots domain name system (DNS) issues that a particular user is having. Which of the following utilities will help the administrator troubleshoot DNS specifically? nslookup tracert pathping gpupdate
nslookup - If the administrator identifies or suspects a problem with name resolution, they can troubleshoot DNS with the nslookup command, either interactively or from the command prompt. The gpupdate command is used to immediately apply a new or changed policy to a computer and account profile. The tracert command-line utility is used to trace the path a packet of information takes to get to its target. As an alternative to tracert, the pathping command performs a trace and then pings each hop router a given number of times for a given period.
A server administrator locks down security on their golden client image but is concerned about potentially breaking things in the environment. They decided to set up a test image for test users in various departments before full implementation. What should the administrator use to make individual configuration changes to the image? gpedit.msc regedit.exe shell:startup services.msc
regedit.exe - The Windows registry provides a remotely accessible database for storing operating system, device, and software application configuration information. The administrator can use the Registry Editor (regedit.exe) to view or edit the registry. The Group Policy Editor (gpedit.msc) provides a more robust means of configuring many Windows settings than editing the registry directly. The Services console (services.msc) starts, stops, and pauses processes running in the background. In order to make configuration changes, regedit.exe in this group of options would be used. The Startup tab lets administrators disable programs added to the Startup folder (type shell: startup at the Run dialog to access this).
A remote computer administrator is managing clients in rigorous conditions. The clients keep overheating and often have issues. The administrator wants to run regular checks for damage or corruption. Which of the following will help them accomplish this? gpresult sfc winver shutdown
sfc - Historically, most attended installations and upgrades were run by booting from optical media (CD-ROM or DVD). The optical drive must be set as the priority boot device. Another problem with disc-based installs is that the setup disc quickly becomes out-of-date. USBs became more popular later on for the ability to load the latest install. A computer that supports network boot could also be configured to boot to set up over the internet. Once the OS has been installed, the user will usually want to set the internal hard drive as the default (highest priority) boot device and disable any other boot devices.
A security administrator for Linux systems in their demilitarized zone wants to ensure only some administrators can perform certain commands. Which of the following is best used to lock down certain commands? chmod sudo chown rm
sudo - The sudo (superuser do) command allows any account listed in the /etc/sudoers file user to run specified commands with superuser privilege level. The chmod command can be used to secure files and directories, using either symbolic or octal notation. Only the owner can change permissions. The command chown allows the superuser to change the owner of a file or directory. Note that this right is reserved to superuser or sudoer. The rm command can be used to delete files. It can also be used with the -r option to delete directories.
A security engineer runs a long tail analysis to determine the frequency of services and processes communicating to the internet. After baselining a large amount of normal traffic such as updates, they encounter a suspicious communication frequency every five minutes from a particular box. They have done a thorough job investigating running processes, memory analysis, and file integrity checks but find nothing. What else could the engineer check for persistence mechanisms that could send the communications? Privileged time msconfig.exe taskschd.msc lusrmgr.msc
taskschd.msc - The Task Scheduler (taskschd.msc) runs software and scripts according to calendar or event triggers which would not help diagnose and troubleshoot internet connectivity issues. The Local Users and Groups (lusrmgr.msc) console provides an advanced interface for creating, modifying, disabling, and deleting user accounts. Privileged time is used to compare against user time. If it is much higher, the central processing unit (CPU) is likely underpowered (it can barely run Windows core processes efficiently). The System Configuration Utility (msconfig.exe) is used to modify various settings and files that affect how the computer boots and loads Windows.
Sudo Chown root:root hr_updates.txt after typing in this command the root account is the new owner of the file. true or false
true
