CompTIA’s A+ Certification exam: Core 2 (220-1102)
Why is DNS configuration a step in the malware remediation process?
Compromising domain-name resolution is a very effective means of redirecting users to malicious websites. Following malware infection, it is important to ensure that DNS is being performed by valid servers.
Why might a PC infected with malware display no obvious symptoms?
If the malware is used with the intent to steal information or record behavior, it will not try to make its presence obvious. A rootkit may be very hard to detect even when a rigorous investigation is made.
If you suspect improper handling during installation has caused damage to a RAM module, how could you test that suspicion?
If you suspect improper handling during installation has caused damage to a RAM module, how could you test that suspicion?
A security consultant has recommended blocking end-user access to the chrome://flags browser page. Does this prevent a user from changing any browser settings?v
No. The chrome://flags page is for advanced configuration settings. General user, security, and privacy settings are configured via chrome://settings.
How would you update an app purchased from the Mac App Store?
Open the Mac App Store and select the Updates button.
When you set NTFS permissions on a folder, what happens to the files and subfolders by default?
They inherit the parent folder's permissions.
True or false? WPA3 personal mode is configured by selecting a passphrase shared between all users who are permitted to connect to the network.
True. WPA3-Personal uses group authentication via a shared passphrase. The simultaneous authentication of equals (SAE) mechanism by which this passphrase is used to generate network encryption keys is improved compared to the older WPA2 protocol, however.
A program is continually using 99-100% of processor time. What should you do?
Try to end the application or the process using Task Manager, and then contact the application vendor to find out why the problem is occurring.
A Windows user is trying to join a video conference and cannot hear any sound from her headset. Which tool can you suggest using to try to remedy the fault?
Use the Sound settings app or Control Panel applet to check the volume setting and that the headset is configured as the input and output device. If the headset is not listed, check the USB or Bluetooth connection.
Which three principal user security groups are created when Windows is installed?
Users, Administrators, and Guests. You might also include Power Users, though use of this group is deprecated. Going beyond the account types listed in the exam objectives, you might include groups such as Remote Desktop Users, Remote Management Users, or Backup Operators. There are also system groups, such as Everyone, but users cannot be assigned manually to these.
Verify the integrity of the download using a hash value or the vendor's digital certificate.
Verify the integrity of the download using a hash value or the vendor's digital certificate.
You have downloaded an installer for a third-party app from the vendor's website. What should you do before proceeding with setup?
Verify the integrity of the download using a hash value or the vendor's digital certificate.
Where would you look for the option to view and configure wireless adapter status in macOS?
Where would you look for the option to view and configure wireless adapter status in macOS?
If a user obtains Read permissions from a share and Deny Write from NTFS permissions, can the user view files in the folder over the network?
Yes (but he or she cannot create files).
Is the command format d: /fs:exfat /q valid? If so, what is its effect, and what precaution might you need to take before running it?
Yes, it is valid. It formats drive D with the exFAT file system by using a quick format (does not scan for bad sectors). This will delete the file table on the drive so existing data files can be overwritten—the formatted drive will appear to be empty in Explorer. If there are existing files that need to be preserved, they should be backed up before running the format command.
A DHCP server has been reconfigured to use a new network address scheme following a network problem. What command would you use to refresh the IP configuration on Windows client workstations?
ipconfig /renew
What type of account management policy can protect against password-guessing attacks?
A lockout policy disables the account after a number of incorrect sign-in attempts.
How do you activate Spotlight Search using the keyboard?
COMMAND+SPACEBAR.
You are reviewing a secure deployment checklist for home router wireless configuration. Following the CompTIA A+ objectives, what additional setting should be considered along with the following four settings? Changing the service set identifier (SSID) Disabling SSID broadcast Encryption settings Changing channels
Disabling guest access. It might be appropriate to allow a guest network depending on the circumstances, but the general principle is that services and access methods that are not required should be disabled.
A command has generated a large amount of data on the screen. What could you add to the command to make the output more readable?
Either | more or | less.
A user is assigned Read NTFS permissions to a resource via his user account and Full Control via membership of a group. What effective NTFS permissions does the user have for the resource?
Full control—the most effective permissions are applied.
You receive a support call from a user who is "stuck" on a web page. She is trying to use the Back button to return to her search results, but the page just displays again with a pop-up message. Is her computer infected with malware?
If it only occurs on certain sites, it is probably part of the site design. A script running on the site can prevent use of the Back button. It could also be a sign of adware or spyware though, so it would be safest to scan the computer using up-to-date anti-malware software.
What are the requirements for configuring fingerprint authentication via Windows Hello?
The computer must have a fingerprint reader and a trusted platform module (TPM). Windows Hello must first be configured with a personal identification number (PIN) as a backup method.
Which Windows command is probably best suited for scripting file backup operations?
The robocopy command offers more options than those offered by the xcopy command, so it will usually be the better choice. The copy command is quite basic and probably not suitable.
What is the name of Apple's backup software for macOS?
Time Machine.
Why might you run the shutdown command with the /t switch?
To specify a delay between running the command and shutdown starting. You might do this to give users a chance to save work or to ensure that a computer is restarted overnight.
A user works on a document and leaves the file open for lunch. Upon the user's return, the computer is in power-saving mode. How do you reassure the user and advise on the status of the file?
When a computer goes into a power-saving mode, it will either maintain a small amount of power to the memory modules or write the contents of memory to a hibernation file on disk. Consequently, the user should be able to start the laptop again, and the desktop will resume with the open file still there. You should advise the customer to save changes to files regularly, however.
What type of cryptographic key is delivered in a digital certificate?
A digital certificate is a wrapper for a subject's public key. The public and private keys in an asymmetric cipher are paired. If one key is used to encrypt a message, only the other key can then decrypt it.
The building will house a number of servers contained within a secure room and network racks. You have recommended that the provisioning requirement includes key-operated chassis faceplates. What threats will this mitigate?
A lockable faceplate controls who can access the power button, external ports, and internal components. This mitigates the risk of someone gaining access to the server room via social engineering. It also mitigates risks from insider threat by rogue administrators, though to a lesser extent (each request for a chassis key would need to be approved and logged).
A threat actor crafts an email addressed to a senior support technician and part-time football coach inviting him to register for free football coaching advice. The website contains password-stealing malware. What is the name of this type of attack?
A phishing attack tries to make users authenticate with a fake resource, such as a website. Phishing emails are often sent in mass as spam. This is a variant of phishing called spear phishing because it is specifically targeted at a single person, using personal information known about the subject (his or her football-coaching volunteer work).
A threat actor recovers some documents via dumpster diving and learns that the system policy causes passwords to be configured with a random mix of different characters that are only five characters in length. To what type of password cracking attack is this vulnerable?
A threat actor recovers some documents via dumpster diving and learns that the system policy causes passwords to be configured with a random mix of different characters that are only five characters in length. To what type of password cracking attack is this vulnerable?
In AAA architecture, what type of device might a RADIUS client be?
AAA refers to Authentication, Authorization, and Accounting and the Remote Access Dial-in User Service (RADIUS) protocol is one way of implementing this architecture. The RADIUS server is positioned on the internal network and processes authentication and authorization requests. The RADIUS client is the access point, and it must be configured with the IP address of the server plus a shared secret passphrase. The access point forwards authentication traffic between the end-user device (a supplicant) and the RADIUS server but cannot inspect the traffic.
How do you perform a scan to identify file system errors in read-only mode?
At a command prompt, run chkdsk without any switches. Note that sfc is not the correct answer as this verifies the integrity of protected system files rather than checks the file system on a drive.
Confidentiality and integrity are two important properties of information stored in a secure retrieval system. What is the third property?
Availability—information that is inaccessible is not of much use to authorized users. For example, a secure system must protect against denial of service (DoS) attacks.
Katie works in a high-security government facility. When she comes to work in the morning, she places her hand on a scanning device installed at a turnstile in the building lobby. The scanner reads her palmprint and compares it to a master record of her palmprint in a database to verify her identity. What type of security control is this?
Biometric authentication deployed as part of a building's entry-control system.
A computer is caught in a reboot loop. It starts, shows a BSoD, and then reboots. What should you do?
Boot using a recovery tool, such as the product disc, and attempt startup repair and/or repair of the Windows installation using sfc or Windows reset.
You have selected a secure location for a new home router, changed the default password, and verified the WAN IP address and Internet link. What next step should you perform before configuring wireless settings?
Check for a firmware update. Using the latest firmware is important to mitigate risks from software vulnerabilities.
You are writing some work instructions to assist technicians with deploying new user desktops via cloning. What type of installation and boot method is this process most likely to use, and what are the boot requirements?
Cloning refers to the image deployment installation method. An image is a copy of an existing installation saved as a single file. Image deployment could use USB boot media (or even optical discs), but network boot is more likely. Network boot requires a PXE-compatible network adapter and motherboard in the computer and the boot device priority set to network/PXE. The network requires a Dynamic Host Configuration Protocol (DHCP) server plus a remote network installation server to run unattended setup and apply the image.
You are completing a checklist of security features for workstation deployments. Following the CompTIA A+ objectives, what additional item should you add to the following list, and what recommendation for a built-in Windows feature or features can you recommend be used to implement it? Password best practices End-user best practices Account management Change default administrator's user account/password Disable AutoRun/AutoPlay Enable Windows Update, Windows Defender Antivirus, and Windows Defender Firewall
Data-at-rest encryption. In Windows, this can be configured at file level via the Encrypting File System (EFS) or at disk level via BitLocker.
What two factors must a user present to authenticate to a wireless network secured using EAP-TLS?
Extensible Authentication Protocol (EAP) allows for different types of mechanisms and credentials. The Transport Layer Security (TLS) method uses digital certificates installed on both the server and the wireless station. The station must use its private key and its certificate to perform a handshake with the server. This is one factor. The user must authenticate to the device to allow use of this private key. This device authentication—via a password, PIN, or bio gesture—is the second factor.
True or false? An organization should rely on automatic screen savers to prevent lunchtime attacks.
False. A lunchtime attack is where a threat actor gains access to a signed-in user account because the desktop has not locked. While an automatic screensaver lock provides some protection, there may still be a window of opportunity for a threat actor between the user leaving the workstation unattended and the screensaver activating. Users must lock the workstation manually when leaving it unattended.
True or false? The level of risk from zero-day attacks is only significant with respect to EOL systems.
False. A zero-day is a vulnerability that is unknown to the product vendor and means that no patch is available to mitigate it. This can affect currently supported as well as unsupported end-of-life (EOL) systems. The main difference is that there is a good chance of a patch being developed if the system is still supported, but almost no chance if it is EOL.
True or false. TKIP represents the best available wireless encryption and should be configured in place of AES if supported.
False. Advanced Encryption Standard (AES) provides stronger encryption and is enabled by selecting Wi-Fi Protected Access (WPA) version 2 with AES/CCMP or WPA3 encryption mode. The Temporal Key Integrity Protocol (TKIP) attempts to fix problems with the older RC4 cipher used by the first version of WPA. TKIP and WPA1 are now deprecated.
True or false? Using a browser's incognito mode will prevent sites from recording the user's IP address.
False. Incognito mode can prevent the use of cookies but cannot conceal the user's source IP address. You do not need to include this in your answer, but the main way to conceal the source IP address is to connect to sites via a virtual private network (VPN).
True or false? Under default settings, the user account added during setup is not affected by User Account Control.
False. User Account Control (UAC) is designed to prevent misuse of accounts with administrative privileges. Use of such privileges requires the user to approve a consent dialog or to enter the credentials of an administrator account. This system can be disabled via UAC settings, but it is enabled by default.
True or False: SSDs cannot benefit from occasional defragmentation or optimization.
False: With flash drives and SSDs, while seek time is not a performance factor, the file system can still benefit from occasional defragmentation or optimization. There are several things to consider, including the lifespan of the SSD.
While troubleshooting an issue with a graphics card in Windows 10, you discover that the driver version is not up to date. What first step could you perform to install the latest driver?
In the Settings app, select Update & Security. Under Windows Update, select "View optional updates." If a graphics driver update is not listed here, check the vendor's site for driver installation software.
Early in the day, a user called the help desk saying that his computer is running slowly and freezing up. Shortly after this user called, other help desk technicians who overheard your call also received calls from users who report similar symptoms. Is this likely to be a malware infection?
It is certainly possible. Software updates are often applied when a computer is started in the morning, so that is another potential cause, but you should investigate and log a warning so that all support staff are alerted. It is very difficult to categorize malware when the only symptom is performance issues. However, performance issues could be a result of a badly written Trojan, or a Trojan/backdoor application might be using resources maliciously (for DDoS, Bitcoin mining, spam, and so on).
Another user calls to say he is trying to sign-on to his online banking service, but the browser reports that the certificate is invalid. Should the bank update its certificate, or do you suspect another cause?
It would be highly unlikely for a commercial bank to allow its website certificates to run out of date or otherwise be misconfigured. You should strongly suspect redirection by malware or a phishing/pharming scam.
What feature of modern file systems assists recovery after power outages or OS crash events?
Journaling means that the file system keeps a log of updates that it can use to recover damaged data. The OS might also make use of snapshot capability to maintain a file-version history or perform continuous backups.
Angel brought in the new tablet he just purchased and tried to connect to the corporate network. He knows the SSID of the wireless network and the password used to access the wireless network. He was denied access, and a warning message was displayed that he must contact the IT Department immediately. What happened, and why did he receive the message?
Mobile device management (MDM) is being used to mediate network access. The device must be enrolled with the MDM software before it can join the network.
You are pinging a host at 192.168.0.99 from a host at 192.168.0.200. The response is "Reply from 192.168.0.200: Destination host unreachable." The hosts use the subnet mask 255.255.255.0. Does the ping output indicate a problem with the default gateway?
No. The hosts are on the same IP network (192.168.0.0/24). This means that 192.168.0.200 does not try to use a router (the gateway) to send the probes. 192.168.0.200 uses address resolution protocol (ARP) to find the host with the IP 192.168.0.99. The host unreachable message indicates that there was no response, but the problem will be an issue such as the host being disconnected from the network or configured to block discovery rather than a gateway issue.
You are supporting a home user with upgrading a computer from Windows 10 to Windows 11. You have run Microsoft's PC Health Check tool, and it verifies that the computer meets the hardware requirements. Should you now proceed with the in-place upgrade?
No. You must backup user data and settings first. A backup is essential as a security precaution.
You are monitoring system performance and notice that a substantial number of page faults are occurring. Does this indicate that a memory module is faulty?
No—it shows the system is using the pagefile intensively and could benefit from more system RAM being installed.
You are supporting a user who has installed a vendor keyboard driver. The keyboard no longer functions correctly. Under Windows 10, what are the steps to revert to the previous driver?
Open Device Manager from the WinX menu, Instant Search, or the Computer Management console. Expand Keyboards, then right-click the device and select Properties. On the Driver tab, select Roll Back Driver.
You are attempting to run a command but receive the message "The requested operation requires elevation." What must you do to run the command?
Open a new command prompt window with sufficient privileges. You can right-click the Command Prompt icon and select Run as administrator or press CTRL+SHIFT+ENTER to execute the icon or cmd.exe command.
You are assisting a user over the phone and need to identify the edition of Windows that is installed. What step instructions must you give for the user to report this information to you?
Open the Settings app, and then select System. Select the About section, and read the text next to Edition under the Windows specifications heading.
A different user wants to configure a multiplayer game server by using the DMZ feature of the router. Is this the best configuration option?
Probably not. Using a home router's "demilitarized zone" or DMZ host option forwards traffic for all ports not covered by specific port-forwarding rules to the host. It is possible to achieve a secure configuration with this option by blocking unauthorized ports and protecting the host using a personal firewall, but using specific port-forwarding/mapping rules is better practice. The most secure solution is to isolate the game server in a screened subnet so that is separated from other LAN hosts, but this typically requires multiple router/firewalls.
You are monitoring CPU Usage and notice that it often jumps to 100% and then falls back. Does this indicate a problem?
Probably not—CPU Usage usually peaks and falls. If it stays over 80-90%, the system could require a faster CPU, or if it spikes continually, there could be a faulty application.
A file is secured with the numeric permissions 0774. What rights does another user account have over the file?
Read-only.
A user calls saying that their screen occasionally goes blue, and the system shuts down. What should you advise the user to do?
Record as much information from the user's blue screen as possible, especially the STOP error number, so that you can research the error.
You have a computer with two SATA disks. You want to evaluate the performance of the primary disk. How would you select this in Performance Monitor, and what might be appropriate counters to use?
Select the Physical Disk object, select the counter, and then select the 0 C: instance. Counters that are useful for evaluating performance include % Disk Time and Average Disk Queue Length.
You are writing work instructions for third-party app deployments using the CompTIA A+ objectives to guide you. In the section on system requirements for applications, you have covered the following topics: 32-bit- vs. 64-bit-dependent Operating System requirements Dedicated graphics card vs. integrated (VRAM requirements) RAM requirements CPU requirements External hardware tokens What additional topic should you include, if any?
Storage requirements. Each app takes up a certain amount of space when installed to the fixed disk. Also, you must plan for user-generated file storage, temp files, log files, and other data generated through use of the app.
In terms of system hardware, what is the main advantage of a 64-bit version of Windows?
Support for more than 4 GB RAM.
You are assisting with the development of end-user security awareness documentation. What is the difference between tailgating and shoulder surfing?
Tailgating means following someone else through a door or gateway to enter premises without authorization. Shoulder surfing means covertly observing someone type a PIN or password or other confidential data.
Your company is replacing its Windows desktops with Mac workstations, and you need to assist users with the transition. What is the equivalent of File Explorer in macOS?
The Finder.
You are assisting another user who is trying to configure a static IP on a Windows workstation. The user says that 255.255.255.0 is not being accepted in the prefix length box. Should the user open a different dialog to complete the configuration or enter a different value?
The Network & Internet settings Edit IP settings dialog can be used. 255.255.255.0 is the subnet mask in dotted decimal format. The dialog just requires the number of mask bits. Each "255" in a dotted decimal mask represents 8 bits, so the user should enter 24.
You are repurposing an old computer. You perform a clean OS install using optical media. During setup, you configured the partition manager to apply GPT style. After the file copy stage, the new installation fails to boot. What is the likely cause?
The PC is set to boot using the legacy BIOS method. This is not compatible with GPT-style partitioning. If supported by system firmware setup, switch to UEFI boot. If the firmware is BIOS only, change the boot method back to optical disc, run setup again, and choose MBR partitioning.
What are the prerequisites for joining a computer to a domain?
The computer must be running a supported edition of Windows (Pro, Enterprise, or Education). The PC must be configured with an appropriate IP address and have access to the domain DNS servers. An account with domain administrative credentials must be used to authorize the join operation.
You are troubleshooting an issue with a wireless adapter. When you open Device Manager, you find the device's icon is shown with a down arrow superimposed. What does this mean, and why might this configuration have been imposed?
The icon indicates that the device has been disabled. It could be that there was a fault, or there may be a network configuration or security reason for disabling the adapter. In this sort of situation, use incident logs and device documentation to establish the reason behind the configuration change.
A customer asks whether an iOS app that your company developed will also work on her Apple macOS computer. What issue does this raise, and what answer might you give?
The issue here is compatibility between different operating systems. Even though both are produced by Apple, iOS and macOS use different environments, so the iOS app cannot necessarily be installed directly. Your company might make a macOS version. However (do not worry if you did not include this in your answer), with the latest versions of macOS, there is support for native iOS apps, so this might be something you can offer.
Apart from Windows and macOS, what operating system options are there for client PCs installed to a local network?
The other main choice is one of the distributions of Linux. A company might also use some sort of UNIX. Finally, Chrome OS is installed on Chromebox PCs. These are often used by educational institutions and businesses that rely primarily on web applications rather than locally installed desktop software.
While you are assigning privileges to the accounting department in your organization, Cindy, a human resource administrative assistant, insists that she needs access to the employee records database so that she can fulfill change of address requests from employees. After checking with her manager and referring to the organization's access control security policy, you discover that Cindy's job role does not fall into the authorized category for access to that database. What security concept are you practicing in this scenario?
The principle of least privilege.
You take a support call where the user doesn't understand why a program runs at startup when the Startup folder is empty. What is the likely cause, and how could you verify this?
The program has added a registry entry to run at startup. You could check this (and optionally disable the program) by using Task Manager.
What is the significance of a $ symbol at the end of a share name?
The share is hidden from the file browser. It can be accessed by typing a UNC. The default administrative shares are all configured as hidden.
In Windows, what is the difference between the boot partition and the system partition?
The system partition contains the boot files; the boot partition contains the system root (OS files). The boot partition is normally assigned the drive letter C. The system partition is not normally assigned a drive letter.
You receive a call from a user trying to save a file and receiving an "Access Denied" error. Assuming a normal configuration with no underlying file corruption, encryption, or malware issue, what is the cause and what do you suggest?
The user does not have "Write" or "Modify" permission to that folder. If there is no configuration issue, you should advise the user about the storage locations permitted for user-generated files. If there were a configuration issue, you would investigate why the user had not been granted the correct permissions for the target folder.
Assuming default Explorer view settings are configured, what steps should the user take to get better context of files?
The user must first show file extensions, using the View tab in the File Explorer Options applet (you might also note that this can be done via a check box on the View menu ribbon of File Explorer).
You are assisting a user with configuring a static IP address. The user has entered the following configuration values and now cannot access the Internet. Is there a configuration issue or a different problem? IP: 192.168.1.1 Mask: 255.255.255.0 Gateway: 192.168.1.0 DNS: 192.168.1.0
There is a configuration problem. 192.168.1.0 is not a host address. With the subnet mask 255.255.255.0, it identifies the network range as 192.168.1.0/24. The gateway is usually configured as the first available host address in this range: 192.168.1.1. The DNS server should also be set to 192.168.1.1.
You are assisting with the design of a new campus building for a multinational firm. On the recommendation of a security consultant, the architect has added closely spaced sculpted stone posts with reinforced steel cores that surround the area between the building entrance and the street. At the most recent client meeting, the building owner has queried the cost of these. Can you explain their purpose?
These bollards are designed to prevent vehicles from crashing into the building lobby as part of a terrorist or criminal attack. The security consultant should only recommend the control if the risk of this type of attack justifies the expense.
You discover that a threat actor has been able to harvest credentials from some visitors connecting to the company's wireless network from the lobby. The visitors had connected to a network named "Internet" and were presented with a web page requesting an email address and password to enable guest access. The company's access point had been disconnected from the cabled network. What type of attack has been perpetrated?
This is an evil twin attack where the threat actor uses social engineering techniques to persuade users to connect to an access point that spoofs a legitimate guest network service.
A computer cannot connect to the network. The machine is configured to obtain a TCP/IP configuration automatically. You use ipconfig to determine the IP address and it returns 0.0.0.0. What does this tell you?
This is an irregular state for a Windows PC. If a DHCP server cannot be contacted, the machine should default to using an APIPA address (169.254.x.y). As it has not done this, something is wrong with the networking software installed on the machine. The best option is probably to perform a network reset via the Settings > Network & Internet > Status page.
You are advising a customer with an older-model Android smartphone. The customer wants to update to the latest version of Android, but using the update option results in a "No updates available" message. What type of issue is this, and what advice can you provide?
This is an issue with update limitations. Android is quite a fragmented market, and customers must depend on the handset vendor to implement OS updates for a particular model. The customer can only check the handset vendor's website or helpline to find out if a version update will ever be supported for that model.
If a single physical disk is divided into three partitions in a non-Windows environment, how many different file systems can be supported?
Three—each partition can use a different file system.
You are writing guidance for departmental managers to request new software installs. You want each manager to consider impacts to the business, operation, network, and devices as part of their request. In terms of impacts to business, you have written guidance to consider support and training requirements. What other topic should you include?
To consider licensing requirements, such as number of users or devices. There also needs to be a system for monitoring license compliance and ensuring there are no unauthorized installs.
True or false? If you want the same policy to apply to a number of computers within a domain, you could add the computers to the same Organizational Unit (OU) and apply the policy to the OU.
True.
A user calls to say that he clicked Yes to a prompt to allow the browser to access the computer's location service while using a particular site and is now worried about personal information being tracked by other sites. How can the user adjust the app permission in Windows?
Via the App permissions section under Privacy settings. You might also note that most browser software can be configured to only allow location information on a per-site basis.
You are advising a business that needs to provision video-editing workstations with 4-way multiprocessing. Which retail Windows edition will allow them to make full use of this hardware?
Windows Pro for Workstations supports 4-way multiprocessing (four CPUs installed to separate sockets) and up to 6 TB RAM. Windows Enterprise has the same hardware limits but is not available via a retail channel.
You are advising a customer whose business is expanding. The business owner needs to provision an additional 30 desktop computers, some of which will be installed at a second office location. The business is currently run with a workgroup network of five Windows 10 Home Premium desktop computers and one file server. Why might you suggest licenses for an edition of Windows 10 that supports corporate needs for the new computers and has upgrades for the old computers? Which specific edition(s) could you recommend?
Without a domain, accounts must be configured on each computer individually. With more than 30 computers to manage at two locations, this would be a substantial task, so switching to a domain network, where the accounts can be configured on the server, is likely to save costs in the long term. You can suggest either Windows 10 Pro or Windows 10 Enterprise for use on a domain.
You are assisting a home user who wants her spouse to be able to sign in to a new Windows laptop using a Microsoft account. Is this possible, and if so, which management interface is used?
Yes, while there are varying methods in accomplishing this task, this can be done via the Accounts settings app. You can also use the legacy control panel on both Windows 10 and 11.
You are assisting a user with setting up Internet access to a web server on a home network. You want to configure a DHCP reservation to set the web server's IP address, allow external clients to connect to the secure port TCP/443, but configure the web server to listen on port TCP/8080. Is this configuration possible on a typical home router?
Yes. You need to configure a port-mapping rule so that the router takes requests arriving at its WAN IP for TCP/443 and forwards them to the server's IP address on TCP/8080. Using a known IP address for the server by configuring a Dynamic Host Configuration Protocol (DHCP) reservation simplifies this configuration. The home router's DHCP server must be configured with the media access control (MAC) address or hardware identifier of the web server.
You are supporting a user who has just replaced a wireless router. The user has joined the new wireless network successfully but can no longer find other computers on the network. What should you check first?
You are supporting a user who has just replaced a wireless router. The user has joined the new wireless network successfully but can no longer find other computers on the network. What should you check first?
You are writing a tech note to guide new technicians on operational procedures for working with Active Directory. As part of this note, what is the difference between the gpupdate and gpresult commands?
You are writing a tech note to guide new technicians on operational procedures for working with Active Directory. As part of this note, what is the difference between the gpupdate and gpresult commands?
What tool would you use to add a user to a local security group?
You can change the account type between Standard and Administrator via Control Panel, but the Local Users and Groups management console is the tool to use for a custom security group. You could also use the net localgroup command.
You need to set up a VPN connection on a user's Windows laptop. The VPN type is IKEv2. What other information, if any, do you need to configure the connection?
You must also input the fully qualified domain name (FQDN) or IP address of the remote access VPN server.
Which Linux command will display detailed information about all files and directories in the current directory, including system files?
ls -la
What command could you use to move a file names.doc from your current directory to the USB stick linked to folder /mnt/usb?
mv names.doc /mnt/usb
You are checking that a remote Windows workstation will be able to dial into a web conference with good quality audio/video. What is the best tool to use to measure latency between the workstation's network and the web conferencing server?
pathping measures latency over a longer period and so will return a more accurate measurement than the individual round trip time (RTT) values returned by ping or tracert.
What command would allow you to delete the contents of the folder /home/jaime/junk and all its subdirectories?
rm -r /home/jaime/junk
Which Linux command allows a user to run a specific command or program with superuser/root privileges?
sudo
