Review CompTIA

Within the code, what identifier can you use to refer to the IP address passed to the script as an argument? ./ping.sh 192.168.1.1

$1 will refer to the first positional argument

What is a check list of security features for workstation deployments:

-password best practices -End-user best practices -Account management -Change default administrator username/password -Disable autorun/autoplay -Enable windows update, window defender antivirus, and window defender firewall -Data-at-rest encryption (for files use EFS and for disks use BitLocker)

When auditing a file system for the presence of any unauthorized Windows shell script files. What three extensions should you scan for?

.PS1, .VBS, .BAT

what script is executed by the wscript.exe interpreter by default?

.VBS

steps for malware removal

1. investigate and verify symptoms 2.Quaramtine (disconnect network link) 3.Disable system restore (Windows) 4.Remediate infected systems : - update anti-malware software -scan and removal techniques 5. schedule scans and run updates 6. enable system restore and create restore point in windows 7. educate user

workstation requires multiple restarts due to going continually going black *user was installing software*

1. let it finish installing updates 2. press START CTRL SHIFT B 3.Troubleshoot Options: run chkdsk, run sfc, update graphics adapter driver, rollback graphics adapter driver

workstation says "No OS found,"

1. run diagnostic if available then chkdsk 2.use start up repair tool to repair boot info 3. enter bootrec/ fixmbr (do not use if disk use GPT) ​

What two factors must a user present to authenticate to a wireless network secured using EAP-TLS?

1.Digital certificate and its associated private key 2.Device authentication (password, pin, biometrics) which acts as a private key

In an AAA architect what type of device will a RADIUS client be?

Access point to process authentication and authorization request

A network professional sets up the ability to authenticate over Extensible Authentication Protocol over Wireless (EAPoW). What would he need to configure

Active Directory

If you want to execute a block of statements, based on the contents of an inventory list, what type of code construct is best suited to this task?

Any type of loop

A server administrator wants to connect to a user's computer. They are trying to get their patching numbers up and discover that users must pull the updates, so the administrator wants to push a script that forces the pull. The administrator wants to copy the file to users' automatically hidden shares. Which of the following could the administrator use? (Select all that apply.)

C$ ADMIN$

A security manager sets up a defense in depth mechanism and sets up monitoring to catch communications from the attacker to the malware. What is the manager monitoring for?

C2

If a security engineer wants to learn flow to code in python but is running a windows box, what interpreter to set up for Windows?

CPython

A helpdesk manager wants to assign tickets to the relevant support section or technician for reporting and analysis. What should the manager create? -SOP -Community -Policy -Categories

Categories

What is the checklist for securing deployment for home router wireless configuration?

Change SSID Disable SSID broadcast Encryption settings Change channels Disable guest access (anything not required should be disbabled)

A server administrator identifies a fault that needs to be fixed and wants to take steps towards fixing it. What is the first step the administrator should take? -Automation -API calls -Change request -Orchestration

Change request

After you have selected a secure location for a new homes router, changed the default password, and verified the WAN Ip address and Internet link. What next step should you perform before configuring wireless settings?

Check firmware update

Troubleshooting a users device that keeps powering off unexpectedly. You run a hardware diagnostic and confirm no component fault or overheating issue. What should you do next?

Check storage and for updates

how do no-root firewalls work?

Create a evertual private network (VPN) and then controlling app access to virtual private network (VPN)

If malware infects the servers, what is the likely cause of the high CPU utilization?

Cryptomining software

If a new device is sustaining a battery charge for more than a couple of hours; what type of malware could this be symptom of?

Cyrptomining

A student is interning for a security team at a major company and wants to practice at home on their home network. they want to make sure devices are easily identified when traffic is examined. What accomplishes this?

DHCP Reservation

Which browser is based on the same code as Chrome?

Edge

A manager is responsible for client laptops, and is concerned about exposing data on the disks to a different OS and the permissions becoming overridden. What will help prevent this possible attack?

Encrypting File System

A security administrator wants to set up anomalistic monitoring around behavioral-based user activity. Which of the following could the administrator implement for monitoring?

Failed attempts Login times Concurrent logins

T/F: An organization should rely on automatic screen savers to prevent lunchtime attacks.

False

T/F: TKIP represents the best available wireless encryption and should be configured in placer of AES if supported.

False

T/F: The data that is being backed up is located at E:\Backups. Xcopy "C: \Users \Admin \My_Backups" "E: \Backups" /c /d /e /s /i /y

False

T/F: The windows batch script is set to run on a specific schedule.

False

If you accidentally delete a presentation at your work and on for an important upcoming meeting. Where should you go for help?

File history

An electrical engineer is setting up a secondary power supply to a data center. They want to ensure that if there is a problem with the electrical supply, power is broken in the circuit. What should the engineer use? -API -MANO -SDN -Fuse

Fuse

A newly promoted manager is assessing the team's work results against regulatory requirements, which has not been conducted in a long time. When reviewing regulatory responsibility, what aspect does not typically affect PC maintenance or installation? -OSHA -HBA -Building codes -Environmental regulations

HBA

3-2-1 Rule

Have 3 copies of data that you care about, in 2 different mediums, 1 of which is in a remote location.

What does Incognito mode prevent in comparison to VPNs?

Incognito mode prevents the use of cookies. VPNs conceal the users source IP addresss.

What threats will be mitigated with Key-operated chassis faceplates?

It controls who has access to the power button. Mitigating the risk of someone gaining accesss to server room.

A new helpdesk operator wants to be more efficient. They want to find where other helpdesk operators have already resolved issues. Where should the new operator look? -KB -API calls -VPN -Application service

KB

Which of the following is the best security practice when it comes to passwords?

Length

What kind of company enabled to help prevent the denial of service against the remote desktop protocol (RDP) functionality in servers.

NLA

What editor for Linux is preferred coming from a non-Linux background?

Nano

If an administrator blocks end-user access to the chrome://flags browser page does it prevent the end user from changing any browser settings?

No

A user calls in to support, complaining that they can not seem to reach anything on the network. The user was able to receive an IP address of 169.254.15.83 though. What is most likely the problem?

No DHCP server found

If a user wants to configure a multiplayer game server by using the DMZ feature on router, would that be the best configuration option?

No use port forwarding/ mapping rules

A user visits a news site that they go to frequently, and the news articles are not updated but are the same as the day before. The user also hears complaints about people not having internet, which is odd since they are on their normal news site. What is most likely going on?

Page is cached.

A server administrator discovers that a server service account for a file transfer protocol (ftp) server was compromised. What vulnerability did the malicious actor use?

Plaintext authentication

A user is having issues with computer and wants a technician to help resolve the issue remotely . The only problem is the firewall only port 443 traffic (encrypted HTTPS port) . What should they use for help?

Quick Assist

A network administrator wants to enable authentication for wireless access points against an Active Directory database. What will the administrator need to use?

RADIUS

You are joining a new startup business that will perform outsourced IT management for client firms. You have been asked to identify an appropriate software solution for off-site support. and to ensure that service level agreement (SLA) metrics for downtime incidents are adhered to. What general class of remote access technology will be most suitable?

RMM

Where will copies of distribution packages (including updates) be posted on a software?

Repositories

A Linux administrator is looking at the bash history and sees the command chmod u + x file.sh. What was trying to be done with this command?

Set permissions

A network administrator is setting up administrative access to network devices. What common solution is used for this?

TACACS+

You are updating a procedure that lists security considerations for remote access technologies. One of the precautions is to check that remote access ports have not been opened on the firewall without authorization. Which default port for VNC needs to be monitored?

TCP port 5900

You are developing a script to scan server host to discover which ports are open, and to identify which server software is operating the port. What considerations should you make before deploying the script?

Test script in sandbox before deploying it

For which backup/restore issue is a cloud-based backup service an effective solution?

The issue of provisioning an off-site copy of a backup. Cloud storage can also provide extra capacity.

A developer is reading their email and comes across a new memorandum from the security department about a clean desk policy. Why does security need to publish this?

To protect PII

Why might you need to read a virus encyclopedia?

To verify symptoms of infection, a manual removal method, or see the consequences of infection

T/F: WPA3 personal mode is configured by selecting a passphrase shared between all users who are permitted to connect to the network.

True

T/F: the x copy command will copy specified files and directories.

True

T/F: you can configure a web server running on Linux to accept remote terminal connections from clients without using password.

True

A security manager wants to set up a program where they can proactively mitigate malware infection as much as possible. Which of the following is least helpful in this endeavor? User training Scheduled scans Update trusted root certificates On-access scanning

Update trusted root certificates

You are developing a script to ensure that the M: drive is mapped consistently to the same networks folder on all client workstations what type of construct might you use to ensure the script runs without errors?

Use conditional block to check for existing mapping and remove if there is one

If an operator needs to connect to a user's Mac, what tool will the operator likely use?

VNC

Users working from home need to be able to access a PC on the corporates network via RDP (Remote Desk Protocol) .What technology will enable this without having to open the RDP port to Internet access.

VPN

if you wanted to remotely deploy firmware updates to managed devices over night what tool would you use?

WOL

Setting up Internet access to a web server on a home network: You want to configure a DHCP reservation to set the web servers IP address, allow external clients to connect to the secure port TCP/443, but configure the web server to listen on port TCP/8080. How is this possible?

You need a port-mapping rule to take the router's request from WAN IP for TCP/443 and forward it to IP address on TCP/8080. Home routers DHCP server must be configures with the (media access control) MAC address or hardware identifier of the web server.

What are the principles of a surge protector

a design to help prevent sudden increased spikes in voltage/current

A Firefox user wants to open up their browser settings to configure their intranet as the home page. How can the Firefox user access the settings?

about:preferences

What do extensions do?

add or change a browser feature via its application programming interface (API). This can be used to create functionality for a web browser.

cypto-ransomware

attempts to encrypt files in any fixed, removable, and network drives

Crypto Ransomware

attempts to encrypt files on any fixed, removable, and network drive.

If a users phone is randomly rebooting all the time. What should you do first to diagnose the issue?

battery diagnostic

Viruses

concealed within code of an executable process image stored as a file on disk. in windows, executable codes has extensions such as: .EXE, .MSI, .DLL, .COM, .SCR, .JAR. This will execute with same privileges as the infected process. Luke to take over host

trojans

consealrd within installation package for software that appear to be legit. this malware will be installed along side the program and execute with the same priviledges.

Which atomspheric conditions is the risk of ESD the highest

cool, dry climates with low humidity

A user is frustrated that an app crashed after receiving a recent update. What is the first step the user should try.

forced stop and relaunch

purpose of a KB (knowledge based)

helps with hardware and software, a company might help with guidelines/ procedures as well as FAQs

A security manager puts together a security awareness campaign for mobile devices. What are symptom of malware?

high number of ads, sluggish response time, redirect to spoofed sites

cyptominer

hijacks resources of the host to perform cryptocurrency mining. this is performed across botnets.

boot sector virus

infects the boat sector code or partition table on a disk drive, it attempts to hijack the bootloader process to load itself into memory

Ransomware

is a type of malware that tries to extort money from the victim.

fileless malware

malicious code that uses the host scripting environment such as windows PowerShell or PDF JavaScript to create new malicious processes in memory. As it may be disguised as script instructions or document file rather than an executable image file. it is hard to detect

spyware

malware that can perform browser reconfiguration such as allowing tracking cookies, changing default search providers, open arbitrary pages at startup, add bookmarks, etc.

rootkit

malware that can use an exploit to escalate privileges after installation

Ransomware

malware that tries to extort money from victim

A security analyst working on a monitoring team wants to implement new monitoring mechanisms around SSH authentication. Which of the following should the analyst focus on?

monitor for compromised keys

If a penetration tester wants to perform drive mapping on an engagement on a window's base operating system but suspects Security is monitoring powershell commands. What could the tester use to map a network drive while remaining unnoticed?

net use

Two IT friends are best friends and want to map each other's root shares. Which of the following commands will accomplish this?

net use M: \\BestFriend\C$

What command will help you look for open ports and connections on the host?

netstat

once MFA has your credentials authenticated, you have access to....

no resources until authorization

If you get a call about a slow network. What command should you use to diagnose the chokepoint?

pathping

Plug-ins are what?

play or show some sort of content embedded in a web page, such as Flash, Silverlight, or other video/multimedia format.

What Linux command summarizes the current running processes on a system?

ps

Fileless malware

refers to malicious code that uses the host's scripting environment, such as Windows PowerShell or PDF JavaScript, to create new malicious processes in memory.

worms

replicating between processes in system memory rather than infecting and executable file stored on disk. exploit vulnerable client/server software to spread between host in a network

keylogger

steal confidential information by recording keystrokes.

A Linux server administrator wants to elevate their privileges. Which of the following commands will elevate their account?

su & sudo

If your creating a backup strategy for full back ups with lower data teabags requirements what technique should be used?

synthetic

Why should one frequently monitor the antivirus software on workstations?

to ensure that it is enabled, up to date with scan engine components and definitions, and has only authorized exclusions configured.

A security manager in charge of the vulnerability program for the enterprise is looking at mobile security. They are reading about a "walled garden" approach. What does this entail?

trusted sources