1002 Flashcards

1
Q

A user is complaining that every time they reboot their Windows 8.1 computer, a music application loads up. Which of the following commands would you use to disable the program from starting up each time Windows reboots?

  • Services.msc
  • Task Manager
  • MSCONFIG
  • Event Viewer
A
  • MSCONFIG
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which low power mode is used with laptops to save power, but it takes longer to turn back on and resume where the user left off?

  • Sleep
  • Hibernate
  • Balanced
  • Power saver
A
  • Hibernate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You are helping to set up a backup plan for your organization. The current plan states that all of the organization’s servers must have a daily backup conducted on them. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when they are needed for restoration. Which of the following should you recommend?

  • Create an additional copy of the backups in an off-site datacenter
  • Setup scripts to automatically reattempt any failed backup jobs
  • Frequently restore the server from backup files to test them
  • Attempt to restore a test server from one of the backup files to verify them
A
  • Attempt to restore a test server from one of the backup files to verify them
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A developer uses a MacBook Pro when working from home, but they need access to both a Windows and macOS system to test their programs. Which of the following tools should be used to allow both operating systems to exist on their MacBook Pro?

  • Terminal
  • Mission Control
  • Image recovery
  • Boot camp
A
  • Boot camp
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which command on a macOS or Linux system is used to change the permissions of a file?

  • chmod
  • sudo
  • chown
  • pwd
A
  • chmod
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You are working for a government contractor who requires all users to use a PIV device when sending digitally signed and encrypted emails. Which of the following physical security measures is being implemented?

  • Smart card
  • key fob
  • Biometric reader
  • Cable lock
A
  • Smart card
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which version should you use when installing a Linux operating system and are concerned with end-of-life support?

  • LTS release
  • Rolling release
  • Developer release
  • Beta release
A
  • LTS release

long term support

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your home network is configured with a long, strong, and complex pre-shared key for its WPA2 encryption. You noticed that your wireless network has been running slow, so you checked the list of “connected clients” and see that “Bob’s Laptop” is connected to it. Bob lives downstairs and is the maintenance man for your apartment building. You know that you never gave Bob your password, but somehow he has figured out how to connect to your wireless network. Which of the following actions should you take to prevent anyone from connecting to your wireless network without the WPA2 password?

  • Disabled WPS
  • Enable WPA
  • Disable SSID broadcast
  • Disable WPA2
A
  • Disabled WPS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A new corporate policy dictates that all access to network resources will be controlled based on the user’s job functions and tasks within the organization. For example, only people working in Human Resources can access the employee records and only the people working in finance can access customer payment histories. Which of the following security concepts is BEST described by this new policy?

  • Permission creep
  • Least privilege
  • Directory permissions
  • Blacklists
A
  • Least privilege
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Your company wants to provide a secure SSO solution for accessing both the corporate wireless network and its network resources. Which of the following technologies should be used?

  • WPA2
  • WEP
  • WPS
  • RADIUS
A
  • RADIUS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A computer is infected with a piece of malware that has infected the Windows kernel in an effort to hide itself. Which type of malware MOST likely infected this computer?

  • Ransomware
  • Trojan
  • Rootkit
  • Botnet
A
  • Rootkit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Several users have contacted the help desk to report that they received an email from a well-known bank stating that their accounts have been compromised and they need to “click here” to reset their banking password. Some of these users are not even customers of this particular bank, though. Which of the following best describes this type of attack?

  • Phishing
  • Spear phishing
  • Whaling
  • Brute force
A
  • Phishing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You have been asked to recycle 20 of your company’s old laptops. The laptops will be donated to a local community center for underprivileged children. Which of the following data destruction and disposal methods is MOST appropriate to allow the data on the drives to be fully destroyed and the drives to be reused by the community center?

  • Standard formatting of the HDD’s
  • Drill/hammer the HDD platters
  • Low-level formatting of the HDDs
  • Degaussing of the HDDs
A
  • Low-level formatting of the HDDs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Samuel’s computer is taking a very long time to boot up and he has asked for your help speeding it up. Which TWO of the following actions should you perform to BEST resolve this issue with the least amount of expense?

  • Replace the hard drive with a SSD
  • Defragment the hard drive
  • Install additional RAM
  • Remove unnecessary applications from startup
  • Terminate processes in the task manager
  • Perform a disk cleanup
A
  • Defragment the hard drive

- Remove unnecessary applications from startup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

One of your Windows services is failing to start when you boot up your laptop. You have checked the service in the Windows Services tool and verified it is set to Automatic. What should you attempt to do NEXT to get the service to start up?

  • Reboot into Safe Mode and see if the service starts
  • Run chkdsk on the system
  • Restore from backup
  • Update the operating system
A
  • Reboot into Safe Mode and see if the service starts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Your Windows 10 system is booting up very slowly. Which of the following should you do to speed up the boot process?

  • Reboot the system into Safe Mode
  • Disable unnecessary programs from automatically starting up
  • Reinstall Windows
  • Rebuild your Windows profile
A
  • Disable unnecessary programs from automatically starting up
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Whenever you reboot your domain controller, you notice it takes a very long time to boot up. As the server is booting, you hear noises that sound like a steady series of clicks coming from the hard drive. Which of the following is the BEST action to help speed up the boot time of the server?

  • Defragment the hard drive
  • Terminate processes in the Task Manager
  • Perform a disk cleanup
  • Remove unnecessary applications from startup
A
  • Defragment the hard drive
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

When Jonathan opens the web browser on his computer, the initial page loads up to a search engine that he does not recognize. Jonathan attempts to use the search engine, but the results are extremely poor and numerous pop-ups are created by the browser. Jonathan asks for your assistance in fixing this issue. Which TWO of the following actions do you recommend Jonathan perform first?

  • Delete the web browsers cache, temporary files and cookies
  • Reset the web browser to the default settings and configuration
  • Tell Jonathan to switch to a different web browser
  • Uncheck any unapproved applications from startup tab in MSCONFIG
  • Reboot Jonathans computer and install a second antivirus program
  • Update Jonathans web browser to the latest version
A
  • Reset the web browser to the default settings and configuration
  • Uncheck any unapproved applications from startup tab in MSCONFIG
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A customer brought in a computer that has been infected with a virus. Since the infection, the computer began redirecting all three of the system’s web browsers to a series of malicious websites whenever a valid website is requested. You quarantined the system, disabled the system restore, and then perform the remediation to remove the malware. You have scanned the machine with several antivirus and antimalware programs and determined it is now cleaned of all of the malware. You attempt to test the web browsers again, but a small number of valid websites are still being redirected to a malicious website. Luckily, the updated antivirus you installed blocked any new malware from infecting the system. Which of the following actions should you perform NEXT to fix the redirection issue with the browsers?

  • Perform a System Restore to an earlier date before the infection
  • Install a secondary antimalware solution on the system
  • Verify the hosts file has not been maliciously modified
  • Reformat the system and reinstall the OS
A
  • Verify the hosts file has not been maliciously modified
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The seven steps of the malware removal procedures are : (see answer)

A

1) Identify and research malware symptoms
2) Quarantine the infected systems
3) Disable System Restore (in Windows)
4) Remediate the infected systems, update the anti-malware software, scan the system, and use removal techniques (safe mode, pre-installation environment)
5) Schedule scans and run updates
6) Enable System Restore and create a restore point (in Windows)
7) Educate the end user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A user is complaining about slow data speeds when they are at home in a large apartment building. The user uses WiFi when they get home, and the device works fine on other wireless networks they connect to. Which of the following actions should the user take to increase their data speeds?

  • Upgrade to a new smartphone
  • Increase the Wifi signal being transmitted by their WAP
  • Turn off Wi-Fi and rely on their cellular data plan
  • Enable MAC filtering on their WAP
A
  • Increase the Wifi signal being transmitted by their WAP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A web server has a planned firmware upgrade for Saturday evening. During the upgrade, the power to the building is lost and the firmware upgrade fails. Which of the following plans should be implemented to revert back to the most recent working version of the firmware on the webserver?

  • Backout plan
  • Contingency plan
  • Alternative plan
  • Backup plan
A
  • Backout plan
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

You are concerned that your servers could be damaged during a blackout or brownout. Which TWO devices have protection against blackouts and brownouts?

  • Battery backup
  • Surge suppressor
  • Grounding the server rack
  • Line conditioner
A
  • Battery backup

- Line conditioner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You are cleaning out the closet in your office and find several bottles of cleaner that need to be disposed of. Which of the following should you consult to determine the proper method of disposal?

  • SOW
  • MSDS
  • MITM
  • MOU
A
  • MSDS

Material Safety Data Sheet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which of the following is considered a form of regulated data?

  • PII
  • AUP
  • DMCA
  • DRM
A
  • PII

The four forms of regulated data covered by the CompTIA A+ (220-1002) exam are PII (Personally Identifiable Information), PCI (Payment Card Industry), GDPR (General Data Protection Regulation), and PHI (Protected Health Information)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

You have discovered that an employee has been conducting illegal activities using his workplace computer. You have taken possession of the employee’s laptop according to your company’s procedures and are waiting to give it law enforcement authorities. What should you do when turning over the laptop to the police?

  • Preserve the evidence
  • Maintain the chain of custody
  • Document the changes
  • Quarantine the system
A
  • Maintain the chain of custody
27
Q

A co-worker is creating a file containing a script. You look over their shoulder and see “!#/bin/bash” as the first line in the file. Based on this, what type of file extension should this script use?

  • .bat
  • .sh
  • .py
  • .vbs
A
  • .sh
28
Q

You are writing a script that will take an employee’s name as the input. Which of the following data types would the employee’s name be store in?

  • Integer
  • String
  • Boolean
  • Float
A
  • String
29
Q

Which of the following is used to communicate data and preferences to child processes within a script or batch file?

  • Environmental variables
  • Variables
  • Constants
  • Comments
A
  • Environmental variables
30
Q

Gina just installed a 4 TB HDD into her Windows 10 computer and wants to assign it the drive letter “M” to store her media files. Which type of partition should Gina use if she wants to use all of the drive for a single partition?

  • GPT
  • MBR
  • ISO
  • FAT32
A
  • GPT

GPT is a newer way to partition disks that allows for partition sizes over the 2 TB limit that was imposed by MBR.

31
Q

When using a MBR, which of the following types of partitions can only have a limit of four partitions?

  • Extended
  • Primary
  • Swap
  • Logical
A
  • Primary

Primary partitions are limited to only four primary partitions on a system using MBR. To overcome this limitation, extended partitions can be used.

32
Q

You have been asked to install a computer in a public workspace. The computer should only be used by the authorized user. Which of the following security requirements should you implement to prevent unauthorized users from accessing the network with this computer?

  • Issue the same strong and complex password for all users
  • Require authentication on wake-up
  • Disable single sign on
  • Remove the guest account from the administrators
A
  • Require authentication on wake-up
33
Q

Michael, a salesman, is on a business trip and is trying to access his corporate email over the hotel’s WiFi network. Michael’s laptop appears to be connected to the hotel’s wireless network, but his email client is unable to download any new messages and states “Network Offline”. Michael contacts the help desk for assistance. What action should the help desk technician tell Michael to perform to solve the issue?

  • Perform a full system scan for malware on his laptop
  • Open a web browser, enter google.com, and see if a redirect page is displayed
  • Disconnect and reconnect to the hotel’s wireless network
  • Disable and reenable the wireless network adapter on his laptop
A
  • Open a web browser, enter google.com, and see if a redirect page is displayed

Many hotels use a captive portal with a redirect page with their wireless networks. When a user connects to the wireless network, they have to open a web browser and are then redirected to the hotel’s Acceptable Use Policy page. Until the user accepts the terms and conditions, none of their network traffic will be routed to the internet. If the redirect page is shown, Michael can then accept the terms and conditions, and his email client will be able to download his mail again.

34
Q

Which command is used on a macOS or Linux system to change their password?

  • ps
  • passwd
  • chown
  • pws
A
  • passwd
35
Q

Which command would be used to display the IP address and subnet mask for the wired network connection on a macOS or Linux system?

  • ifconfig
  • iwconfig
  • ipconfig
  • netstat
A
  • ifconfig
36
Q

You are configuring a wireless access point (WAP) in a large apartment building for a home user. The home user is concerned that their neighbor may try to connect to their WiFi and wants to prevent it. Which THREE of the following actions should you perform to increase the security of the home user’s wireless network?

  • Reduce the transmission power
  • Reduce the channel availably
  • Disable the DHCP server
  • Enable WPA2 encryption
  • Disable the SSID broadcast
  • Enable WEP encryption
A
  • Reduce the transmission power
  • Enable WPA2 encryption
  • Disable the SSID broadcast
37
Q

A corporate workstation was recently infected with malware. The malware was able to access the workstation’s credential store and steal all the usernames and passwords from the machine. Then, the malware began to infect other workstations on the network using the usernames and passwords it stole from the first workstation. The IT Director has directed their IT staff to come up with a plan to prevent this type of issue from occurring again in the future. Which of the following would BEST prevent this from reoccurring?

  • Install a host-based intrusion detection system on all of the corporate workstations
  • Install an antivirus or antimalware solution that uses heuristic analysis
  • Install a Unified Threat Management system on the network to monitor for suspicious traffic
  • Monitor all workstations for failed login attempts and forward them to a centralized SYSLOG server
A
  • Install an antivirus or antimalware solution that uses heuristic analysis

The only solution provided that could STOP this from reoccurring would be to use an antivirus or antimalware solution with heuristic analysis. The other options might be able to monitor and detect the issue, but not stop it from spreading. Heuristic analysis is a method employed by many computer antivirus programs designed to detect previously unknown computer viruses, as well as new variants of viruses already in the wild. This is behavior-based detection and prevention, so it should be able to detect the issue in the scenario provided and stop it from spreading throughout the network.

38
Q

Which TWO of the following would provide the BEST security for both computers and smartphones?

  • Enabling multifactor authentication
  • Configuring organizational units
  • Using a cable lock
  • Enabling data loss prevention
  • Enforcing trusted software sources
A
  • Enabling multifactor authentication

- Enforcing trusted software sources

39
Q

Your company recently suffered a small data breach that was caused by an employee emailing themselves a copy of the current customer’s names, account numbers, and credit card limits. You are determined that something like this shall never happen again. Which of the following logical security concepts should you implement to prevent a trusted insider from stealing your corporate data?

  • Firewall
  • MDM
  • DLP
  • Strong passwords
A
  • DLP

Data loss prevention software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use (endpoint actions), in motion (network traffic), and at rest (data storage). Since the user was an authorized user (employee), changing your password policy, reconfiguring the firewall, or setting up a MDM solution would not solve this problem. Instead, a DLP solution must be implemented.

40
Q

A small doctor’s office has asked you to configure their network to use the highest levels of wireless security and desktop authentication. The office only uses cloud-based SaaS applications to store their patient’s sensitive data. Which TWO of the following protocols or authentication methods should you implement for the BEST security?

  • WPS
  • WPA2
  • WEP
  • RADIUS
  • SSO
  • Multifactor
A
  • WPA2

- Multifactor

41
Q

A user has reported that their workstation is running very slowly. A technician begins to investigate the issue and notices a lot of unknown processes running in the background. The technician determines that the user has recently downloading a new application from the Internet and may have become infected with malware. Which of the following types of infections does the workstation MOST likely have?

  • Rootkit
  • Keylogger
  • Trojan
  • Ransomware
A
  • Trojan

A trojan is a type of malware that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network. The most common form of a trojan is a Remote Access Trojan (RAT), which is used to allow an attacker to remotely control a workstation or steal information from it. To operate, a trojan will create numerous processes that run in the background of the system.

42
Q

A computer was recently infected with a piece of malware. Without any user intervention, the malware is now spreading throughout the corporate network and infecting other computers that it finds. Which type of malware MOST likely infected these computers?

  • Worm
  • Virus
  • Trojan
  • Ransomware
A
  • Worm

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. A worm can spread on its own, whereas a virus needs a host program or user interaction to propagate itself.

43
Q

You are working as a penetration tester and have discovered a new method of exploiting a vulnerability within the Windows 10 operating system. You conduct some research online and discover that a security patch against this particular vulnerability doesn’t exist yet. Which type of threat would this BEST be categorized as?

  • Zero day
  • DDOS
  • Brute Force
  • Spoofing
A
  • Zero day

A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability—hence “zero-day.”

44
Q

A cybersecurity analyst in your company notices that an attacker is trying to crack the WPS pin associated with a wireless printer. The device logs show that the attacker tried 00000000, 00000001, 00000002, and continued to increment by 1 number each time until they found the correct PIN of 13252342. Which of the following type of password cracking was being performed by the attacker?

  • Rainbow table
  • Dictionary
  • Hybrid
  • Brute force
A
  • Brute force

Brute-force attack when an attacker uses a set of predefined values to attack a target and analyze the response until he succeeds. Success depends on the set of predefined values. If it is larger, it will take more time, but there is a better probability of success. In a traditional brute-force attack, the passcode or password is incrementally increased by one letter/number each time until the right passcode/password is found.

45
Q

A cybersecurity analyst is auditing your company’s network logs and identifies that a USB mass storage device was previously inserted into many of the company’s servers. The logs also showed that there were dozens of failed login attempts prior to a successful login occurring on the servers. Which TWO of the following actions are recommended to eliminate the vulnerabilities identified by the cybersecurity analyst?

  • Change the default credentials on the servers
  • Remove administrative permissions
  • Modify the autorun settings
  • Install the operating system security updates
  • Lockout the account after 3 failed login attempts
A
  • Modify the autorun settings
  • Lockout the account after 3 failed login attempts

Since the USB mass storage device was used to connect to the servers, it is recommended to modify the AutoRun settings. To prevent the password guessing attacks used, the servers should be configured to lockout any account after 3 failed login attempts.

46
Q

Your company works as a contractor to the military and has just finished replacing about 500 workstations across their secure network. You have been asked to properly dispose of the workstations and to destroy the data on their hard disk drives. Which of the following methods would be the MOST effective?

  • Physically destroy the drives by drilling each HDD’s platter
  • Fully format each hard drive with a series of 0s
  • Conduct a low-level format of each hard drive
  • Degauss each of the hard drives
A
  • Degauss each of the hard drives

Degaussing is the process of erasing/wiping a hard disk drive or magnetic tape. When exposed to the powerful magnetic field of a degausser, the magnetic data on a hard disk is neutralized or erased. Degaussing is the guaranteed form of hard drive erasure and is considered fast and efficient, especially with large numbers of hard drives. While the other options will erase or delete the data, they are much more time consuming since each drive must be formatted or destroyed individually. With an industrial degausser, multiple hard drives can be destroyed at once and they take less than a minute to degauss the hard drives.

47
Q

A workstation was patched last night with the latest operating system security update. This morning, the workstation only displays a black screen. You restart the computer, but the operating system fails to load. What is the NEXT step you should attempt to boot this workstation?

  • Reboot the workstation into safe mode and roll back the recent security update
  • Reboot the workstation into safe mode, open regedit, and repair the Windows registry
  • Reboot the workstation into the BIOS and reconfigure boot options
  • Reboot the workstation into safe mode and disable Windows services/applications
A
  • Reboot the workstation into safe mode and roll back the recent security update
48
Q

A user is complaining that their profile is taking too long to load on their Windows 10 system. Which of the following is the BEST solution to this problem?

  • Reboot the system into Safe Mode
  • Disable unnecessary programs from automatically starting up
  • Reinstall Windows
  • Rebuild your Windows profile
A
  • Rebuild your Windows profile
49
Q

A user receives the following error message: “Windows Update cannot currently check for updates because the service is not running.” The user calls the help desk to report the error they received. A support technician uses a remote connection tool to login to the computer remotely, quickly identifies the issue, and fixes the issue. Which of the following should the technician do NEXT?

  • Reboot the computer
  • Restart the network services
  • Roll back the device drivers
  • Register the windows update service’s DLL files
A
  • Reboot the computer

If any of the .DLL files involved with Windows Update are not correctly registered, you may also encounter this problem. To solve it, open services.msc and stop the Windows Update service. Then, open a Command Prompt as the administrator and use regsvr32 for each of the 6 Windows Update DLL files (wuapi.dll, wuaueng.dll, wups.dll, wups2.dll, wuwebv.dll, and wucltux.dll). Then, open services.msc and restart the Windows Update service. Finally, restart your computer for these changes to take effect.

50
Q

Sam and Mary both work in the accounting department and use a web-based software as part of their job. Sam is unable to login to the website using his credentials from his computer, but Mary is able to login with her credentials on her computer. Sam asks Mary to login to her account from his computer to see if the problem is with his account or his computer. When Mary attempts to login on Sam’s computer, she receives an error. Mary notices a pop-up notification about a new piece of software on Sam’s computer when she attempted to login to the website. Which TWO of the following steps should Mary take to resolve the issue with logging in from Sam’s computer?

  • Ask Sam for his username/password in order to log on to the website from Mary’s computer
  • Have Sam attempt to log on to another website from Sam’s computer to see if it works
  • Have Sam clear his browser cache on his computer and then attempt to log on to the website again
  • Verify Sam’s computer has the correct web browser configuration and settings
  • Ask Sam about the popup notification and determine what new programs he installed on his computer
A
  • Verify Sam’s computer has the correct web browser configuration and settings
  • Ask Sam about the popup notification and determine what new programs he installed on his computer

Since Mary was able to log in to the website from her computer but not from Sam’s, this indicates an issue with Sam’s computer and/or web browser. The pop-up notification about the new program being installed is a clue that something exists on Sam’s computer that doesn’t on Mary’s computer, therefore it could be the cause and should be investigated further. Additionally, the browser’s configuration should be checked to ensure the correct settings are being used.

51
Q

Edward has just returned to his office after a two-week vacation. When he logs into his email client to access his company email, he notices that he cannot see the shared Customer Service inbox folder in his email client. He contacts the help desk and they verify that his account is still connected to the domain controller and it can still send and receive emails successfully. What is the MOST likely happened during Edward’s vacation that is causing the missing inbox folders in the email client?

  • The network file share’s permissions has been modified
  • The operating system was updated
  • Edward’s user account permission was changed
  • The internet security options in his email client have been modified
A
  • The network file share’s permissions has been modified

While Edward was on vacation, it is likely that the network file share’s permissions have been modified. Based on the fact that Edward’s account is connected to the domain and is able to send/receive email, it cannot be his user account’s permissions causing the issue. The internet security options would also prevent him from sending/receiving mail, so that can be eliminated. Even if the operating system was updated, that would not affect the shared inboxes since they reside on the network file shares and not Edward’s computer.

52
Q

Madison is trying to open up her anti-malware solution to run a full system scan because she suspects her computer has become infected. When she attempts to run the tool, she receives an error of “Access denied”. What security issue is MOST likely occurring?

  • Disappearing files
  • File permission change
  • Renamed system files
  • Rogue antivirus
A
  • File permission change
53
Q

A factory worker suspects that a legacy workstation is infected with malware. The workstation is running Windows XP and is used as part of an ICS/SCADA system to control some industrial factory equipment. The workstation is connected to an isolated network that cannot reach the internet. The workstation receives the patterns for the manufactured designs through a USB drive. A technician is dispatched to remove the malware from this workstation, and after its removal, the technician provides the factory worker with a new USB drive to move the pattern files to the workstation. Within a few days, the factory worker contacts the technician again to report the workstation appears to be reinfected with malware. Which of the following steps did the technician MOST likely forget to perform to prevent a reinfection?

  • Quarantine the infected system
  • Disable System restore (in windows)
  • Remediate the infected systems
  • Update the anti-malware solution
  • Enable System Restore and create a restore point (in windows)
  • Identify and research malware symptons
A
  • Update the anti-malware solution

Since the workstation is isolated from the internet, the anti-malware solution will need to be manually updated to ensure it has the latest virus definitions. Without the latest virus definitions, the system can easily become reinfected.

54
Q

An Android user recently cracked their screen and had it replaced. If they are in a dark room, the phone works fine. But, if the user enters a room with normal lights on then the phone’s display is dim and hard to read. What is MOST likely the problem?

  • Defective display
  • Auto-brightness is disabled
  • Faulty ambient light sensor
  • Low battery
A
  • Faulty ambient light sensor

The ambient light sensor appears to be broken or malfunctioning. The ambient light sensor may be too sensitive as it is taking in more light than usual. This can occur if the sensor is faulty or if the screen was replaced incorrectly and the technician forgot to install the black gasket around the ambient light sensor.

55
Q

Every new employee at Dion Training must sign a document to show they understand the proper rules for using the company’s computers. This document states that the new employee has read the policy which dictates what can and cannot be done from the corporate workstations. Which of the following documents BEST describes this policy?

  • MOU
  • AUP
  • SOW
  • SLA
A
  • AUP

An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. For example, it may state that they must not attempt to break the security of any computer network or user, or that they cannot visit pornographic websites from their work computer.

56
Q

You are a member of a project team that is being contracted to install twenty new wireless access points (WAPs) for a college campus. Your team has already determined the locations for the new WAPs and notated them in the physical and logical network diagrams. Your team is still finalizing the change request documents for the installation. The project cannot move forward with the installation until the change request is finalized and approved. Which of the following is the MOST important thing to add to the SOW and change request prior to its approval?

  • Risk Analysis
  • Backout plan
  • Plan for change
  • End user acceptance
A
  • Backout plan

A backout plan is an IT governance integration approach that specifies the processes required to restore a system to its original or earlier state, in the event of failed or aborted implementation. Any installation or upgrade should include a backout plan as part of the change request and change plan. That way, if something goes wrong with the installation then the team can “backout” and restore service on the legacy/previous system.

57
Q

After installation or change has been implemented, which of the following is necessary prior to closing out the change request?

  • Change boards approval
  • End user acceptance
  • Risk analysis
  • Plan for the change
A
  • End user acceptance

After the installation or implementation of the change, the end-user acceptance must be received. If the end-user hasn’t approved the installation or change, then the project or ticket cannot be closed out.

58
Q

You have been asked to replace a computer’s hard drive. Which of the following steps should you take FIRST to prevent an electrical hazard while working on the computer?

  • Place the computer on a grounded work bench
  • Disconnect the power prior to serving the computer
  • Place the computer and it’s components on an ESD mat
  • Connect an ESD strap to yourself to prevent shock
A
  • Disconnect the power prior to serving the computer

The FIRST thing that you need to do is disconnect the power to the computer. This will eliminate many electrical hazards and prevent you from getting an electrical shock while working on the machine. After it is disconnected, then it is a good idea to use an ESD strap, place the computer and its components on an ESD mat, and work on the computer on top of a grounded work bench.

59
Q

A user is unable to open some files on a file server and contacts the help desk for support. The help desk technician begins to troubleshoot the server and notices that all of the data backups for the server are operational, but there are large portions of time missing within the event log. The technician remembers that there have been several bad thunderstorms recently during those missing time periods. What might the technician do to prevent these server issues in the future?

  • Replace the servers memory
  • Install a surge protector
  • Replace the servers hard drive
  • Install a new battery backup
A
  • Install a new battery backup

The missing time periods in the event logs indicates that the server was powered off during those periods. This is likely to have occurred due to a power loss during the thunderstorms. To prevent these power losses, it is recommended that the servers be connected to a batter backup. When a server is powered off due to a power loss, files can become corrupted and unusable.

60
Q

Your company is concerned about the possibility of power fluctuations that may occur and cause a small dip in the input power to their server room for an extended period of time. What condition is this known as?

  • Power surge
  • Brownouts
  • Blackouts
  • Power spikes
A
  • Brownouts
61
Q

Your company is concerned about the possibility of power fluctuations that may occur and cause a large increase in the input power to their server room. What condition is this known as?

  • Power surge
  • Brownouts
  • Blackouts
  • Power spikes
A
  • Power spikes

A power spike is a very short pulse of energy on a power line. Power spikes can contain very high voltages – up to and beyond 6000 volts – but usually last only a few milliseconds, as opposed to longer, but lower voltage power surges.

62
Q

Your company is setting up a system to accept credit cards in their retail and online locations. Which of the following compliance types should you be MOST concerned within dealing with credit cards?

  • PHI
  • PCI
  • GDPR
  • PII
A
  • PCI

The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process and transmit cardholder data, you need to host your data securely and follow PCI compliance requirements.

63
Q

You have been asked to classify a hospital’s medical records as a form of regulated data. Which of the following would BEST classify this type of data?

  • PHI
  • PCI
  • GDPR
  • PII
A
  • PHI

Hospital patient records are most accurately categorized as PHI. The four forms of regulated data covered by the CompTIA A+ (220-1002) exam are PII (Personally Identifiable Information), PCI (Payment Card Industry), GDPR (General Data Protection Regulation), and PHI (Protected Health Information).

64
Q

A programmer is writing a script to calculate the amount of disk space needed to perform a daily backup. The programming needs to store the amount of disk space in a temporary place holder within the program that can be updated and changed during the script’s execution. Which of the following would be used to store the value of the disk space needed?

  • Loop
  • Comment
  • Constant
  • Variable
A
  • Constant

A variable is a placeholder in a script that can contain a number, character, or string or characters. Variables in scripts do not have to be declared (unlike in programming languages), but instead can simply be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself.