Assessment test questions (2) Flashcards
Which network protocol and port does RDP operate on?
TCP port 3389
TCP port 23
TCP port 443
TCP port 3389
The Remote Desktop Protocol (RDP) operates on TCP port 3389. The SSH protocol operates on TCP port 22. The Telnet service operates on TCP port 23, and HTTPS operates on TCP port 443
Which line would be used to comment Windows batch script code?
//comment
REM comment
comment
REM comment
The line REM comment is used to comment Windows batch script code. The line //comment is used to comment JavaScript code. The line ‘comment is used to comment VBScript code. The line # comment is used to comment Bash script code and PowerShell code
Your system log files report an ongoing attempt to gain access to a single account. This attempt has been unsuccessful to this point. What type of attack are you most likely experiencing?
Dictionary password attack
Rootkit attack
Worm attack
Dictionary password attack
A dictionary password attack occurs when a user account is repeatedly attacked using a variety of passwords. A rootkit attack would not be immediately seen and would not show as an ongoing effort. A worm attack would not be visible as an ongoing attempt to gain access. TCP/IP hijacking is a form of a man-in-the-middle attack
A server in your network has stopped responding to legitimate requests from users due to a malicious influence. Which type of attack has occurred?
DoS
Keylogger
Botnet
DoS
A denial-of-service (DoS) attack is used to disrupt legitimate requests from being answered. A keylogger is used to steal credentials by recording keystrokes. A botnet is a group of computers that are under the control of a threat agent. Social engineering is a process in which an attacker attempts to acquire information about your network and system by social means, such as talking to people in the organization
You have found that several employees are using the organization’s email system to solicit personal business. What policy would define the abuse of this system?
Acceptable use policy (AUP)
Mobile device management (MDM)
Data loss prevention (DLP)
Acceptable use policy (AUP)
The acceptable use policy (AUP) defines the appropriate use of email and other organizational systems and resources. Mobile device management (MDM) helps an administrator control mobile devices so that data is not exposed. Data loss prevention (DLP) is used to prevent personal and confidential information from being emailed outside of the organization. Email filtering filters email coming into the organization
A user wants to ensure that all contacts from her mobile device are copied onto her computer before migrating to a new device. Which of the following processes can accomplish this?
Mirroring
Synchronization
Calling each contact
Synchronization
Synchronization can copy all contacts, programs, email messages, pictures, music, and videos between a mobile device and a computer. Mirroring is a term reserved for when devices replicate themselves to similar devices. Calling the contacts won’t achieve the desired result, and emailing contacts is inefficient and does not immediately result in placing the contacts on the computer
Which mobile operating system is typically associated with the .ipa extension?
Android
iOS
Windows Phone
iOS
The .ipa file extension is for iOS App Store package files. Android apps have an extension of .apk. The Windows Phone OS is typically associated with the .xap extension. Blackberry OS uses .jad. The latter of the two phone types were not discussed in detail in this book
A technician is configuring a new Windows computer for a home office. Which of the following steps should the technician take to secure the workstation?
Rename default accounts.
Configure single sign-on.
Disable Windows Update.
Rename default accounts.
Renaming the default accounts on a new Windows computer is the easiest way to secure the operating system. Configuring single sign-on should only be performed if a resource is required that only uses SSO as authentication. Disabling Windows Update will do the opposite of securing the operating system. Disabling Action Center pop-ups will also do the opposite of securing the operating system
Which critical system generally requires third-party tools to troubleshoot performance problems?
CPU
Graphics
Network
Graphics
Graphics cards usually require third-party tools to diagnosis performance problems. RAM problems, CPU problems, and network problems can be diagnosed inside the operating system from Task Manager
What is the last step that should be performed when removing malware?
Identify the malware.
Enable System Protection.
Educate the end user.
Educate the end user.
The last step in the malware-removal process is the education of the end user to prevent future occurrences of infection. Identifying the malware is the first step in the malware-removal process. Enabling System Protection is one of the last steps, but it is not the last step. Scheduling a scan should be performed after you have remediated the malware
Your mobile device is suffering from an intermittent wireless connection. What is recommended to alleviate signal drops?
Shorten the SSID.
Use the 5 GHz band.
Reduce power on the WAP.
Use the 5 GHz band.
By using the 5 GHz wireless band, you can limit the amount of interference from external devices, such as microwave ovens and Bluetooth devices. Shortening the SSID will have no effect on intermittent signal drops, nor will reducing power on the WAP. Using the 2.4 GHz band will probably make signal drops worse
While working on a user’s system, you discover a sticky note attached to the bottom of the keyboard that has their username and password written on it. The user is not around, and you need to verify that the network connection is working. What should you do?
Log in, verify access, and then log out.
Log in and stay logged in when you are finished.
Text the user.
Text the user.
You should text the user and let them know that you need to verify their network connection. You should not log in as another person, with their username and password. You should not log in and stay logged in when you are finished. You should definitely not log in and change the user’s password
While installing a new network card, you accidentally broke a component off of the card. What should you do?
Explain that the card was broken out of the box.
Install the card anyway.
Inform the customer of the situation.
Inform the customer of the situation.
You should be honest and inform the customer of the situation. Explaining that the card was broken out of the box is untruthful and deceptive. Installing the card anyway will cause new problems. Leaving everything as-is until you can locate a new card does not help the customer, since you’ve created a new dilemma
Which regulation is enforced by Health & Human Services (HHS) to regulate the privacy of patient information related to health services?
FERPA
HIPAA
GLBA
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) affects health-care providers and providers that process health records. The Sarbanes-Oxley Act (SOX) is enforced by the Securities and Exchange Commission (SEC) and regulates sensitive financial information and financial records. The Family Educational Rights and Privacy Act (FERPA) affects education providers and organizations that process student records. The Gramm-Leach-Bliley Act (GLBA) affects providers of financial services and safeguards customer information
Which of the following are good measures to take to help to prevent ESD? (Choose two.)
Decrease the humidity.
Tie back long hair.
Take off your shoes.
Perform self-grounding.
Tie back long hair.
Perform self-grounding.
Long hair or neckties can very easily hold a static charge and damage computer parts. In addition, if you don’t have an ESD strap or mat, you should perform self-grounding before you touch sensitive computer equipment. Lower humidity actually increases the risk of ESD. Taking off your shoes will not limit ESD