CompTIA A+ Core 2 Final Assessment Flashcards
A computer user looks to map a network drive using the most basic scripting language possible. Which language does the user implement for a Windows system?
A shell script written for the basic Windows CMD interpreter is often described as a batch script. A batch script would be the simplest way to create the script.
PowerShell
Windows PowerShell (PS) combines a script language with hundreds of prebuilt modules called cmdlets that can access and change most components and features of Windows and Active Directory.
VBScript
VBScript is a scripting language based on Microsoft’s Visual Basic programming language. VBScript predates PowerShell.
Python
Python is a general-purpose scripting and programming language that can be used to develop both automation scripts and software apps. A Python project can either be run via an interpreter or compiled as a binary executable.
An iOS user struggles with wirelessly connecting a set of headphones to a phone. What does the user check on the phone while troubleshooting? (Select all that apply.)
- Bluetooth communication would need to be checked and enabled on the smartphone. The headphones would also need to be powered on.
- Pairing is a method of connecting a smartphone or other device to a peripheral device via Bluetooth. Both the phone and the headphones would need to be in pairing mode to connect.
WiFi connectivity
WiFi is a method that mobile devices can connect and communicate on a local network, but this is not used for pairing/using wireless headsets.
AirDrop properties
AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection.
An iOS smart device user notices that AirDrop is not working properly as files are not being received. What should the user check while troubleshooting? (Select all that apply.)
- AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection. Bluetooth should be enabled, and devices should be in close range with each other.
- In addition to having Bluetooth turned on for the device, AirDrop requires the users’ iOS device to have the Wi-Fi setting turned on as well.
LAN
A network in a single location is often described as a local area network (LAN). This definition encompasses many different sizes of networks with widely varying functions and capabilities.
Near-field
AirDrop does not use near-field communications (NFCs). NFC is typically used for contactless retail payments and more.
A user experiences difficulty paying a retailer with a touchless near-field supported phone. What does the user check while troubleshooting?
A near-field communication (NFC) issue typically manifests when trying to make payments via a contactless card reader. One troubleshooting step is to verify that airplane mode is not active.
AirDrop
AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over a Bluetooth connection.
Bluetooth
Bluetooth communication would not be used with a near-field communication (NFC) device, but rather with personal items such as headphones and speakers.
Pairing
Pairing is a method of connecting a smartphone or other device to a peripheral device via Bluetooth. A smartphone would not need to pair to make a payment.
A user inspects and learns about the electrical components on the inside of a computer. What is measured in ohms?
A resistor creates resistance. Resistance is the degree of opposition to the current caused by characteristics of the conductor and is measured in ohms.
Current
Electricity flows in a circuit. Current is the amount of charge flowing through a conductor, measured in amps (A or I).
Voltage
A circuit is made when conductors form a continuous path between the positive and negative terminals of a power source. Voltage is the potential difference between two points.
Watts
A watt is a measure of electrical power. Components such as power supplies and add-on cards are usually rated by how many watts are required or provided.
A user looks to implement Virtual Network Computing (VNC) access to a Windows computer while traveling. Which port does the user open on a hardware firewall to allow access?
Virtual Network Computing (VNC) is a freeware product with similar functionality to the Remote Desktop Protocol (RDP). It works over TCP port 5900.
443
Remote connection tools include TeamViewer and LogMeIn. Like Windows Quick Assist, these products are designed to work over HTTPS (TCP/443) across the internet.
22
Secure Shell (SSH) is a remote access protocol, but it connects to a command interpreter rather than a desktop window manager. SSH uses TCP port 22 (by default).
3389
The Remote Desktop Protocol on a Windows workstation or server runs on TCP port 3389 by default but can be changed to another port.
A user upgrades the memory in a Windows corporate workstation from 4 GB to 8 GB. After the upgrade, the user notices that only 4 GB is recognized by the system. What does the user conclude the problem to be?
Each version and edition of Windows 10 was originally available as 32-bit (x86) or 64-bit (x64) software. All 32-bit Windows editions are limited to 4 GB of system memory.
A 64-bit version of Windows
All 64-bit editions of Windows all support more random access memory (RAM) than 4 GB but have different limits for licensing purposes.
The Enterprise version of Windows
Windows Enterprise editions are only available via volume licensing. Each supports more than 4 GB of memory if it is 64-bit. Windows Enterprise would not be used as a corporate workstation.
The Server version of Windows
Windows Server editions are only available in 64-bit and therefore support more than 4 GB of memory.
A company disposes of old computer systems. While doing so, all hard drives are removed and scheduled for physical destruction. Which method will NOT work with a solid state drive (SSD)?
With degaussing, a hard disk is exposed to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. Degaussing does not work with SSDs or optical media.
Shredding
With shredding, a disk is ground into little pieces. A mechanical shredder works in much the same way as a paper shredder.
Incinerating
With incinerating, a disk is exposed to high heat to melt its components. This should be performed in a furnace designed for media sanitization. Municipal incinerators may leave remnants.
Drill and hammer tools
A disk can also be destroyed using drill or hammer hand tools. While safe for most cases, this method is not appropriate for the most highly confidential data as there is at least some risk of leaving fragments that could be analyzed using specialist tools.
A business needs to deploy a Windows operating system on devices that will be used for both advanced business functions and personal use. They require an edition that includes business features like BitLocker, Remote Desktop, and Group Policy, along with Windows Sandbox for testing applications safely. Which Windows edition should they choose?
Windows 10 Pro edition includes advanced business features such as BitLocker for encryption, Remote Desktop for accessing the PC remotely, and Group Policy for managing network resources. Additionally, Windows 10 Pro offers Windows Sandbox, which is ideal for safely testing applications.
Windows 10 Home
Windows 10 Home is geared towards basic users and lacks advanced business features like BitLocker, Remote Desktop, Group Policy, and Windows Sandbox.
Windows 10 Enterprise
Windows 10 Enterprise provides all the features of Windows 10 Pro and more, but it’s designed for larger organizations with advanced security and management needs, making it an overkill for this scenario.
Windows 10 Education is similar to the Enterprise edition but tailored for educational institutions, and it also includes features not necessary for the described business use.
Windows 10 Education
A new support technician works on entry-level trouble tickets. Which question does the technician use as a closed type of question?
A closed question is one that can only be answered with a “Yes” or “No,” or that requires some other fixed response. This type of questioning can prove to be helpful.
What caused the problem to happen?
An open-ended question is a question that invites the other person to compose a response that may not be accurate or helpful. Asking the user to “What caused the problem to happen?” will likely result in inaccurate information.
What happened to create the problem?
An open-ended question such as “What happened to create the problem?” may result in an interpretation rather than what actually happened.
What is the computer’s problem?
An open-ended question such as “What is the computer’s problem?” may result in an inaccurate description of the actual issue.
A new support technician interfaces with a user that has a computer problem. While discussing the problem, the technician gives undivided attention to the user and asks questions where the person creates their own response. When discussing the problem, what does the technician practice? (Select all that apply.)
- An open-ended question is a question that invites the other person to compose a response that allows them to openly discuss what they are seeing versus locking them down into a fixed response.
- Active listening is the skill of listening to an individual so that that person is given full attention and is not argued with, commented on, or misinterpreted in what they have said.
Close-ended questions
A closed question is one that can only be answered with a “Yes” or “No” or that requires some other fixed response. This type of questioning can be helpful but does not allow the other person to freely discuss their observation.
Use of jargon
Most users are not technically savvy. The introduction and use of technical jargon are usually confusing to users and not helpful.
A user contacts an IT help desk to report that when trying to browse a web page for office supplies, a completely unrelated webpage about gambling is presented. What does the help desk determine the causes could be? (Select all that apply.)
- Redirection is where a user tries to open one page but gets sent to another. Often this may imitate the target page. In adware, this is just a blunt means of driving traffic through a site.
- Domain name system (DNS) spoofing is a method where a fraudulent DNS address may be used to direct users to fraudulent websites.
Certificate problem
When browsing a site using a certificate, the browser displays the information about the certificate in the address bar. The certificate would not cause the browser to redirect to an unrelated site.
Service problems
The Windows operating system relies heavily on running services. These services are often the target of malware. In this case, a service is not related to the behavior.
A systems administrator configures a new Windows workstation. The system uses the New Technology File System (NTFS). The administrator needs the system to interact with a Linux system and support a set of common interface standards for compatibility. Which compliance does the administrator need to ensure?
POSIX (Portable Operating System Interface) is a set of common interface standards designed to facilitate compatibility between different operating systems, including but not limited to Unix-like systems and Windows. Ensuring POSIX compliance allows a Windows system, using NTFS, to interact more seamlessly with a Linux system.
Indexing
Indexing compliance is a useful feature for managing and accessing data on a system, but it does not directly facilitate compatibility between different operating systems like POSIX compliance does.
Journaling
Journaling compliance is an important feature for data integrity and reliability, it is not related to compatibility between operating systems.
Snapshots
Like indexing and journaling, snapshot compliance helps in managing and protecting data, but does not contribute to the interoperability of different operating systems.
A systems administrator looks to have a daily backup of a server located across a wide area network (WAN) link. As the link is not fast, the administrator creates a backup scheme that uses little to no bandwidth and acquires an entire backup of the system. Which scheme does the administrator implement?
A synthetic backup is an option for creating full backups with lower data transfer requirements. A synthetic full backup is not generated directly from the original data but instead assembled from other backup jobs.
Full
A full backup means that the backup job produces a file that contains all the data from the source. This means that the backup file is nominally the same size.
Incremental
Incremental jobs select only new files and files modified since the previous job. An incremental job has the lowest time and storage requirement.
Differential
Differential jobs select new files and files modified since the original full job. A differential chain has moderate time and storage requirements.
An engineer configures an Authentication, Authorization, and Accounting (AAA) server to authenticate credentials for remote users. Credentials are forwarded to the AAA server from a firewall. Which AAA method does the engineer utilize?
Remote Authentication Dial-in User Service (RADIUS) is one way of implementing the AAA server when configuring enterprise authentication. The firewall is configured as a client of the RADIUS server.
TACACS+
Terminal Access Controller Access Control System Plus (TACACS+) is a way of implementing AAA and is often used in authenticating administrative access to routers and switches.
Kerberos
On Windows networks, Kerberos is a protocol that allows a user account to authenticate to a domain controller (DC) over a trusted local cabled segment.
Active Directory
The Lightweight Directory Access Protocol (LDAP) is a TCP/IP protocol used to query and update an X.500 directory such as Windows Active Directory.
A user experiences a blue screen of death (BSoD) while using a Windows desktop computer. Upon initial inspection, no debris is observed in the tower. What does a support technician determine to be a good first troubleshooting step?
A Windows blue screen of death (BSoD) is often caused by hardware. This may be due to faulty hardware or a bad driver. A good first step is to determine what on the system has changed. (Remove any newly installed hardware.)
Check the system for malware.
Checking for malware on a system is a recommended step. However, with a blue screen of death (BSoD) it is recommended to check if there is newly installed hardware.
Reinstall the operating system.
Reinstalling the operating system is an option, but it may be a drastic solution to a simple problem. Any changes related to hardware should be investigated.
Clean any dust from the system.
Cleaning the dust from a system is always recommended. However, a good first step is to investigate if anything in the system has changed, such as hardware.
A Windows user needs to transfer and retain an entire directory structure from one disk to another. There is also a need to retain New Technology File System (NTFS) attributes. Which command does the user determine will fulfill the need?
The robocopy command (or “robust copy”) is a Windows file copy utility. This utility is designed to work better with long file names and NTFS attributes.
move
The move command provides the ability to transfer files contained in a single directory. Files are copied to the destination while being deleted from the source.
copy
The copy command provides the ability to transfer files contained in a single directory by creating a duplicate set of files.
rmdir
The rmdir command is a tool for deleting directories. The /s switch enables the deletion of non-empty directories.
A user enables privacy settings on a Windows 10 computer. Which settings pertain to app permissions? (Select all that apply.)
- App permissions allow or deny access to devices such as the location service, and to user data such as contacts, calendar items, email, and files.
- There are multiple settings toggles to determine what app permissions are allowed. Camera and microphone settings are set under app permissions.
Language settings
Privacy settings govern what usage data Windows is permitted to collect. It affects language settings, general diagnostics, activity history, and more.
Use of speech
Data collection allows Microsoft to process usage telemetry. The use of speech services and input personalization are covered under data collection settings.
A user builds a new computer for gaming purposes. The ability to upgrade the performance graphics processing unit (GPU) over time is desired. What GPU type does the user invest in?
A dedicated graphics card will have its own random access memory (RAM). This allows the card to focus on rendering graphics without using system RAM.
Integrated graphics
A system’s graphics subsystem can be implemented as a feature of either the CPU or the motherboard chipset. This is referred to as integrated graphics.
Video RAM
Video RAM will be on the dedicated graphics card, separate from the general system RAM.
System RAM
System RAM is used by the computer to run and manage applications and data. Running multiple programs simultaneously will require more RAM.
A company has several offices within the United States. Engineers look to configure Microsoft DirectAccess virtual private networking technology for remote connections. Engineers instruct IT to deploy which operating system to Windows desktops?
Windows Enterprise edition has several features that are not available in the Pro edition, such as support for Microsoft’s DirectAccess virtual private networking technology.
Pro
Windows Pro is designed for small- and medium-sized businesses and can be obtained using original equipment manufacturer (OEM), retail, or volume licensing.
Home
The Windows Home edition is designed for domestic consumers and possibly small office home office (SOHO) business use. The Home edition cannot be used to join a Windows domain network.
Education
Windows Education/Pro Education are variants of the Enterprise and Pro editions designed for licensing by schools and colleges.
Windows allows for several types of installable software. Which type may be transferred between computers when a user utilizes a Microsoft account?
Store apps are installed via the Microsoft Store. Store apps can be transferred between any Windows device where the user signs in with that Microsoft account.
Windows features
Windows features are components of the operating system that can be enabled or disabled. For example, the Hyper-V virtualization platform can be installed as an optional feature in supported Windows editions.
Windows subsystem for Linux
Windows subsystem for Linux (WSL) allows the installation of a Linux distribution and the use of Linux applications.
Desktop apps
Desktop apps are installed by running a setup program or Microsoft installer (MSI) installer. These apps require administrator privileges to install.
An IPv6 address is made up of bits that identify the network and host of a system. How many bits long is an IPv6 address in total, and how many bits identify the host portion? (Select all that apply.)
- In IPv6, the address is 128 bits long and the network prefixes are used to identify logical networks within the first 64 bits. IPv6 uses hexadecimal values for notation.
- In IPv6, the address is 128 bits long and the interface address portion is always the last 64 bits.
32
In IPv4, the 32-bit address is combined with a 32-bit subnet mask, both of which are typically entered in dotted decimal notation.
256
Neither an IPv4 nor an IPv6 network address is 256 bits long. 256 bits are often used in security and encryption.
A user interacts with a Linux distribution that has no desktop graphical user interface (GUI). As the user types, which stream handles the interaction?
In a Linux distribution with no graphical user interface, a terminal interface is used. The default shell command interpreter uses the stream stdin (0) for the user’s keyboard input.
stderr
A terminal shell is often used in Linux and working at a terminal is referred to as using a shell interactively. Any errors in a terminal stream are identified by stderr (2).
std
In Linux, communication within a shell is identified by streams and std refers to a standard stream that is further categorized as stdin, stdout, and stderr.
stdout
A Linux terminal is connected by a teletype (tty) device that handles text output. The stdout (1) stream reads data from a shell from the tty device and displays it through the terminal.
A company establishes a mobile device deployment model. The policy states that a corporate-owned phone may be used for personal reasons. Which deployment is in use?
In a corporate-owned, personally enabled (COPE) program, a device is chosen and supplied by the company and remains its property. The employee may use it for personal reasons.
BYOD
In a bring your own device (BYOD) program, a mobile device is owned by the employee. The mobile will have to meet whatever profile is required by the company (in terms of OS version and functionality).
COBO
In a corporate-owned, business-only (COBO) program, a device is the property of the company and may only be used for company business.
CYOD
In a choose your own device (CYOD) program, the employee is given a choice of device from a list and may be able to use it for personal reasons.
Due to a recent breach, a cyber architect is tasked with drafting a company-wide memorandum on social engineering attacks and how they can be mitigated. Which statement does NOT support the organization in defeating social engineering attacks?
Contrary to preferred procedure, the company should train employees to release information or make privileged use of the system only according to standard procedures.
Establish a reporting system for suspected attacks.
The company should establish a reporting system for suspected attacks—though the obvious risk here is that a large number of false positives will be reported.
Train employees to identify current phishing-style attacks as well as newer styles in the future.
The company should train employees to identify phishing-style attacks plus new styles of attack as they develop in the future.
Train employees not to release any work-related information on external sites.
The company should train employees not to release any work-related information on third-party sites or social networks (and especially not to reuse passwords used for accounts at work).
Which proprietary file system does a Mac workstation use?
Apple Mac workstations and laptops use the proprietary Apple File System (APFS), which supports journaling, snapshots, permissions/ownership, and encryption.
NTFS
The New Technology File System (NTFS) is a proprietary file system developed by Microsoft for use with Windows. It provides a 64-bit addressing scheme.
ext4
Most Linux distributions use some version of the extended (ext) file system to format partitions on mass storage devices. The ext3 type is a 64-bit file system with support for journaling while ext4 delivers better performance.
FAT32
FAT32 is a variant of FAT that uses a 32-bit allocation table, nominally supporting volumes up to 2 TB. The maximum file size is 4 GB minus 1 byte.
An IT administrator creates a repository for standard operating procedures (SOPs). What documents does the administrator upload to the repository? (Select all that apply.)
- A standard operating procedure outlines the steps for custom installation of software packages. The steps include verifying system requirements, validating download/installation source, and confirming license validity.
- A standard operating procedure could be a new-user setup checklist. When onboarding new employees and helping employees change job roles, typical tasks include enrollment with secure credentials and the allocation of devices.
- A standard operating procedure could outline the steps required when decommissioning a server. These steps may include identifying and migrating services to a new server.
Acceptable computer use policy
A policy is a statement of intent whereas an SOP is a set of instructions. An acceptable use policy would not be considered as an SOP.
A Windows user runs the Performance Monitor tool to check disk activity. What counter is the best option the user can evaluate to understand how busy the disk is at any given time?
The % disk time metric is the percentage of elapsed time that the selected disk drive is busy servicing read or write requests.
Average disk queue length
The average disk queue length is the number of requests outstanding on the disk at the time the performance data is collected.
Available bytes
The available bytes metric is a memory metric. It represents the amount of memory available, which should not be below 10% of the total system memory.
Pages/sec
The pages/sec value is a memory metric. This represents the number of pages read from or written to disk to resolve hard page faults.
A novice user wants to use a feature where they do not have to manually clear their cache after conducting browsing activity. Which feature fulfills this need?
Private/incognito browsing mode disables the caching features of the browser so that no cookies, browsing history, form fields, passwords, or temp files will be stored when the session is closed.
Cache clearing
Clearing cache is a manual task and is used to delete browsing history. By default, the browser will maintain a history of pages visited and cache files to speed up browsing.
Pop-up blocker
Pop-up blockers prevent a website from creating dialogs or additional windows. The pop-up technique is often used to show fake antivirus (AV) and security warnings or other malicious and nuisance advertising.
Browser settings
Browser settings configure options such as startup and home pages, tab behavior, and choice of search engine and search behavior.
A computer security team investigates a high-level computer breach at a large company. While investigating one of the computers in question, the team finds a USB drive inserted into the back of the shared user desktop tower. What are the primary concerns for the team from this discovery related specifically to the USB drive found? (Select all that apply.)
- Chain of Custody refers to the sequence of custody, control, transfer, analysis, and disposition of evidence. It is crucial to maintain a record to show who has had control of the evidence to ensure its integrity and admissibility in court. In this case, the USB drive could be critical evidence, so maintaining its chain of custody is essential.
- Data Integrity refers to the authorized or unauthorized manipulation of data. Digital information is susceptible to tampering, especially when it is easily accessible via an unsecured USB drive plugged into a computer. The team must ensure that the data on the drive hasn’t been altered in any unauthorized way.
Incident documentation
Incident documentation, while important for investigations generally, is not specifically a concern tied to the discovery of the USB drive in this question.
Latent evidence
Latent evidence usually refers to evidence not easily visible or interpretable without specialized processes or equipment. While it’s true that digital evidence can be considered latent, it is not one of the primary concerns related specifically to the USB drive in this question.
A problematic Windows system with multiple operating systems installed does not boot properly. A support technician tries to diagnose by outlining the boot process. The technician determines that the system uses an Extensible Firmware Interface (EFI) system partition. Which file does the technician inspect for problems related to a specific operating system boot problem?
The GUID partition table (GPT) identifies a System Partition. The system partition contains the boot manager and the boot configuration data (BCD). Each Windows installation has a subfolder under \EFI\Microsoft\ that contains a BCD and BOOTMGFW.EFI.
BOOTMGR
During boot, the master boot record (MBR) identifies the boot sector for the partition marked as active. The boot sector loads the boot manager, which for Windows is BOOTMGR.EXE.
NTOSKRNL
The Windows boot manager loads the Windows boot loader WINLOAD.EXE stored in the system root folder on the boot partition. The process then loads the kernel (NTOSKRNL.EXE).
HAL
In a Windows system, the hardware abstraction layer (HAL.DLL) is loaded during the WINLOAD boot process.
A user at an organization calls the IT help desk in a panic. The user exclaims that according to a message on the computer, someone is trying to extort them. What type of malware does the user experience?
Ransomware is a type of malware that tries to extort money from the victim. One class of ransomware will display threatening messages, such as requiring Windows to be reactivated.
Rootkit
Malware may be able to execute without requiring any authorization using system privileges and it may escalate privileges after installation. Malware running with this level of privilege is referred to as a rootkit.
Worm
A worm is a type of malware that replicates between processes in system memory rather than infecting an executable file stored on a disk. Worms can also exploit vulnerable client/server software to spread between hosts in a network.
Trojan
A Trojan is malware concealed within an installer package for software that appears to be legitimate.
Question
A user opens a help desk ticket after seeing that a company video, embedded within a particular internal webpage, is not displaying as it should. What does a support technician conclude to be the most likely issue?
Plugins play or show some sort of content embedded in a web page, or other video/multimedia format. In this case, a plugin is missing a particular page that is not displaying content.
An extension
Extensions add or change a browser feature via its application programming interface (API). For example, an extension might install a toolbar or change menu options.
A search provider
A search provider indicates the site used to perform web searches directly from the address bar.
An API
An application programming interface (API) is a method used by developers to integrate custom-developed software with other software applications.
An attacker uses a script to create fileless malware that requires no compilation. What scripting environment does the attacker utilize?
If the interpreter is not a default feature in an operating system, enabling it expands the attack surface. Threat actors use environments such as PowerShell to craft fileless malware.
VBScript
VBScript is a scripting language based on Microsoft’s Visual Basic programming language. VBScript predates PowerShell and uses an interpreter.
Python
Python is a general-purpose scripting and programming language that can be used to develop both automation scripts and software apps. Python requires an interpreter or compilation.
