CompTIA A+ Core 2 Practice Test Flashcards
An administrator uses a method that uses simultaneous authentication of equals (SAE) instead of the 4-way handshake. What is this method?
AES
MFA
TKIP
WPA3
WPA3
Wireless protected access (WPA3) uses passphrase-based group authentication of stations in private mode; it changes the method by which this secret is used to agree with session keys. The simultaneous authentication of equals (SAE) protocol replaces the 4-way handshake.
Multifactor authentication (MFA) allows the machine to establish a trust relationship and create a secure tunnel to transmit the user credentials or perform smart card authentication without a user password.
Temporal key integrity protocol (TKIP) tries to mitigate the various attacks against WEP developed by producing a new 128-bit encryption key for every packet sent on the network.
Advanced encryption standard (AES) is the standard encryption used by WPA2 and the strongest encryption standard to use by Wi-Fi.
What type of malware attack designates the victim’s computer to mine digital currency?
Trojans
Spyware
Cryptominer
Viruses
Cryptominer
Cryptominer hijacks the resources of the host to perform cryptocurrency mining. Cryptomining is often performed across botnets which are also referred to as cryptojacking.
Spyware is malware that can perform browser reconfigurations, such as allowing tracking cookies, changing default search providers, opening arbitrary pages at startup, adding bookmarks, and so on.
Viruses are concealed within the code of an executable process image stored as a file on a disk.
Trojans are malware concealed within an installer package for software that appears to be legitimate. The malware will be installed alongside the program and executed with the same privileges.
A software company hires a new app developer. The corporate network denies access when the developer tries to connect their phone. Why would the network deny access from the developer’s mobile phone?
Sluggish response time
App spoofing
Developer mode
High network traffic
Developer mode
The developer’s phone is in developer mode. The company’s Mobile Device Management (MDM) system blocks access to the network because developer mode can be used to install bootleg apps.
High network traffic is a bandwidth utilization issue; it would not cause access to the network to be denied.
App spoofing is when a malicious app will typically spoof a legitimate app by using a similar name and fake reviews and automated downloads to boost its apparent popularity.
Sluggish response time on a mobile device could be caused by malware, too many open apps, and a low battery charge, among other things. It would not cause the device to be denied network access.
A client administrator for a video game development company wants to upgrade machines to support five primary partitions. The developers work with a lot of large files and might even need partitions larger than 2 TB. Which of the following should the administrator use?
APFS
MBR
GPT
NTFS
GPT
One of the features of GPT is support for more than four primary partitions. Windows allows up to 128 partitions with GPT. GPT also supports larger partitions (2 TB+) and a backup copy of the partition entries.
An OS must be installed to a partition formatted using a compatible file system. For Windows, this means using the New Technology File System (NTFS).
The master boot record (MBR) partition style stores a partition table in the first 512-byte sector on the disk.
Where Windows uses NTFS and Linux typically uses ext3 or ext4, Apple Mac workstations and laptops use the proprietary Apple File System (APFS).
A technician uses filesystem-level encryption on some files that need to be encrypted on their device. What is this called?
EFS
Inheritance
Application security
Port security
EFS
The Encrypting File System (EFS) feature of the New Technology File System (NTFS) supports file and folder encryption. EFS is not available in the Home edition of Windows. The encryption key used by EFS is associated with the username and password.
Port security triggers are based on the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP) port number used by the application protocol.
Application security triggers are based on the process that listens for connections.
Inheritance permission assigned to a folder is automatically inherited by the file and subfolder created under the folder.
A progressive healthcare provider sets up color-filter modes on client machines and tailors them to specific users who are color blind. Where can the healthcare administrator configure this?
Show hidden files
Accessibility
Windows Firewall
Accessibility
Ease of Access settings configures input and output options to best suit each user. There are three main settings groups. In Windows 11, it can be found under the Accessibility heading.
A file or folder can be marked as “Hidden” through its file attributes. Files marked as hidden are not shown by default but can be revealed by setting the “Show hidden files, folders, and drives” option.
Windows Defender Firewall determines which processes, protocols, and hosts can communicate with the local computer over the network.
In Account settings, email & accounts are where sign-in credentials for other accounts can be added, such as email or social networking, allowing quick access.
An administrator uses a method that assigns permissions and rights to a collection of user accounts. What is this called?
ACL
MFA
Least privilege
Security group
Security group
A security group is a collection of user accounts, as it is more efficient to assign permissions to a group than to assign them individually to each user.
Access control list (ACL) allows each access control entry (ACE) to identify a subject and its permissions for the resource. A subject could be a human user, a computer, or a software service.
Least privilege means that a user should be granted the minimum possible rights necessary to perform that job which can be complex to apply in practice.
Multifactor authentication (MFA) means that the user must submit at least two different credentials.
A security administrator is in charge of multiple locations in various countries. The administrator wants to set Coordinated Universal Time (UTC) on a test box to ensure logging is standardized. In Windows, where can the administrator set this?
Personalization
Time and Language
Internet Options
Privacy
Time and Language
The Time & Language settings page sets the correct date/time and time zone. Keeping the PC synchronized to an accurate time source is important for processes.
The Personalization settings allow users to select and customize themes, which set the appearance of the desktop environment.
Privacy settings govern what usage data Windows is permitted to collect, what device functions are enabled, and for which apps.
The Internet Options Control Panel applet exposes the configuration settings for Microsoft’s Internet Explorer (IE) browser. The Security tab restricts what types of potentially risky active content are allowed to run.
A vulnerability manager investigates their mobile environment for overall risk posture and starts with identifying legacy systems. Who determines when an Android version is at the end of life?
Microsoft
Apple
Vendor
Vendor
End-of-life policies and update restrictions for particular handsets are determined by the handset vendor rather than the overall Android authority.
Android is a smartphone/tablet OS developed by the Open Handset Alliance, primarily driven by Google. However, vendors can make their versions as well.
Microsoft has their cell phone, which runs an OS designed to work with a handheld portable device. This type of OS must have a touch-operated interface.
iOS is the operating system for Apple’s iPhone smartphone and original models of the iPad tablet. Like macOS, iOS is also derived from UNIX.
A threat actor uses a technique that instills statements through an unfiltered user response. What is this technique?
SQL injection
Brute force attack
XSS
Dictionary attack
SQL injection
SQL injection attack is when the attacker modifies one or more of the basic functions by adding code to some input accepted by the app, causing it to execute the attacker’s own set of SQL queries or parameters.
Cross-site scripting (XSS) attack exploits the fact that the browser is likely to trust scripts that appear to come from a site the user has chosen to visit.
A dictionary attack is when the software matches the hash to those produced by ordinary words found in a dictionary.
A brute force attack is when the software tries to match the hash against one of every possible combination it could be.
An employee disposes of a disk by grounding it into little pieces. What is this called?
Erasing/wiping
Degaussing
Shredding
Incinerating
Shredding
Shredding is when a disk is put into a mechanical shredder to be destroyed. A mechanical shredder works in much the same way as a paper shredder.
Erasing/wiping software ensures that old data is removed using zeroes or random patterns, leaving the disk in a “clean” state, ready to be passed to the new owner.
Degaussing is when a hard disk is exposed to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface.
Incinerating is when the disk is exposed to high heat to melt its components. It is performed in a furnace designed for media sanitization. Municipal incinerators may leave remnants.
A security engineer researches how to make backup and antivirus apps available to their iOS mobile devices. Where should the apps be pushed?
Business Manager
Security & Privacy
iCloud
Finder
Business Manager
A supervised macOS can be restricted in terms of app installation and uninstallation policies. Corporate apps can be pushed to devices via the Business Manager portal.
By default, macOS will only allow apps to be installed if downloaded from the Mac App Store. To allow the installation of download apps, go to System Preferences > Security & Privacy.
The Finder is the macOS equivalent of File Explorer in Windows. It lets the user navigate all the files and folders on a Mac.
iCloud is Apple’s online storage solution for its users. It provides a central, shared location for mail, contacts, calendar, photos, notes, reminders, and more across macOS and iOS devices.
A Linux server administrator notices a service they do not recognize, although the environment is quite big. They look at the help file for the ksh process, but the documentation seems poor. It does seem to indicate that it provides interactivity, however. What type of program is this?
Backup
Antivirus
Terminal
Updates
Terminal
The shell provides a command environment by which a user can operate the OS and applications. Many shell programs are available with Linux, notably Bash, zsh, and ksh (Korn shell).
Products such as Clam AntiVirus (ClamAV) and the Snort Intrusion Prevention System (IPS) can be used to block varied malware threats and attempts to counteract security systems.
apt-get is a command interface for the Advanced Packaging Tool (APT). APT is used by Debian distributions and works with .deb format packages.
Linux does not have an “official” backup tool. There are plenty of commercial and open-source backup products for Linux, however. Some examples include Amanda, Bacula, Fwbackups, and Rsync.
A spouse plans a surprise birthday party for their significant other. The spouse wants to turn off activity history on their browser to make sure their significant other does not find out the surprise. Where can the spouse do this?
Update and security
Internet Options
Privacy
Personalization
Privacy
Privacy settings govern what usage data Windows is permitted to collect, what device functions are enabled, and for which apps.
The Update & Security settings provide a single interface to manage a secure and reliable computing environment.
The Personalization settings allow the users to select and customize themes, which set the appearance of the desktop environment.
The Internet Options Control Panel applet exposes the configuration settings for Microsoft’s Internet Explorer (IE) browser. The Security tab is used to restrict what types of potentially risky active content are allowed to run.
A Windows administrator wants to learn how to use Linux by installing the Linux subsystem for Windows. What should their version of Windows have on the New Technology File System (NTFS) to support case-sensitive naming and hard links required by Linux?
POSIX
Journaling
32-bit allocation table
Indexing
POSIX
To support UNIX/Linux compatibility, Microsoft engineered NTFS to support case-sensitive naming, hard links, and other key features UNIX/Linux applications require. This is known as POSIX compliance.
When data is written to an NTFS volume, it is re-read, verified, and logged via journaling. In the event of a problem, the sector concerned is marked as bad and the data relocated.
FAT32 is a variant of FAT that uses a 32-bit allocation table, nominally supporting volumes up to 2 TB. The maximum file size is 4 GB minus 1 byte.
The Indexing Service creates a catalog of file and folder locations and properties, speeding up searches.
A server administrator sets up jobs that will copy over files on various servers. They want it to detect if the file was transferred successfully and, if not, resend the file. Which command is optimal for server administrators to perform this task?
move
robocopy
xcopy
copy
robocopy
Robocopy command (or “robust copy”) is another file copy utility. Microsoft now recommends using robocopy rather than xcopy. Robocopy is designed to work better with long file names and NTFS attributes.
The xcopy command is a utility that allows users to copy the contents of more than one directory at a time and retain the directory structure.
The move command provides the ability to transfer files contained in a single directory. It uses a three-part syntax: command Source Destination, where Source is the drive name, path, and name of the files to be moved/copied.
The copy command also allows transferring files contained in a single directory.
A penetration tester conducts the initial reconnaissance phase and is currently targeting externally facing servers for a certain company. Currently, they are trying to enumerate the domain name system (DNS) servers. Which built-in tool will help them perform this?
nano
find
cat
dig
dig
dig is a powerful tool for gathering information and testing name resolution, installed on most Linux distributions. Output is displayed in an answer section and includes the IP address mapped to the domain name.
The find command is used to search for files. This basic syntax is found in a path expression.
cat returns the contents of the files listed as arguments. The -n switch adds line numbers to the output. Often, cat output is piped to a pager (cat | more or cat | less) to control scrolling.
There are numerous text file editors. The Nano text editor is a basic example often preferred by those from a Windows environment.
A customer has opened a ticket for a problem to be fixed, and when the customer opens the ticket, there will be a record that shows what?
Follow up statement
Distractions
Proper documentation
Clarify customer statements
Proper documentation
Proper documentation should be provided so that the customer knows what to expect in terms of supported items, how long incidents may take to resolve, and when they can expect an item to be replaced instead of repaired.
Clarifying statements by asking how the customer expects the work to proceed and when it will be done, and their concerns about the costs and the impact of the work.
Following up with a customer to provide general feedback on what caused the issue, how it was fixed, and assurance that the issue is now fixed and unlikely to recur.
A distraction is anything that interrupts an employee from the task of resolving the ticket.
What uses domain names of components loading on the web page against a vast blacklist?
Browser sign-in
Private browsing mode
Ad blocker
Clearing browsing data
Ad blocker
Ad blockers use more sophisticated techniques to prevent displaying anything that does not seem to be part of the site’s main content or functionality.
Clearing browsing data options are used to delete browsing history. The user can have the browser do this automatically or do it manually.
Private browsing mode disables the caching features of the browser so that no cookies, browsing history, form fields, passwords, or temp files will be stored when the session is closed.
Browser sign-in allows the user to synchronize settings between instances of the browser software on different devices.
A technician configures a method to run some server application from a network and make it accessible to the internet. What is this method?
DHCP reservation
Port forwarding
Disabling unused ports
UPnP
Port forwarding
Port forwarding means that the router requests an internet host for a particular service and sends the request to a designated host on the LAN.
The Dynamic Host Configuration Protocol (DHCP) reservation means that the DHCP server always assigns the same IP address to the host. A user can usually choose which IP address this should be.
Disabling unused ports so that only the enabled services will be enabled. If a service is unused, then it should be accessible. If a port-forwarding rule is no longer required, it should be disabled or deleted completely.
The universal plug-and-play (UPnP) framework sends instructions to the firewall with the correct configuration parameters to allow applications to work.
A customer uses their computer at a café, and an attacker watches the customer typing their login information. What is this called?
Shoulder surfing
Phishing
Vishing
Tailgating
Shoulder surfing
Shoulder surfing attacks are when the attacker learns a password, PIN, or any secure information by watching the user type it.
Tailgating is when entering a secure area without authorization by following closely behind the person allowed to open the door or checkpoint.
Phishing uses social engineering techniques to make spoofed electronic communications seem authentic to the victim. A phishing message might convince the user to perform actions, such as installing malware disguised as an antivirus program.
Vishing is an attack through a voice channel like a telephone. It can be much more difficult for someone to refuse a request made in a phone call than one made in an email.
An IT technician is installing software on a device that inspects network traffic and accepts or blocks traffic based on a set of rules. What is this called?
PIN
Firewall
Swipe
Pattern
Firewall
Firewalls perform the role of filtering allowed and denied hosts and protocols. A basic firewall is configured with rules, referred to as a network access control list (ACL).
Swipe is a gesture that means that access to the device is unauthenticated. Simply swiping across the screen will unlock the device.
Pattern requires the user to swipe a “join-the-dots” pattern. The pattern method has numerous weaknesses.
Personal identification numbers (PINs) are used on most devices to enable screen lock authentication and generate an encryption key. The PIN can act as a primary or backup authentication method.
After starting the computer and signing in, a user notices the desktop takes a long time to load. Evaluate the following Windows operating system problems to determine the one that best diagnoses what could be causing the slowness.
Corrupted registry
Invalid boot disk
Corrupted user profile
Time drift
Corrupted user profile
When a computer starts normally, and a user logs in normally, the desktop is slow to load; a corrupted user file is likely a culprit.
Time drift occurs when the time on the motherboard and the server gets out of sync. Using GPS-synchronized time sources or a pool of internet sources will address time drift.
A corrupted registry likely would prevent the computer from booting, or it would boot to a blue screen of death (BSOD).
An invalid boot disk means the system has failed to boot, which is not true in this scenario.
An IT manager, who is in charge of the client image, considers enabling a data at rest solution. Where can the manager go to enable the built-in Microsoft solution?
Network and Sharing
Programs and Features
System Settings
Devices and Printers
System Settings
The System Settings page in the Settings app presents options for configuring input and output devices, power, remote desktop, notifications, and clipboard (data copying). BitLocker disk encryption is here.
The Devices and Printers applet in the Control Panel provides an interface for adding devices manually and shortcuts to the configuration pages for connected devices.
The Programs and Features Control Panel applet is the legacy software management interface. Users can use it to install and modify desktop applications and Windows Features.
Network and Sharing Center is a Control Panel applet that shows status information.