CompTIA A+ Core 2 Practice Test Flashcards
Over the day, a user’s computer becomes slow. Then pop-ups start to appear randomly. Later on, the pop-ups become more frequent, and the user notices that internet searchers are using Google when their default search provider is in Firefox. Once the computer starts crashing repeatedly, the user calls for help. Considering all of these data points, what is the best diagnosis of the problem?
All of the symptoms listed in this scenario are common to adware and spyware. Another symptom is redirection, where a user tries to open one page but gets sent to another.
Ransomware
The goal of ransomware is extortion. Ransomware encrypts files to shut down access to data until payment is made.
DNS server is corrupted and is mapping domain names to the wrong IP addresses.
A DNS server mapping domain names to the wrong IP addresses is an example of a redirection attack, where a user is redirected to a malicious site. It does not generate the other symptoms.
HOSTS file is corrupted and is mapping domain names to the wrong IP addresses.
HOSTS is a legacy means of mapping domain names and IP addresses. If corrupted and incorrectly mapped, it is a redirection attack, and the other symptoms do not occur.
A server administrator wants to run the latest technologies. What technology should the administrator start using which will replace the New Technology File System (NTFS)?
Resilient File System (ReFS) is being developed to replace NTFS. ReFS is only available for Pro for Workstations and Enterprise editions and cannot currently be used for the boot volume.
ext3
Most Linux distributions use some version of the extended (ext) file system to format partitions on mass storage devices. ext3 is a 64-bit file system with journaling support.
APFS
Where Windows uses NTFS and Linux typically uses ext3 or ext4, Apple Mac workstations and laptops use the proprietary Apple File System (APFS).
exFAT
exFAT is a 64-bit version of FAT designed for use with removable hard drives and flash media.
What uses domain names of components loading on the web page against a vast blacklist?
Ad blockers use more sophisticated techniques to prevent displaying anything that does not seem to be part of the site’s main content or functionality.
Clearing browsing data
Clearing browsing data options are used to delete browsing history. The user can have the browser do this automatically or do it manually.
Private browsing mode
Private browsing mode disables the caching features of the browser so that no cookies, browsing history, form fields, passwords, or temp files will be stored when the session is closed.
Browser sign-in
Browser sign-in allows the user to synchronize settings between instances of the browser software on different devices.
A technician makes sure that there is no faulty electrical equipment that can pose a risk and places extinguishers nearby. What is this called?
Electrical fire safety ensures that equipment is properly stored and away from any flammable material and electrical wires do not start a fire.
Equipment grounding
Electrical equipment must be grounded. The power plug connects devices such as PCs and printers to the building ground.
Proper power handling
Proper power handling is done with the correct training. PC power supply units can carry dangerously high levels of voltage. Disconnection of power should be done before repairing a PC.
Fuse
An electrical device has a fuse appropriate to its maximum current. If the current increases past the fuse capacity, the fuse will blow. However, if the fuse fitted is rated too low, the fuse will blow too easily.
What type of data breach can be associated with a specific person or use an anonymized or de-identified data set for analysis and research?
Healthcare data refers to medical and insurance records plus associated hospital and laboratory test results.
Personal government-issued information
Personal government-issued information is issued to individuals by federal or state governments. Personal information may be social security numbers, passports, driving licenses, and birth/marriage certificates.
PII
Personally identifiable information (PII) is data that can be used to identify, contact, locate an individual or, in the case of identity theft, impersonate that individual.
Open-source license
The open-source license makes it free to use, modify, and share and makes the program code used to design it available.
An analyst is a method that calculates a product of the likelihood and impact of the potential threat category. What is this method?
Risk levels are included in the risk assignment that could be expressed as a discrete value or as a traffic light-type of indicator, where red is high, orange is moderate risk, and green is minimal risk.
Sandbox testing
Sandbox testing is a computing environment designed to replicate the production environment but isolated from it.
Rollback plan
A rollback plan is when a change can be reversed if it has harmful or unforeseen consequences.
End-user acceptance
End-user acceptance must be accounted for when a change of plan is implemented. It can be difficult for people to adapt to new processes and easy for them to magnify minor problems into major complaints.
A user is conscientious about security after hearing about breaches in the news. The user wants to see if they are up to date on patches for their Apple computer. Where should the user go to check?
The App Store checks daily for new updates/patches and releases of installed apps in macOS. If a new version is available, a notification will be shown against the App Store icon in the dock.
Displays
The Displays preference pane allows users to scale the desktop, set the brightness level, calibrate to a given color profile, and configure Night Shift settings to make the display adapt to ambient light conditions.
Printers & Scanners
Use the Printers & Scanners preference pane to add and manage print and scan devices.
System Preferences
Users can manage network settings either from the Status menu on the right-hand side of the menu bar or via System Preferences.
A manager for a large corporation is in charge of client machines and is currently undergoing a lifecycle hardware refresh. They want to optimize the machines to be powerful enough to run applications. The manager also wants to be sure that they are not underpowered either. What can the manager use to determine CPU optimization?
If privileged time is much higher than user time, the central processing unit (CPU) is likely underpowered (it can barely run Windows core processes efficiently).
User time
If overall processor time is very high (over 85% for sustained periods), it can be helpful to compare these. Privileged time represents system processes, whereas user time is software applications.
Disk queue length
If the disk queue length increases and disk time is high, then the manager has a disk problem.
Pages/sec
Pages per second are the number of pages read from or written to disk to resolve hard page faults, which means memory moves processes to the page file.
A vulnerability manager is brainstorming different ways to enhance security for their cell phone devices. The company only uses Apple, and so one of the ideas the manager comes up with is to look for anomalistic files that do not belong with Apple for signs of possible malware which did not profile the device and instead just blasted malware out, hoping the operating system would be right. Which of the following would be anomalistic?
An .apk file is a format for Android. The vulnerability manager only has Apple in their environment. Unknown sources enable untrusted apps to be downloaded from a website and installed using the .APK file format.
.dmg
DMG (disk image) format is used for simple installs where the package contents need to be copied to the Applications folder.
.pkg
PKG format is used where app setup needs to perform additional actions, such as running a service or writing files to multiple folders.
.app
The app is placed in a directory with a .APP extension in the Applications folder when it has been installed.
An administrator uses a document list that identifies the discrete stages in the use of hardware and software. What is this document called?
The procurement life cycle includes approval request procedure changes, determining budgets, identifying a trusted supplier or vendor for the asset, deploying implementations for installing the asset in a secure configuration, maintenance, and disposal of implements.
Warranty
Warranty is the asset record that includes the appropriate procurement documentation.
Assigned users
Assigned users are when hardware assets such as workstations, laptops, smartphones, tablets, and software licenses might be assigned to individual user accounts.
Knowledge base
Knowledge base (KB) is a repository for articles that answer frequently asked questions (FAQs) and document common or significant troubleshooting scenarios and examples. Each inventory record could be tagged with a cross-reference to an internal knowledge base to implement self-service support and assist technicians.
A user has just set up their network and needs to make sure that their network is secure, and no one can log in to the network. Which of the following should the user do?
Change the default password to secure the administrator account. Choose a new strong password of 12 characters or more.
Consider the physical placement.
Physical placement of any router or network appliance should be made to a secure location. A non-malicious threat actor could damage or power off an appliance by accident.
Perform firmware updates.
Firmware updates are important because it allows the user to fix security holes and support the latest security standards.
Locate the SSID.
Service set ID (SSID) is a simple, case-sensitive name that users identify the WLAN. The factory configuration uses a default SSID that is typically based on the device brand or model, which should be changed so users will recognize the network.
An IT manager is setting up an image for dispatching airplanes at a major airport. They are trying to lock down the image to run only the dispatch service. One of the layers of security is to block unneeded service ports from communicating, such as email. Where should the manager start?
Windows Defender Firewall determines which processes, protocols, and hosts can communicate with the local computer over the network.
In account settings, email & accounts are where sign-in credentials for other accounts can be added, such as email or social networking, which allows quick access.
Sound
The System Settings page in the Settings app presents options for configuring input and output devices, power, remote desktop, notifications, and clipboard (data copying).
Device Manager
Device Manager allows users to view and edit the properties of installed hardware. They can change hardware configuration settings, update drivers, or remove/disable devices.
What allows a user to download from a vendor’s website and select the correct patch for their device’s make and model?
Firmware updates are important because it allows the user to fix security holes and support the latest security standards.
Change default password
Change the default password to secure the administrator account. Choose a new strong password of 12 characters or more. This is more secure than leaving the default where someone may be able to easily access.
Physical placement
Physical placement of any type of router or network appliance should be made to a secure location. A non-malicious threat actor could damage or power off an appliance by accident.
Encryption setting
Encryption settings allow users to set the authentication mode.
An endpoint machine administrator configures specific Apple computers designated for users with disability. Where should the administrator look to configure these settings?
The Accessibility preference pane is used to configure assistive vision and sound options, such as VoiceOver narration of screen elements, cursor size and motion settings, zoom tools, display contrast, font sizes, and captioning.
Security & Privacy
macOS has options to configure what analytics/telemetry data and personalized information can be collected. Users can adjust these options via the Security & Privacy preference pane.
Time Machine
The Time Machine preference pane lets data back up to an external drive or partition formatted using either the Apple File System (APFS) or macOS’s older extended file system.
Mission Control
The Mission Control feature is used for window management and enables users to set up multiple desktops.
A technician is working with a customer who is being unreasonable. Which of the following skills should the technician use? (Select all that apply.)
- Identifying early that the customer is angry and trying to calm the situation down by using a low voice and soothing language and focusing on positive actions.
- Do not take complaints personally and do not express any anger toward the customer.
- Hang up and be guided by whatever policy an organization has in place, but in general, if a customer is abusive or threatening, issue a caution to warn them about this behavior.
Be judgemental.
Being judgmental is not one that will help in this situation. Do not assume that the customer lacks knowledge about the system.
The Instagram app on an Android phone will not launch. Which of the following options could fix the problem?
If an app fails to launch, first use Force Stop to quit it and try launching again. In Android, open Settings > Apps. Tap an app, then select Force Stop. In iOS, either swipe up or double-tap the physical Home button, then swipe the app up off the screen.
Swiping
Swiping is a mobile gesture that serves several purposes, such as bringing up the notification bar in Android (swipe down from the top of the screen) and bringing up a list of apps in iOS (swipe up from the bottom).
AirDrop
AirDrop is an iOS feature that allows file transfer between iOS and macOS devices over Bluetooth.
Software Update
Software Update is an iOS option. The comparable Android option is a System Update.
A technician is tasked to figure out why a user’s Gmail app will not update on their mobile phone. The technician knows several reasons that would cause this to occur. Which of the following would be one of the reasons for this problem?
If an app fails to update, there may be insufficient storage space (Gmail uses a lot of storage). It could also be that the update is incompatible with the existing operating system version, or there is no internet connection.
Accelerometer
An accelerometer is a technology that detects when a device changes position and adjusts the screen orientation appropriately.
Bluetooth
Bluetooth is used to connect peripheral devices to PCs and mobiles and to share data between two systems.
GPS
Global Positioning System (GPS) is a means of determining a receiver’s position based on information received from satellites.
The operating system update on a user’s phone fails. The user verifies the phone’s connection to a wall outlet that leads to the office Wi-Fi. Which of the following could be responsible for the update failure?
Updates may be blocked if a device is connected to a metered network. Additionally, if the operating system update is incompatible with the device model, it may cause the update to fail.
RADIUS
Remote Authentication Dial-in User Service (RADIUS) is a protocol used to manage remote and wireless authentication infrastructures.
NFC
Near-field communication (NFC) is mostly used for contactless payment readers, security ID tags, and shop shelf-edge labels for stock control.
WLAN
A wireless local area network (WLAN) uses radios and antennas for data transmission and reception. Most WLANs are based on the IEEE 802.11 series of standards, better known as Wi-Fi. Since the user verified that the phone was connected to Wi-Fi, WLAN would not be an issue.
A threat actor uses a technique that instills statements through an unfiltered user response. What is this technique?
SQL injection attack is when the attacker modifies one or more of the basic functions by adding code to some input accepted by the app, causing it to execute the attacker’s own set of SQL queries or parameters.
XSS
Cross-site scripting (XSS) attack exploits the fact that the browser is likely to trust scripts that appear to come from a site the user has chosen to visit.
Dictionary attack
A dictionary attack is when the software matches the hash to those produced by ordinary words found in a dictionary.
Brute force attack
A brute force attack is when the software tries to match the hash against one of every possible combination it could be.
Which of the following log-in options require a user to touch a device that takes a digital print?
A fingerprint is a type of bio gesture authentication that uses a sensor to scan the unique features of the user’s fingerprint.
Facial recognition
Facial recognition is the bio gesture that uses a webcam to scan the unique features of the user’s face. The camera records a 3-D image using its infrared (IR) sensor to mitigate attempts to use a photo to spoof the authentication mechanism.
Security key
Security key uses a removable USB token or smart card. It can also use a trusted smartphone with a near-field communication (NFC) sensor.
OU
An organizational unit (OU) is a way of dividing a domain up into different administrative realms. OUs might be created to delegate responsibilities for administering company departments or locations.
A user finds that their iPhone 5 starts to run slowly, and a reboot does not solve the slow performance. Which of the following issues could be causing the problem? (Select all that apply.)
- If a battery is almost out of charge, it could cause slowness, as will a faulty battery or other faulty hardware.
- If too many apps are open, a phone could become slow because the open apps are consuming most of the phone’s resources.
- An operating system (OS) update on an older phone can severely impact performance.
Mesh network
A mesh network provides communication between devices or nodes using some type of mesh networking, such as Z-Wave or Zigbee, which uses less power and makes it easier for smart devices to forward data between nodes.
A helpdesk operator looks at build numbers for Windows as they plan upgrade timelines. The operator investigates the significance of the build numbers. Which of the following are the build numbers based on? (Select all that apply.)
- The number 16 in build 1607 corresponds to the year (2016) of release.
- The 07 portion of build 1607 represents the month (07/July) of release. The current version of Windows 10 at the time of writing is 21H2, released in the second half of 2021.
Windows version
Versioning is not part of it. Windows 10 and Windows 11 represent the currently supported versions of the Windows client OS.
32 bit vs 64 bit
The architecture is not part of it either. Each version and edition of Windows 10 was originally available as 32-bit (x86) or 64-bit (x64) software. A 32-bit CPU can only run the 32-bit editions. A 64-bit CPU can run either.
A pet store owner receives an email from their bank with a special financing offer. The owner clicks on the attachment, but it does not open. Later that day, when the owner returns to their computer, it is running very slowly and will not connect to the internet. By the time the IT consultant arrives, the computer has locked up. Which of the following is the best action for the IT consultant given the existing conditions?
The symptoms in this scenario are consistent with a malware infection, even though it could be other causes. As such, running an antivirus scan is the appropriate first step.
Run CHKDSK.
CHKDSK is a command-line tool that checks for hard disk errors and can repair them. Problems with the hard disk could cause all of the listed symptoms, except internet access. Moreso, CHKDSK takes a long time to run, so it would not be the best first step in this case.
Enable SMART.
SMART (Self-Monitoring, Analysis, and Reporting Technology) is a hard disk monitoring program. It is an alerting tool, not a diagnostic tool.
Check the Wi-Fi connection.
Disconnected Wi-Fi could explain the inability to access the internet, but nothing else in this scenario.
A penetration tester targeted top-level executives during a test by sending out phishing emails. They received their first shell when the first executive opened the attachment in the phishing email. Once the penetration tester connects to the executive’s computer, what command will tell them the location of where their shell landed?
pwd “prints” the working directory, though “printing” will typically mean “display on the terminal,” unless stdout is redirected. The working directory is important because commands will default to the working directory without specifying a path.
ls
ls lists the contents of a directory similar to dir at the Windows command prompt. Popular parameters include -l to display a detailed (long) list and -a to display all files, including hidden or system files.
mv
The mv command is used to move files from one directory to another or rename a file.
cp
cp is used to create a copy of files either in the same or different directory with the same or different name.
Many mobile apps collect location data. Rogue apps could use location data for criminal purposes, such as burglary. However, many legitimate apps also track a mobile user’s location. Why would a legitimate app have interest in a user’s location?
Legitimate apps are interested in tracking a user’s location for targeted advertising. For example, Facebook tracks the location of its users for that very reason, although it is facing scrutiny over privacy issues.
Geotagging
Geotagging is adding geographic data and location to photos. An app would not track a user’s location to tag their pictures.
Redirection
Redirection is a malware attack, where the malware corrupts the Domain Name System (DNS) and search provider to force users to spoofed sites.
Clicks
The pursuit of clicks typically is the area of interest for adware since developers are paid when users click on the advertisements.
A company is conducting live meetings between two or more applicants at different sites. What is this called?
Some web-conferencing and videoconferencing software, like Microsoft Teams and Zoom, provides a screen-sharing client that participants may control.
Screen-sharing
Screen-sharing is software that is designed to work over HTTPS across the internet. This is secure because the connection is encrypted but also easier to implement as it does not require special firewall rules.
Desktop management
Desktop management suites are designed for deployment by a single organization and focus primarily on access control and authorization.
File transfer
With file transfer, users can choose a file-sharing protocol that can be used across all connected hosts. It allows configuring permissions on the share and provisioning user accounts that are recognized by both the server and client.
A helpdesk professional assists a user with issues booting up their Mac computer. The user reports that there is no drive to boot from. Where will the computer boot from?
When users reboot an Apple Mac, if the startup drive is not available for any reason and it is connected to the internet, the computer will try to boot from a web-based drive.
Terminal
The Terminal can be used to access the command-line environment, which uses either the Z shell (zsh) or Bash. Older macOS versions use Bash, while zsh is the default from Catalina up.
Force Quit
If a macOS app stops responding, it should be possible to close it down and restart without restarting the computer, using Run Force Quit from the Apple menu or press COMMAND+OPTION+ESC.
FileVault
FileVault is a disk encryption product. Encryption protects the data stored on a disk against the possibility that a threat actor could remove it.
A software development team is unaware of a developing vulnerability in the system. What is this type of vulnerability?
A zero-day attack is a vulnerability exploited before the developer knows about it or can release a patch. These can be extremely destructive, as it can take the vendor a lot of time to develop a patch, leaving systems vulnerable for days, weeks, or even years.
EOL
End of life (EOL) system is where the software vendor no longer provides support or fixes problems.
BYOD
Bring your own device (BYOD) provides modeling that allows employees to use personal mobile devices to access corporate systems and data.
Impersonation
Impersonation means that the social engineer develops a pretext scenario to interact with an employee.
A helpdesk manager assesses older Windows 7 computers their company owns and tries to determine available upgrade paths. Which of the following can NOT be upgraded?
Users cannot upgrade from a Home to an Enterprise edition. If users consider an in-place upgrade, they must check that the current OS version is supported as an upgrade path to the intended version.
Windows 7 Home Premium to Windows 10 Pro
Users can upgrade from Windows 7 Home Premium to Windows 10 Home or Pro. With Windows, users have to consider the edition when upgrading.
Windows Home to Windows 10 Pro
Users can upgrade from Windows 10 Home to Windows 10 Pro.
Windows 7 Pro to Windows 10 Home
Downgrading the edition is supported in some circumstances (Windows 7 Professional to Windows 10 Home, for instance), but this only retains documents and other data, not apps and settings.
An employee uses an option to ask for help from a technician with an invitation file protected by a passcode. What is this option?
Microsoft Remote Assistance (MSRA) allows a user to ask for help from a technician or co-worker by an invitation file protected by a passcode. The helper opens the invitation file to connect to the remote system.
RMM
Remote Monitoring and Management (RMM) tools are principally designed for use by managed service providers (MSPs).
RDP
Remote Desktop Protocol (RDP) implements terminal server and client functionality. RDP authentication and session data are always encrypted.
VPN
A virtual private network (VPN) establishes a tunneled link that joins a local computer to a remote network. Establish a VPN link and then use a remote desktop to connect to a host on the private network.
A marketing professional normally sends large files to other team members. The IT department recommended using a shared drive and assisted them in setting it up. The project was a very high priority, so the professional collaborated with several members but started receiving reports that some users could not access it sometimes and others could. They eventually figured out that only 20 people at a time seemed to be able to access it. What is causing the issue?
The Share tab in the folder’s Properties dialog can customize permissions, change the share name, and limit the number of simultaneous connections. Windows desktop versions are limited to 20 inbound connections.
The file server was not properly configured.
If more than 20 users access the share, the data should be stored on file servers rather than local client computers.
The proxy settings are not properly configured on client machines.
The proxy settings will not affect users’ ability to access the file share in this scenario. It could cause issues accessing the internet, however.
DNS settings are intermittent.
If the domain name system (DNS) were causing an issue, the users would not be limited to 20 people. It is possible that load-balanced DNS servers could cause issues if one is incorrect.
A server administrator sets up jobs that will copy over files on various servers. They want it to detect if the file was transferred successfully and, if not, resend the file. Which command is optimal for server administrators to perform this task?
Robocopy command (or “robust copy”) is another file copy utility. Microsoft now recommends using robocopy rather than xcopy. Robocopy is designed to work better with long file names and NTFS attributes.
xcopy
The xcopy command is a utility that allows users to copy the contents of more than one directory at a time and retain the directory structure.
move
The move command provides the ability to transfer files contained in a single directory. It uses a three-part syntax: command Source Destination, where Source is the drive name, path, and name of the files to be moved/copied.
copy
The copy command also allows transferring files contained in a single directory.
A user is only able to read data on the file. What account management policy is this?
Restrict user permission.
Change default administrator account.
These default accounts have practical limitations and consequently are the ultimate target for threat actors. Any use of the default administrator account must be logged and accounted for.
Disable guest accounts.
Disabling guest accounts allow unauthorized access to the computer and may provide some sort of network access too. It is only enabled to facilitate password-less file sharing in a Windows workgroup.
