Dion Training CompTIA A+ (220-1102) Core 2 Practice Exam - Results Flashcards

1
Q

Which of the following commands is used on a Linux system to copy a file from one directory to another directory?

A

Explanation
OBJ 1.11 - The cp command is a command-line utility for copying files and directories. It supports moving one or more files or folders with options for taking backups and preserving attributes. Copies of files are independent of the original file, unlike the mv command.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The mv command

A

is a command-line utility that moves files or directories from one place to another. The mv command supports moving single files, multiple files, and directories. The mv command can prompt before overwriting files and will only move files that are newer than the destination. When the mv command is used, the file is copied to the new directory and removed from the old directory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The rm command

A

is a command-line utility for removing files or directories. To remove a file, pass the name of a file or files to the rm command, and those files will be removed immediately from the file system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The ls command

A

lists the files or directories in the current path of a Unix, Linux, or Mac operating system. When invoked without any arguments, ls lists the files in the current working directory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are troubleshooting a network connectivity issue and need to determine the packet’s flow path from your system to the remote server. Which of the following tools would best help you identify the path between the two systems?

A

Explanation
OBJ 1.2 - The tracert (trace route) diagnostic utility determines the route to a destination by sending Internet Control Message Protocol (ICMP) echo packets to the destination. In these packets, tracert uses varying IP Time-To-Live (TTL) values. When the TTL on a packet reaches zero (0), the router sends an ICMP “Time Exceeded” message back to the source computer. The ICMP “Time Exceeded” messages that intermediate routers send back show the route.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The ipconfig tool

A

displays all current TCP/IP network configuration values on a given system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The netstat tool

A

is a command-line network utility that displays network connections for Transmission Control Protocol, routing tables, and some network interface and network protocol statistics on a single system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The nbtstat command

A

is a diagnostic tool for NetBIOS over TCP/IP used to troubleshoot NetBIOS name resolution problems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the native file system format used by Windows 10 during installation?

A

Explanation
OBJ 1.8 - The New Technology File System (NTFS) is a proprietary file system developed exclusively for Windows. It provides a 64-bit addressing scheme, allowing for large volumes and file sizes. In theory, the maximum volume size is 16 Exabytes. Still, NTFS’s actual implementations are limited to between 137 GB and 256 Terabytes, depending on the version of Windows and the allocation unit size. It is the default file system used by Windows. NTFS’s only significant drawback is that it is not fully supported by operating systems other than Windows. macOS can read NTFS drives but cannot write to them. Linux distributions and utilities may be able to support NTFS to some degree.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The extensible file allocation table (exFAT)

A

is a file system optimized for external flash memory storage devices such as USB flash drives and SD cards. exFAT supports a maximum volume size of up to 128 PB with a recommended maximum volume size of 512 TB for the best reliability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The file allocation table 32-bit (FAT32)

A

is the 32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The Apple file system (APFS)

A

is the default file system for Mac computers using macOS 10.13 or later and features strong encryption, space sharing, snapshots, fast directory sizing, and improved file system fundamentals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Josie in Human Resources was just issued a new laptop by Dion Training. When she plugs the laptop into the network’s wall jack and turns it on, she receives an error message. She calls the service desk to report that the error message being displayed states, “There is an IP address conflict with another system on the network.” You are working as a field service technician and have been asked to resolve this error. What should you do?

A

Explanation
OBJ 1.6 - This is a common error when two network devices are assigned the same IP address on a network. This occurs most commonly when static IP addresses are used, so the easiest way to avoid this issue is to use DHCP to assign the IP addresses on the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Forcing the user to use wireless over wired

A

may solve the issue temporarily, but this is more of a workaround than a true solution to the error.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

randomly choose a new IP and statically assign it to the laptop

A

It would be best if you didnÕt randomly choose a new IP and statically assign it to the laptop since this will lead to more future conflicts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

remove the desktop computer’s static IP configuration

A

You shouldnÕt remove the desktop computer’s static IP configuration if the error you received is on the laptop.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

You recently moved 1.5 TB of data from your office’s file server to a new 16 TB NAS and decommissioned the old file server. You verified all users had been given the same permissions to the new file shares on the NAS as they had on the old server. The users are receiving an error stating, “Windows cannot access \server10\shared" every time they click the Share drive icon on their desktop. What is MOST likely the source of this error?

A

Explanation
OBJ 1.6 - Based on the error shown, it appears that the users are still mapped to the old server and not the new NAS. This is a common issue and oversight that occurs when companies migrate from one server to another. Even if every computer has an S:\ (share drive) shown, it is just a link to a network resource (like \server10\shared). If the new server is not named “server10” and is called “server11”, then the mapping needs to be redone to reflect \server11\shared, for example.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following Windows 10 system utilities would be used to test the functionality of the DirectX subsystem for video and sound-related problems?

A

Explanation
OBJ 1.3 - The DxDiag (DirectX diagnostic) utility is used to collect info about devices to help troubleshoot problems with DirectX sound and video. It is a diagnostics tool used to test DirectX functionality and troubleshoot video-related or sound-related hardware problems. DirectX diagnostic can save text files with the scan results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

System information (msinfo32.exe)

A

is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The event viewer (eventvwr)

A

shows a log of application and system messages, including errors, information messages, and warnings. It’s a useful tool for troubleshooting all kinds of different Windows problems. If you use the Event Viewer, you can identify what was occurring at or around 2:35 am each day before the server crashed and use this to troubleshoot the problem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The task scheduler (taskschd)

A

is a tool included with Windows that allows predefined actions to be automatically executed whenever a certain set of conditions is met. For example, you can schedule a task to run a backup script every night or send you an email whenever a certain system event occurs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which command would a Linux user need to enter to change their password?

A

Explanation
OBJ 1.11 - The passwd command changes passwords for user accounts. A normal user may only change the password for their account, while the superuser may change the password for any user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The chown command

A

is used to change the owner of the file, directory, or link in Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

The pwd command

A

displays the present working directory (current directory) path to the terminal or display. If you are working on a Linux system and are unsure of where you are in the directory structure, type “pwd” and hit enter to display the path to the screen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

The ps command

A

is used to list the currently running processes, and their PIDs and some other information depend on different options. It reads the process information from the virtual files in the /proc file system. The /proc directory contains virtual files and is known as a virtual file system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Your company wants to ensure that users cannot access USB mass storage devices. You have conducted some research online and found that if you modify the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor key, it will prevent USB storage devices from being used. Which of the following tools should you use to modify this key?

A

Explanation
OBJ 1.3 - The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn’t be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

MSConfig

A

is a system utility to troubleshoot the Microsoft Windows startup processes MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Remote desktop services (RDS)

A

is used to connect to a remote desktop session host servers or other remote computers, edit an existing remote desktop connection (.rdp) configuration file, and migrate legacy connection files that were created with the client connection manager to the newer .rdp connection file type.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

The Microsoft management console (MMC)

A

is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which of the following should be configured on a macOS system to enable the Smart Zoom feature on a user’s MacBook trackpad?

A

Explanation
OBJ 1.10 - Apple introduced gestures as a simple way to control macOS from a Magic Trackpad or built-in trackpad of a MacBook. Gestures are finger movements on a trackpad or mouse that enable a user to scroll, zoom, and navigate the desktop, documents, and application content in macOS. Gestures include things like Smart Zoom, Rotate, Scroll Direction, and many others. To see what gestures are available on the Mac or change any of the settings, go to System Preferences, and then click Trackpad.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A company has had several virus infections over the past few months. The root cause was determined to be known vulnerabilities in the software applications in use by the company. What should an administrator implement to prevent future outbreaks?

A

Explanation
OBJ 1.11 - Since the viruses exploited known vulnerabilities, there should be patches available from the manufacturer/vendor. Patch management is the process of distributing and applying updates to the software to prevent vulnerabilities from being exploited by an attacker or malware. Proper patch management is a technical control that would prevent future outbreaks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

An acceptable use policy (AUP)

A

is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. While some items in the AUP might help prevent a malware infection (such as not allowing users to download and run programs from the internet), it is considered an administrative control, and choosing a technical control like patch management would better protect the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

An incident response team or emergency response team

A

is a group of people who prepare for and respond to any emergency incident, such as a natural disaster or an interruption of business operations. An incident response team will respond to the virus infections, but they would not prevent them from occurring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Host-based intrusion detection systems (HIDS)

A

help organizations to identify threats inside the network perimeter by monitoring host devices for malicious activity that, if left undetected, could lead to serious breaches. A HIDS may detect the effects of a virus infection, such as a client becoming a zombie in a botnet, but it will not prevent these outbreaks from occurring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Which type of installation would require an answer file to install the operating system?

A

Explanation
OBJ 1.9 - An unattended installation is a traditional method of deploying a Windows operating system in a large enterprise environment. Unattended installations use an answer file that contains user input to various GUI dialog boxes that would otherwise appear during the installation process. Unattended installation is the most practical way to install Windows when the client computers have different hardware components, and an image file cannot be used. Unattended installations save deployment time and can be used either for clean installs or in-place upgrades.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A clean install

A

is a means of installing the operating system to a new computer or completely replacing the operating system on an old computer. All existing user data or settings will be deleted during the setup process when a clean installation is conducted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

An in-place upgrade

A

is a means of installing an operating system on top of an existing version of the operating system. Applications, user settings, and data files are retained when conducting an in-place upgrade.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

A repair

A

is used to check and replace any modified system files within the operating system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is the minimum amount of memory required to install Windows 10 (x64) on a device?

A

For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor and 2 GB of RAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

For the Windows 10 (32-bit) operating system,

A

he minimum requirements are a 1 GHz processor and 1 GB of RAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

For the Windows 11 (64-bit) operating system,

A

the minimum requirements are a dual-core 1 GHz processor and 4 GB of RAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Which of the following Windows 10 power options will turn off individual devices connected to a laptop to save energy?

A

Explanation
OBJ 1.4 - The USB selective suspend feature allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Hibernate mode

A

is used to save the current session to disk before powering off the computer to save battery life when the system is not being used. The computer takes longer to start up again from hibernate mode than it does from the sleep or standby mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Sleep or standby mode

A

is used to save the current session to memory and put the computer into a minimal power state to save battery life when the system is not being used. The computer takes less time to start up again from the sleep or standby mode than it does from the hibernate mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Fast startup

A

is a mode in between a full shutdown and a hibernation mode. With a fast startup, the computer will log out of the computer close all of its open files when being shut down. Before the system powers off, though, a small hibernation file is created to help speed up the bootup process when the computer is powered on again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

A technician at Dion Training wants to identify which version and build of Windows 10 is installed on a laptop. Which of the following commands should the technician enter at the command line?

A

Explanation
OBJ 1.2 - The winver command is a Windows command-line tool that is used to display the name, version, and build of the operating system on a workstation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

The gpresult command

A

is used to display the Resultant Set of Policy (RSoP) information for a remote user and computer. Because you can apply overlapping policy settings to any computer or user, the Group Policy feature generates a resulting set of policy settings when the user logs on. The gpresult command displays the resulting set of policy settings that were enforced on the computer for the specified user when the user logged on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

The pingpath command

A

is a Windows command-line tool that is used to locate spots that have network latency and network loss between a client and a destination. The advantages of PathPing over ping and traceroute are that each node is pinged as the result of a single command and that the behavior of nodes is studied over an extended period, rather than the default ping sample of four messages or default traceroute single route trace.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

The net user command

A

allows system administrators to manage user accounts on Windows PCs. You can use the command to display account information or make changes to user accounts. It can be used, among other things, to enable the inactive administrator account of a Windows system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Michael, a salesman, is on a business trip and is trying to access his corporate email over the hotel’s Wi-Fi network. Michael’s laptop appears to be connected to the hotel’s wireless network, but his email client cannot download any new messages and states, “Network Offline.” Michael contacts the help desk for assistance. What action should the help desk technician tell Michael to perform to solve this issue?

A

Explanation
OBJ 1.6 - Many hotels use a captive portal with a redirect page with their wireless networks. When users connect to the wireless network, they have to open a web browser and are then redirected to the hotel’s Acceptable Use Policy page. Until the user accepts the terms and conditions, none of their network traffic will be routed to the internet. If the redirect page is shown, Michael can then accept the terms and conditions, and his email client will be able to download his mail again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Which of the following commands is used on a Linux system to edit a text file on a server?

A

Explanation
OBJ 1.11 - The vi (visual) utility is a popular screen-oriented text editor in Linux, Unix, and other Unix-like operating systems. When using vi, the terminal screen acts as a window into the editing buffer. Changes made to the editing buffer shall be reflected in the screen display, and the position of the cursor on the screen will indicate the position within the editing buffer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

The ps command

A

is used to list the currently running processes, and their PIDs and some other information depend on different options. It reads the process information from the virtual files in the /proc file system. The /proc directory contains virtual files and is known as a virtual file system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

The pwd command

A

displays the present working directory (current directory) path to the terminal or display. If you are working on a Linux system and are unsure of where you are in the directory structure, type “pwd” and hit enter to display the path to the screen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

The chown command

A

is used to change the owner of the file, directory, or link in Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What is the minimum processor required to install Windows 10 (x86) on a device?

A

Explanation
OBJ 1.7 - For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor and 1 GB of RAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

For the Windows 10 (64-bit) operating system,

A

the minimum requirements are a 1 GHz processor and 2 GB of RAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

For the Windows 11 (64-bit) operating system,

A

the minimum requirements are a dual-core 1 GHz processor and 4 GB of RAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Which of the following allows users to save their current session to disk and before powering down their Windows 10 laptop?

A

Explanation
OBJ 1.4 - Hibernate mode is used to save the current session to disk before powering off the computer to save battery life when the system is not being used. The computer takes longer to start up again from hibernate mode than it does from the sleep or standby mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Sleep or standby mode

A

is used to save the current session to memory and put the computer into a minimal power state to save battery life when the system is not being used. The computer takes less time to start up again from the sleep or standby mode than it does from the hibernate mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Shutdown mode

A

completely powers off the computer and does not save the current user session to disk. Instead, the shutdown will close all open files and log out the user during the shutdown process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

A lock

A

will secure the desktop with a password while leaving programs running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Which of the following Linux command-line options would shut down a Linux server 11 minutes from now?

A

Explanation
OBJ 1.11 - The command-line option of “shutdown +11” will shut down the server 11 minutes from now. The option of “shutdown 11:00” would shut down the server at 11:00 am. The option of “shutdown now” would immediately shut down the server. The option of “shutdown @11” is not a valid use of the shutdown command. The shutdown command brings the system down in a secure way. When the shutdown is initiated, all logged-in users and processes are notified that the system is going down, and no further logins are allowed. You can shut down your system immediately or at the specified time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

You are working as a service desk analyst. This morning, you have received multiple calls from users reporting that they cannot access websites from their work computers. You decide to troubleshoot the issue by opening up your command prompt on your Windows machine and running a program to determine where the network connectivity outage is occurring. This tool tests the end-to-end connection and reports on each hop found in the connection. Which tool should you use to determine if the issue is on the intranet portion of your corporate network or if it is occurring due to a problem with your ISP?

A

Explanation
OBJ 1.2 - Tracert is a command-line utility used to trace an IP packet’s path as it moves from its source to its destination. Tracert performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help to identify if the connectivity issue lies within your intranet or is a problem with the ISP’s connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

While using ping will

A

tell you if the remote website is reachable or not, it will not tell you where the connection is broken. The ping tool is used to test an end-to-end connection, but it will not provide any data on the hops found in the connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

The nslookup tool

A

is used to troubleshoot DNS issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

The netstat tool

A

is used to display network statistics and active connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Dion Consulting Group has been hired by a small real estate office to build its network. The office has 4 computers running Windows 10 Professional edition configured in a workgroup to access a shared file server. Which of the following types of network models is being used by this real estate office?

A

Explanation
OBJ 1.1 - A workgroup is a Microsoft peer-to-peer network model in which computers are connected together for access to shared resources for organizational purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

A domain is

A

a Microsoft client/server network model that groups computers together for security and to centralize administration. Domain members have access to a central user account database so that users can log on to any computer within the domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Hub-and-spoke and mesh

A

are networking models that are not used for workgroups or domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

Which version of Windows 10 does not support BitLocker for full disk encryption?

A

Explanation
OBJ 1.1 - Windows 10 has support for BitLocker in every version except the Windows 10 Home edition. BitLocker provides support for full disk encryption using AES with a 128-bit or 256-bit key. BitLocker drive encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Which version of Windows supports Virtual Desktops?

A

Explanation
OBJ 1.1 - Windows 10 added support for Virtual Desktops like those long seen on Linux and Mac OS X. These allow users without multi-monitor setups to create multiple virtual desktops that are handy for splitting usage between work and leisure work into projects, or whatever you require. Older versions of Windows, such as Windows 7, Windows 8, and Windows 8.1 do not support Virtual Desktops and are currently considered end-of-life operating systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Jason wants to configure his Windows 10 laptop to suspend individual USB ports when not in use. Which of the following Control Panel sections should he use to set the USB selective suspend feature?

A

Explanation
OBJ 1.4 - The USB selective suspend feature is located in the Power Options section of the Control Panel. The Power Options section of the Control Panel allows technicians to customize how a computer manages its power to either conserve energy at the expense of performance or to maximize performance at the expense of energy savings by creating a power plan. The USB selective suspend feature allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

The File Explorer Options

A

section of the Control Panel allows technicians to customize the display of files and folders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

The Indexing Options is

A

used to configure the method used by Windows when searching for content within the storage devices. When indexing is properly configured, the system will catalog the information on the computer using the words within the files and their metadata to more easily find the content when requested by a user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

The Internet Options section of the Control Panel

A

allows a technician to manage the Internet settings for their computers, including the security settings, access settings, and add-on control settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Jason is building an inexpensive workstation for one of the employees at Dion Training. The workstation will utilize an Intel x86 processor. Which of the following editions of Windows will support installation on this workstation? (Choose all of the answers that apply)

A

Explanation
OBJ 1.1 - All editions of Windows 10 are available in either x86 (32-bit) or x64 (64-bit) versions. When using a 32-bit version of Windows 10, a maximum of 4 GB of RAM is supported. All editions of Windows 11 only support x64 (64-bit) processors due to the higher minimum memory requirements. All Windows 11 editions require a minimum of 4 GB of memory to operate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

A cybersecurity analyst is auditing your company’s network logs and identifies that a USB mass storage device was previously inserted into many of the company’s servers. The logs also showed dozens of failed login attempts before a successful login occurred on the servers. Which TWO of the following actions are recommended to eliminate the vulnerabilities identified by the cybersecurity analyst?

A

Explanation
OBJ 2.6 - Since the USB mass storage device was used to connect to the servers, it is recommended to modify the AutoRun settings. To prevent the password guessing attacks used, the servers should be configured to lock out any account after 3 failed login attempts. The other options are all considered good security practices, but they do not directly address the issues presented in this scenario.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Which of the following authentication protocols was developed by Cisco to provide authentication, authorization, and accounting services?

A

Explanation
OBJ 2.2 - TACACS+ is an extension to TACACS (Terminal Access Controller Access Control System) and was developed as a proprietary protocol by Cisco.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

The Remote Authentication Dial-In User Service (RADIUS) is

A

a networking protocol that operates on port 1812 and provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service, but Cisco did not develop it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Kerberos is

A

a network authentication protocol designed to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

Challenge-Handshake Authentication Protocol (CHAP) is

A

used to authenticate a user or network host to an authenticating entity. CHAP is an authentication protocol but does not provide authorization or accounting services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

You have just updated the graphics card’s driver to the latest version. After installation, the Windows workstation crashes and reports an error code. You attempt to reboot the workstation, but it fails again. You decide to reboot the workstation into Safe Mode. What should you do NEXT?

A

Explanation
OBJ 3.1 - Since the issue began once you installed the latest graphics driver, you should roll back the driver to the last stable version. This should resolve the issue and then allow you to reboot the system back to the normal Windows desktop. Every change should be accompanied by a rollback (or backout) plan so that the change can be reversed if it has harmful or unforeseen consequences. If you are experiencing problems with a device and you have recently updated the driver, Windows also provides a Roll Back Driver feature. A new driver may not work properly because it has not been fully tested or it may not work on your particular system. Driver rollback can recover a system speedily and easily where this has occurred. You can use Device Manager to revert to the previous driver. Right-click the device and select Properties. Click the Driver tab then click the Roll Back Driver button.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

A user calls the service desk and states that their workstation has a virus. The user states that they were browsing their favorite website when the antivirus displayed a full-screen message stating, “1532 file infected on this computer - Click to remove infected files NOW!” The user states that when they click the button, a message from the company’s content filter states it is blocked, and they need your assistance to remove the infected files. Which of the following has MOST likely occurred?

A

Explanation
OBJ 3.2 - Rogue antivirus is a particularly popular way to disguise a Trojan. In the early versions of this attack, a website would display a pop-up disguised as a normal Windows dialog box with a fake security alert, warning the user that viruses have been detected. As browsers and security software have moved to block this vector, cold calling vulnerable users claiming to represent Microsoft support has become a popular attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

An administrator arrives at work and is told that network users are unable to access the shared drive on a Windows server. The administrator logs into the server and sees that some Windows Updates were automatically installed last night successfully, but now the network connection shows ÒlimitedÓ with no availability. What rollback action should the technician perform?

A

Explanation
OBJ 3.1 - When automatically receiving updates through the Windows Update service, your server can receive driver updates for its network interface card (NIC), graphics cards, and other peripherals. This can accidentally install an incompatible driver that causes network connectivity issues to occur. A best practice is to always set driver updates to “manual” so that you can download and test them in a lab before upgrading your production servers. If your drivers were updated and this is causing the connectivity issue, you can perform a driver rollback to the last known working version of the drivers. An IP address is bound to a network interface card using DHCP and there is no such thing as a “rollback” for a server’s IP address. The error of “limited” connectivity is associated with the network interface card and the network connection, not the antivirus or the web browser.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Tamera and her husband are driving to the beach for the weekend. While her husband drives, she is using her iPhone to browse Facebook. Her phone shows only 1 bar of 3G signal in the current location. She can make and receive calls, but Facebook is refusing to load her news feed. Which of the following is MOST likely the problem?

A

Explanation
OBJ 3.4 - To make and receive a call using a smartphone, you need at least one bar of signal. A phone call requires much less signal than using cellular data. As the signal strength decreases, so does the data speed. Depending on the frequency and type of signal being used, you may see speeds under 100 Kbps with one bar. This is too slow to load a Facebook news feed adequately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

A corporate user has called the enterprise service desk because they believe their computer has become infected with malware. When you arrive at their desktop to troubleshoot the issue, you notice it was powered down. You press the power button, the system loads without any issues. When you open Google Chrome, you notice that multiple pop-ups appear almost immediately. Which of the following actions should you take NEXT?

A

Explanation
OBJ 3.3 - This is a tricky question because many technicians might try to fix the issue by clearing the browser or reinstalling/reimaging the machine. If this were a home user’s machine, this would be an appropriate response, but you should follow the company’s procedures since this is a corporate workstation. Most companies require any machines suspected of malware infection to be scanned/analyzed by the cybersecurity department before remediating or reimaging them. Therefore, the best thing to do is to remediate the system. This also follows the malware removal process since the technician just investigated and verified the malware symptoms. The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

You have just run an anti-virus scan on a workstation, discovered about 25 different malicious items, and successfully removed them. You have scheduled a daily scan of the workstation, enabled the System Restore function, and created a new restore point. What is the NEXT step in the malware removal process?

A

Explanation
OBJ 3.3 - The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

An employee was recently moved from the Human Resources department into the Sales department. Which of the following should you check to ensure they no longer have access to the employee data stored in the Human Resource department share drives?

A

Explanation
OBJ 3.2 - A security group is a collection of user accounts that can be assigned permissions in the same way as a single user object. Security groups are used when assigning permissions and rights, as it is more efficient to assign permissions to a group than to assign them individually to each user. You can assign permissions to a user simply by adding the user to the appropriate group. In most corporate environments, security groups control access to share drives, mailing lists, and other network resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

A user cannot change their iPad display from landscape to portrait when they are on the home screen. Which of the following is MOST likely the reason for this issue?

A

Explanation
OBJ 3.4 - If the iPad will not change from landscape to portrait mode, it is likely that the autorotate feature has been disabled by the user accidentally. To enable autorotation, the user needs to swipe down from the top right corner of the screen to open their Control Center. Then, they need to tap the lock and arrow icon to turn off the rotation lock to enable autorotation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

A user contacts the service desk, stating their account is locked out, and they are unable to login to their local workstation. Which of the following log files should you review to determine the source of the lockout on the local workstation?

A

The security log contains information regarding audit data and security on a system. For example, the security log contains a list of every successful and failed login attempt. The file (security.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

The application log

A

contains information regarding application errors. The file (application.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

The setup log contains

A

a record of the events generated during the Windows installation or upgrade process. The file (setup.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer.

93
Q

The system log contains

A

information about service load failures, hardware conflicts, driver load failures, and more. The file (system.evtx) is stored in the %System Root%\System32\Winevt\Logs\ folder and can be opened using the Event Viewer.

94
Q

You are troubleshooting a computer that is not producing any sounds through its speakers. Which of the following tools should you use to troubleshoot this workstation?

A

Explanation
OBJ 3.1 - Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it. If there is no audio being played, it could be an issue with the audio card or its drivers.

95
Q

Performance monitor (perfmon.msc)

A

is a performance monitoring and system monitoring utility in Windows that is used to monitor the activities on CPU and memory activity on a computer. The performance monitor is used to view performance data either in real-time or from a log file. The performance monitor can only monitor the resource utilization, but it cannot manage or terminate those processes.

96
Q

The task scheduler

A

is a tool included with Windows that allows predefined actions to be automatically executed whenever a certain set of conditions is met. For example, you can schedule a task to run a backup script every night or send you an email whenever a certain system event occurs.

97
Q

Remote desktop services (RDS) is

A

used to connect to a remote desktop session host servers or other remote computers, edit an existing remote desktop connection (.rdp) configuration file, and migrate legacy connection files that were created with the client connection manager to the newer .rdp connection file type.

98
Q

Last week, a technician remediated a malware infection on Karen’s laptop. Today, she shows up at the service desk, frustrated because her laptop appears to have been infected again. What step of the malware remediation process did the technician MOST likely forget to complete?

A

Explanation
OBJ 3.3 - The technician most likely neglected to educate Karen on safe web browsing techniques and how to avoid reinfection. This includes educating the users about not running attachments, as this will prevent files such as executables and Office macros from being allowed to run. By educating the end user, you can prevent reinfection more effectively than using technical controls alone. The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

99
Q

Your company recently downloaded and installed the latest audio card driver for all of its workstations. Now, several users have had their usernames and passwords for several websites compromised. You believe the two issues are related. If they are, which of the following was MOST likely contained in the audio card driver file that was installed?

A

Explanation
OBJ 3.2 - Based on the events’ description, it is likely that the video card driver contained a keylogger. Keyloggers actively attempt to steal confidential information by capturing a credit card number by recording keystrokes entered into a website. This question is based on a real event that occurred in 2017. HP released new audio card drivers for their Conexant audio chips, and it contained a keylogger as part of the driver. Flaws in ConexantÕs MicTray64.exe application created the keylogger. ItÕs designed to monitor keystrokes and respond to user input, probably to respond to commands to mute or unmute the microphone or begin capturing information within an application. Unfortunately, it also writes out all keystroke data into a publicly accessible file located at C:\Users\Public\MicTray.log. If this log file does not exist, the keystrokes are passed to the OutputDebugString API, allowing any process to capture this information without being identified as a malicious program.

100
Q

What is the SIXTH step of the seven-step malware removal process?

A

Explanation
OBJ 3.3 - The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

101
Q

A customer’s Android smartphone is only 6 months old but is becoming excessively slow. When questioned, the customer states it was acting fine until they recently installed a new stock market tracking app. What action should you take to troubleshoot the slow performance on this phone?

A

Explanation
OBJ 3.4 - The best option in this scenario is to uninstall and reinstall the stock market app. When apps are updated automatically, they can sometimes become faulty or corrupted and slow down performance on the device. With Android phones, much like iPhones, apps can run in the background and may begin to take up excess resources. If the app is removed, the phone is rebooted, and the app is reinstalled, and the issue persists, then the app should be removed, and an alternate app selected to replace it. Remember, in the CompTIA troubleshooting method we should always question the obvious. In the question, the thing that recently changed was the installing of a new app, so it is likely the issue.

102
Q

A computer has been performing slowly. During your troubleshooting, you notice that the Task Manager shows the processor is utilizing 90-100% of the system resources immediately after completing the boot-up process. Which of the following actions should you take?

A

Explanation
OBJ 3.1 - One way to increase the system’s performance is to disable any unneeded applications from starting up when the computer boots. You can use the System Configuration Utility (msconfig) or Task Manager to prevent unnecessary services and programs from running at startup. If you need to run the services, consider setting them to delayed startup or manual startup to avoid slowing down boot times too much. The task manager is an advanced Windows tool that has 7 tabs that are used to monitor the Processes, Performance, App History, Startup, Users, Details, and Services on a computer. By clicking the Startup tab, the technician can see every program configured to start up when Windows is booted up. This can be used to disable unwanted programs from launching during the boot-up process. By clicking the Services tab, the technician can list all of the services installed on the computer, display their status, and start/stop/restart those services. System configuration (msconfig.exe) is a system utility to troubleshoot the Microsoft Windows startup processes. MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters.

103
Q

During the reconnaissance phase of a penetration test, you have determined that your client’s employees all use iPhones that connect back to the corporate network over a secure VPN connection. Which of the following methods would MOST likely be the best method for exploiting these?

A

Explanation
OBJ 3.5 - When targeting mobile devices, you must first determine if the company uses iPhones or Android-based devices. If they are using an iPhone, it becomes much more difficult to attack since iPhone users can only install trusted apps from the App Store. If the user has jailbroken their phone, they can sideload apps and other malware. After identifying a jailbroken device, you can use social engineering to trick the user into installing your malicious code and then take control of their device.

104
Q

Sally just purchased a new iPhone and AirPods to listen to her music. After setting up the new iPhone, she can get online and watch YouTube, but her wireless headphones aren’t working. Which of the following is MOST likely the problem?

A

Explanation
OBJ 3.4 - Since Sally can connect to the internet, either her cellular or WiFi is enabled, and the phone would not be in airplane mode. Since AirPods work over Bluetooth, it is most likely that the Bluetooth is not enabled on the new phone and should be turned on. Once Bluetooth is enabled, the Airpods will need to be paired to the device to begin using them.

105
Q

Barbara received a phone call from a colleague asking why she sent him an email with lewd and unusual content. Barbara doesn’t remember sending the email to the colleague. What is Barbara MOST likely the victim of?

A

Explanation
OBJ 3.2 - Barbara is MOST likely the victim of hijacked email. Hijacked email occurs when someone takes over your email account and sends out messages on your behalf. Hijacked email can occur after a system is taken over by an attacker. The victim usually finds out about it when someone asks about an email the victim sent them, or the victim sees an automated out-of-office reply from one of the recipients of the victim’s emails.

106
Q

Phishing

A

is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim. Phishing attacks target an indiscriminate large group of random people.

107
Q

Spear phishing is the fraudulent practice

A

of sending emails from a seemingly known or trusted sender to induce targeted individuals to reveal confidential information.

108
Q

Ransomware

A

is a type of malware designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Once infected, a system or its files are encrypted, and then the decryption key is withheld from the victim unless payment is received.

109
Q

You attempt to boot a Windows 10 laptop and receive an “Operating System Not Found” error on the screen. You can see the hard disk listed in the UEFI/BIOS of the system. Which of the following commands should you use to repair the boot sector of the hard disk?

A

Explanation
OBJ 3.1 - To repair the drive’s boot sector, you should use the command “bootrec /fixboot” and reboot the computer. If the disk cannot be detected, enter the system setup and try modifying settings (or even resetting the default settings). If the system firmware reports the disk’s presence, but Windows still will not boot, use a startup repair tool to open a recovery mode command prompt and use the bootrec tool to repair the drive’s boot information.

110
Q

The “bootrec /fixmbr”

A

command is used to attempt a repair of the master boot record of a drive.

111
Q

The “bootrec /rebuildbcd” command

A

is used to add missing Windows installations to the Boot Configuration Database (BCD).

112
Q

The diskpart command

A

is a command-line disk-partitioning utility available for Windows that is used to view, create, delete, and modify a computer’s disk partitions.

113
Q

One of your Windows services is failing to start when you boot up your laptop. You have checked the service in the Windows Services tool and verified it is set to Automatic. What should you attempt to do NEXT to get the service to startup?

A

Explanation
OBJ 3.1 - Windows Services typically start when the computer is booted and run quietly in the background until it is shut down. For the Windows operating system to run smoothly, Windows Services must start when required. Many times, non-Microsoft services or Drivers can interfere with the proper functioning of System Services. If you boot into Safe Mode, this will load the operating system with the most basic set of drivers, and this could identify if there is a conflict causing the service start failure.

114
Q

Which of the following tools should you utilize to ensure you don’t damage a laptop’s SSD while replacing it?

A

Explanation
OBJ 4.4 - The key to answering this question is the word “while” in the sentence. Since you need to protect the SSD “while” you are replacing it, you must ensure you wear an ESD strap. An ESD strap is placed around your wrist and dissipates any static electricity from your body to protect sensitive hardware such as processors, memory, expansion cards, and SSDs during installation. An electrostatic discharge (ESD) is the release of a charge from metal or plastic surfaces that occurs when a potential difference is formed between the charged object and an oppositely charged conductive object. This electrical discharge can damage silicon chips and computer components if they are exposed to it. An antistatic bag is a packaging material containing anti-ESD shielding or dissipative materials to protect components from ESD damage.

115
Q

An antistatic bag

A

is a packaging material containing anti-ESD shielding or dissipative materials to protect components from ESD damage.

116
Q

An air filter mask

A

is a mask manufactured from polyester sheets that cover your nose and mouth to prevent the dust from being breathed in by a technician.

117
Q

Latex gloves

A

are hand coverings to protect the technician when they are working with toner or other chemicals.

118
Q

Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?

A

Explanation
OBJ 4.9 - VNC (virtual network computing) is a remote access tool and protocol. It is used for screen sharing on Linux and macOS. RDP is not open-source. SSH and telnet are text-based remote access tools. Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection but sends its data in plaintext making it an insecure protocol.

119
Q

You are installing a new firewall for Dion Training’s corporate network. Which of the following documents should you update FIRST?

A

Explanation
OBJ 4.1 - A network topology is the shape or structure of a network in a physical or logical format as depicted in a network diagram. Physical network topologies include the actual appearance of the network layout. Logical network topologies include the flow of data across the network.

120
Q

A password policy is a set of rules

A

esigned to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy is often part of an organization’s official regulations and may be taught as part of security awareness training. It contains items like password complexity, password age, and password history requirements.

121
Q

A Knowledge Base (KB)

A

is a reference document that is used to assist a technician when they are installing, configuring, and troubleshooting hardware and software. A knowledge base article might be created by a vendor to support their products, too. A company might create an internal KB, populated with guidelines, procedures, information, and frequently asked questions from their service tickets.

122
Q

An incident database

A

is used to document any issues, problems, or incidents in the network. An incident database is often called a trouble ticket system. The system should document the number of the incident, the point of contact for the workstation, the priority of the incident, the problem description, and a history of work performed to resolve the incident for the user.

123
Q

You are cleaning out the closet in your office and find several bottles of cleaner that need to be disposed of. Which of the following should you consult to determine the proper method of disposal?

A

Explanation
OBJ 4.5 - The Material Safety Data Sheet (MSDS) is a document that contains information on the potential hazards (health, fire, reactivity, and environmental) and how to work safely with the chemical product. The MSDS is an essential starting point for the development of a complete health and safety program that includes the directions for proper handling and disposal of the chemicals.

124
Q

An uninterruptible power supply or uninterruptible power source (UPS)

A

is an electrical apparatus that provides emergency power to a load when the input power source becomes too low or the main power fails. A UPS provides near-instantaneous protection from input power interruptions by using a battery backup.

125
Q

A memorandum of understanding (MOU)

A

is a preliminary or exploratory agreement to express an intent to work together that is not legally binding and does not involve monetary exchange.

126
Q

A statement of work (SOW),

A

or a scope of work, is a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines.

127
Q

You are a member of a project team contracted to install twenty new wireless access points (WAPs) for a college campus. Your team has already determined the locations for the new WAPs and notated them in the physical and logical network diagrams. Your team is still finalizing the change request documents for the installation. The project cannot move forward with the installation until the change request is finalized and approved. Which of the following is the MOST important thing to add to the scope of work and change request before its approval?

A

Explanation
OBJ 4.2 - This is a difficult question because all of these items should be included in a Request for Change (RFC), but the most important is a proper backout plan. A rollback plan is an IT governance integration approach that specifies the processes required to restore a system to its original or earlier state in the event of failed or aborted implementation. Every change should be accompanied by a rollback plan so that the change can be reversed if it has harmful or unforeseen consequences. Changes should also be scheduled sensitively if they are likely to cause system downtime or other negative impacts on the workflow of the business units that depend on the IT system being modified. Most organizations have a scheduled maintenance window period for authorized downtime. By following this guidance, the team can back out and restore service on the legacy/previous system if something goes wrong with the installation.

128
Q

End-user acceptance is the process

A

of verifying a change was successfully implemented and turned over to the end-user for future operation.

129
Q

A plan for change

A

s the documented method for installing or modifying the asset as documented in the change request. While this is important, the most important thing is still a backout plan since many changes are routine changes that do not require a detailed plan of change.

130
Q

A risk analysis

A

determines the severity level of a change and is used to help the change approval board (CAB) make an informed approval decision.

131
Q

Sagar is planning to patch a production system to correct a detected vulnerability during his most recent network vulnerability scan. What process should he follow to minimize the risk of a system failure while patching this vulnerability?

A

Explanation
OBJ 4.2 - While patching a system is necessary to remediate a vulnerability, you should always test the patch before implementation. It is considered a best practice to create a staging or sandbox environment to test the patches’ installation before installing them into the production environment. This reduces the risks of the patch breaking something in the production system. Unless you are dealing with a very critical vulnerability and the risk of not patching is worse than the risk of patching the production system directly, you should not immediately patch the production systems without testing the patch first. You should not wait 60 days to deploy the patch. Waiting this long provides attackers an opportunity to reverse engineer the patch and create a working exploit against the vulnerability. Finally, asking the vendor for a safe time frame is not helpful since the vendor does not know the specifics of your environment or your business operations.

132
Q

You just installed a flat panel television in a conference room in your office building. The facilities manager is concerned that a lightning strike could damage it. The company is not worried about the threat of power outages because the conference room is only used a few times per week. Which of the following should be installed to BEST mitigate the facilities manager’s concerns without spending too much money?

A

Explanation
OBJ 4.5 - A surge suppressor defends against possible voltage spikes that could damage your electronics, appliances, or equipment.

133
Q

A power strip

A

will not protect against voltage spikes.

134
Q

A UPS or line conditioner

A

could protect against voltage spikes, but they cost much more than a surge suppressor.A surge suppressor should be used to meet the requirements of this question best. An uninterruptible power supply or uninterruptible power source (UPS) is an electrical apparatus that provides emergency power to a load when the input power source becomes too low or the main power fails. A UPS provides near-instantaneous protection from input power interruptions by using a battery backup. The on-battery run-time of most uninterruptible power sources is usually short (less than 60 minutes) but sufficient to properly shut down a computer system. A UPS or line conditioner could protect against voltage spikes, as well.

135
Q

A line conditioner is a device

A

that adjusts voltages in under-voltage and overvoltage conditions to maintain a 120 V output. Line conditioners raise a sag or under-voltage event back to normal levels, but they cannot protect the line from a complete power failure or power outage.

136
Q

Which of the following data types would be used to store the value of TRUE?

A

Explanation
OBJ 4.8 - A boolean stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one).

137
Q

An integer

A

stores a whole number, such as 21, 143, or 1024. An integer data type usually consumes 8 bytes of storage.

138
Q

A floating-point number

A

stores a fractional or decimal number, such as 3.14, 45.5, or 333.33. A floating-point number data type usually consumes 4 to 8 bytes of storage.

139
Q

A string stores

A

a group of characters, such as Hello, PYTHON, or JasonDion. A string data type usually consumes as much storage as necessary. Each character in the string usually requires 1 byte of storage.

140
Q

Your router has been turning itself off and on again for a few weeks. You begin to think back to when these issues began to occur and remember that each time it happened the lights also dimmed momentarily. You hook up a device to monitor the power being supplied to the router and identify that brownouts are frequently occurring, resulting in the router’s power cycling. What should you (a network technician) do to solve this problem?

A

Explanation
OBJ 4.5 - The best solution would be to install a UPS. Since you are a network technician and not an electrician, you should not install a new electrical circuit. The primary function of UPS is to provide battery backup when the electrical power fails or drops to an unacceptable voltage level. It ensures that your electrical equipment gets a consistent current so damage and device power cycling do not occur.

141
Q

A surge protector

A

defends against possible voltage spikes that could damage your electronics, appliances, or equipment.

142
Q

A network technician is not qualified to install a new electrical outlet since

A

that is a job for an electrician. The scenario presents issues that focus on the power levels, therefore installing an upgraded router would not solve these issues.

143
Q

Tim has requested to install a security update to the Dion Training web server during the next maintenance window. At the change control board meeting, Tim presents the requested change and gains approval from the change board. Before Tim installs the update, which of the following should be documented as a result of the change board’s approval?

A

Explanation
OBJ 4.2 - The approved date and time of the change needs to be documented as a result of the change board’s approval. The change board will approve all changes per the change management procedures in the organization. To get a change approved, a technician must submit a request form that lists the purpose of the change, the scope of the change, affected systems and impact of the change, the risk analysis and resulting risk level of the change, and the proposed date/time of the change. Once the change board approves the change at the change control board meeting, the technician or the change board needs to document the approved date and time for the change to be implemented.

144
Q

Susan, an executive at Dion Training, will be traveling to Italy for a conference next week. She is worried about remaining connected to the internet while overseas and plans to use the WiFi in her hotel room and the local coffee shop with her laptop. Which of the following should she purchase and configure before leaving for Italy to ensure her communications remain secure regardless of where she is connecting from?

A

Explanation
OBJ 4.9 - While WiFi is available almost everywhere these days, it is not safe to use it without first configuring and using a VPN. A Virtual Private Network (VPN) connects the components and resources of two (private) networks over another (public) network. This utilizes an encryption tunnel to protect data being transferred to and from her laptop to the Dion Training servers and other websites. The other options are all focused on connecting her cellphone but would still not be considered safe without a VPN being utilized. A local mobile hotspot should be used to provide internet connectivity to the laptop (if she uses this instead of the hotel and coffee shop WiFi). Still, for best security, it should also use a VPN when using this connection.

145
Q

The Chief Financial Officer has asked Maria for a recommendation on how the company could reduce its software licensing costs while still maintaining the ability to access its application server remotely. Which of the following should Maria recommend?

A

Explanation
OBJ 4.6 - A thin client is a small device that can operate with or without an operating system installed on the client device. Instead, it can boot directly from a network-based operating system on a common server and access applications on the company’s application server. This type of architecture can drastically reduce the need for operating system licenses and reduce deployment costs. A thin client runs from resources stored on a central server instead of a localized hard drive. Thin clients work by connecting remotely to a server-based computing environment where most applications, sensitive data, and memory are stored.

146
Q

A system administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The server manager decides to initiate a rollback. Which describes what the system administrator should do next?

A

Explanation
OBJ 4.2 - By performing a rollback, the administrator will change everything back to the last known good configuration before the change is started. Every change should be accompanied by a rollback (or backout) plan so that the change can be reversed if it has harmful or unforeseen consequences. Changes should also be scheduled sensitively if they are likely to cause system downtime or other negative impacts on the workflow of the business units that depend on the IT system being modified. Most organizations have a scheduled maintenance window period for authorized downtime.

147
Q

You are working as a file server administrator. You are backing up the files on the server when you observe numerous inappropriate photos and videos stored on the corporate share drive by the user jsmith. These files are clearly in violation of the company’s AUP. What should you do FIRST?

A

Explanation
OBJ 4.7 - Since this is a violation of the company’s AUP, you should notify your supervisor immediately. Your supervisor will then direct you with the correct actions to take according to your company’s policies. Then can they provide you with the correct actions to take next based on the organization’s policies and guidelines. An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. While some items in the AUP might help prevent a malware infection (such as not allowing users to download and run programs from the internet), it is considered an administrative control, and choosing a technical control like patch management would better protect the network.

148
Q

Which of the following components presents the largest risk of electrical shock to a technician?

A

Explanation
OBJ 4.4 - A CRT monitor is an older-style computer monitor that contains large capacitors which retain high levels of electricity even after being disconnected. A CRT should be disposed of carefully. A technician should never open a CRT monitor or stick anything into its interior for fear of electrocution. Hard drives, LCD monitors, and laptop batteries do not contain high voltage levels.

149
Q

Which of the following concepts is the MOST important for a company’s long-term health in the event of a disaster?

A

Explanation
OBJ 4.3 - In case of a disaster, you must protect your data. Some of the most common strategies for data protection include backups made to tape and sent off-site at regular intervals or the use of cloud-based backup solutions. All of the other options are good, too, but the MOST important is a good backup copy of your company’s data.

150
Q

Which of the following backup rotation schemes requires backups to be stored to at least two different types of media?

A

Explanation
OBJ 4.3 - The 3-2-1 backup rule states that an organization should create (3) one primary backup and two copies of the data, (2) save the backups to two different types of media, and (1) keep at least one backup copy off-site.

151
Q

The grandfather-father-son (GFS) backup rotation scheme

A

is widely used to combine full and incremental backups to reduce backup time and enhance storage security. The grandfather is a full backup that is stored off-site once per month. The father is a weekly full backup that is conducted. The son is an incremental or differential backup conducted each day. For example, each Monday a full backup can be conducted which becomes the father. Then, each day of the week a son is created by performing an incremental or differential backup. Once per month, a full backup is conducted to become the grandfather.

152
Q

The Tower of Hanoi is a backup rotation scheme

A

that rotates backup media sets throughout the backup process to minimize wear and failure of tape backup media. For example, when using this method with four backup tapes labeled A, B, C, and D, a total of 16 days of backups can be maintained with just 4 tapes. Tape A is used every odd-numbered day for 16 days. Tape B is used on days 2, 6, 10, and 14. Tape C is used on days 4 and 12. Tape D is used on days 8 and 16. This allows Tape A to be overwritten every other day, while Tapes B is overwritten every four days and Tapes C and D are overwritten every 8 days.

153
Q

The First In First Out (FIFO) backup scheme

A

uses a set number of tapes and overwrites the oldest tape with the newest information. For example, if there are 7 tapes in use, every evening a new backup is conducted over the previous weekÕs daily backup. To have a longer amount of days of backups, a technician simply needs to increase the number of tapes from 7 to 14 or 21.

154
Q

A recently hired security employee at a bank was asked to perform daily scans of the bank’s intranet to look for unauthorized devices. The new employee decides to create a script that scans the network for unauthorized devices every morning at 2:00 am. Which programming language would work best to create this script?

A

Explanation
OBJ 4.8 - Python is a commonly used scripting language used in cybersecurity. Python is a general-purpose programming language that can develop many different kinds of applications. It is designed to be easy to read, and the programs use fewer lines of code compared to other programming languages. The code runs in an interpreter. Python is preinstalled on many Linux distributions and can be installed on Windows. Python scripts are saved using the .py extension. PHP is used as a scripting language for web applications. C# and ASP.NET are both compiled languages, not scripting languages.

155
Q

Which of the following remote access protocols should you use to connect to a Linux server securely over the internet?

A

Explanation
OBJ 4.9 - SSH (Secure Shell) is used to remotely connect to a network’s switches and routers to configure them securely. SSH is typically used for logging into a remote machine and executing commands, but it also supports tunneling, forwarding TCP ports, and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP) protocols. SSH uses the client-server model.

156
Q

Telnet should not be

A

used in a network due to its weak security posture. Telnet transmits all of the data in plain text (without encryption), including usernames, passwords, commands, and data files. For this reason, it should never be used in production networks and has been replaced by SSH in most corporate networks.

157
Q

Remote Desktop Protocol (RDP)

A

is a Microsoft protocol designed to facilitate application data transfer security and encryption between client user devices and a virtual network server. It enables a remote user to add a graphical interface to the desktop of another computer.

158
Q

FTP

A

is used for file transfer only, not remote access.

159
Q

Which of the following file types are commonly used by network administrators to perform repetitive tasks using a Microsoft proprietary programming language?

A

Explanation
OBJ 4.8 - VBScript is a scripting language based on MicrosoftÕs Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose.

160
Q

A shell script

A

is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files.

161
Q

Python is

A

a general-purpose programming language that can develop many different kinds of applications. It is designed to be easy to read, and the programs use fewer lines of code compared to other programming languages. The code runs in an interpreter. Python is preinstalled on many Linux distributions and can be installed on Windows. Python scripts are saved using the .py extension.

162
Q

JavaScript is

A

a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. JavaScript is stored in a .js file or as part of an HTML file.

163
Q

Which of the following MacOS features allows the user to create a user account that is used to sign in to the App Store, iCloud, and iTunes?

A

Explanation
OBJ 1.10 - When first setting up an Apple Mac, the user will be assigned an Apple ID based on the sign-in email address. An Apple ID is a user account on an Apple device based on the sign-in email address that is used to sign in to the App Store, access iCloud, and other Apple features and functions. Spotlight is the file system search feature in the macOS environment. Keychain is a macOS app for managing passwords cached by the OS and supported browser/web applications. The passwd command changes passwords for user accounts on Unix, Linux, and macOS systems. A normal user may only change the password for their account, while the superuser may change the password for any user.

164
Q

A technician wants to conduct a vulnerability scan on a server every morning at 3:00 am. Which of the following tools should the technician use?

A

Explanation
OBJ 1.3 - Task scheduler is a tool included with Windows that allows predefined actions to be automatically executed whenever a certain set of conditions is met. For example, you can schedule a task to run a vulnerability scanning script every night or send you an email whenever a certain system event occurs.

165
Q

The event viewer shows

A

a log of application and system messages, including errors, information messages, and warnings. It’s a useful tool for troubleshooting all kinds of different Windows problems. If you use the Event Viewer, you can identify what was occurring at or around 2:35 am each day before the server crashed and use this to troubleshoot the problem.

166
Q

MSConfig is a system utility

A

to troubleshoot the Microsoft Windows startup processes MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters.

167
Q

PerfMon is a performance monitoring and system monitoring utility in Windows

A

that is used to monitor the activities on CPU and memory activity on a computer. Performance monitor is used for viewing performance data either in real-time or from a log file. The performance monitor can only monitor the resource utilization, but it cannot manage or terminate those processes.

168
Q

Which of the following Control Panel options should a technician configure to automatically adjust the volume of different sounds when the computer is being used to place or receive telephone calls?

A

Explanation
OBJ 1.4 - The Sound section of the Control Panel allows technicians to configure settings for the playback, recording, and sound effects on the computer. Under the communications tab of the Sound section, a technician can adjust whether or not the computer should adjust the volume of other sounds when a telephone call is occurring.

169
Q

The Ease of Access section of the Control Panel

A

brings together the functionality for the accessibility features in Windows, including visual, tactile input, and speech recognition settings to assist those with disabilities.

170
Q

The USB selective suspend feature

A

allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time.

171
Q

The Programs and Features section of the Control Panel

A

allows a technician to install or remove applications, software packages, and features in the Windows operating system.

172
Q

What kind of attack is an example of IP spoofing?

A

Explanation
OBJ 2.4 - An on-path attack (formerly known as a man-in-the-middle attack) intercepts communications between two systems. For example, in an HTTP transaction, the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server. This often uses IP spoofing to trick a victim into connecting to the attack.

173
Q

SQL injection

A

SQL injection is a code injection technique used to attack data-driven applications. Malicious SQL statements are inserted into an entry field for execution, such as dumping the database contents to the attacker.

174
Q

An on-path attack is an attack

A

where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

175
Q

ARP Poisoning, also known as ARP Spoofing,

A

is a type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN to change the pairings in its IP to MAC address table.

176
Q

Cross-Site Scripting (XSS) attacks

A

are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in a browser side script, to a different end-user.

177
Q

Which of the following types of attacks is conducted against a database server by inserting code into an entry field on a web application form for execution to try and gain access to the contents of the database?

A

Explanation
OBJ 2.4 - SQL injection is a code injection technique used to attack data-driven applications. Malicious SQL statements are inserted into an entry field for execution, such as dumping the database contents to the attacker.

178
Q

Cross-Site Scripting (XSS)

A

attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in a browser side script, to a different end-user.

179
Q

A zero-day attack

A

happens once that flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence the term zero-day.

180
Q

An on-path attack

A

is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other. The attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection. The attacker will intercept all relevant messages passing between the two victims and inject new ones.

181
Q

What type of malicious application does not require user intervention or another application to act as a host to replicate?

A

Explanation
OBJ 2.3 - A worm is a self-replicating type of malware that does not require user intervention or another application to act as a host for it to replicate.

182
Q

Viruses and Macros

A

require user intervention to spread, and Trojans are hosted within another application that appears harmless.

183
Q

You have been asked to configure your neighbor’s SOHO network. Your neighbor wants to build a Minecraft server so that all their friends can play together over the internet. When configuring their firewall, where should you place the server?

A

Explanation
OBJ 2.9 - A perimeter network (formerly called a Demilitarized Zone or DMZ) is a portion of a private network connected to the Internet and protected against intrusion. Certain services may need to be made publicly accessible from the Internet (such as a web, email, or Minecraft server) and they should be installed in the perimeter network instead of in your intranet. If communication is required between hosts on either side of a perimeter network, then a host within the perimeter network will act as a proxy to take the request. If the request is valid, it re-transmits it to the destination. External hosts have no idea about what is behind the perimeter network so that the intranet remains secure. A perimeter network can be implemented using either two firewalls (screened subnet) or a single three-legged firewall (one with three network ports). In this SOHO network, it would use a single three-legged firewall approach to separate the perimeter network from the LAN and WAN.

184
Q

A local area network (LAN)

A

is a network where all the nodes or hosts participating in the network are directly connected with cables or short-range wireless media.

185
Q

A wide area network (WAN)

A

is a network that spans multiple geographic locations such as the internet.

186
Q

A metropolitan area network (MAN)

A

is a network that covers a geographical area equivalent to a city or municipality.

187
Q

The network administrator noticed that the border router has high network capacity loading during non-working hours. This excessive load is causing outages for the company’s web servers. Which of the following is the MOST likely cause of the issue?

A

Explanation
OBJ 2.4 - A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. A denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a host connected to the Internet.

188
Q

ARP spoofing

A

is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network.

189
Q

Session hijacking, also known as TCP session hijacking,

A

is a method of taking over a web user session by surreptitiously obtaining the session ID and masquerading as the authorized user.

190
Q

An evil twin

A

is a rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the user’s knowledge.

191
Q

A company is implementing enhanced user authentication for system administrators accessing the company’s confidential servers. They intend to use two-factor authentication to accomplish this. Which of these BEST represents two-factor authentication?

A

Explanation
OBJ 2.1 - Two-factor authentication (also known as 2FA) is a method of confirming a user’s claimed identity by using a combination of two different factors: (1) something you know, (2) something you have, or (3) something you are. Out of the options provided, only a key fob (something you have) and a password (something you know) meet the requirements of 2FA. If you have two factors from the same type/category, like something you know (username and password), this is only considered a single factor of authentication.

192
Q
A
193
Q

A network administrator has set up a firewall and set up only three allow rules so that traffic can be sent over ports 21, 110, and 25. Next, they added a final rule of “deny any any” to the end of the ACL to minimize the attack surface and better secure the network. Unfortunately, now the administrator is receiving complaints from users that they cannot access any web pages using their URLs, such as DionTraining.com. Which of the following should the administrator do to correct this issue?

A

Explanation
OBJ 2.1 - The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. If the outbound port 80 is not open, then users will not be able to connect to a remote web server. If the outbound port 53 is not open, then the users will be unable to conduct a DNS name resolution and determine the IP address of the given web server based on its domain name. Port 22 is used for SSH/SCP/SFTP. Port 143 is used for IMAP. Port 139 and 445 are used for SMB. Port 389 is used for LDAP. Port 110 is used for POP3.

194
Q

Which of the following types of screen locks uses a secret PIN or password to prevent access to a mobile device?

A

Explanation
OBJ 2.7 - A passcode lock relies upon something a user memorizes, known as a knowledge factor in authentication. This could be a PIN, password, or passphrase. This is the least secure mechanism of locking a mobile device as the PIN, password, or passphrase could be compromised by shoulder surfing or technical means. A swipe lock is a term for unlocking a device by tracing a predetermined on-screen pattern or joining dots on the screen. This was commonly used in Android devices until biometric methods like fingerprint scanners and facial recognition became more prevalent. The FaceID and TouchID screen locks rely upon biometric data to securely unlock the device. Since biometrics are body measurements and calculations related to human characteristics, the use of a person’s face or fingerprint is classified as a biometric authentication system.

195
Q

A network administrator receives a call asking for assistance with connecting to the network. The person on the phone asks for the IP address, subnet mask, and VLAN required to access the network. What type of attack might this be?

A

Explanation
OBJ 2.4 - Social engineering is a type of attack on a network in which an attacker uses their confidence and their victims’ gullibility to gain access. It is the only type of attack on a network that is directed towards the human element. The human interaction with the network administrator makes the other three answers incorrect.

196
Q

Spoofing

A

is the act of disguising a communication from an unknown source as being from a known, trusted source.

197
Q

A zero-day attack happens once

A

that flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence the term zero-day.

198
Q

VLAN hopping

A

is a method of attacking networked resources on a virtual LAN to gain access to traffic on other VLANs that would normally not be accessible.

199
Q

Which of the following types of attacks occurs when an attacker specifically targets the CEO, CFO, CIO, and other board members during their attack?

A

Explanation
OBJ 2.4 - Whaling is an email-based or web-based form of phishing that targets senior executives or wealthy individuals.

200
Q

Spear phishing

A

is the fraudulent practice of sending emails from a seemingly known or trusted sender to induce targeted individuals to reveal confidential information. A spear phishing attack is focused on a targeted set of people, not just an indiscriminate large group of random people.

201
Q

Phishing

A

is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.

202
Q

Vishing

A

is a social-engineering attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services (VoIP).

203
Q

Which of the following must be enabled to allow a video game console or VoIP handset to configure your firewall automatically by opening the IP addresses and ports needed for the device to function?

A

Explanation
OBJ 2.9 - Universal plug-and-play (UPnP) is a protocol framework allowing network devices to autoconfigure services, such as allowing a games console to request appropriate settings from a firewall. UPnP is associated with several security vulnerabilities and is best disabled if not required. You should ensure that the router does not accept UPnP configuration requests from the external (internet) interface. If using UPnP, keep up-to-date with any security advisories or firmware updates from the router manufacturer.

204
Q

A mobile device management (MDM) software suite

A

is used to manage smartphones and tablets within an enterprise.

205
Q

The dynamic host control protocol (DHCP) is a protocol

A

used to allocate IP addresses to a host when it joins a network. DHCP utilizes UDP ports 67 and 68.

206
Q

Network address translation (NAT) is

A

a network service provided by the router or proxy server to map private local addresses to one or more publicly accessible IP addresses. NAT can use static mappings but is commonly implemented as network port address translation (PAT) or NAT overloading, where a few public IP addresses are mapped to multiple LAN hosts using port allocations.

207
Q

Which of the following types of attacks is conducted by injecting malicious programming language statements into otherwise trustworthy websites to attack the user’s web browser?

A

Explanation
OBJ 2.4 - Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in a browser side script, to a different end-user. SQL injection is a code injection technique used to attack data-driven applications. Malicious SQL statements are inserted into an entry field for execution, such as dumping the database contents to the attacker.

208
Q

A zero-day attack happens once

A

that flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence the term zero-day.

209
Q

An on-path attack is an attack

A

where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other. The attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection. The attacker will intercept all relevant messages passing between the two victims and inject new ones.

210
Q

Dion Training will be hiring 10 college students as interns to work over the summer. Each year, the same interns will work for the company for 8 weeks, but then they will return to school. Next summer, they will return to the company and will need to reaccess their accounts. What is the BEST policy to use so that the interns can use the accounts during the summer but cannot log in during the school year?

A

Explanation
OBJ 2.6 - If the accounts are disabled at the end of the summer, the interns will be unable to log in again until their accounts are enabled again when they return next summer. This is the best method since deleting the accounts would require the interns to get new accounts each summer, and they would lose all their data and configurations.

211
Q

You work for Dion Training as a physical security manager. You are concerned that the physical security at the entrance to the company is not sufficient. To increase your security, you are determined to prevent piggybacking. What technique should you implement first?

A

Explanation
OBJ 2.1 - An access control vestibule, or mantrap, is a device that only allows a single person to enter per authentication. This authentication can be done by RFID, a PIN, or other methods. Once verified, the mantrap lets a single person enter through a system, such as a turnstile or rotating door. CCTV will not stop piggybacking, but it could be used as a detective control after an occurrence. Wearing security badges is useful, but it won’t stop piggybacking by a skilled social engineer. RFID badges may be used as part of your entry requirements, but it won’t stop a determined piggyback who follows an employee into the building after their authenticated RFID access has been performed.

212
Q

Which type of authentication method is commonly used with physical access control systems and relies upon RFID devices embedded into a token?

A

Explanation
OBJ 2.1 - A proximity card is a contactless card that usually utilizes RFID to communicate with the reader on a physical access system. These are commonly used to access secured rooms (such as server rooms) or even a building itself (such as at an access control vestibule).

213
Q

Some smart cards contain

A

proximity cards within them, but the best answer to this question is proximity cards since that is the function of the smart card would be the device used to meet this scenario’s requirements.

214
Q

An HMAC-based one-time password (HOTP)

A

is a one-time password algorithm based on hash-based message authentication codes.

215
Q

A Time-based one-time password (TOTP)

A

is a computer algorithm that generates a one-time password that uses the current time as a source of uniqueness.

216
Q

A small doctor’s office has asked you to configure their network to use the highest levels of wireless security. The office only uses cloud-based SaaS applications to store their patient’s sensitive data. Which of the following protocols or authentication methods should you implement for the BEST security?

A

Explanation
OBJ 2.2 - Since everything is being stored within a cloud-based SaaS application, the doctor’s office needs to ensure their network connection uses the highest encryption level (WPA2 or WPA3). Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.

217
Q

Wired equivalent privacy (WEP)

A

is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key.

218
Q

The Wi-Fi Protected Setup (WPS) is

A

a mechanism for auto-configuring a WLAN securely for home users. On compatible equipment, users push a button on the access point and connect adapters to associate them securely. WPS is subject to brute force attacks against the PIN used to secure them, making them vulnerable to attack.

219
Q

You are setting up the Remote Desktop Services on a Windows 2019 server. To increase the security of the server, which of the following actions should you take?

A

Explanation
OBJ 2.9 - To best secure the server, you should logically place the Windows 2019 server into the network’s screen subnet and block all unused ports on the switch, router, and firewall. Since the server will allow remote connections from across the internet to access the server directly, the server must be placed into the screened subnet of the network and not in the internal trusted portion of the network. Additionally, any server or services that will be forward-facing to the internet (like a Remote Desktop Services server) should have all of the unused ports blocked on the switch, router, and firewall to minimize the footprint of the network. By blocking unused ports, there are fewer ways for an attacker to get into the network and attack the server.

220
Q

How would you represent r-xrw-r– in octal notation?

A

Explanation
OBJ 2.6 - R-X is 5, RW- is 6, and R– is 4. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the ownerÕs permissions, the groupÕs permissions, and the other userÕs permissions.

221
Q

Which of the following policies or plans would dictate the complexity requirements for a wireless network’s shared secret key?

A

Explanation
OBJ 2.6 - A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords.

222
Q

An acceptable use policy (AUP) is

A

a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used.

223
Q

A data loss prevention policy is

A

a document that defines how organizations can share and protect data. It guides how data can be used in decision-making without it being exposed to anyone who should not have access to it. The goal of a data loss prevention policy is to minimize accidental or malicious data loss.

224
Q

A remote access policy

A

is a document that outlines and defines acceptable methods of remotely connecting to the internal network.

225
Q

The physical security manager has asked you to assist with the risk assessment of some proposed new security measures. The manager is concerned that during a power outage, the server room might be targeted for attack. Luckily, they have many different protection measures in place to keep intruders out of the server room. During a power outage, which of the following security controls would still be usable?

A

Explanation
OBJ 2.1 - A traditional door lock doesn’t require power to operate. Therefore, it will still protect the facility and keep the intruder out of the server room. The other options all require power to function and operate.

226
Q

A biometric lock is

A

any lock that can be activated by biometric features, such as a fingerprint, voiceprint, or retina scan. Biometric locks make it more difficult for someone to counterfeit the key used to open the lock or a userÕs account.

227
Q

A smart card

A

is a form of hardware token.

228
Q

Closed-circuit television is

A

a type of video surveillance where video cameras transmit a signal to a specific place using a limited set of monitors.

229
Q

A motion detector

A

is an electrical device that utilizes a sensor to detect nearby motion. Such a device is often integrated as a component of a system that automatically performs a task or alerts a user of motion in an area. They form a vital component of security, automated lighting control, home control, energy efficiency, and other useful systems.