FULL FLASHCARD STUDY DECK

Question 1

Q

Instant Search

Answer

A

Windows feature allowing rapid search of apps, data folders, messages, and the web.

Question 2

Q

Windows Settings

Answer

A

Touch-enabled interface for managing user and system settings in Windows.

Question 3

Q

Control Panel

Answer

A

Legacy management interface for configuring user and system settings in Windows.

Question 4

Q

Microsoft account

Answer

A

Cloud-based SSO service allowing users to synchronize settings between multiple Windows devices.

Question 5

Q

Account Settings

Answer

A

Windows Settings pages relating to user account creation and maintenance.

Question 6

Q

User Accounts applet

Answer

A

Control Panel app relating to user account creation and maintenance.

Question 7

Q

Privacy settings

Answer

A

Windows Settings pages related to personal data collection and use.

Question 8

Q

Time & Language settings

Answer

A

Windows Settings pages allowing configuration of default data formats (date, currency, and so on), location information, and keyboard input locale.

Question 9

Q

Personalization settings

Answer

A

Windows Settings pages related to customizing the appearance of the desktop using themes.

Question 10

Q

Ease of Access

Answer

A

Windows Settings pages related to desktop and input/output device accessibility configuration.

Question 11

Q

OneDrive

Answer

A

Cloud storage service operated by Microsoft and closely integrated with Windows.

Question 12

Q

This PC

Answer

A

File system object representing a Windows computer and the disk drives installed to it.

Question 13

Q

Recycle Bin

Answer

A

When files are deleted from a local hard disk, they are stored in the Recycle Bin. They can be recovered from here if so desired.

Question 14

Q

File Explorer Options

Answer

A

Control Panel app related to view and browsing settings for File Explorer.

Question 15

Q

Indexing Options

Answer

A

Control Panel app related to search database maintenance.

Question 16

Q

System Settings

Answer

A

Windows Settings pages relating to basic and advanced system settings.

Question 17

Q

Update & Security settings

Answer

A

Windows Settings pages related to configuring automatic patching, deploying feature updates, and managing security features.

Question 18

Q

Windows Security

Answer

A

Touch-enabled app for configuring features such as firewall and antivirus.

Question 19

Q

Devices settings

Answer

A

Windows Settings pages for using and configuring attached hardware.

Question 20

Q

Phone settings

Answer

A

Windows Settings pages for associating a smartphone with Windows.

Question 21

Q

Devices and Printers

Answer

A

Control Panel app for using and configuring attached hardware.

Question 22

Q

Device Manager

Answer

A

Primary interface for configuring and managing hardware devices in Windows. Device Manager enables the administrator to disable and remove devices, view hardware properties and system resources, and update device drivers.

Question 23

Q

Sound applet

Answer

A

Control Panel applet related to speaker and microphone configuration plus Windows sound events and notifications.

Question 24

Q

Standby

Answer

A

Power-saving mode where power to all compatible components except system memory is cut. Note that systems on standby still consume some electricity.

Question 25

Q

Hibernate

Answer

A

Power-saving state where the contents of memory are saved to hard disk (hiberfil.sys) and the computer is powered off. Restarting the computer restores the desktop.

Question 26

Q

sleep

Answer

A

Power-saving mode in Windows. On a laptop, this functions much like standby, but on a desktop, the system also creates a hibernation file before entering the standby state.

Question 27

Q

Power Options

Answer

A

Control Panel app related to configuring power button/lid events and power-saving modes.

Question 28

Q

fast startup

Answer

A

Power-saving option allowing swift resume from sleep via an image of system memory contents saved to a hibernation file.

Question 29

Q

Apps

Answer

A

Windows Settings pages relating to configuration of Windows Features and third-party software apps.

Question 30

Q

Programs and Features

Answer

A

Control Panel applet allowing management of Windows Features and third-party software.

Question 31

Q

Network & Internet

Answer

A

Windows Settings pages related to interface configuration, network profiles, and proxy configuration.

Question 32

Q

Network and Sharing Center

Answer

A

Control Panel related to interface configuration, network profiles, and discovery/file sharing settings.

Question 33

Q

Windows Defender Firewall

Answer

A

Built-in, host-based filtering of network connections.

Question 34

Q

Internet Options

Answer

A

Control Panel applet allowing configuration of the Internet Explorer web browser.

Question 35

Q

Administrative Tools

Answer

A

Folder in Control Panel containing default Microsoft management consoles used to configure the local system.

Question 36

Q

WinX menu

Answer

A

Start button shortcut menu with quick access to principal configuration and management utilities.

Question 37

Q

Run dialog

Answer

A

Windows interface for executing commands.

Question 38

Q

Disk Management (diskmgmt.msc)

Answer

A

Console related to initializing, partitioning, and formatting disk drives.

Question 39

Q

Mail applet

Answer

A

Control Panel applet related to configuration of Microsoft Outlook email accounts and storage files.

Question 40

Q

Storage Spaces

Answer

A

Windows feature for creating a single storage resource from multiple devices. Data can be protected against device failure by RAID-like mirroring or parity.

Question 41

Q

Defragment and Optimize Drives tool (dfrgui.exe)

Answer

A

Fragmentation occurs when a data file is not saved to contiguous sectors on an HDD and reduces performance. The defragmenter mitigates this and can also perform optimization operations for SSDs.

Question 42

Q

Disk Clean-up (cleanmgr.exe)

Answer

A

Windows utility for removing temporary files to reclaim disk space.

Question 43

Q

Gaming settings

Answer

A

Windows Settings pages related to game mode settings and Xbox integration.

Question 44

Q

Task Scheduler (tasksch.msc)

Answer

A

Enables execution of an action (such as running a program or a script) automatically at a pre-set time or in response to some sort of trigger.

Question 45

Q

Local Users and Groups (lusrmgr.msc)

Answer

A

Console for creating and managing user and group accounts with the authentication and permissions scope of the local system.

Question 46

Q

Certificate Manager console (certmgr.msc)

Answer

A

Console related to managing digital certificates for the current user and trusted root certification authority certificates.

Question 47

Q

Group Policy Editor (gpedit.msc)

Answer

A

Console related to configuring detailed user and system registry settings via policies.

Question 48

Q

Registry Editor (regedit.exe)

Answer

A

Tool for making direct edits to the registry database, such as adding or modifying keys or values. The Registry Editor can be used to make backups of the registry.

Question 49

Q

registry

Answer

A

In the Windows registry, a key is analogous to a folder on the file system. Keys are used to group like settings together in a hierarchy that is logical to navigate.

Question 50

Q

hives

Answer

A

File storing configuration data corresponding to a section of the Windows registry.

Question 51

Q

Microsoft Management Console (MMC)

Answer

A

Utility allowing Windows administrative tools to be added as snap-ins to a single interface.

Question 52

Q

System Information (msinfo32.exe)

Answer

A

Utility that provides a report of the PC’s hardware and software configuration.

Question 53

Q

Event Viewer (eventvwr.msc)

Answer

A

Windows console related to viewing and exporting events in the Windows logging file format.

Question 54

Q

Task Manager (taskmgr.exe)

Answer

A

Windows utility used to monitor and manage process execution, resource utilization, user sessions, startup settings, and service configuration.

Question 55

Q

process

Answer

A

Software program that has been executed and is running in system memory.

Question 56

Q

Startup

Answer

A

Apps and scripts set to run when the computer starts or when the user signs in. Startup items can be configured as shortcuts, registry entries, or Task Scheduler triggers.

Question 57

Q

Services (services.msc)

Answer

A

Windows machines run services to provide functions; for example, Plug-and-Play, the print spooler, DHCP client, and so on. These services can be viewed, configured, and started/stopped via the Services console. You can also configure which services run at startup using msconfig. You can view background services (as well as applications) using the Processes tab in Task Manager.

Question 58

Q

Resource Monitor (resmon.exe)

Answer

A

Console for live monitoring of resource utilization data for the CPU and GPU, system memory, disk/file system, and network.

Question 59

Q

Performance Monitor (perfmon.msc)

Answer

A

Console for reporting and recording resource utilization via counter data for object instances.

Question 60

Q

System Configuration Utility (msconfig.exe)

Answer

A

Utility for configuring Windows startup settings.

Question 61

Q

cmd.exe

Answer

A

Basic shell interpreter for Windows.

Question 62

Q

Run as administrator

Answer

A

Windows feature that requires a task to be explicitly launched with elevated privileges and consented to via UAC.

Question 63

Q

directory

Answer

A

File system object used to organize other file system objects into containers.

Question 64

Q

dir command

Answer

A

Command-line utility that displays information about the contents of the current directory.

Answer 65

A

Command-line tool used to navigate the directory structure.

Answer 66

A

Command-line tool for moving files.

Answer 67

A

Command-line tool for copying files.

Answer 68

A

Command-line directory and file copy utility offering improved functionality compared to the basic copy command.

Answer 69

A

Command-line file copy utility recommended for use over the older xcopy.

Answer 70

A

Command-line tool for creating directories.

Answer 71

A

Command-line tool for deleting directories. The /s switch enables the deletion of non-empty directories.

Answer 72

A

Command-line utility used to configure disk partitions.

Answer 73

A

Command-line utility for creating a file system on a partition.

Answer 74

A

Command-line utility used to select the working drive.

Answer 75

A

Command-line tool that verifies the integrity of a disk’s file system.

Answer 76

A

Command-line tool for shutting down or restarting the computer. The command is supported by Windows and Linux, though with different syntax.

Answer 77

A

Command-line utility that checks the integrity of system and device driver files.

Answer 78

A

Command-line tool for reporting Windows version information.

Answer 79

A

Windows started as version 3.1 for 16-bit computers. A workgroup version provided rudimentary network facilities. Windows NT 4 workstations and servers (introduced in 1993) provided reliable 32-bit operation and secure network facilities, based around domains. The Windows 9x clients (Windows 95, 98, and Me) had far-lower reliability and support only for workgroups but were still hugely popular as home and business machines. Windows 2000 and Windows XP workstations married the hardware flexibility and user interface of Windows 9x to the reliability and security of Windows NT, while the server versions saw the introduction of Active Directory for managing network objects. The subsequent client releases of Windows (Vista/7/8/8.1) feature a substantially different interface (Aero) with 3D features as well as security improvements. The latest client versions—Windows 10 and Windows 11—are designed for use with touch-screen devices.

Answer 80

A

Proprietary (Closed-Source) OS designed by Apple for their range of iMac computers, Mac workstations, and MacBook portables.

Answer 81

A

UNIX is a family of more than 20 related operating systems that are produced by various companies. It can run on a wide variety of platforms. UNIX offers a multitude of file systems in addition to its native system. UNIX remains widely deployed in enterprise data centers to run mission-critical applications and infrastructure.

Answer 82

A

Open-source OS packaged in distributions supported by a wide range of hardware and software vendors.

Answer 83

A

Proprietary (Closed-Sourced) OS developed by Google to run on specific laptop (chromebooks) and PC (chromeboxes) hardware.

Answer 84

A

OS for some models of the Apple iPad tablet.

Answer 85

A

OS for Apple’s iPhone smartphone and most iPad tablet models.

Answer 86

A

Product life cycle and procurement consideration where a device or product no longer receives a full range of updates or support from its vendor.

Answer 87

A

Cell phone/smartphone/tablet OS developed by the Open Handset Alliance (primarily driven by Google). Unlike iOS, it is an open-source OS, based on Linux.

Answer 88

A

Structure for file data indexing and storage created by a process of formatting a partition that allows an OS to make use of a mass storage device, such as an HDD, SSD, or thumb drive.

Answer 89

A

64-bit default file system for Windows, with file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas.

Answer 90

A

32-bit file system used principally for system partitions and removable media.

Answer 91

A

64-bit version of the FAT file system with support for larger partition and file sizes.

Answer 92

A

Standard Linux file system that includes journaling and has since been replaced with ext4.

Answer 93

A

Default file system for macOS-based computers and laptops.

Answer 94

A

Considerations that must be made when using an app in an environment with multiple device and OS platforms.

Answer 95

A

Product life-cycle phase where mainstream vendor support is no longer available.

Answer 96

A

Graphical OS interface that allows programs to run within window containers. Desktop styles include tools for launching apps, such as the Windows Start Menu, and managing apps, such as the Windows taskbar. Changes to the desktop style over the course of version and feature updates can be confusing for users.

Answer 97

A

Processing modes referring to the size of each instruction processed by the CPU. 32-bit CPUs replaced earlier 16-bit CPUs and were used through the 1990s to the present day, though most PC and laptop CPUs now work in 64-bit mode. The main 64-bit platform is called AMD64 or EM64T (by Intel). Software can be compiled as 32-bit or 64-bit. 64-bit CPUs can run most 32-bit software, but a 32-bit CPU cannot execute 64-bit software.

Answer 98

A

Home versus Professional versus Enterprise. Windows xp, Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows 11

Answer 99

A

Release paradigm introduced for Windows 10 where significant changes and new features are distributed via Windows Update on a semiannual schedule.

Answer 100

A

In PC terms, companies that sell Windows co-branded under their own logo. OEM Windows licenses are valid only on the system that the software was installed on, and the OEM must provide support.

Answer 101

A

Feature of Windows allowing for encryption of NTFS-formatted drives. The encryption key can be stored in a TPM chip on the computer or on a USB drive.

Answer 102

A

Application protocol for operating remote connections to a host using a graphical interface. The protocol sends screen data from the remote host to the client and transfers mouse and keyboard input from the client to the remote host. It uses TCP port 3389.

Answer 103

A

Earlier versions of an OS that support an in-place upgrade to a newer version, retaining settings, third-party apps, and user data files.

Answer 104

A

OS setup method where the target disk is repartitioned and formatted, removing any existing OS and/or data files.

Answer 105

A

OS installation method where the setup program is launched from an existing OS. This can typically retain user data files, settings, and third-party apps.

Answer 106

A

Deployment method where installation choices are saved in an answer file or script so that the setup program executes without manual intervention.

Answer 107

A

Deployment method where the target disk is written with an image of the new OS.

Answer 108

A

Device used to start the setup program and hold source files for installing or upgrading an OS.

Answer 109

A

Sector on a mass storage device that holds information about partitions and the OS boot loader.

Answer 110

A

Modern disk partitioning system allowing large numbers of partitions and very large partition sizes.

Answer 111

A

OEM recovery media enabling the user to reset the system to its factory configuration.

Answer 112

A

Minimum specifications for CPU speed, memory, and disk capacity for installing an OS or app.

Answer 113

A

Formats for provisioning application installation files, such as via optical discs, downloads, and image files.

Answer 114

A

Considerations that should be made when planning the installation or upgrade of new apps.

Answer 115

A

Troubleshooting startup mode that loads a limited selection of drivers and services.

Answer 116

A

Troubleshooting boot options that allow use of tools such as safe mode and recovery discs.

Answer 117

A

Windows troubleshooting feature that installs a command shell environment to a recovery partition to remediate boot issues.

Answer 118

A

Windows System Protection feature that allows the configuration to be reverted to a restore point.

Answer 119

A

Windows troubleshooting feature that allows removal of an update or reversion to a previous driver version.

Answer 120

A

Windows feature to attempt system recovery by reinstalling Windows from source.

Answer 121

A

Windows command in Windows allowing for the repair (or attempted repair) of the boot manager and boot loader.

Answer 122

A

Microsoft status screen that indicates an error from which the system cannot recover (also called a stop error). Blue screens are usually caused by bad driver software or hardware faults (memory or disk). Other operating systems use similar crash indicators, such as Apple’s pinwheel and Linux’s kernel panic message.

Answer 123

A

Situation where hosts on a network are not closely synchronized to the same date/time source.

Answer 124

A

Adapter card that provides one or more Ethernet ports for connecting hosts to a network so that they can exchange data over a link.

Answer 125

A

Number of bits applied to an IP address to mask the network ID portion from the host/interface ID portion.

Answer 126

A

Network (Internet) layer protocol in the TCP/IP suite providing packet addressing and routing for all higher-level protocols in the suite.

Answer 127

A

Service that maps fully qualified domain name labels to IP addresses on most TCP/IP networks, including the Internet.

Answer 128

A

Protocol used to automatically assign IP addressing information to hosts that have not been configured manually.

Answer 129

A

Windows feature that categorizes network profile as public or private. Each profile can have a different firewall configuration, with public network types being more restricted, by default.

Answer 130

A

Secure tunnel created between two endpoints connected via an unsecure transport network (typically the Internet).

Answer 131

A

Network covering a large area using wireless technologies, such as a cellular radio data network or line-of-sight microwave transmission.

Answer 132

A

Windows feature for indicating that network data transfer is billable and for setting warnings and caps to avoid unexpected charges from the provider.

Answer 133

A

Server that mediates the communications between a client and another server. It can filter and often modify communications as well as provide caching services to improve performance.

Answer 134

A

Command tool used to gather information about the IP configuration of a Windows host.

Answer 135

A

Cross-platform command tool for testing IP packet transmission.

Answer 136

A

Diagnostic utilities that trace the route taken by a packet as it “hops” to the destination host on a remote network. tracert is the Windows implementation, while traceroute runs on Linux.

Answer 137

A

Windows utility for measuring latency and packet loss across an internetwork.

Answer 138

A

Cross-platform command tool for querying DNS resource records.

Answer 139

A

Cross-platform command tool to show network information on a machine running TCP/IP, notably active connections, and the routing table.

Answer 140

A

Collection of access control entries (ACEs) that determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access to the object and the privileges given (read-only, read/write, and so on).

Answer 141

A

Basic principle of security stating that unless something has explicitly been granted access, it should be denied access.

Answer 142

A

Basic principle of security stating that something should be allocated the minimum necessary rights, privileges, or information to perform its role.

Answer 143

A

User account that can be authenticated again and allocated permissions for the computer that hosts the account only.

Answer 144

A

Access control feature that allows permissions to be allocated to multiple users more efficiently.

Answer 145

A

Privileged user account that has been granted memberships of the Administrators security group. There is also an account named Administrator, but this is usually disabled by default.

Answer 146

A

Non-privileged user account in Windows that typically has membership of the Users security group only.

Answer 147

A

Non-privileged account that is permitted to access the computer/network without authenticating.

Answer 148

A

One of the default Windows group accounts. Its use is deprecated, but it is still included with Windows to support legacy applications.

Answer 149

A

Windows feature designed to mitigate abuse of administrative accounts by requiring explicit consent to use privileges.

Answer 150

A

Authentication scheme that requires the user to present at least two different factors as credentials; for example, something you know, something you have, something you are, something you do, and somewhere you are. Specifying two factors is known as 2FA.

Answer 151

A

Authentication mechanism that uses a separate channel to authorize a sign-on attempt or to transmit an additional credential. This can use a registered email account or a contact phone number for an SMS or voice call.

Answer 152

A

Either an additional code to use for 2-step verification, such as a one-time password, or authorization data that can be presented as evidence of authentication in an SSO system.

Answer 153

A

System for sending text messages between cell phones.

Answer 154

A

Software that allows a smartphone to operate as a second authentication factor or as a trusted channel for 2-step verification.

Answer 155

A

USB storage key or smart card with a cryptographic module that can hold authenticating encryption keys securely.

Answer 156

A

Feature that supports passwordless sign-in for Windows.

Answer 157

A

Specification for secure hardware-based storage of encryption keys, hashed passwords, and other user- and platform-identification information.

Answer 158

A

Biometric authentication device that can produce a template signature of a user’s fingerprint and then subsequently compare the template to the digit submitted for authentication.

Answer 159

A

Biometric authentication mechanism that uses an infrared camera to verify that the user’s face matches a 3D model recorded at enrollment.

Answer 160

A

Authentication technology that enables a user to authenticate once and receive authorizations for multiple services.

Answer 161

A

Group of hosts that is within the same namespace and administered by the same authority.

Answer 162

A

Network directory service for Microsoft Windows domain networks that facilitates authentication and authorization of user and computer accounts.

Answer 163

A

Any application server computer that has joined a domain but does not maintain a copy of the Active Directory database.

Answer 164

A

Structural feature of a network directory that can be used to group objects that should share a common configuration or organizing principle, such as accounts within the same business department.

Answer 165

A

On a Windows domain, a way to deploy per-user and per-computer settings such as password policy, account restrictions, firewall status, and so on.

Answer 166

A

Command-line tools to apply and analyze group policies. Group policies are a means of configuring registry settings.

Answer 167

A

Code that performs a series of tasks automatically when a user account is authenticated.

Answer 168

A

Process and supporting technologies for tracking, controlling, and securing the organization’s mobile infrastructure.

Answer 169

A

Group of network hosts that shares resources in a peer-to-peer fashion. No one computer provides a centralized directory.

Answer 170

A

Windows firewall configuration that makes a host visible to network browsers.

Answer 171

A

Windows firewall configuration that opens the network ports required to operate as a file/print server.

Answer 172

A

Windows mechanism for navigating shared network folders by assigning them with drive letters.

Answer 173

A

ACL that mediates local and network access to a file system object under Windows when the volume is formatted with NTFS.

Answer 174

A

File system access-control-concept where child objects are automatically assigned the same permissions as their parent object.

Answer 175

A

System security group that represents any account, including unauthenticated users.

Answer 176

A

Default local or network folder for users to save data files to.

Answer 177

A

Configuring a network share to hold user profile data. The data is copied to and from the share at logon and logoff.

Answer 178

A

In Windows, redirecting an individual user profile folder, such as Documents or Pictures, to a network share.

Answer 179

A

System component providing a command interpreter by which the user can use a kernel interface and operate the OS.

Answer 180

A

Command interpreter and scripting language for Unix-like systems.

Answer 181

A

Software that implements input and output for a command shell.

Answer 182

A

Device that implements input and output for a command shell. In Linux, multiple virtual consoles support use of a single host by multiple user sessions simultaneously.

Answer 183

A

Command-line text editor operated by CTRL key combinations.

Answer 184

A

Command-line text editor that extends the original vi software. Vim uses a command mode for file operations and an insert mode for editing.

Answer 185

A

Linux command for showing the current directory (“Print Working Directory”).

Answer 186

A

Linux command for listing file system objects.

Answer 187

A

Linux command to view and combine (concatenate) files.

Answer 188

A

Command-line Linux tool used to search the file system.

Answer 189

A

Linux command for searching and filtering input. This can be used as a file search tool when combined with ls.

Answer 190

A

Command-line tool for copying files in Linux.

Answer 191

A

Command-line tool for moving files in Linux.

Answer 192

A

Command-line tool for deleting file system objects in Linux.

Answer 193

A

Command-line tools used to report storage usage in Linux.

Answer 194

A

Linux commands allowing a user to use the root account or execute commands restricted to privileged users.

Answer 195

A

Linux commands allowing a user to use the root account or execute commands restricted to privileged users.

Answer 196

A

Syntax for setting Linux permissions that uses characters to represent permissions values.

Answer 197

A

Linux command for managing file permissions.

Answer 198

A

Linux file-permission mode that uses numeric values to represent permissions.

Answer 199

A

Linux command for managing the account owner for files and directories.

Answer 200

A

One of the package management tools available in Linux for installing and updating software.

Answer 201

A

Package manager for installing, maintaining, inventorying, and removing software from the Red Hat family of Linux distributions.

Answer 202

A

Linux command for retrieving process information.

Answer 203

A

Interactive Linux command for monitoring process information.

Answer 204

A

Deprecated Linux command tool used to gather information about the IP configuration of the network adapter or to configure the network adapter.

Answer 205

A

Linux command tool used to gather information about the IP configuration of the network adapter or to configure the network adapter.

Answer 206

A

Utility to query a DNS server and return information about a particular domain name or resource record.

Answer 207

A

Linux software package that implements Server Message Block (SMB) file/print sharing, primarily to support integration with Windows hosts.

Answer 208

A

Scheduled task that is managed by the Linux cron daemon.

Answer 209

A

macOS feature for managing applications from the desktop; similar to the Windows taskbar.

Answer 210

A

macOS file system search tool.

Answer 211

A

App facilitating multiple desktops in macOS.

Answer 212

A

macOS control panel hosting multiple prefpane configuration utilities.

Answer 213

A

Touch-enabled mouse and trackpad hardware for Apple computers.

Answer 214

A

macOS utility related to desktop and input/output device accessibility configuration.

Answer 215

A

Cloud-based service allowing users to synchronize settings and manage apps, file sharing, and backups between multiple Apple devices.

Answer 216

A

macOS app for managing passwords cached by the OS and supported browser/web applications.

Answer 217

A

macOS disk encryption product.

Answer 218

A

File management app in macOS.

Answer 219

A

Mobile/cloud computing office-productivity and data-storage suite operated by Apple and closely integrated with macOS and iOS.

Answer 220

A

macOS installer format that can be copied directly to the Applications folder.

Answer 221

A

macOS installer format that supports complex setup tasks.

Answer 222

A

Default extension for a macOS app subdirectory when installed to the Applications folder.

Answer 223

A

macOS tool for disk and file system support tasks.

Answer 224

A

macOS tool for sharing an optical drive over the network.

Answer 225

A

App facilitating backup operations in macOS.

Answer 226

A

macOS indicator that a process is busy and is not able to accept input.

Answer 227

A

macOS tool for halting a process; equivalent to the process management functionality in Task Manager.

Answer 228

A

Three principles of security control and management. Also known as the information security triad. Also referred to in reverse order as the AIC triad.

Answer 229

A

Protection of computer systems and digital information resources from unauthorized access, attack, theft, or data damage.

Answer 230

A

Person or entity responsible for an event that has been identified as a security incident or as a risk.

Answer 231

A

Likelihood and impact (or consequence) of a threat actor exercising a vulnerability.

Answer 232

A

Weakness that could be triggered accidentally or exploited intentionally to cause a security breach.

Answer 233

A

System whose configuration is different from its secure baseline.

Answer 234

A

System where one or more required security controls (antivirus or firewall, for example) is missing or misconfigured.

Answer 235

A

Specific method by which malware code infects a target host, often via some vulnerability in a software process.

Answer 236

A

Vulnerability in software that is unpatched by the developer or an attack that exploits such a vulnerability.

Answer 237

A

Security framework and tools to facilitate use of personally-owned devices to access corporate networks and data.

Answer 238

A

Using persuasion, manipulation, or intimidation to make the victim violate a security policy. The goal of social engineering might be to gain access to an account, gain access to physical premises, or gather information.

Answer 239

A

Social engineering attack where an attacker pretends to be someone they are not.

Answer 240

A

Social engineering tactic where a team will communicate, whether directly or indirectly, a lie or half-truth in order to get someone to believe a falsehood

Answer 241

A

The social engineering technique of discovering things about an organization (or person) based on what it throws away.

Answer 242

A

Social engineering tactic to obtain someone’s password or PIN by observing him or her as he or she types it in.

Answer 243

A

Social engineering technique to gain access to a building by following someone who is unaware of their presence.

Answer 244

A

Allowing a threat actor to enter a site or controlled location without authorization.

Answer 245

A

Email-based social engineering attack, in which the attacker sends email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.

Answer 246

A

Email-based or web-based form of phishing which targets specific individuals.

Answer 247

A

An email-based or web-based form of phishing which targets senior executives or wealthy individuals.

Answer 248

A

Social engineering attack where the threat actor extracts information while speaking over the phone or leveraging IP-based voice messaging services (VoIP).

Answer 249

A

Wireless access point that deceives users into believing that it is a legitimate network access point.

Answer 250

A

Potential for an entity to exercise a vulnerability (that is, to breach security).

Answer 251

A

Type of threat actor who is assigned privileges on the system that cause an intentional or unintentional incident.

Answer 252

A

The phase in an attack or penetration test in which the attacker or tester gathers information about the target before attacking it.

Answer 253

A

Attack technique where the threat actor disguises their identity or impersonates another user or resource.

Answer 254

A

Attack where the threat actor makes an independent connection between two victims and is able to read and possibly modify traffic.

Answer 255

A

Any type of physical, application, or network attack that affects the availability of a managed resource.

Answer 256

A

An attack that uses multiple compromised hosts (a botnet) to overwhelm a service with request or response traffic.

Answer 257

A

Group of hosts or devices that have been infected by a control program called a bot that enables attackers to exploit the hosts to mount attacks.

Answer 258

A

Any attack where the attacker tries to gain unauthorized access to and use of passwords.

Answer 259

A

Type of password attack that compares encrypted passwords against a predetermined list of possible password values.

Answer 260

A

Type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords.

Answer 261

A

Malicious script hosted on the attacker’s site or coded in a link injected onto a trusted site designed to compromise clients browsing the trusted site, circumventing the browser’s security model of trusted zones.

Answer 262

A

Attack that injects a database query into the input data directed at a server by accessing the client side of the application.

Answer 263

A

Function that converts an arbitrary length string input to a fixed length string output. A cryptographic hash function does this in a way that reduces the chance of collisions, where two different inputs produce the same output.

Answer 264

A

Two-way encryption scheme in which encryption and decryption are both performed by the same key. Also known as shared-key encryption.

Answer 265

A

Cipher that uses public and private keys. The keys are mathematically linked, using either Rivel, Shamir, Adleman (RSA) or elliptic curve cryptography (ECC) alogrithms, but the private key is not derivable from the public one. An asymmetric key cannot reverse the operation it performs, so the public key cannot decrypt what it has encrypted, for example.

Answer 266

A

In asymmetric encryption, the private key is known only to the holder and is linked to, but not derivable from, a public key distributed to those with which the holder wants to communicate securely. A private key can be used to encrypt data that can be decrypted by the linked public key or vice versa.

Answer 267

A

During asymmetric encryption, this key is freely distributed and can be used to perform the reverse encryption or decryption operation of the linked private key in the pair.

Answer 268

A

Message digest encrypted using the sender’s private key that is appended to a message to authenticate the sender and prove message integrity.

Answer 269

A

Any method by which cryptographic keys are transferred among users, thus enabling the use of a cryptographic algorithm.

Answer 270

A

Standards for authenticating and encrypting access to Wi-Fi networks.

Answer 271

A

Mechanism used in the first version of WPA to improve the security of wireless encryption mechanisms, compared to the flawed WEP standard.

Answer 272

A

Symmetric 128-, 192-, or 256-bit block cipher used for bulk encryption in modern security standards, such as WPA2, WPA3, and TLS.

Answer 273

A

Encryption protocol used for wireless LANs that addresses the vulnerabilities of the WEP protocol.

Answer 274

A

Personal authentication mechanism for Wi-Fi networks introduced with WPA3 to address vulnerabilities in the WPA-PSK method.

Answer 275

A

Wireless network authentication mode where a passphrase-based mechanism is used to allow group authentication to a wireless network. The passphrase is used to derive an encryption key.

Answer 276

A

Standard for encapsulating EAP communications over a LAN (EAPoL) or WLAN (EAPoW) to implement port-based authentication.

Answer 277

A

Framework for negotiating authentication methods that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication, and establish secure tunnels through which to submit credentials.

Answer 278

A

Security concept where a centralized platform verifies subject identification, ensures the subject is assigned relevant permissions, and then logs these actions to create an audit trail.

Answer 279

A

AAA protocol used to manage remote and wireless authentication infrastructures.

Answer 280

A

It is an AAA protocol that was developed by Cisco and used by numerous third-party implementations that is used in authenticating administrative access to routers and switches.

Answer 281

A

Single sign-on authentication and authorization service that is based on a time-sensitive, ticket-granting system.

Answer 282

A

SOHO device providing Internet routing via a full fiber, DSL, cable, or satellite link. These appliances also provide a 4-port LAN switch and Wi-Fi plus a firewall.

Answer 283

A

Considerations for installation location for PC and network devices to ensure reliable and secure operation.

Answer 284

A

Software instructions embedded on a hardware device such as a computer motherboard. Modern types of firmware are stored in flash memory and can be updated more easily than legacy programmable read-only memory (ROM) types.

Answer 285

A

Character string that identifies a particular wireless LAN (WLAN).

Answer 286

A

Security measure performed on email and Internet traffic to identify and block suspicious, malicious and/or inappropriate content in accordance with an organization’s policies.

Answer 287

A

DHCP configuration that assigns either a prereserved or persistent IP address to a given host, based on its hardware address or other ID.

Answer 288

A

Process in which a router takes requests from the Internet for a particular application (such as HTTP) and sends them to a designated host on the LAN.

Answer 289

A

Type of port forwarding where the external port is forwarded to a different internal port on the LAN host.

Answer 290

A

Mechanism to configure access through a firewall for applications that require more than one port. Basically, when the firewall detects activity on outbound port A destined for a given external IP address, it opens inbound access for the external IP address on port B for a set period.

Answer 291

A

Protocol framework allowing network devices to autoconfigure services, such as allowing a games console to request appropriate settings from a firewall.

Answer 292

A

Segment isolated from the rest of a private network by one or more firewalls that accepts connections from the Internet over designated ports.

Answer 293

A

Home router implementation of DMZ where all ports with no existing forwarding rules are opened and directed to a single LAN host.

Answer 294

A

Sturdy vertical post installed to control road traffic or designed to prevent ram-raiding and vehicle-ramming attacks.

Answer 295

A

Security barrier designed to prevent unauthorized access to a site perimeter.

Answer 296

A

Secure entry system with two gateways, only one of which is open at any one time.

Answer 297

A

Hand-held or walkthrough metal detector designed to detect concealed weapons.

Answer 298

A

Authentication mechanism that allows a user to present a smartcard to operate an entry system.

Answer 299

A

Security device similar to a credit card that can store authentication information, such as a user’s private key, on an embedded cryptoprocessor.

Answer 300

A

Biometric camera-based scanner that uses unique features of a palm shown by visible and infrared light.

Answer 301

A

Biometric scanner based on analysis of the unique pattern of blood vessels at the back of the eye.

Answer 302

A

Physical security device that restricts access to ports and internal components to key holders.

Answer 303

A

Physical intrusion detection and warning that can use circuit, motion, proximity, and duress triggers.

Answer 304

A

Alarm system triggered by movement as detected by microwave radio reflection or passive infrared sensors.

Answer 305

A

Physical security control that uses cameras and recording devices to visually monitor the activity in a certain area.

Answer 306

A

Physical security mechanisms that ensure a site is sufficiently illuminated for employees and guests to feel safe and for camera-based surveillance systems to work well.

Answer 307

A

Rules designed to enforce best-practice password selection, such as minimum length and use of multiple character types.

Answer 308

A

Rules designed to enforce best-practice password use by forcing regular selection of new passwords.

Answer 309

A

This type of firmware-configured password is shared by all users and consequently is very rarely used. It might be used to provide extra security on a standalone computer that does not often require interactive logon, such as a computer used to manage embedded systems.

Answer 310

A

Where a threat actor exploits an unlocked and unattended desktop or mobile device to gain unauthorized access.

Answer 311

A

Security mechanism that locks the desktop after a period of inactivity and requires user to authenticate to resume.

Answer 312

A

Data that can be used to identify or contact an individual (or in the case of identity theft, to impersonate them).

Answer 313

A

Process of determining what additional software may be installed on a client or server beyond its baseline to prevent the use of unauthorized software.

Answer 314

A

Windows mechanisms for automatic actions to occur when a peripheral storage device is attached.

Answer 315

A

Security scanner installed and enabled by default in Windows that provides protection against general malware types.

Answer 316

A

Information about new viruses and other malware used to update antivirus scanners.

Answer 317

A

Microsoft’s file-level encryption feature available for use on NTFS.

Answer 318

A

Installer package that can be verified by a digital signature or cryptographic hash.

Answer 319

A

Installer package whose authenticity and integrity cannot be verified.

Answer 320

A

Add-on that uses the browser API to implement new functionality.

Answer 321

A

Software installed to a web browser to handle multimedia objects embedded in web pages. Use of most plug-in types is now deprecated.

Answer 322

A

Identification and authentication information presented in the X.509 format and issued by a Certificate Authority (CA) as a guarantee that a key pair (as identified by the public key embedded in the certificate) is valid for a particular subject (user or host).

Answer 323

A

Using HTTPS to browse a site where the host has presented a valid digital certificate issued by a CA that is trusted by the browser. A padlock icon is shown to indicate the secure status of the connection.

Answer 324

A

Browser feature or extension that prevents sites from creating new browser windows.

Answer 325

A

Browser feature or add-in that prevents third-party content from being displayed when visiting a site.

Answer 326

A

Cookies, site files, form data, passwords, and other information stored by a browser. Caching behavior can be enabled or disabled and data can be cleared manually.

Answer 327

A

Browser mode in which all session data and cache is discarded and tracking protection features are enabled by default.

Answer 328

A

Malicious code inserted into an executable file image. The malicious code is executed when the file is run and can deliver a payload, such as attempting to infect other files.

Answer 329

A

Malicious code inserted into the boot sector code or partition table of a storage device that attempts to execute when the device is attached.

Answer 330

A

Malicious software program hidden within an innocuous-seeming piece of software. Usually, the Trojan is used to try to compromise the security of the target computer.

Answer 331

A

Type of malware that replicates between processes in system memory and can spread over client/server network connections.

Answer 332

A

Exploit techniques that use the host’s scripting environment to create malicious processes.

Answer 333

A

Mechanism for gaining access to a computer that bypasses or subverts the normal method of authentication.

Answer 334

A

Malware that creates a backdoor remote administration channel to allow a threat actor to access and control the infected host.

Answer 335

A

Infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets.

Answer 336

A

Software that records information about a PC and its users, often installed without the user’s consent.

Answer 337

A

Malicious software or hardware that can record user keystrokes.

Answer 338

A

Class of malware that modifies system files, often at the kernel level, to conceal its presence.

Answer 339

A

Malware that tries to extort money from the victim by blocking normal operation of a computer and/or encrypting the victim’s files and demanding payment.

Answer 340

A

Malware that hijacks computer resources to create cryptocurrency.

Answer 341

A

Software capable of detecting and removing virus infections and (in most cases) other types of malware, such as worms, Trojans, rootkits, adware, spyware, password crackers, network mappers, DoS tools, and so on.

Answer 342

A

Spoofed desktop notifications and browser ads designed to alarm users and promote installation of Trojan malware.

Answer 343

A

Consequence of malware infection where DNS and/or search results are corrupted to redirect requests from legitimate site hosts to spoofed sites or ads.

Answer 344

A

Browser indication that a site connection is not secure because the certificate is invalid or the issuing CA is not trusted.

Answer 345

A

The process of isolating a file, computer system, or computer network to prevent the spread of a virus or another cybersecurity incident.

Answer 346

A

Computing environment that is isolated from a host system to guarantee that the environment runs in a controlled, secure fashion. Communication links between the sandbox and the host are usually completely prohibited so that malware or faulty software can be analyzed in isolation and without risk to the host.

Answer 347

A

Mobile device mechanism that locks the screen after a period of inactivity.

Answer 348

A

Mobile gesture that unlocks the screen without requiring authentication.

Answer 349

A

Number used in conjunction with authentication devices such as smart cards; as the PIN should be known only to the user, loss of the smart card should not represent a security risk.

Answer 350

A

Mobile device bio gesture authentication mechanism that requires the user to scan their fingerprint to unlock the device.

Answer 351

A

Mobile device authentication mechanism that requires the user to input a join the dots pattern to unlock the device.

Answer 352

A

Mobile device authentication mechanism that progressively delays or blocks unlock attempts after multiple failures.

Answer 353

A

Cloud app that uses mobile device location service to identify its current position on a map and enable security features to mitigate theft or loss.

Answer 354

A

Software that allows deletion of data and settings on a mobile device to be initiated from a remote server.

Answer 355

A

Remote-initiated factory reset of a mobile device that removes all user data and settings.

Answer 356

A

Remote-initiated wipe of a mobile device that removes corporate apps and data only.

Answer 357

A

Devices that can report state and configuration data and be remotely managed over IP networks.

Answer 358

A

Standard routine created by manufacturer that can be invoked to restore an appliance to its shipped state, clearing any user customization, configuration, or modification.

Answer 359

A

iOS feature for simple file sharing via Bluetooth.

Answer 360

A

Android feature for simple file sharing via Bluetooth.

Answer 361

A

Gaining superuser level access over an Android-based mobile device.

Answer 362

A

Removes the protective seal and any OS specific restrictions to give users greater control over the device.

Answer 363

A

Mobile device feature designed for testing apps during development that may weaken corporate security protections if misused.

Answer 364

A

Android app package format used when sideloading software from a source other than a trusted store.

Answer 365

A

Software that illegally copies or imitates a commercial product or brand.

Answer 366

A

Remote access tool and protocol. VNC is the basis of macOS screen-sharing.

Answer 367

A

Windows remote-support feature allowing a user to invite a technical support professional to provide assistance over a network using chat. The user can also grant the support professional control over his or her desktop. Remote Assistance uses the same RDP protocol as Remote Desktop.

Answer 368

A

Windows support feature allowing remote screen-sharing over the Internet.

Answer 369

A

Application protocol supporting secure tunneling and remote terminal emulation and file copy. SSH runs over TCP port 22.

Answer 370

A

Category of support software designed for outsourced management of client networks by MSPs.

Answer 371

A

Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices.

Answer 372

A

Software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats.

Answer 373

A

Software that allows clients to view and control the desktop over a network or the Internet.

Answer 374

A

Software that allows users to configure virtual meeting rooms, with options for voice, video, instant messaging, and screen-sharing.

Answer 375

A

Security copy of production data made to removable media, typically according to a regular schedule. Different backup types (full, incremental, or differential) balance media capacity, time required to backup, and time required to restore.

Answer 376

A

Operation to recover system functionality and/or data integrity using backup media.

Answer 377

A

Windows feature for backing up user data.

Answer 378

A

Process an organization uses to maintain the existence of and control over certain data in order to comply with business policies and/or applicable laws and regulations.

Answer 379

A

Sequence of jobs starting with a full backup and followed by either incremental or differential backups to implement a media rotation scheme.

Answer 380

A

Job type in which all selected files, regardless of prior state, are backed up.

Answer 381

A

Job type in which all selected files that have changed since the last full backup are backed up.

Answer 382

A

Job type that combines incremental backup jobs to synthesize a full backup job. Synthetic full backups have the advantage of being easy to restore from while also being easy on bandwidth across the network as only changes are transmitted.

Answer 383

A

Media rotation scheme that labels tapes/devices used for backup jobs in generations, with the youngest generation having a shorter retention period than the oldest.

Answer 384

A

Job type in which all selected files that have changed since the last full or incremental backup (whichever was most recent) are backed up.

Answer 385

A

Media rotation scheme that ensures at least one copy of data is held at a different location to mitigate the risk of a disaster that destroys all storage at a single site.

Answer 386

A

Best practice maxim stating that at any given time there should be at least three copies of data stored on two media types, with one copy held off site.

Answer 387

A

Information that has storage- and handling-compliance requirements defined by national and state legislation and/or industry regulations.

Answer 388

A

Data related to identity documents issued by governments, such as passports, social security IDs, and driving licenses, that is liable to be subject to strict legal and regulatory compliance requirements.

Answer 389

A

Data that can be used to identify an individual and includes information about past, present, or future health as well as related payments and data used in the operation of a healthcare business.

Answer 390

A

Regulated data related to processing financial transactions.

Answer 391

A

Data found on a computer system that is not permitted by policy or that is not compliant with relevant legislation or regulations.

Answer 392

A

Contract governing the installation and use of software.

Answer 393

A

Licensing model that grants permissive rights to end-users, such as to install, use, modify, and distribute a software product and its source code, as long as redistribution permits the same rights.

Answer 394

A

Copyright protection technologies for digital media. DRM solutions usually try to restrict the number of devices allowed for playback of a licensed digital file, such as a music track or ebook.

Answer 395

A

Procedures and guidelines covering appropriate priorities, actions, and responsibilities in the event of security incidents, divided into preparation, detection/analysis, containment, eradication/recovery, and post-incident stages.

Answer 396

A

Team with responsibility for incident response. The CSIRT must have expertise across a number of business domains (IT, HR, legal, and marketing, for instance).

Answer 397

A

Process of gathering and submitting computer evidence to trial. Digital evidence is latent, meaning that it must be interpreted. This means that great care must be taken to prove that the evidence has not been tampered with or falsified.

Answer 398

A

Record of evidence-handling from collection to presentation in court to disposal.

Answer 399

A

Process of thoroughly and completely removing data from a storage medium so that file remnants cannot be recovered.

Answer 400

A

Using a vendor tool to delete the file system and/or partition table on storage media before recycling or repurposing. This method carries the greatest risk of leaving persistent data remnants.

Answer 401

A

Using a third-party tool to fully erase storage media before recycling or repurposing, minimizing the risk of leaving persistent data remnants.

Answer 402

A

Using a vendor tool to fully erase storage media before recycling or repurposing, minimizing the risk of leaving persistent data remnants.

Answer 403

A

Method of sanitizing a drive using the ATA command set.

Answer 404

A

Media sanitization command built into HDDs and SSDs that are self-encrypting that works by erasing the encryption key, leaving remnants unrecoverable.

Answer 405

A

Using drilling, shredding, incineration, or degaussing of storage media before recycling or repurposing to minimize the risk of leaving persistent data remnants.

Answer 406

A

Validation from an outsourcing provider of recycling/repurposing services that media has been destroyed or sanitized to the agreed standard.

Answer 407

A

Series of simple or complex commands, parameters, variables, and other components stored in a text file and processed by a shell interpreter.

Answer 408

A

Extension for a Linux shell script file format. The shebang in the first line of the script identifies the shell type (Bash, for instance).

Answer 409

A

Identifier for a value that can change during program execution. Variables are usually declared with a particular data type.

Answer 410

A

In scripting and programming, control statement that uses a condition to determine which code block to execute next.

Answer 411

A

In scripting and programming, control statement that executes code repeatedly based on a condition.

Answer 412

A

Programming object that can resolve the truth value of a condition, such as whether one variable is equal to another.

Answer 413

A

Command shell and scripting language built on the .NET Framework that use cmdlets for Windows automation.

Answer 414

A

Extension for the PowerShell script format.

Answer 415

A

A command shell and scripting language built on the .NET Framework, which allows the administrator to automate and manage computing tasks.

Answer 416

A

Extension for the Visual Basic Script file format.

Answer 417

A

Extension for the batch file format that is used to execute a series of Windows CMD shell commands.

Answer 418

A

Scripting language used to add interactivity to web pages and HTML-format email.

Answer 419

A

Extension for the JavaScript file format.

Answer 420

A

Use of scripts to perform configuration steps without requiring manual intervention.

Answer 421

A

High-level programming language that is widely used for automation.

Answer 422

A

Extension for a script written in the Python programming language.

Answer 423

A

Methods exposed by a script or program that allow other scripts or programs to use it. For example, an API enables software developers to access functions of the TCP/IP network stack under a particular operating system.

Answer 424

A

Documentation of best practice and work instructions to use to perform a common administrative task.

Answer 425

A

Database software designed to implement a structured support process by identifying each case with a unique job ticket ID and with descriptive fields to record how the issue was resolved.

Answer 426

A

Thing of economic value. For accounting purposes, assets are classified in different ways, such as tangible and intangible or short term and long term. Asset management means identifying each asset and recording its location, attributes, and value in a database.

Answer 427

A

In the context of support procedures, incident response, and breach-reporting, escalation is the process of involving expert and senior staff to assist in problem management.

Answer 428

A

An analysis of events that can provide insight into how to improve response and support processes in the future.

Answer 429

A

Practice of assigning an ID to assets to associate them with entries in an inventory database.

Answer 430

A

Documentation showing how network nodes are connected by cabling or how they are logically identified and connected, such as in IP networks.

Answer 431

A

Searchable database of product FAQs (Frequently Asked Questions), advice, and known troubleshooting issues. The Microsoft KB is found at support.microsoft.com.

Answer 432

A

Process through which changes to the configuration of information systems are implemented as part of the organization’s overall configuration management efforts.

Answer 433

A

Process through which an organization’s information systems components are kept in a controlled state that meets the organization’s requirements, including those for security and compliance.

Answer 434

A

Process for qualifying or quantifying the likelihood and impact of a factor.

Answer 435

A

Policy that governs employees’ use of company equipment and Internet services. ISPs may also apply AUPs to their customers.

Answer 436

A

Displaying terms of use or other restrictions before use of a computer or app is allowed.

Answer 437

A

Communication technique to ensure that you capture all the information that the other person is “transmitting,” including nonverbal cues such as tone of voice or gestures. There are various active-listening techniques for ensuring that you are “getting the right message,” such as summarizing, reflecting (matching the speaker’s communication style), interpreting, and verbal attends (such as “Uh-huh.” or “I see.”).

Answer 438

A

Circuit breaker designed to protect the device and users of the device from faulty wiring or supply of power (overcurrent protection).

Answer 439

A

Wire that provides a return path for electrical current as a safety feature; if an electrical connection short circuits into the metal chassis, a ground wire ensures that the current flows to ground rather than electrocuting someone handling the faulty device.

Answer 440

A

Metal and plastic surfaces can allow a charge to build up. This can discharge if a potential difference is formed between the charged object and an oppositely charged conductive object. This electrical discharge can damage silicon chips and computer components if they are exposed to it.

Answer 441

A

When the power that is supplied by the electrical wall socket is insufficient to allow the computer to function correctly. Under-voltage events are long sags in power output that are often caused by overloaded or faulty grid distribution circuits or by a failure in the supply route from electrical power station to a building.

Answer 442

A

Complete loss of building power.

Answer 443

A

Device that protects electrical devices against the damaging effects of a power surge or spike.

Answer 444

A

Battery-powered device that supplies AC power that an electronic device can use in the event of power failure.

Answer 445

A

Information sheet accompanying hazardous products or substances that explains the proper procedures for handling and disposal.

Answer 446

A

$1 will refer to the first positional argument.

Answer 447

A

.PS1 for PowerShell scripts, .VBS for VBScript, and .BAT for cmd batch files.

Answer 448

A

A digital certificate is a wrapper for a subject’s public key. The public and private keys in an asymmetric cipher are paired. If one key is used to encrypt a message, only the other key can then decrypt it.

Answer 449

A

A knowledge base (KB) is a reference to assist with installing, configuring, and troubleshooting hardware and software. KBs might be created by vendors to support their products. A company might also create an internal KB, populated with guidelines, procedures, information from service tickets, and answers to frequently asked questions (FAQs).

Answer 450

A

A lockable faceplate controls who can access the power button, external ports, and internal components. This mitigates the risk of someone gaining access to the server room via social engineering. It also mitigates risks from insider threat by rogue administrators, though to a lesser extent (each request for a chassis key would need to be approved and logged).

Answer 451

A

A lockout policy disables the account after a number of incorrect sign-in attempts.

Answer 452

A

A Safety Data Sheet (SDS), previously known as a Material Safety Data Sheet (MSDS), should be consulted when introducing a new product or substance to the workplace. Subsequently, you should refer to it in case of an accident involving the substance or when you need to dispose of it.

Answer 453

A

A phishing attack tries to make users authenticate with a fake resource, such as a website. Phishing emails are often sent in mass as spam. This is a variant of phishing called spear phishing because it is specifically targeted at a single person, using personal information known about the subject (his or her football-coaching volunteer work).

Answer 454

A

A synthetic full backup reduces data transfer requirements and, therefore, backup job time by synthesizing a full backup from previous incremental backups rather than directly from the source data.

Answer 455

A

AAA refers to Authentication, Authorization, and Accounting and the Remote Access Dial-in User Service (RADIUS) protocol is one way of implementing this architecture. The RADIUS server is positioned on the internal network and processes authentication and authorization requests. The RADIUS client is the access point, and it must be configured with the IP address of the server plus a shared secret passphrase. The access point forwards authentication traffic between the end-user device (a supplicant) and the RADIUS server but cannot inspect the traffic.

Answer 456

A

Advise the customer that you will put him or her on hold while you speak to someone else, or arrange to call the customer back.

Answer 457

A

An inventory is a list of assets stored as database records. You must be able to correlate each physical device with an asset record by labeling it. A barcode label is a good way of doing this.

Answer 458

A

At a command prompt, run chkdsk without any switches.

(Note that sfc is not the correct answer as this verifies the integrity of protected system files rather than checks the file system on a drive.)

Answer 459

A

Availability—information that is inaccessible is not of much use to authorized users. For example, a secure system must protect against denial of service (DoS) attacks.

Answer 460

A

Biometric authentication deployed as part of a building’s entry-control system.

Answer 461

A

Boot using a recovery tool, such as the product disc, and attempt startup repair and/or repair of the Windows installation using sfc or Windows reset.

Answer 462

A

Brute force attacks are effective against short passwords. Dictionary attacks depend on users choosing ordinary words or phrases in a password.

Answer 463

A

Check for a firmware update. Using the latest firmware is important to mitigate risks from software vulnerabilities.

Answer 464

A

Check that the device has sufficient spare storage, and check for updates. If you can’t identify a device-wide fault, test to see whether the issue is associated with use of a single app.

Answer 465

A

Cloning refers to the image deployment installation method. An image is a copy of an existing installation saved as a single file. Image deployment could use USB boot media (or even optical discs), but network boot is more likely. Network boot requires a PXE-compatible network adapter and motherboard in the computer and the boot device priority set to network/PXE. The network requires a Dynamic Host Configuration Protocol (DHCP) server plus a remote network installation server to run unattended setup and apply the image.

Answer 466

A

COMMAND+SPACEBAR

Answer 467

A

Compromising domain-name resolution is a very effective means of redirecting users to malicious websites. Following malware infection, it is important to ensure that DNS is being performed by valid servers.

Answer 468

A

Configure a virtual private network (VPN) so that remote users can connect to the corporate LAN and then launch the remote desktop protocol (RDP) client to connect to the office PC.

Answer 469

A

Corporate owned, personally enabled (COPE) will allow standardization to a single device and OS. As the requirement does not specify a single device and OS, choose your own device (CYOD) would also fit.

Answer 470

A

Data-at-rest encryption. In Windows, this can be configured at file level via the Encrypting File System (EFS) or at disk level via BitLocker.

Answer 471

A

Demonstrate empathy with the customer’s situation, use active listening skills to show that you understand the importance of the issue, and make the customer confident that you can help. Then use closed-questioning techniques to start to diagnose the problem.

Answer 472

A

Devices that are jailbroken or rooted allow the owner account complete control. Devices that allow installation of apps from untrusted sources, such as by sideloading APK packages or via developer mode, could also have weakened permissions.

Answer 473

A

Digital evidence is difficult to capture in a form that demonstrates that it has not been tampered with. Documentation of the scene and proper procedures are crucial.

Answer 474

A

Disabling guest access. It might be appropriate to allow a guest network depending on the circumstances, but the general principle is that services and access methods that are not required should be disabled.

Answer 475

A

Do not argue with customers and/or be defensive. Avoid dismissing customer problems, and do not be judgmental. Try to calm the customer and move the support call toward positive troubleshooting diagnosis and activity, emphasizing a collaborative approach. Do not disclose experiences via social media outlets.

Answer 476

A

During cool, dry conditions when humidity is low. When humidity is high, the static electricity can dissipate through the moisture present in the air.

Answer 477

A

Either | more or | less.

Answer 478

A

1. A digital certificate and its associated private key are installed on the wireless station.

2. Device authentication, typically via a password, PIN, or biometric gesture, permits access to the private key.

Answer 479

A

False.
A lunchtime attack is where a threat actor gains access to a signed-in user account because the desktop has not locked. While an automatic screensaver lock provides some protection, there may still be a window of opportunity for a threat actor between the user leaving the workstation unattended and the screensaver activating. Users must lock the workstation manually when leaving it unattended.

Answer 480

A

False.
A zero-day is a vulnerability that is unknown to the product vendor and means that no patch is available to mitigate it. This can affect currently supported as well as unsupported end-of-life (EOL) systems. The main difference is that there is a good chance of a patch being developed if the system is still supported, but almost no chance if it is EOL.

Answer 481

A

False. Advanced Encryption Standard (AES) provides stronger encryption and is enabled by selecting Wi-Fi Protected Access (WPA) version 2 with AES/CCMP or WPA3 encryption mode. The Temporal Key Integrity Protocol (TKIP) attempts to fix problems with the older RC4 cipher used by the first version of WPA. TKIP and WPA1 are now deprecated.

Answer 482

A

False.
Closed source just means that the vendor controls development of the OS. It is still subject to updates to fix problems and introduce new features.

Answer 483

A

**False. **
Incognito mode can prevent the use of cookies but cannot conceal the user’s source IP address.

(You do not need to include this in your answer, but the main way to conceal the source IP address is to connect to sites via a virtual private network (VPN).)

Answer 484

A

**True. **
It is not usually a good idea to do so, but it can be disabled via Security Center or the Control Panel applet.

Answer 485

A

**False. **
Restoring to factory settings means removing all user data and settings.

Answer 486

A

False. The conductive path will occur through your fingers as you touch electronic components. The stud in the wrist strap must make contact with your skin to drain the charge.

Answer 487

A

**False. **
User Account Control (UAC) is designed to prevent misuse of accounts with administrative privileges. Use of such privileges requires the user to approve a consent dialog or to enter the credentials of an administrator account. This system can be disabled via UAC settings, but it is enabled by default.

Answer 488

A

True. **
With flash drives and SSDs, while seek time is not a performance factor, the file system *can still benefit from occasional defragmentation or optimization. There are several things to consider, including the lifespan of the SSD. You can read more about the technical considerations in optimizing SSDs at hanselman.com/blog/TheRealAndCompleteStoryDoesWindowsDefragmentYourSSD.aspx

Answer 489

A

Fingerprint recognition
Facial recognition.

Answer 490

A

Full control—the most effective permissions are applied.

Answer 491

A

gpupdate is used to refresh local policy settings with updates or changes from the policy template.
gpresult is used to identify the Resultant Set of Policies (RSoP) for a given computer and/or user account.

Answer 492

A

Heat
Direct sunlight,
Excessive dust and liquids
Very low or high humidity.

(Equipment should also be installed so as not to pose a topple or trip hazard.)

Answer 493

A

If it only occurs on certain sites, it is probably part of the site design. A script running on the site can prevent use of the Back button. It could also be a sign of adware or spyware though, so it would be safest to scan the computer using up-to-date anti-malware software.

Answer 494

A

If the malware is used with the intent to steal information or record behavior, it will not try to make its presence obvious. A rootkit may be very hard to detect even when a rigorous investigation is made.

Answer 495

A

In the Settings app, select Update & Security. Under Windows Update, select “View optional updates.”

(If a graphics driver update is not listed here, check the vendor’s site for driver installation software.)

Answer 496

A

In the Status menu on the Menu bar, in the top-right of the screen, or in the Network prefpane.

Answer 497

A

ipconfig /renew

Answer 498

A

It is certainly possible. Software updates are often applied when a computer is started in the morning, so that is another potential cause, but you should investigate and log a warning so that all support staff are alerted. It is very difficult to categorize malware when the only symptom is performance issues. However, performance issues could be a result of a badly written Trojan, or a Trojan/backdoor application might be using resources maliciously (for DDoS, Bitcoin mining, spam, and so on).

Answer 499

A

It states that you should have three copies of your data across two media types, with one copy held offline and offsite. The production data counts as one copy.

Answer 500

A

It would be highly unlikely for a commercial bank to allow its website certificates to run out of date or otherwise be misconfigured. You should strongly suspect redirection by malware or a phishing/pharming scam.

Answer 501

A

Journaling means that the file system keeps a log of updates that it can use to recover damaged data. The OS might also make use of snapshot capability to maintain a file-version history or perform continuous backups.

Answer 502

A

Leaked data files or personal information such as passwords.

Answer 503

A

Mobile device management (MDM) is being used to mediate network access. The device must be enrolled with the MDM software before it can join the network.

Answer 504

A

mv names.doc /mnt/usb

Answer 505

A

**No. **
The chrome://flags page is for advanced configuration settings. General user, security, and privacy settings are configured via chrome://settings.

Answer 506

A

**No. **
The hosts are on the same IP network (192.168.0.0/24). This means that 192.168.0.200 does not try to use a router (the gateway) to send the probes. 192.168.0.200 uses address resolution protocol (ARP) to find the host with the IP 192.168.0.99. The host unreachable message indicates that there was no response, but the problem will be an issue such as the host being disconnected from the network or configured to block discovery rather than a gateway issue.

Answer 507

A

**No. **
The license is likely to permit installation to only one computer at a time. It might or might not prohibit commercial use, but regardless of the license terms, any installation of software must be managed by the IT department.

Answer 508

A

**No. **
You must backup user data and settings first. A backup is essential as a security precaution.

Answer 509

A

No—it shows the system is using the pagefile intensively and could benefit from more system RAM being installed.

Answer 510

A

Open a new command prompt window with sufficient privileges.
You can right-click the Command Prompt icon and select Run as administrator or press CTRL+SHIFT+ENTER to execute the icon or cmd.exe command.

Answer 511

A

Open Device Manager from the WinX menu, Instant Search, or the Computer Management console. Expand Keyboards, then right-click the device and select Properties. On the Driver tab, select Roll Back Driver.

Answer 512

A

Open the Mac App Store,
then select the Updates button.

Answer 513

A

Open the Settings app,
then select System.
Select the About section, and read the text next to Edition under the Windows specifications heading.

Answer 514

A

pathping measures latency over a longer period and so will return a more accurate measurement than the individual round trip time (RTT) values returned by ping or tracert.

Answer 515

A

Personal healthcare data is
- Medical records,
- Insurance forms,
- Hospital/laboratory test results, and so on.

(Healthcare information is also present in de-identified or anonymized data sets.)

Answer 516

A

Probably not. Using a home router’s “demilitarized zone” or DMZ host option forwards traffic for all ports not covered by specific port-forwarding rules to the host. It is possible to achieve a secure configuration with this option by blocking unauthorized ports and protecting the host using a personal firewall, but using specific port-forwarding/mapping rules is better practice. The most secure solution is to isolate the game server in a screened subnet so that is separated from other LAN hosts, but this typically requires multiple router/firewalls.

Answer 517

A

Probably not—CPU Usage usually peaks and falls. If it stays over 80–90%, the system could require a faster CPU, or if it spikes continually, there could be a faulty application.

Answer 518

A

Read-only

Answer 519

A

Record STOP Error Information: Ask the user to take note of the STOP error code and any error messages that appear on the blue screen when the system crashes. The STOP error code, also known as the “Blue Screen of Death” (BSOD) code, can provide valuable clues about the cause of the issue.

Answer 520

A

Remote monitoring and management (RMM) tools are principally designed for use by managed service providers (MSPs). As well as remote access and monitoring, this class of tools supports management of multiple client accounts and billing/reporting.

Answer 521

A

rm -r /home/jaime/junk

Answer 522

A

**Run a Memory Diagnostic. **
Because this tests each RAM cell, it should uncover any fault.

Answer 523

A

Run through the print process step-by-step to show that it works. It is very important to get a customer’s acceptance that a problem is closed.

Answer 524

A

Select the Physical Disk object,
select the counter, and then select the 0 C: instance.

(Counters that are useful for evaluating performance include % Disk Time and Average Disk Queue Length.)

Answer 525

A

Storage requirements.
Each app takes up a certain amount of space when installed to the fixed disk. Also, you must plan for user-generated file storage, temp files, log files, and other data generated through use of the app.

Answer 526

A

Support for more than 4 GB RAM.

Answer 527

A

Tailgating means following someone else through a door or gateway to enter premises without authorization.
Shoulder surfing means covertly observing someone type a PIN or password or other confidential data.

Answer 528

A

That the antivirus is enabled,
It’s up to date with scan engine components and definitions,
And has only authorized exclusions configured.

Answer 529

A

That the browser address bar displays the lock icon to indicate that the site uses a trusted certificate. This validates the site identity and protects information submitted via the form from interception.

Answer 530

A

The computer must be running a supported edition of Windows (Pro, Enterprise, or Education).
The PC must be configured with an appropriate IP address and have access to the domain DNS servers.
An account with domain administrative credentials must be used to authorize the join operation.

Answer 531

A

The computer must have a fingerprint reader and a trusted platform module (TPM). Windows Hello must first be configured with a personal identification number (PIN) as a backup method.

Answer 532

A

The Finder.

Answer 533

A

The icon indicates that the device has been disabled. It could be that there was a fault, or there may be a network configuration or security reason for disabling the adapter.

(In this sort of situation, use incident logs and device documentation to establish the reason behind the configuration change.)

Answer 534

A

The issue here is compatibility between different operating systems. Even though both are produced by Apple, iOS and macOS use different environments, so the iOS app cannot necessarily be installed directly. Your company might make a macOS version. With the latest versions of macOS, there is support for native iOS apps, so this might be something you can offer.

Answer 535

A

The issue of provisioning an off-site copy of a backup. Cloud storage can also provide extra capacity.

Answer 536

A

The main concern is damaging your back. Lift slowly and use your legs for power, not your back muscles.

Answer 537

A

The Network & Internet settings Edit IP settings dialog can be used. 255.255.255.0 is the subnet mask in dotted decimal format. The dialog just requires the number of mask bits. Each “255” in a dotted decimal mask represents 8 bits, so the user should enter 24.

Answer 538

A

The other main choice is one of the distributions of Linux
A company might also use some sort of UNIX.
Finally, Chrome OS is installed on Chromebox PCs. These are often used by educational institutions and businesses that rely primarily on web applications rather than locally installed desktop software.

Answer 539

A

The package can be signed using a developer certificate issued by a trusted certificate authority. Alternatively, a cryptographic hash of the installer can be made, and this value can be given to each support technician. When installing the software, the technician can make his or her own hash of the downloaded installer and compare it to the reference hash.

Answer 540

A

The PC is set to boot using the legacy BIOS method. This is not compatible with GPT-style partitioning.
(If supported by system firmware setup, switch to UEFI boot. If the firmware is BIOS only, change the boot method back to optical disc, run setup again, and choose MBR partitioning.)

Answer 541

A

The principle of least privilege.

Answer 542

A

The program has added a registry entry to run at startup.
You could check this (and optionally disable the program) by using Task Manager.

Answer 543

A

The robocopy command offers more options than those offered by the xcopy command, so it will usually be the better choice. The copy command is quite basic and probably not suitable.

Answer 544

A

The share is hidden from the file browser.
It can be accessed by typing a UNC. The default administrative shares are all configured as hidden.

Answer 545

A

The boot volume contains the boot files; the system volume contains the system root (OS files).
The boot volume is not normally assigned a drive letter. The system volume is normally allocated the drive letter C:.

Answer 546

A

The user does not have “Write” or “Modify” permission to that folder.
If there is no configuration issue, you should advise the user about the storage locations permitted for user-generated files. If there were a configuration issue, you would investigate why the user had not been granted the correct permissions for the target folder.

Answer 547

A

The user must first show file extensions, using the View tab in the File Explorer Options applet
(you might also note that this can be done via a check box on the View menu ribbon of File Explorer).

Answer 548

A

There is a configuration problem.
192.168.1.0 is not a host address. With the subnet mask 255.255.255.0, it identifies the network range as 192.168.1.0/24. The gateway is usually configured as the first available host address in this range: 192.168.1.1. The DNS server should also be set to 192.168.1.1. The client IP should be set to any other available value, such as 192.168.1.100.

Answer 549

A

These bollards are designed to prevent vehicles from crashing into the building lobby as part of a terrorist or criminal attack.

(The security consultant should only recommend the control if the risk of this type of attack justifies the expense.)

Answer 550

A

They inherit the parent folder’s permissions.

Answer 551

A

This is a circuit designed to protect connected devices from the effect of sudden increases or spikes in the supply voltage and/or current. Surge protectors are rated by:
- Clamping voltage (low values are better),
- Joules rating (higher values are better),
- Amperage (the maximum current that can be carried).

Answer 552

A

This is an evil twin attack where the threat actor uses social engineering techniques to persuade users to connect to an access point that spoofs a legitimate guest network service.

Answer 553

A

This is an irregular state for a Windows PC. If a DHCP server cannot be contacted, the machine should default to using an APIPA address (169.254.x.y). As it has not done this, something is wrong with the networking software installed on the machine. The best option is probably to perform a network reset via the Settings > Network & Internet > Status page

Answer 554

A

This is an issue with update limitations. Android is quite a fragmented market, and customers must depend on the handset vendor to implement OS updates for a particular model. The customer can only check the handset vendor’s website or helpline to find out if a version update will ever be supported for that model.

Answer 555

A

This is most characteristic of cryptomining malware as that explicitly hijacks the computer resources of a device to perform the intensive calculations required to mine blockchain currency.

Answer 556

A

This list contains no means of recording the severity of the ticket. This field is important for prioritizing issues.

Answer 557

A

Three—each partition can use a different file system.

Answer 558

A

Time Machine

Answer 559

A

To consider:
- licensing requirements, such as number of users or devices.
- There also needs to be a system for monitoring license compliance
- ensuring there are no unauthorized installs

Answer 560

A

To specify a delay between running the command and shutdown starting. You might do this to give users a chance to save work or to ensure that a computer is restarted overnight.

Answer 561

A

**True. **
This can be configured using public key authentication with the Secure Shell (SSH) protocol. The server can be installed with the public keys of authorized users.

Answer 562

A

**True. **
WPA3-Personal uses group authentication via a shared passphrase. The simultaneous authentication of equals (SAE) mechanism by which this passphrase is used to generate network encryption keys is improved compared to the older WPA2 protocol, however.

Answer 563

A

Try to end the application or the process using Task Manager, and then contact the application vendor to find out why the problem is occurring.

Answer 564

A

Use a conditional block (If statement) to check for an existing mapping, and remove it before applying the correct mapping.

Answer 565

A

Use force stop if available and/or reboot the device.

Answer 566

A

Use Network & Internet to check the network profile type. When the network changed, the user probably selected the wrong option at the prompt to allow the PC to be discoverable, and the profile is probably set to Public. Change the type Private.

Answer 567

A

Use the Sound settings app or Control Panel applet to check the volume setting and that the headset is configured as the input and output device. If the headset is not listed, check the USB or Bluetooth connection.

Answer 568

A

- Users,
- Administrators,
- Guests
(You might also include Power Users, though use of this group is deprecated. Going beyond the account types listed in the exam objectives, you might include groups such as Remote Desktop Users, Remote Management Users, or Backup Operators. There are also system groups, such as Everyone, but users cannot be assigned manually to these.)

Answer 569

A

Using standard formatting tools will leave data remnants that could be recovered in some circumstances. This might not be considered high risk, but it would be safer to use a vendor low-level format tool with support for Secure Erase or Crypto Erase.

Answer 570

A

Verify the integrity of the download using a hash value or the vendor’s digital certificate.

Answer 571

A

Via the App permissions section under Privacy settings.

(You might also note that most browser software can be configured to only allow location information on a per-site basis.)

Answer 572

A

Virtual Network Computing (VNC) uses TCP port 5900 by default.

Answer 573

A

When a computer goes into a power-saving mode, it will either maintain a small amount of power to the memory modules or write the contents of memory to a hibernation file on disk. Consequently, the user should be able to start the laptop again, and the desktop will resume with the open file still there. You should advise the customer to save changes to files regularly, however.

Answer 574

A

While the risk is low, scanning activity could cause problems with the target and possibly even crash it. Test the script in a sandbox environment before deploying it. Security software might block the operation of this script, and there is some risk from the script or its output being misused. Make sure that use of the script and its output are subject to access controls and that any system reconfiguration is properly change-managed.

Answer 575

A

Who has had access to evidence collected from a crime scene and where and how it has been stored.

Answer 576

A

Windows Pro for Workstations supports 4-way multiprocessing (four CPUs installed to separate sockets) and up to 6 TB RAM. Windows Enterprise has the same hardware limits but is not available via a retail channel.

Answer 577

A

Without a domain, accounts must be configured on each computer individually. With more than 30 computers to manage at two locations, this would be a substantial task, so switching to a domain network, where the accounts can be configured on the server, is likely to save costs in the long term. You can suggest either Windows 10 Pro or Windows 10 Enterprise for use on a domain.

Answer 578

A

Yes (but he or she cannot create files).

Answer 579

A

Yes, it is valid. It formats drive D with the exFAT file system by using a quick format (does not scan for bad sectors). This will delete the file table on the drive so existing data files can be overwritten—the formatted drive will appear to be empty in Explorer. If there are existing files that need to be preserved, they should be backed up before running the format command.

Answer 580

A

Yes, while there are varying methods in accomplishing this task, this can be done via the Accounts settings app. You can also use the legacy control panel on both Windows 10 and 11.

Answer 581

A

Yes. Uncontrolled deployment of network-enabled devices is referred as shadow IT. The devices could increase the network attack surface and expose it to vulnerabilities. The devices must be deployed in a secure configuration and monitored for security advisories and updates.

Answer 582

A

Yes.
You need to configure a port-mapping rule so that the router takes requests arriving at its WAN IP for TCP/443 and forwards them to the server’s IP address on TCP/8080. Using a known IP address for the server by configuring a Dynamic Host Configuration Protocol (DHCP) reservation simplifies this configuration. The home router’s DHCP server must be configured with the media access control (MAC) address or hardware identifier of the web server.

Answer 583

A

You can change the account type between Standard and Administrator via Control Panel, but the Local Users and Groups management console is the tool to use for a custom security group. You could also use the net localgroup command.

Answer 584

A

You can create diagrams to show the physical topology or the logical topology.
- The physical topology shows how nodes are connected by cabling.
- The logical topology shows IP addresses and subnets/VLANs.

(There are lots of other types of network topology diagrams, of course, but physical and logical are the two basic distinctions you can make. It is best practice not to try to create a diagram that shows both as this is likely to reduce clarity.)

Answer 585

A

You can perform a test restore and validate the files. You can run an integrity check on the media by using, for example, chkdsk on a hard drive used for backup. Backup software can often be configured to perform an integrity check on each file during a backup operation. You can also perform an audit of files included in a backup against a list of source files to ensure that everything has been included.

Answer 586

A

You can use any type of loop to iterate through the items in a list or collection, but a For loop is probably the simplest.

Answer 587

A

You might need to:
- verify symptoms of infection
- Also, if a virus cannot be removed automatically, you might want to find a manual removal method
- You might also want to identify the consequences of infection—whether the virus might have stolen passwords, and so on.

Answer 588

A

You must also input the fully qualified domain name (FQDN) or IP address of the remote access VPN server.

Answer 589

A

You need to:
1. create an incident report
2. remove or disable the login accounts
3. isolate the infected server and possibly any user computers that communicate with the server
4. remove the rootkit from the server.

(In terms of wider security policies, investigate why the temporary accounts were not disabled on completion of the project.)

Brainscape's Knowledge GenomeTM

FULL FLASHCARD STUDY DECK

CertMaster

Brainscape's Knowledge Genome^TM