General Knowledge Flashcards
How many years of support do servers and work-stations get?
10 Years for servers and 5 years for workstations
What is the oldest Windows model that we are going to support?
Windows 8.1
Is Linux open or closed source?
Open Source
What is Unix?
A different type of operating system
Is Ubuntu free?
Yes
Does Fedora, Debbie, Mint, Arch, and Cent OS get support?
No, because they are supported by the community instead.
How are standard release models supported?
Even numbers get 5 years of support and Odd numbers get 9 months of support
What are rolling release models?
Model will receive constant updates instead of new models being introduced.
How long are android operating system supported for?
2-3 years
What operating system is android based on?
Linux
What is IOS and IPAD IOS originated from?
Apple
What was MAC OS previously called?
OSX
Is IOS closed or open sourced?
Closed source
What are the three file types that operated on Windows?
NTFS, FAT32, and exFAT
What are the three file types that operated on Linux?
ext3, ext4, or exFAT
What is the one file type that operates on MAC OS?
APFS
What are the benefits of NTFS?
journaling, snapshots, security, POSIX compliance, indexing, and dynamic discsjournaling.
64 bit filesystem that allows for large volumes and very large file sizes.
not case sensitive
What are the main features of FAT32?
total drive size of 2 TB, and maximum file size is 4 GB
Supported by all three operating systems
Usually used on removable drives like external drives or USB flash drives
What are the main features of ext3 and ext4?
mainly used by linux
ext3 has maximum volume size of 32 tb and maximum file size of 2 tb
ext4 has maximum volume size of 1 EB and maximum file size of 16 tb
What are the main features of APFS?
use the same journaling benefits of NTFS
has a higher level of performance when dealing with SSDs compared to HDD
What are the main features of exFAT?
considered cross platform and can be used on Windows, Linux, and macOS
How do most computers deal with compatibility concerns when it comes to file systems?
by talking through TCP/IP
Main features of 32 bit operating system?
Lower memory and these are commonly associated with windows 10
Main features of 64 bit operating system?
More memory often found in windows 10 or 11
Main features of Windows Home?
basic edition of the windows operating system
not designed to be used in business environment
it utilizes an OEM or Retail license
OEM – used by original manufacturer and cannot move systems
Retail– can move unto different systems
Main feature of Windows Pro?
windows operating system that focuses on business operations
can also be used as a domain system
can utilize BitLocker for encryption
can also used the Group Policy Editor
can use Remote Desktop Protocol
can also be upgraded to Windows Pro for Workstations– provides additional hardware and support four way multiprocessing
Main feature of Windows Enterprise and Education?
uses volume licensing
App-V protects the system from malware
allows multiple people to use the same machine, but separates their settings
direct access is used to allow for connectivity for remote users without the use of a VPN
Credential guarding allows for virtualization based security and only grants access to privileged systems.
Windows to go creates an image of the corporate windows 10 environment that can be run on a user’s personal computer.
Difference between edition and version upgrade?
Edition upgrade- same set
Volume upgrade- different set
What is image deployment?
copies an image of a hard drive onto a new system
What are the considerations when upgrading system?
- Hardware compatibility
- Application support
- Backup files and user preferences
- Third party drivers
make sure the processor, chipset, and memory can support the new OS.
What are the three product lifecycles?
- Mainstream- support for at least 5 years
- Extended support- additional period for some products that can extend an additional 3-5 years
- End of life- product is no longer supported
What are the update policies for a Legacy system?
feature updates occur every 6-12 months
feature updates are not going to change the requirement of the OS
What are the two styles of partitioning?
MBR and GUID Partition Table
What are the main features of MBR?
traditional style of partitioning
the first 512 byte sector on a disk contains the MBR which has the info about the physical disk on it
divides the physical disk in to 4 partitions
one drive for operating system and one for the data in two different partitions.
only able to run 4 partitions and supports disk size of 2 TB
Main features of GUID?
supports up to 128 partitions
system must support UEFI, in order to run GPT
How can a factory reset only work?
only if you have the original hard drive
What percentage of profit can be found in the app store?
15-30%
How can backup tools affect system performance?
By stealing a lot of network resources, often overwhelms the connection
What is a WWAN connection?
connects a wide area network over a wireless connection, and is most commonly seen with cellular modems or cellular hotspots
What four basic items are needed for network client configuration?
- IP Address
- Subnet Mask
- Gateway
- DNS Server
What does media streaming do?
media streaming allows the user to send videos, music, and other media types to other devices and computers in the network. This is found in the network and sharing center
What is the main purpose of a task manager?
monitors the computer’s key resources, like processing, memory, storage, and network capacity
What is the main purpose of the device manager?
investigating and troubleshooting system hardware, components, and peripherals
What is the main purpose of a disk management console?
formats disk drives, creates partitions, shrinks volumes, creates RAIDS and more.
What are the three disk maintenance tools?
Disk fragmentation
Capacity
Damage
What is the main purpose of fragmentation?
cleans up files, empties caches, and speeds up systems. keep note that fragmentation is only affecting hard drives due to the way data is written.
What is the data capacity?
it is the cap of data that you are able to have on your disk
What is data damage?
data is damaged– often happens when power is cut off or the device is dropped.
What is the main purpose of a task scheduler?
used to run commands and scripts automatically in the background at any given interval
What is the main purpose of the event viewer?
allows the user to go through log files and see what has happened on a given windows system
What is the event viewer hierarchy? from least to greatest
information
warning
verbose
error
critical
What is the main purpose of the performance monitor?
Real time information about system resources by keeping track of what things are happening in the operating system.
What is the main purpose of the group policy editor?
it provides a way of configuring different windows settings across all machines in the network
What is the main purpose of the certificate manager?
looks at the different digital certificates in the system and provides a way of requesting and importing new certificates
What is the main purpose of the resource monitor?
enhanced version of the task manager.
What is the main purpose of the registry editor?
a database which has all the different settings and configurations across the entire operating systems
What is the main difference between the administrative command prompt vs regular prompt?
creates new user accounts and access files and folders
what are the navigation command?
cd– change directory
what is the directory command?
dir– directory
what do the dots mean in the directory command?
. means here
.. means take me to the parent directory
what is the command for clearing screen?
cls
what is the command to see inside the text file?
type
what is the command for creating a directory?
md
what is the purpose of using quotations?
to group a command together, if not; it will create a separate entity
what is the command for removing directory?
rmdir
how does a user access a drive directly in command prompt?
drive and colon
ex. D drive= d:
how does a user move up 2 directories
cd ../..
how does a user navigate to the root of the drive instantly?
/
what is the command for copy?
copy
ex.
copy Afile1.txt f:\File1.txt
what is the command for move?
move
ex.
move Afile1.txt f:\File1.txt
user is able to rename file while moving it
what is the command for copying directories
xcopy
what is the command for copying in to network drives?
robocopy
what is the command for disk partitioning?
diskpart
how does a user see a disk in the system in command prompt?
list disk
how do you select a disk in dispart?
select disk 0
how do view a detail info on a disk?
detail volume 1
how do you change the letter of a disk?
assign letter=p
how do you view commands in disk part?
help
what is the format command?
format p: /fs:ntfs
ex.
last command contains the file system used
what is the command for scanning file systems?
chksdk
what is the command for repair in chkdsk?
/f to fix or /r to fix and recover
what is the shutdown command?
shutdown /? opens help menu
/s computer shutdown
/l log off
/t able to set a timeout period in seconds
/a aborts the shutdown
/h sleep mode
/r shutdown and restart computer
what is the command for system file checker?
sfc / scannow– runs immediately one time
sfc/ ?– opens help menu
sfc/ scanfile– single files at a time
what is the command for finding windows version?
winver
systeminfo |more– more information
what are the commands for networking?
ipconfig– ip configuration
ipconfig /all- more details of the network adapters
ipconfig /renew– renews DHCP lease
ipconfig /release– gets rid of ip information
ipconfic /displaydns– what is in DNS cache
ipconfig /flushdns– flushes resolver cache
ping– connectivity
ping localhost– test connection to one’s self
ping 192.168.1.60- pings ip address
ping 8.8.8.8– pings dns server
ping google.com– pings domain name
tracert– trace route
tracert facebook.com– tests hops of domain name
pathping– performs traces, more detailed than normal trace route
what are the name resolution commands?
hostname– device name
nslookup– looks up information about a hostname
nslookup help– how to use nslookup
server 8.8.4.4– changes server in cmd
set doman=diontraining.com– sets domain to dointraining
set domain=diontraining.com
set type A– sets type A in diontraining
what is the command that checks for open ports?
netstat
netstat /?- see different options
netstat -a–displays all connections
netstat -n– listed using ip address
netstat -o– shows process ids
netstat -ano– sees all of the above
what is the group policy commands?
gpupdate /force– forces
gpresult /r– policies that are in effect for that user
gpresult /?– see all the available commands
main difference between workgroups and domains
domain– centralized architecture, larger environments
workgroup- decentralized model, 15-20 computers,
What is the definition of inheritance?
the instructions on the parent folder is shared on the child folder.
What is the main difference between a shared permission vs an NTFS permission?
Shared permission is more granular and through the network, while NTFS permission is through a local file and has a lot more options when it comes to changes. NTFS also has inheritance by default.
what is the net command?
net /?
what is the main purpose of net use?
connect to things using the network, like mapping and viewing users.
what is the command for deleting drives?
net use i: /delete
drive replace i
what is the command for mapping?
net use t: \diontrainingwin\SharedFolder /persistent:yes
need persistent command to stay after reboot
what is the difference between the shared and security folder?
shared uses shared permissions and security uses NTFS permissions
What is the main purpose of mission control?
enables the user to create multiple Virtual desktops on the MACOS.
what is the terminal of the macOS?
it is the command prompt
What is file vault?
disk encryption for the macOS
what is the CIA triad?
integrity, confidentiality, and availability
what is hashing?
unique fingerprint of file
what is a checksum?
moved to data transits, and make sures that file is the same.
what is a noncompliant system?
a system that is not on the baseline of what is approved by the organization
what is the configuration baseline?
set of recommendations for deploying a computer in a hardened configuration
what is a zero day attack?
vulnerability that is discovered before it was patched
what is a denial of service attack?
used to describe an attack that attempts to render the computer or resources unavailable
what is a flood attack?
attacks by packets, overloading the server
what is a ping flood?
happens when too many ping packets have been sent
what is a syn flood?
initiates the tcp sessions, but never completes the 3 way response.
what are the main purpose of flood guards?
detect syn floods
what is a PDOS?
exploits a security and permanently destroys the system by reflashing the firmware
what is a fork bomb?
uses a large number of processes to overload the computer
what is a ddos?
uses a lot of machines to attack a server
what is a dns amplification?
sent packets to flood the victims website to initiate DNS requests
what is black holing?
routes attack to a nonexistent server
can a cloud infrastructure prevent a ddos attack?
yes, by scaling out to the demands of the attack
what are spoofing attacks?
attacker falsifies information and acts as another machine
what is ip spoofing?
modifies the source address to hide the identity of the sender
what is ip spoofing focuses om?
layer 3 of the OSI model
what is mac address spoofing?
changing the mac address to pretend
what is ip spoofing focusing on?
layer 2 of the OSI model
what is ARP spoofing?
sending falsified ARP messages over the network
ARP attacks often acts as a precursor for other attacks
what is an on path attack?
attacker puts themselves between the victim and the intended destination
ARP poisoning
DNS poisoning
rouge WAP
rouge hub or switch
what is a replay on an ARP attack?
valid data is captured by the attacker and is then repeated immediately, or delayed, and then repeated.
what is a relay on an ARP attack?
between two hosts, being able to monitor
what is SSL scripting?
occurs when attack tricks the encryption application into thinking the HTTP is HTTPs
what is a downgrade attack?
attacker attempts a client or server abandon a higher security mode in favor of a lower security mode
downgrade attacks do not only affect TLS or SSL
what is an SQL injection?
structure query language.
insertion of SQL query via input data from a client to an application
SQL, HTML, XML, and LDAP
what is XSS?
attacker embeds malicious scripting commands on a trusted website
stored/persistent- attempts to get data provided by the attacker to be saved on the webserver
reflected- non persistent
DOM based- exploit victims webserver
what is XSRF?
attacker forces the user to execute actions on a web server for which they are already authenticated.
prevent XSRF with tokens, encryption, XML file scanning and cookie verification.
what is a dictionary attack?
programs attempts to use a dictionary to attack the password
what is a bruteforce attack?
programs attack by using every single password combination
what is a cryptaanalysis attack?
comparing a precomputed password to a value in the lookup table
what are the 10 types of viruses
boot sector- first sector of harddrive
macro- in document
program- seeks out executables
multipartite- combines boot and program
encryption- uses cipher to encrypt contents to avoid detection
polymorphic- changes code each time it is executed
metamorphic- rewrite itself before attempting to infect a file
stealth- polymorphic, encryption, and metamorphic
armored- layer of protection
hoax- trick a user into infecting own machine.
what is a worm?
malicious software replicating itself without user interaction
what is a trojan?
virus hiding behind a entity that bypasses a firewall
RAT- provides the attacker with remote control of a victim computer
what is ransomware?
malware the restricts access to a victims computer until a ransom is received
what is spyware?
gathers info without user consent
what is adware?
displays advertisements based upon its spying on you
what is grayware?
software that isnt benign nor malicious and tends to behave improperly without serious consequences.
what is a rootkit?
designed to gain administrative level control over a system without detection.
what is a DLL injection?
code that is inserted into a running process on a windows machine by taking advantage of DLL that are loaded at runtime
what is a driver manipulation?
attack that relies on compromising the kernel mode device drivers that operate at a privileged or system level. rootkit
what is a shim?
a piece of software code that is placed between two components that intercepts a call and redirect them.rootkit
what is botnet or zombies?
collection of compromised computers under a mater node.
often used in DDOS attacks
what are the steps on removing malware? 7 steps
- identify symptoms
- quarantine affected systems
- disable system restore
- remediate the infected system
- schedule automatic updates and scans
- re enable system restore
- provide end user security awareness training
what is a phish and its different types?
phish- luring user into divulging sensitive information
spear phishing- targeted version of phishing
whaling- targets key executives
SMS- using texting
MMS- using texting with videos,pictures.
Vishing- using voice
Business Email Compromise- attacker gets a hold of executive email
What is an evil twin?
fraudulent wifi access points that acts as legitimate
karma attack- exploits the behavior of wifi, due to lack of authorization.
what are the three os software firewalls?
windows firewall, pF and ipfw, and iptables
what is dac, mac and rbac
dac- access is determined by the owner
mac- computer system decides
rbac- computer that focuses on a set of permissions instead of an individuals permission.
what is a power user?
user who is not a user and also not a normal administrator
what is zero trust?
security framework that requires the users to be authenticated, authorized, and validated
- reexamine all default access controls
- employ of prevention techniques and defense in depth
- realtime monitoring and controls to identify and prevent issues
- architecture aligns with broader security.
what is emm and mdm?
emm- policies and tools
mdm- technical controls
what are the 3 older wire less security encryption?
WEP- original standard that claims to be as secured as wired. uses initialization vector
WPA- replacement for wep uses tkip and rc4
WPA2 uses CCMP and AES
What is the most recent version of wireless encryption?
WPA3- updated cryptographic key uses enterprise 192 bit or personal 192 and 128 bit
uses GCMP. faster and more secure than wpa2
what is forward secrecy?
session keys will not be compromised even if the long term secrets used in the session key exchange have
what are the 7 wireless authentication method?
radius- cross platform protocol that authenticates, and authorizes users to services, and accounts for their usage.
tacacs+- cisco protocol
diameter- next generation version of radius
ldap- cross platform protocol, centralizes info about clients and objects on the network
single sign on- sign on once to authenticate
Kerberos- uses symmetric encryption and the key distribution centerto conduct authentication and authorization functions.
802.1x- port based authentication
EAP- framework of a series of protocols
what are the 4 mobile device deployments?
COBO- most secured, most restrictive, and most expensive
COPE- relaxed version of COBO, can cause privacy concerns
BYOD- bring own devices, most difficult to secure
CYOD- choose device from an approved list of vendors
what is windows hello?
another way of authenticating the user of the system, more secured than a standard username and password
are guest accounts disabled or enabled in windows 10 or 11?
they are disabled.
what is the SAM?
security account manager
what is a power user?
permission level the same as the standard group,often works as a backwards compatibility method. not elevated permissions.
what is the UAC?
security feature used to protect the system against malicious programs, scripts, and attacks
change the setting in the control panel
what does data at rest mean?
data that is not being utilized
what does data in use?
data that is used
what does data in transit?
data that is being used in the network
difference between EFS and bitlocker
EFS- file or folder
Bitlocker- internal drive
Bitlocker to go- external drives
what is autorun and autoplay?
autorun- it would read the contents of disc and dvd automatically
autoplay-
what are the best practices for passwords?
complexity requirements
expiration requirements
use of passwords
what are the 3 ways of data are destroyed?
degaussing- exposes hard drive to magnetic field. doesnt work well with solid state drives.
Purging- removes data in a way that it cannot be reconstructed
clearing- removal of data with a certain amount of assurance that it cannot be reconstructed
what is erasing/wiping?
process of destroying old data by writing over the location on the hard drive or solid state drive with new data. this doesnt work well with SSD
you can also use the format cmd from the command prompt to erase the contents of the drive, better than erasing.
what is a low level format?
reset disk to factory conditions, including partitions
secure erase- marking every block as empty. has to let everything and finishing might take awhile
crypto erase- deleting the key of the encryption, makes the content un readable.
what is the main difference between extentions and plugins?
extensions are designed to extend the functionality of a website while plugins perform a particular task or set of tasks.
what is better for website encryption SSL or TLS.
TLS makes SSL obsolete, especially 1.2
difference between incidences or problems?
incidences happens one time, while problems are occurring continually
what are the two types of knowledge based articles?
internal- used by staff
external- used by end user
what is asset management?
detailed management and configuration of assets, allows the user the attach an asset to the problem
what is the unique asset tag?
labeled to a particular device
what are the change management procedures
- change request- verifies the impact
- procurement- determines the budget for item
- deployment- implements procedure
- maintenance- monitoring and support
- disposal- sanitizing data remnants
how long is the warranty for an asset?
usually 90 days
what are the three types of changes?
standard changes- preauthorized without any additional authorization
normal change- authorization is gained.
emergency changes- changes that need to be expedited, requires an ECAB
ECAB is a board of admins that accepts of denies a change
what is pair programming>?
one person codes and the other person reads it and approve it
when working with larger systems, what kind of changes do we use?
use normal changes
how do we conduct change management?
- fault to be fixed
- new business need
- planned improvement
- write changes to be made and justify
- end user acceptance- makes sure that end user knows how to operate change.
what are acceptable use policies?
what the employees are allowed to use on the asset
what are SOPS?
standard operating procedure. makes sure that procedures are complying with policy
what are the SOP checklist?
- verify system requirements
- validate download source
- verify files
- verify software license
- ensure proper installation
- provide training and support
what are AARs?
after action reports. figures out the cause of the accident.
write up based on what happened, the cause, and how to prevent it in the future.
what are network topology diagrams?
one diagram of logical connections and another one for physical connections
what are incremental backups?
will only back up things that have changed since last backup
what are differential backups?
backs up all the that has changed since the last FULL backup
what are synthetic backups?
creates full backups with lower data transfer requirements.
offline mode and assembled from other backup servers
what are archive attribute flags?
set to on anytime you modify a file.
anytime we do an incremental back we clear the flag, the opposite is the case with differential backups
define frequency
the period between back up jobs
how much data could you afford to lose
define the GFS backup scheme
son- daily backups
father- weekly backups
grandfather- monthly backups
what is the 321 backup rule?
three copies of data, two different types of media, and one copy being held offline
differences between spikes and surges?
spike increase of the amount of voltage, a surge is a big spike.
sags, brownout, and blackout
sag- low decrease of voltage
brownout- lights dim
blackout- total loss of power for an amount of time
types of power supplies
UPS- last short amount of time. uninterruptible power supply
backup generator
portable gas engine- specialized systems, least expensive
permanently installed- building, much more expensive ran on fuel
battery inverter- short power outages only, minimal user interaction
proper equipment grounding
never disconnect the ground wire
what is ESD?
electrostatic discharge- path that allows electrons to rush from a statically charged body to a component that has not charge
- work in a room that is setup properly to reduce ESD
- take out anything that can help create static electrically
- always handle components by using ESD safe equipment
What are the steps for incident response?
- prepartion
- identification
- containment
- eradication
- recovery
- lessons learned
What is the chain of custody?
the record of evidence history from collection to count presentation to disposal
How long can criminal cases take to reside?
from months to years
What is a legal hold?
preserves all relevant information when litigation is expected to occur
what is the order of volatility?
collecting evidence that could be easily tempered or destroyed first.
- collect data only when the computer is powered on
- contents of ram will be lost when turned off
what is the proprietary software?
pay a fee for a license
What is a DRM?
protection for music and video that is being used online
Difference between private data, confidential data, and sensitive data.
sensitive= minimal impact
confidential= maximum impact
private= personal record
what are the military classification of data?
- Unclassified
- CUI- medical records, personal files
- confidential- trade secrets
- secret- military deployment plans
- top secret- blueprints
What are the different script files?
.bat- cmd batch file
.ps1- powershell
.vbs- visual basic
.sh- bash script
.js- java script
.py- python
pseudo code
what is a bolean?
True or false
what is an integer?
positives and negatives
what is a character?
variable that can only store ASCIII characters
what is a loop?
controls which order the code will be executed in a given program
what is a for loop? a while loop?
for loop- used for when the number of ticks to repeat a block of code is known
while loop- not known, will only stop if something has happened
what is a do loop?
will only stop until some condition is met at the end.
how does a windos pc boot?
firmware will look through the storage device and identify where MBR is, should be located at the first sector of disk
it will then be able to identify which operating system is supposed to be booted from the MBR
how to fix issues with GPT?
incorrect boot order
remove any external devices
use startup repair tool
How to utilize Disk part command when booting issues?
safe mode ctrl shift b
chkdsk and sfc
what can cause system instability?
hardware= overheating
software= corrupted kernel files
What are the Linux navigation commands?
LS, PWD, and CD
What are the disk usage commands? Linux
DF and DU
DU command shows disk usage and how the device is used
What are the text manipulation commands? Linux
Nano and Pico- visual editors and easy to use
VI and VIM- more difficult to use but have more difficulties
Cat- displays content of file to screen
What are the search commands? Linux
Find- search for a file
Grep-search for content within file
What are the resource management commands? Linux
PS and top
what are the copy and remove commands? Linux
cp and mv and rm
what are the switch user commands? Linux
su- switch user
sudo- switch to root user
What are the commands to modify accounts? Linux
usermod- modify account
userdel- delete account
passwd- change password
groupadd- modify agroup
groupmod- modify group
groupdel- delete a group
what are the commands to change permissions? Linux
chmod- access permissions
chown- change the owner
what are the network commands? Linux
ip- configuring network interfaces
traceroute- route and transmit time
dig- DNS information
man- online reference manuals
