Jason Dion - CompTIA A+ 1002 Exam Prep #1 Flashcards
- You are concerned that your services could be damaged during a power failure or under-voltage event. Which Two Devices would protect against these conditions?
Surge Suppressor
Battery Backup
Grounding the Server Rack
Line Conditioner
Battery Backup
Line Conditioner
Explanation:
Line Conditioner - Protects equipment from Power Surges, helps to correct voltage and waveform distortions, and removes external electrical noise (IE: Frequency, Electromagnetic Interference) caused by devices such as radios and motors.
Battery Backup - Like a UPS (Uninterruptable Power Supply), have protections against Sags or Brownouts and will keep a System running for a limited amount of time, enough time to properly save your work and power down.
- Whenever you reboot your domain controller, you notice it takes a very long time to boot up. As the server is booting, you hear noises that sound like a steady series of clicks coming from the hard drive. Which of the following is the BEST action to help speed up the boot time of the Server?
Perform a Disk Cleanup
Terminate Processes in the Task Manager
Remove unnecessary applications from Startup
Defragment the Hard Drive
Defragment the Hard Drive
Explanation:
Defragging is a simple process when file fragments are put together to speed up file access. File fragments are put together, and quality defragmentation utilities also assemble the free space into a single block to prevent future fragmentation. By defragmenting the hard drive, the server doesn’t have to spend as much time accessing the information, and it can boot up faster. Based on the Clicking Noises, it sounds like the system has to access many parts of the drive to load files.
My Explanation:
The question focuses alot on BOOT, and REBOOT language, so I thought it was “Remove unnecessary applications from Startup” so the System boots up and loads into Windows Faster. The key part of the question that I missed however is Clicking Noises. Clicking Noises to me indicates that the DRIVE is Failing, per A+ 1001. However; apparently there’s some aspects of Defragmenting that sort of Error Checks Drives and can potentially clear Clicking sounds from Drives. However, non A+ Exam advice, I’d still consider this a Drive that is failing and I’d back things up and be ready for a replacement.
- Which of the following commands is used on a Linux System to delete all the files and directories in a Linux System’s filesystem?
rm -rf .
rm -rf /
rm /
rm .
rm -rf /
Explanation:
The “rm -rf /” command is the most dangerous command to issue in Linux. The rm -rf command is one of the fastest ways to delete a folder and its contents. But a little typo or ignorance may result in unrecoverable system damage.
The -r option means that the command will recursively delete the folder and its subfolders.
The -f option means that even read-only files wil be removed without asking the user.
The use of / indicates that the remove command should begin at the ROOT directory ( / ) and recursively force all files and folders to be deleted under the ROOT. This would delete everything on the System.
The . would only be deleting from the current working directory and then delete all files and folders further down the directory structure, not the entire file system.
- Your companies share drive has several folders that have become encrypted by a piece of ransomware. During your investigation, you found that only the Sales Department folders were encrypted. You continue your investigation and find that a salesperson’s workstation was also encrypted. You suspect that this workstation was the original source of the infection. Since it was connected to the Sales department share drive as mapped S:\ drive, it was also encrypted. You have unplugged the network cable from this workstation. What Action should you perform NEXT to restore the company’s network to normal operation?
Schedule a Full Disk Anti-Malware Scan on the Workstation
Schedule Weekly Scans and Enable On-Access Scanning
Disable System Restore on the Workstation
Restore the Sales Department Folders from Backups
Restore the Sales Department Folders from Backups
Explanation: (My Take)
The KEY piece of the LONG question is “….to RESTORE the Company’s Network to Normal Operation”. From a Malware 7 Step process, I believe and answered it was Disable System Restore, to prevent the specific Workstation from creating a Restore point that has the Malware Infection on it as you Remediate and remove the Malware. But that’s not what the question was asking. From a Business Standpoint, you Quarantine the Source Workstation that contains the Malware - and they indicate they did, then you want to get the Business Network restore ASAP and back up and running. – THEN, go back to taking care of the infected workstation.
- What is the Symbolic representation of the OCTAL Numeric Permission 644?
rw-r–r–
rw——-
rwx-r-xr-x
r–rw-rw-
rw-r–r–
Explanation:
r = 4
w = 2
x = 1
Knowing this, that means RW = 6, R = 4, and R = 4 over the 3 layers of Linux Permissions.
- Dion Training’s offices are frequently experiencing brownouts and sags. Which of the Following Solutions would protect all of their workstations and servers from these under-voltage events?
Line Conditioner
Uninterruptible Power Supply
Diesel Generator
Surge Suppressor
Line Conditioner
Explanation:
Line Conditioners are used to protect an entire power circuit from Under-Voltage events and power sags. Line Conditioners raise a sag or under-voltage event back to Normal Levels, but it cannot protect the line from a Complete Power Failure or Power Outage. These are also known as Voltage Regulators and Power Distribution Units.
Because the question’s requirement must protect ALL of the Workstations, a Line Conditioner is the Best Option.
An uninterruptible power supply or UPS is an electrical apparatus that provides emergency power to a load when the input power source becomes too low or the main power fails. UPS provides near-instantaneous protection from input power interruptions by using a battery backup.
- A user calls the service desk and states that their workstation has a virus. The user states that they were browsing their favorite website when the antivirus displayed a full-screen messaging stating, “1532 file infected on this computer - Click to remove infected files NOW!” The user states that when they click the button, a message from the company’s content filter states it is Blocked, and they need your assistance to remove the infected files. Which of the following has MOST likely occurred?
The user’s workstation is infected with ransomware
The user’s antivirus needs to be updated
The user’s workstation should be reimaged immediately
The user is the victim of a rogue antivirus attack
The user is the victim of a rogue antivirus attack
- After a company rolls out software updates, Ann a lab researcher, can no longer use the lab equipment connected to her PC. The tech contacts the vendor and determines there is an incompatibility with the latest version of the drivers. Which of the following should the technician perform to get the researcher back to the work as quickly as possible?
Downgrade the PC to a working patch level
Reset Ann’s equipment configuration from a backup
Restore Ann’s PC to the last known good configuration
Rollback the drivers to the previous version
Rollback the drivers to the previous version
- An attacker uses the nslookup interactive mode to locate information on a Domain Name Service (DNS). What command should they type to request the appropriate records for only the name servers?
request type=ns
set type=ns
transfer type=ns
locate type=ns
set type=ns
Explanation:
The nslookup command is used to query the Domain Name System to obtain the mapping between a domain name and an IP Address or to view other DNS records.
The “set type=ns” tells nslookup only reports information on name servers.
If you used “set type=mx” instead, you would receive information only on mail exchange servers.
- You have decided to have DNA genetic testing and analysis performed to determine your exact ancestry composition and possibly find some lost relatives through their database. Which of the following types of data should this be classified as?
PII
IP
PHI
CUI
PHI (Personal Health Information)
Explanation:
PHI (Personal Health Information) refers to medical and insurance records, plus associated hospital and lab test results.
PII (Personal Identifiable Information) refers to data that can be used to identify, contact, or locate an individual. Information such as a Social Security Number, name, date of birth, email address, telephone number, street address, biometric data is considered PII.
IP (Intellectual Property) or Proprietary Information is information created and owned by the company.
CUI (Controlled Unclassified Information) is federal non-classified information that must be safeguarded by implementing a uniform set of requirements and information security controls to secure sensitive government information.
- What umask should be set for a directory to have 700 as its OCTAL Permissions?
rwxrwxrwx
rwx—rwx
r–r–r–
rwx——
rwx——
Explanation:
r = 4
w = 2
x = 1
Knowing this, that means RWX = 7, then there is 0 Permissions for the next 2 levels in Linux Permissions.
- A user’s personal settings are not showing up on their computer. You suspect that their profile has become corrupted within Windows. You attempt to look at their profile file but cannot find it in their profile directory. Which of the following options do you need to configure to see this file?
Internet Options
Display Settings
User Accounts
Folder Options
Folder Options
Explanation:
File Explorer Options section of the Control Panel allows techs to customize the display of files and folders. You can enable or disable the ability to show hidden files, hide file extensions, and more. If you configure to view hidden files, you will see the system files such as the “ntuser.dat” file that are hidden from users by default.
The User Accounts section of the Control Panel allows techs to add user accounts, remove user accounts, change account types, reset account passwords, and other settings relevant to user accounts and their security.
- You want to ensure that only one person can enter or leave the server room at a time. Which of the following physical security devices would BEST help you meet this requirement?
Thumbprint Reader
Cipher Lock
Access Control Vestibule
Video Monitoring
Access Control Vestibule
Explanation:
Access Control Vestibule is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must be closed before the second set opens.
Thumbprint Reader or Cipher Lock will ensure that only an authorized user can open the door, but it won’t prevent someone from piggybacking and entering with them.
Video Monitoring is passive security, it won’t prevent two people from entering at once.
- A workstation was patched last night with the latest operating system security update. This morning, the workstation only displays a blank screen. You restart the computer, but the OS fails to load. What is the NEXT step you should attempt to boot this workstation?
Reboot the workstation into the BIOS and reconfigure boot options
Reboot the workstation into Safe Mode and rollback the recent security update
Reboot the workstation into Safe Mode, open RegEdit, and repair the Registry
Reboot the workstation into Safe Mode and disable Windows Services/Applications
Reboot the workstation into Safe Mode and rollback the recent security update
Which version should you use when installing a Linux OS and are concerned with End-Of-Life Support?
Rolling Release
Developer Release
LTS Release
Beta Release
LTS Release
Explanation: (My Take)
End of Life Support, being concerned with it means, you want a STABLE Distro of Linux, something that will be SUPPORTED, for the Long Term. LTS Release stands for (Long Term Support).
Beta Release is a Pre-Release of software product that is given out to a large group of users for a LIMITED Time and is supported for a LIMITED Time.
Developer Release is also a Pre-Release of a software product that is given out to software developers to TEST. Again, Supported for a LIMITED Time.
Rolling Release is a CONCEPT of Software development where an application is frequently updated through the release of new features over time.
Peter is attempting to print to his office printer, but nothing comes out. Yesterday, his printer was working just fine. Peter does not notice any errors on the taskbar’s printer icon. Which of the following actions should Peter try FIRST to solve this issue?
Check the status of the print server queue
Cancel all documents and print them again
Check to ensure the printer selected is the default printer
Check that the printer is not offline
Check the status of the print server queue
Explanation: (My Take)
The KEY word in the question was “Office” printer. Implies a Print Server/Networked Printer.
If no errors show in the taskbar’s printer icon, the user should open the print queue to determine if the print job has become stuck.
If it is, the print queue can be emptied or reset.
Which of the following types of attacks involves changing the system’s MAC address before it connects to a Wireless Network?
Spoofing
Botnet
Zombie
DDoS
Spoofing (MAC Spoofing)
You attempt to boot a Windows 10 laptop and receive an “Operating System Not Found” error on the screen. You can see the hard disk listed in the UEFI/BIOS of the system. Which of the following commands should you use to repair the boot sector of the hard disk?
bootrec /fixmbr
bootrec /rebuildbcd
diskpart list
bootrec /fixboot
bootrec /fixboot
Explanation:
To repair the Drive’s BOOT SECTOR - you should use the command “bootrec /fixboot” and reboot the computer.
“bootrec /fixmbr” is used to attempt to repair the MASTER BOOT RECORD of a Drive. The first 512-byte sector on a Hard Disk.
“bootrec /rebuildbcd” command is used to add missing Windows Installation to the Boot Configuration Database (BCD).
diskpart command is used in the command-line partitioning utility available for Windows that is used to view, create, delete, and modify a computers disk partition.
Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?
Telnet
SSH
VNC
RDP
VNC (Virtual Network Computing)
Explanation: (My Take)
KEY words “Open Source” and “Tool”.
VNC is a remote access TOOL and protocol. It is used for Screen Sharing on Linux and macOS.
RDP is NOT Open-Source.
SSH and Telnet are Text Based Remote Access Tools.
RDP (Remote Desktop Protocol) uses Port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.
SSH (Secure Shell) uses Port 22 to securely create communication sessions over the Internet for remote access to a server or system.
Telnet uses Port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection but sends its data in plaintext making it an insecure protocol.
A webserver has a planned firmware upgrade for Saturday evening. During the upgrade, the power to the building is lost, and the firmware upgrade fails. Which of the following plans should be implemented to revert to the most recent working version of the firmware on the webserver?
Contingency Plan
Alternative Plan
Backup Plan
Rollback Plan
Rollback Plan
Explanation: (My Take)
It’s a BackOUT Plan or Rollback Plan, they are the same thing. IT Governance integration approach that specifies the processes required to restore a system to its original or earlier state in the event of a failed or aborted implementation. Every Change Request should be accompanied by a Rollback or BackOUT Plan so that the change can be reversed if it has harmful or unforeseen consequences.
BackUP Plan is a documented business process that identifies how data will be available for recovery by quickly copying critical data from a backup system to the production environment.
Contingency Plan or Alternative Plan is a plan devised for an outcome other than the usual (Expected) plan. Often used in Risk Management for exceptional risk.
Sam and Mary both work in the accounting department and use a web-based SaaS product as part of their job. Sam cannot log in to the website using his credentials from his computer, but Mary can log in with her credentials on her computer. Sam asks Mary to login into her account from his computer to see if the problem is with his account or computer. When Mary attempts to log in to Sam’s computer, she receives an error. Mary noticed a pop-up notification about a new piece of software on Sam’s computer when she attempted to log in to the website. Which TWO of the following steps should Mary take to resolve the issue with logging in from Sam’s computer?
Choices:
Ask Sam about the pop-up notification and determine what new programs he installed on his computer.
Have Sam attempt to log on to another website from Sam’s computer to see if it works.
Have Sam clear his browser cache on his computer and then attempt to log on to the website again
Verify Sam’s computer has the correct web browser configuration and settings.
Ask Sam for his username/password to log on to the website from Mary’s computer.
Install a new web browser, reboot Sam’s computer, and attempt to log on to the website again from Sam’s computer.
Ask Sam about the pop-up notification and determine what new programs he installed on his computer.
Verify Sam’s computer has the correct web browser configuration and settings.
Which of the following is considered a form of Regulated Data?
DMCA
AUP
DRM
PII
PII (Personal Identifiable Information)
Explanation:
The four forms of regulated data covered by the exam are:
PII (Personally Identifiable Information)
PCI (Payment Card Industry)
GDPR (General Data Protection Regulation)
PHI (Protected Health Information)
AUP (Acceptable Use Policy
DRM (Digital Rights Management)
DMCA (Digital Millennium Copyright Act)
An administrator arrives at work and is told that network users are unable to access the shared drive on a Windows Server. The administrator logs into the server and sees that some windows updates were automatically installed last night successfully, but now the network connection shows “Limited with no availability”. What rollback action should the tech perform?
Web Browser
Server’s NIC Drivers
Server’s IP Address
Antivirus Updates
Server’s NIC Drivers
Explanation: (My Take)
There’s no such thing as rolling back a Server’s IP Address.
Antivirus Updates/Web Browser has nothing to do with Network Connectivity
Sometimes Windows Updates can install incompatible Drivers for your hardware and need to be rolled back. In this case, the NIC Card Drivers.
Which of the following macOS features allows the user to search all of the hard drives, network shares, and files for a keyword or phrase?
Finder
Gesture
Spotlight
Dock
Spotlight
Explanation: (My Take)
KEY words - Search via keyword or phrase…
Spotlight in macOS is like a SUPER SEARCH.
What does the command “shutdown /s” do on a Windows workstation?
Reboot the Workstation
Log Off the Workstation
Shutdown the Workstation
Enter Sleep Mode
Shutdown the Workstation
Explanation: shutdown /s = shutdown shutdown /l = log off shutdown /h = hibernate or sleep mode shutdown /r = reboot
You have submitted an RFC to install a security patch on all of your company’s Windows 2019 servers during the weekly maintenance window. Which of the following change request documents would describe why the change will be installed during this maintenance window?
Purpose
Scope
Risk Analysis
Plan
Purpose
While troubleshooting the reason that the File Explorer is crashing on a Windows 10 machine, you determine that some of its files may have become corrupt. Which of the following utilities should you use to correct this?
dxdiag
gpupdate
regedit
SFC
SFC (System File Checker)
You attempt to boot a Windows 10 laptop and receive an “Operating System Not Found” error on the screen. You can see the hard disk listed in the UEFI/BIOS of the system. Which of the following commands should you use to repair the first 512-byte sector on the hard disk?
bootrec /fixmbr
diskpart list
bootrec /fixboot
bootrec /rebuildbcd
bootrec /fixmbr
Explanation:
The master boot record (MBR) is the first 512-byte sector on a hard disk. It contains the partitioning information for a drive. To repair the master boot record (MBR), you should use the command “bootrec /fixmbr” and reboot the computer.
If the disk cannot be detected, enter the system setup and try modifying settings (or even resetting the default settings). If the system firmware reports the disk’s presence, but Windows still will not boot, use a startup repair tool to open a recovery mode command prompt and use the bootrec tool to repair the drive’s boot information. The “bootrec /fixboot” command is used to attempt a repair of the boot sector of a drive.
The “bootrec /rebuildbcd” command is used to add missing Windows installations to the Boot Configuration Database (BCD).
The diskpart command is a command-line disk-partitioning utility available for Windows that is used to view, create, delete, and modify a computer’s disk partitions.
You have just finished installing a new workstation for a user in your office. They need to be able to see the other workstations on the company’s workgroup. Which of the following settings should you ensure is enabled?
Enable Network Discovery
Enable BitLocker
Enable File and Folder Sharing
Enable an RDP Connection
Enable Network Discovery
You are configuring a SOHO network for a small coffee shop. They have found that certain customers will buy a single coffee cup and then sit at the coffee shop all day to use the WiFi. The owner has asked you to block this customer’s laptop from connecting by placing it on a blocklist. Which of the following configurations would you use to blocklist this customer’s device based on its unique hardware identifier?
Port Filtering
MAC Filtering
Enforce a WPA2 Password
Port Fowarding
MAC Filtering
You are helping to set up a backup plan for your organization. The current plan states that all of the organization’s Linux servers must have a daily backup conducted. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when needed for restoration. Which of the following should you recommend?
Attempt to restore to a test server from one of the backup files to verify them.
Create an additional copy of the backups in an off-site datacenter
Setup Scripts to automatically reattempt any failed backup jobs.
Frequently restore the server from backup files to test them
Attempt to restore to a test server from one of the backup files to verify them.
A Windows 2019 server is crashing every evening at 2:35 am, but you are not sure why. Which of the following tools should you use to identify the cause of the system crash?
System Information
Event Viewer
Performance Monitor
Registry Editor
Event Viewer
You are working at the service desk and just received the following email from an end-user who believes it is suspicious:
FROM: user@diontraining.com
TO: abuse@diontraining.com
SUBJECT: You won a free iPhone!
You have won a brand new iPhone!!
Just click the following link to provide your address so we can ship it out to you this afternoon: http://www.freephone.io:8080/winner.php
Thanks!
Jonah Smith
Free Phone Giveaway, LLC
Options: Zero-Day Phishing Spoofing Spear Phishing
Phishing
You are installing a new file server at the offices of Dion Training. The entire building has a diesel generator installed to protect it from power outages. The file server must have zero downtime once placed into production. Which of the following power sources should the file server utilize?
A Surge Protector connected to a UPS
An Uninterruptible Power Supply (UPS)
A Surge Protector
A Line Conditioner
An Uninterruptible Power Supply (UPS)
A computer was recently infected with a piece of malware. Without any user intervention, the malware is now spreading throughout the corporate network and infecting other computers that it finds. Which type of malware MOST likely infected these computers?
Trojan
Worm
Virus
Ransomware
Worm
Explanation
A worm is a standalone malware computer program that replicates itself to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. A worm can spread on its own, whereas a virus needs a host program or user interaction to propagate itself.
A virus is malicious software designed to infect computer files or disks when it is activated. A virus may be programmed to carry out other malicious actions, such as deleting files or changing system settings.
A trojan is a type of malware that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network. The most common form of a trojan is a Remote Access Trojan (RAT), which allows an attacker to control a workstation or steal information remotely. To operate, a trojan will create numerous processes that run in the background of the system.
Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Once infected, a system or its files are encrypted, and then the decryption key is withheld from the victim unless payment is received.
You are working as a server administrator at Dion Training. You unlock the server room door using your proximity badge and walk through the door. Before the door shuts, another person walks in behind you. What social engineering technique did this person utilize?
Tailgating
Spoofing
Shoulder Surfing
Impersonation
Tailgating