Jason Dion - CompTIA A+ 1002 Exam Prep #1 Flashcards
- You are concerned that your services could be damaged during a power failure or under-voltage event. Which Two Devices would protect against these conditions?
Surge Suppressor
Battery Backup
Grounding the Server Rack
Line Conditioner
Battery Backup
Line Conditioner
Explanation:
Line Conditioner - Protects equipment from Power Surges, helps to correct voltage and waveform distortions, and removes external electrical noise (IE: Frequency, Electromagnetic Interference) caused by devices such as radios and motors.
Battery Backup - Like a UPS (Uninterruptable Power Supply), have protections against Sags or Brownouts and will keep a System running for a limited amount of time, enough time to properly save your work and power down.
- Whenever you reboot your domain controller, you notice it takes a very long time to boot up. As the server is booting, you hear noises that sound like a steady series of clicks coming from the hard drive. Which of the following is the BEST action to help speed up the boot time of the Server?
Perform a Disk Cleanup
Terminate Processes in the Task Manager
Remove unnecessary applications from Startup
Defragment the Hard Drive
Defragment the Hard Drive
Explanation:
Defragging is a simple process when file fragments are put together to speed up file access. File fragments are put together, and quality defragmentation utilities also assemble the free space into a single block to prevent future fragmentation. By defragmenting the hard drive, the server doesn’t have to spend as much time accessing the information, and it can boot up faster. Based on the Clicking Noises, it sounds like the system has to access many parts of the drive to load files.
My Explanation:
The question focuses alot on BOOT, and REBOOT language, so I thought it was “Remove unnecessary applications from Startup” so the System boots up and loads into Windows Faster. The key part of the question that I missed however is Clicking Noises. Clicking Noises to me indicates that the DRIVE is Failing, per A+ 1001. However; apparently there’s some aspects of Defragmenting that sort of Error Checks Drives and can potentially clear Clicking sounds from Drives. However, non A+ Exam advice, I’d still consider this a Drive that is failing and I’d back things up and be ready for a replacement.
- Which of the following commands is used on a Linux System to delete all the files and directories in a Linux System’s filesystem?
rm -rf .
rm -rf /
rm /
rm .
rm -rf /
Explanation:
The “rm -rf /” command is the most dangerous command to issue in Linux. The rm -rf command is one of the fastest ways to delete a folder and its contents. But a little typo or ignorance may result in unrecoverable system damage.
The -r option means that the command will recursively delete the folder and its subfolders.
The -f option means that even read-only files wil be removed without asking the user.
The use of / indicates that the remove command should begin at the ROOT directory ( / ) and recursively force all files and folders to be deleted under the ROOT. This would delete everything on the System.
The . would only be deleting from the current working directory and then delete all files and folders further down the directory structure, not the entire file system.
- Your companies share drive has several folders that have become encrypted by a piece of ransomware. During your investigation, you found that only the Sales Department folders were encrypted. You continue your investigation and find that a salesperson’s workstation was also encrypted. You suspect that this workstation was the original source of the infection. Since it was connected to the Sales department share drive as mapped S:\ drive, it was also encrypted. You have unplugged the network cable from this workstation. What Action should you perform NEXT to restore the company’s network to normal operation?
Schedule a Full Disk Anti-Malware Scan on the Workstation
Schedule Weekly Scans and Enable On-Access Scanning
Disable System Restore on the Workstation
Restore the Sales Department Folders from Backups
Restore the Sales Department Folders from Backups
Explanation: (My Take)
The KEY piece of the LONG question is “….to RESTORE the Company’s Network to Normal Operation”. From a Malware 7 Step process, I believe and answered it was Disable System Restore, to prevent the specific Workstation from creating a Restore point that has the Malware Infection on it as you Remediate and remove the Malware. But that’s not what the question was asking. From a Business Standpoint, you Quarantine the Source Workstation that contains the Malware - and they indicate they did, then you want to get the Business Network restore ASAP and back up and running. – THEN, go back to taking care of the infected workstation.
- What is the Symbolic representation of the OCTAL Numeric Permission 644?
rw-r–r–
rw——-
rwx-r-xr-x
r–rw-rw-
rw-r–r–
Explanation:
r = 4
w = 2
x = 1
Knowing this, that means RW = 6, R = 4, and R = 4 over the 3 layers of Linux Permissions.
- Dion Training’s offices are frequently experiencing brownouts and sags. Which of the Following Solutions would protect all of their workstations and servers from these under-voltage events?
Line Conditioner
Uninterruptible Power Supply
Diesel Generator
Surge Suppressor
Line Conditioner
Explanation:
Line Conditioners are used to protect an entire power circuit from Under-Voltage events and power sags. Line Conditioners raise a sag or under-voltage event back to Normal Levels, but it cannot protect the line from a Complete Power Failure or Power Outage. These are also known as Voltage Regulators and Power Distribution Units.
Because the question’s requirement must protect ALL of the Workstations, a Line Conditioner is the Best Option.
An uninterruptible power supply or UPS is an electrical apparatus that provides emergency power to a load when the input power source becomes too low or the main power fails. UPS provides near-instantaneous protection from input power interruptions by using a battery backup.
- A user calls the service desk and states that their workstation has a virus. The user states that they were browsing their favorite website when the antivirus displayed a full-screen messaging stating, “1532 file infected on this computer - Click to remove infected files NOW!” The user states that when they click the button, a message from the company’s content filter states it is Blocked, and they need your assistance to remove the infected files. Which of the following has MOST likely occurred?
The user’s workstation is infected with ransomware
The user’s antivirus needs to be updated
The user’s workstation should be reimaged immediately
The user is the victim of a rogue antivirus attack
The user is the victim of a rogue antivirus attack
- After a company rolls out software updates, Ann a lab researcher, can no longer use the lab equipment connected to her PC. The tech contacts the vendor and determines there is an incompatibility with the latest version of the drivers. Which of the following should the technician perform to get the researcher back to the work as quickly as possible?
Downgrade the PC to a working patch level
Reset Ann’s equipment configuration from a backup
Restore Ann’s PC to the last known good configuration
Rollback the drivers to the previous version
Rollback the drivers to the previous version
- An attacker uses the nslookup interactive mode to locate information on a Domain Name Service (DNS). What command should they type to request the appropriate records for only the name servers?
request type=ns
set type=ns
transfer type=ns
locate type=ns
set type=ns
Explanation:
The nslookup command is used to query the Domain Name System to obtain the mapping between a domain name and an IP Address or to view other DNS records.
The “set type=ns” tells nslookup only reports information on name servers.
If you used “set type=mx” instead, you would receive information only on mail exchange servers.
- You have decided to have DNA genetic testing and analysis performed to determine your exact ancestry composition and possibly find some lost relatives through their database. Which of the following types of data should this be classified as?
PII
IP
PHI
CUI
PHI (Personal Health Information)
Explanation:
PHI (Personal Health Information) refers to medical and insurance records, plus associated hospital and lab test results.
PII (Personal Identifiable Information) refers to data that can be used to identify, contact, or locate an individual. Information such as a Social Security Number, name, date of birth, email address, telephone number, street address, biometric data is considered PII.
IP (Intellectual Property) or Proprietary Information is information created and owned by the company.
CUI (Controlled Unclassified Information) is federal non-classified information that must be safeguarded by implementing a uniform set of requirements and information security controls to secure sensitive government information.
- What umask should be set for a directory to have 700 as its OCTAL Permissions?
rwxrwxrwx
rwx—rwx
r–r–r–
rwx——
rwx——
Explanation:
r = 4
w = 2
x = 1
Knowing this, that means RWX = 7, then there is 0 Permissions for the next 2 levels in Linux Permissions.
- A user’s personal settings are not showing up on their computer. You suspect that their profile has become corrupted within Windows. You attempt to look at their profile file but cannot find it in their profile directory. Which of the following options do you need to configure to see this file?
Internet Options
Display Settings
User Accounts
Folder Options
Folder Options
Explanation:
File Explorer Options section of the Control Panel allows techs to customize the display of files and folders. You can enable or disable the ability to show hidden files, hide file extensions, and more. If you configure to view hidden files, you will see the system files such as the “ntuser.dat” file that are hidden from users by default.
The User Accounts section of the Control Panel allows techs to add user accounts, remove user accounts, change account types, reset account passwords, and other settings relevant to user accounts and their security.
- You want to ensure that only one person can enter or leave the server room at a time. Which of the following physical security devices would BEST help you meet this requirement?
Thumbprint Reader
Cipher Lock
Access Control Vestibule
Video Monitoring
Access Control Vestibule
Explanation:
Access Control Vestibule is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must be closed before the second set opens.
Thumbprint Reader or Cipher Lock will ensure that only an authorized user can open the door, but it won’t prevent someone from piggybacking and entering with them.
Video Monitoring is passive security, it won’t prevent two people from entering at once.
- A workstation was patched last night with the latest operating system security update. This morning, the workstation only displays a blank screen. You restart the computer, but the OS fails to load. What is the NEXT step you should attempt to boot this workstation?
Reboot the workstation into the BIOS and reconfigure boot options
Reboot the workstation into Safe Mode and rollback the recent security update
Reboot the workstation into Safe Mode, open RegEdit, and repair the Registry
Reboot the workstation into Safe Mode and disable Windows Services/Applications
Reboot the workstation into Safe Mode and rollback the recent security update
Which version should you use when installing a Linux OS and are concerned with End-Of-Life Support?
Rolling Release
Developer Release
LTS Release
Beta Release
LTS Release
Explanation: (My Take)
End of Life Support, being concerned with it means, you want a STABLE Distro of Linux, something that will be SUPPORTED, for the Long Term. LTS Release stands for (Long Term Support).
Beta Release is a Pre-Release of software product that is given out to a large group of users for a LIMITED Time and is supported for a LIMITED Time.
Developer Release is also a Pre-Release of a software product that is given out to software developers to TEST. Again, Supported for a LIMITED Time.
Rolling Release is a CONCEPT of Software development where an application is frequently updated through the release of new features over time.
Peter is attempting to print to his office printer, but nothing comes out. Yesterday, his printer was working just fine. Peter does not notice any errors on the taskbar’s printer icon. Which of the following actions should Peter try FIRST to solve this issue?
Check the status of the print server queue
Cancel all documents and print them again
Check to ensure the printer selected is the default printer
Check that the printer is not offline
Check the status of the print server queue
Explanation: (My Take)
The KEY word in the question was “Office” printer. Implies a Print Server/Networked Printer.
If no errors show in the taskbar’s printer icon, the user should open the print queue to determine if the print job has become stuck.
If it is, the print queue can be emptied or reset.
Which of the following types of attacks involves changing the system’s MAC address before it connects to a Wireless Network?
Spoofing
Botnet
Zombie
DDoS
Spoofing (MAC Spoofing)
You attempt to boot a Windows 10 laptop and receive an “Operating System Not Found” error on the screen. You can see the hard disk listed in the UEFI/BIOS of the system. Which of the following commands should you use to repair the boot sector of the hard disk?
bootrec /fixmbr
bootrec /rebuildbcd
diskpart list
bootrec /fixboot
bootrec /fixboot
Explanation:
To repair the Drive’s BOOT SECTOR - you should use the command “bootrec /fixboot” and reboot the computer.
“bootrec /fixmbr” is used to attempt to repair the MASTER BOOT RECORD of a Drive. The first 512-byte sector on a Hard Disk.
“bootrec /rebuildbcd” command is used to add missing Windows Installation to the Boot Configuration Database (BCD).
diskpart command is used in the command-line partitioning utility available for Windows that is used to view, create, delete, and modify a computers disk partition.
Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?
Telnet
SSH
VNC
RDP
VNC (Virtual Network Computing)
Explanation: (My Take)
KEY words “Open Source” and “Tool”.
VNC is a remote access TOOL and protocol. It is used for Screen Sharing on Linux and macOS.
RDP is NOT Open-Source.
SSH and Telnet are Text Based Remote Access Tools.
RDP (Remote Desktop Protocol) uses Port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.
SSH (Secure Shell) uses Port 22 to securely create communication sessions over the Internet for remote access to a server or system.
Telnet uses Port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection but sends its data in plaintext making it an insecure protocol.
A webserver has a planned firmware upgrade for Saturday evening. During the upgrade, the power to the building is lost, and the firmware upgrade fails. Which of the following plans should be implemented to revert to the most recent working version of the firmware on the webserver?
Contingency Plan
Alternative Plan
Backup Plan
Rollback Plan
Rollback Plan
Explanation: (My Take)
It’s a BackOUT Plan or Rollback Plan, they are the same thing. IT Governance integration approach that specifies the processes required to restore a system to its original or earlier state in the event of a failed or aborted implementation. Every Change Request should be accompanied by a Rollback or BackOUT Plan so that the change can be reversed if it has harmful or unforeseen consequences.
BackUP Plan is a documented business process that identifies how data will be available for recovery by quickly copying critical data from a backup system to the production environment.
Contingency Plan or Alternative Plan is a plan devised for an outcome other than the usual (Expected) plan. Often used in Risk Management for exceptional risk.
Sam and Mary both work in the accounting department and use a web-based SaaS product as part of their job. Sam cannot log in to the website using his credentials from his computer, but Mary can log in with her credentials on her computer. Sam asks Mary to login into her account from his computer to see if the problem is with his account or computer. When Mary attempts to log in to Sam’s computer, she receives an error. Mary noticed a pop-up notification about a new piece of software on Sam’s computer when she attempted to log in to the website. Which TWO of the following steps should Mary take to resolve the issue with logging in from Sam’s computer?
Choices:
Ask Sam about the pop-up notification and determine what new programs he installed on his computer.
Have Sam attempt to log on to another website from Sam’s computer to see if it works.
Have Sam clear his browser cache on his computer and then attempt to log on to the website again
Verify Sam’s computer has the correct web browser configuration and settings.
Ask Sam for his username/password to log on to the website from Mary’s computer.
Install a new web browser, reboot Sam’s computer, and attempt to log on to the website again from Sam’s computer.
Ask Sam about the pop-up notification and determine what new programs he installed on his computer.
Verify Sam’s computer has the correct web browser configuration and settings.
Which of the following is considered a form of Regulated Data?
DMCA
AUP
DRM
PII
PII (Personal Identifiable Information)
Explanation:
The four forms of regulated data covered by the exam are:
PII (Personally Identifiable Information)
PCI (Payment Card Industry)
GDPR (General Data Protection Regulation)
PHI (Protected Health Information)
AUP (Acceptable Use Policy
DRM (Digital Rights Management)
DMCA (Digital Millennium Copyright Act)
An administrator arrives at work and is told that network users are unable to access the shared drive on a Windows Server. The administrator logs into the server and sees that some windows updates were automatically installed last night successfully, but now the network connection shows “Limited with no availability”. What rollback action should the tech perform?
Web Browser
Server’s NIC Drivers
Server’s IP Address
Antivirus Updates
Server’s NIC Drivers
Explanation: (My Take)
There’s no such thing as rolling back a Server’s IP Address.
Antivirus Updates/Web Browser has nothing to do with Network Connectivity
Sometimes Windows Updates can install incompatible Drivers for your hardware and need to be rolled back. In this case, the NIC Card Drivers.
Which of the following macOS features allows the user to search all of the hard drives, network shares, and files for a keyword or phrase?
Finder
Gesture
Spotlight
Dock
Spotlight
Explanation: (My Take)
KEY words - Search via keyword or phrase…
Spotlight in macOS is like a SUPER SEARCH.
