Practice Assessment Flashcards
A user inspects and learns about the electrical components on the inside of a computer. What is measured in ohms?
a) Current
b) Voltage
c) Resistance
d) Watts
c) Resistance
A user looks to reconfigure an IP address for a network adapter. Using a graphical user interface (GUI), which Windows 11 Control Panel applet is the most direct?
a) Internet options
b) Network and Internet
c) Network and Sharing Center
d) Advanced sharing settings
c) Network and Sharing Center
A user suspects that a USB drive on their system has been tampered with. The user accidentally dropped the USB drive, breaking the chip inside it. What does the user compromise?
a) Incident documentation
b) Digital forensics
c) Latent evidence
d) Chain of custody
b) Digital forensics
A systems administrator looks to have a daily backup of a server located across a wide area network (WAN) link. As the link is not fast, the administrator creates a backup scheme that uses little to no bandwidth and acquires an entire backup of the system. Which scheme does the administrator implement?
a) Full
b) Synthetic
c) Incremental
d) Differential
c) Incremental
*An incremental backup is a backup scheme that only backs up the data that has changed since the last backup (whether it’s a full or incremental backup). This approach uses significantly less bandwidth and storage space because it does not involve creating a complete copy of the entire system each time.
In the scenario where the link is not fast, an incremental backup is ideal as it minimizes the amount of data transmitted over the WAN. Instead of transmitting the entire system data every day (as would happen in a full backup), only the changes made since the last backup are transferred, saving on both time and bandwidth.
Here’s why the other options are less appropriate for this scenario:
a) Full backup: A full backup copies all data on the system, regardless of whether it has changed. This would require a significant amount of bandwidth over a slow WAN link, which is not optimal in this case.
b) Differential backup: A differential backup also backs up data that has changed since the last full backup, but unlike incremental backups, each differential backup includes all changes since the last full backup. This would result in progressively larger backups as more days pass, which still requires more bandwidth than an incremental backup.*
A user interacts with a Linux distribution that has no desktop graphical user interface (GUI). As the user types, which stream handles the interaction?
a) stderr
b) std
c) stdout
d) stdin
d) stdin
*stdin (standard input): This is the stream that handles user input, such as what is typed by the user in the terminal. The user interacts with the system through this input stream when typing commands or text.
stdout (standard output): This stream is used for output from commands or applications that are run, sending data to the screen or terminal.
stderr (standard error): This stream is used for error messages or diagnostics from applications or commands that fail.
std (not a valid stream): This is not a recognized standard stream in Linux or Unix-like systems.
Since the user is interacting with the system by typing (i.e., providing input), the stdin stream is responsible for handling that interaction.*
A systems administrator configures a hardware firewall to allow remote desktop connections to various Windows computers. This involves port forwarding. Which port will the administrator need to change so that each system uses a unique port?
a) 22
b) 5900
c) 443
d) 3389
d) 3389
*Remote Desktop Protocol (RDP) uses port 3389 by default for remote desktop connections to Windows systems. When setting up port forwarding on a hardware firewall to allow remote desktop connections to multiple systems, the administrator will need to change the external port number for each system to ensure each system uses a unique port.
For example:
If the firewall forwards external port 3389 to the internal RDP service on the first system,
The firewall could forward 3390 to the second system, 3391 to the third, and so on.
Here’s why the other options are not correct:
a) 22: Port 22 is used for SSH (Secure Shell), which is a protocol typically used for securely managing Unix/Linux systems remotely. It is not used for RDP.
b) 5900: Port 5900 is used for VNC (Virtual Network Computing), which is another remote desktop protocol, but not the default for Windows.
c) 443: Port 443 is used for HTTPS (Hypertext Transfer Protocol Secure), not for remote desktop connections.*
A systems administrator configures a new Windows workstation. The system uses the New Technology File System (NTFS). The administrator needs the system to interact with a Linux system and support a set of common interface standards for compatibility. Which compliance does the administrator need to ensure?
a) Indexing
b) Journaling
c) Snapshots
d) POSIX
d) POSIX
*POSIX (Portable Operating System Interface) is a set of standards defined by the IEEE for maintaining compatibility between operating systems. POSIX compliance ensures that the system follows common interface standards, which is crucial when interacting with different operating systems, like Linux and Windows, that may have different file system and operating system conventions.
In the context of a Windows system using the New Technology File System (NTFS), POSIX compliance is important to enable better interoperability with Linux systems, which typically follow POSIX standards. This ensures that basic file and directory permissions, system calls, and other file management tasks work seamlessly across both platforms.
Let’s briefly review the other options:
a) Indexing: Indexing in NTFS is a process used to optimize the search and retrieval of files. While important for file system efficiency, it doesn’t directly address compatibility with Linux systems.
b) Journaling: Journaling is a feature used in file systems (like NTFS and ext4) to keep track of changes. It helps ensure data integrity in case of unexpected shutdowns, but it’s not specifically about compatibility between Windows and Linux.
c) Snapshots: Snapshots are a technique for taking point-in-time backups of data. While useful in data protection, snapshots are not related to system interoperability or compliance between Windows and Linux.*
A newly-hired software engineer reviews the company’s procedures manual on approved use of Windows scripts. What are tenets of Windows PowerShell? (Select all that Apply.)
a) It combines a script language with hundreds of prebuilt modules
b) It is built on the .NET framework
c) It is based on Microsoft’ Visual Basic programming language
d) It is written for the basic Windows CMD interpreter
a) It combines a script language with hundreds of prebuilt modules
b) It is built on the .NET framework
*a) It combines a script language with hundreds of prebuilt modules:
PowerShell is a powerful scripting language that integrates command-line capabilities with an extensive set of prebuilt modules and cmdlets (pronounced “command-lets”). These cmdlets allow users to automate and manage administrative tasks across various Microsoft services and applications.
b) It is built on the .NET framework:
PowerShell is built on the .NET framework, which gives it the ability to interact with .NET objects, access libraries, and use types from the .NET class library. This allows PowerShell to leverage the full power of the .NET environment for system administration tasks.
Explanation for incorrect answers:
c) It is based on Microsoft’s Visual Basic programming language:
This is incorrect. PowerShell is not based on Visual Basic; it is a separate scripting language designed by Microsoft. While both PowerShell and Visual Basic are used for automation and scripting, PowerShell is more closely tied to the .NET framework, whereas Visual Basic is a general-purpose programming language that can be used for a wide variety of applications, including Windows applications.
d) It is written for the basic Windows CMD interpreter:
This is incorrect. While PowerShell shares some similarities with the traditional CMD interpreter, it is far more powerful and is not merely an extension of CMD. PowerShell was specifically designed to offer advanced capabilities that CMD lacks, such as support for objects, remote administration, and access to .NET libraries.
A user builds a new computer for gaming purposes. The ability to upgrade the performance graphics processing unit (GPU) over time is desired. What GPU type does the user invest in?
a) Integrated graphics
b) Video RAM
c) Dedicated graphics
d) System RAM
c) Dedicated graphics
A user experiences a blue screen of death (BSoD) during startup while using a Windows desktop computer. Upon initial inspection, no debris is observed in the tower. What does a support technician determine to be a good first troubleshooting step?
a) Check the system for malware
b) Reinstall the operating system
c) Look for any hardware changes
d) Clean any dust from the system
c) Look for any hardware changes
*When a user experiences a Blue Screen of Death (BSoD) during startup, it’s often related to a hardware or driver issue. The first step in troubleshooting this issue should be to look for any recent hardware changes that may have caused the system to become unstable. This could include:
Newly installed hardware components (e.g., RAM, GPU, hard drive, etc.)
Incorrectly seated hardware components
Loose cables or connections
Identifying these potential hardware-related issues can help pinpoint the cause of the BSoD.
Explanation for incorrect answers:
a) Check the system for malware:
While malware can cause system instability, it is less likely to cause a BSoD right after startup, especially if the system hasn’t been infected recently. Malware scanning would be more appropriate after ruling out hardware and driver issues.
b) Reinstall the operating system:
Reinstalling the operating system is a more drastic measure and should only be done after all hardware and driver issues have been investigated. A BSoD can often be resolved without needing to reinstall the operating system.
d) Clean any dust from the system:
While dust buildup can cause overheating and instability, the initial inspection showed no debris. Cleaning the system might be necessary in the long term, but the first troubleshooting step should focus on hardware changes or conflicts that are more likely causing the BSoD.*
Windows allows for several types of installable software. Which type may be transferred between computers when a user utilizes a Microsoft account?
a) WIndows features
b) Store apps
c) Windows subsystem for Linux
d) Desktop apps
b) Store apps
*Windows allows several types of installable software, but when using a Microsoft account, Store apps (also known as Universal Windows Platform apps or UWP apps) are the ones that can be transferred between computers.
Store apps are linked to your Microsoft account, meaning that once you install them on one device, you can easily reinstall or transfer them to another device as long as you’re signed in with the same account. These apps are typically downloaded from the Microsoft Store.
Explanation for incorrect answers:
a) Windows features:
Windows features are built-in capabilities and services that come with Windows (e.g., Hyper-V, Windows Defender, etc.). These are not installable software and cannot be transferred like Store apps.
c) Windows Subsystem for Linux:
The Windows Subsystem for Linux (WSL) allows running a Linux environment on Windows, but it is not a type of software that is directly tied to a Microsoft account and doesn’t transfer in the same way as Store apps.
d) Desktop apps:
Desktop apps (traditional software that runs on Windows) are generally not tied to a Microsoft account for transfer purposes. They need to be reinstalled on a new computer, and the licensing may not be transferable.*
A user looks to implement Virtual Network Computing (VNC) access to a Windows computer while traveling. Which port does the user open on a hardware firewall to allow access?
a) 443
b) 22
c) 5900
d) 3389
c) 5900
A company implements several types of security mechanisms around a high-risk data center. One of the mechanisms allows for a panic button to be pressed. Which security type does this button represent?
a) Circuit
b) Motion
c) Duress
d) Proximity
c) Duress
*A duress alarm is triggered manually and could be implemented as a wireless pendant, concealed sensor or trigger, or call contact.
A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm. This could be caused by a door opening or by a fence being cut.
A motion-based alarm is linked to a detector triggered by movement within a room or other area. The sensors in these detectors are either microwave radio reflection or passive infrared (PIR).
Proximity alarms use radio frequency ID (RFID) tags and readers that can be used to track the movement of tagged objects within an area.*
A technician configures a backup routine on an important workstation. Which type does the routine use when only backing up changes since the last full backup and relatively faster during restore?
a) Synthetic
b) Full
c) Incremental
d) Differential
d) Differential
*Differential jobs select new files and files modified since the original full job. A differential chain has moderate time and storage requirements and relatively faster during restore compared to incremental backups since only the last differential back up is required for restore.
A synthetic backup is an option for creating full backups with lower data transfer requirements. A synthetic full backup is not generated directly from the original data but instead assembled from other backup jobs.
A full backup means that the backup job produces a file that contains all the data from the source. This means that the backup file is nominally the same size.
Incremental jobs select only new files and files modified since the previous job. An incremental job has the lowest time and storage requirement, but incremental backups have a longer restore time compared to differential backups since all incremental tapes are required for a restore. *
A technician would like to set every Windows computer at an organization to have a company logo as a desktop wallpaper. What does the technician determine as the best method for deploying the setting?
a) Login script
b) Domain group policy
c) Local group policy
d) Administrative template
b) Domain group policy
*A domain group policy configures computer settings and user profile settings for all computers and user accounts within a domain. This type of policy would satisfy the requirement.
A login script performs some type of configuration or process activity when the user signs in. A script would not be used to set wallpaper.
A local group policy configures computer settings and user profile settings on an individual system. This would need to be done on each system which is time-consuming and prone to error.
Administrative templates contain particular configurations and can be used to define settings in third-party software too.*
An engineer configures an Authentication, Authorization, and Accounting (AAA) server to authenticate credentials for remote users. Credentials are forwarded to the AAA server from a firewall. Which AAA method does the engineer utilize?
a) TACAS+
b) RADIUS
c) Kerberos
d) Active Directory
b) RADIUS
*Remote Authentication Dial-in User Service (RADIUS) is one way of implementing the AAA server when configuring enterprise authentication. The firewall is configured as a client of the RADIUS server.
Terminal Access Controller Access Control System Plus (TACACS+) is a way of implementing AAA and is often used in authenticating administrative access to routers and switches.
On Windows networks, Kerberos is a protocol that allows a user account to authenticate to a domain controller (DC) over a trusted local cabled segment.
The Lightweight Directory Access Protocol (LDAP) is a TCP/IP protocol used to query and update an X.500 directory such as Windows Active Directory.*
A tech has an Android tablet that no longer receives updates due to its age. Learning that a custom firmware with new features is available, what does the tech require to install the image?
a) Jailbreak
b) Root access
c) Sideload
d) Wipe
b) Root access
*For some devices, it is necessary to exploit a vulnerability or use custom firmware. Custom firmware is essentially a new Android OS image applied to the device and requires root access to install.
iOS jailbreaking is accomplished by booting the device with a patched kernel. For most exploits, this can only be done when the device is attached to a computer while it boots (tethered jailbreak).
Sideloading is the action of installing applications that are obtained outside of the device’s official app store.
Wiping a device will reset the device to its factory state. Wiping is involved with installing a new firmware image; however, root access is required to install the image.*
A technician is troubleshooting a Windows system using the command prompt and is currently in the directory C:\Backup. They need to navigate to the subdirectory 02102022 within C:\Backup. Which command should they use to enter the subdirectory directly?
a) cd\ 02102022
b) cd.. 02102022
c) cd 02102022
d) cd .\Backup\02102022
c) cd 02102022
*A user can easily navigate a Windows system by issuing the change directory (CD) command. The cd command followed by a space and then by a directory name will move to that directory.
When navigating directories on a Windows system with a command prompt, the change directory (cd) command is used. The cd\ command will navigate to a higher level in the folder structure.
The change directory (cd) command is used when navigating between directories when using a Windows command prompt. The cd.. command will move the user to a high level in the folder structure.
Using the command cd .\Backup\02102022 is not a valid command. It will return an error of “The system cannot find the path specified.*
A user looks to reconfigure an IP address for a network adapter. Using a graphical user interface (GUI), which Windows 11 Control Panel applet is the most direct?
a) Internet options
b) Network and Internet
c) Network and Sharing Center
d) Advanced sharing settings
b) Network and Internet
*The Network and Internet configuration area is the modern settings app used to view network status, change the IP address properties of each adapter, and access other tools.
The Internet Options Control Panel applet exposes the configuration settings for Microsoft’s Internet Explorer (IE) browser.
The Network and Sharing Center is a Control Panel applet that shows various status information for a current network connection.
The advanced sharing settings is a Control Panel applet that configures network discovery (allows detection of other hosts on the network) and enables or disables file and printer sharing.*
A user suspects that a USB drive on their system has been tampered with. The user accidentally dropped the USB drive, breaking the chip inside it. What does the user compromise?
a) Incident documentation
b) Digital forensics
c) Latent evidence
d) Chain of custody
c) Latent evidence
*Digital evidence is mostly latent. Latent means that the evidence cannot be seen with the naked eye; rather, it must be interpreted using a machine or process.
Documenting the scene of an incident is important; using photographs and ideally video and audio. Investigators must record every action they take.
Digital forensics is the science of collecting evidence from computer systems to a standard that will be accepted in a court of law.
The evidence collected at the crime scene must conform to a valid timeline. Digital information is susceptible to tampering, so access to the evidence must be tightly controlled. In this case, only the user has handled the drive.*
