Practice Questions Flashcards
What can a Standard User do on their computer? Pick 2.
● Install Apps from the App Store.
● Install Non-App Store apps.
● Install security updates.
● Change the date/time on the computer.
● Some other wonky option.
● Install Apps from the App Store.
● Change the date/time on the computer.
A user forgot their password on their Managed Device with escrow MDM/FileVault turned on. They reach out to the MDM administrator. What type of key would the Administrator give the user so they could reset/unlock their computer?
personal recovery key (PRK)
In recoveryOS, the PRK can be used if prompted by Recovery Assistant, or with the Forgot All Passwords option, to gain access to the recovery environment, which then also unlocks the volume. When using the Forgot All Passwords option, resetting a password for a user isn’t required; the exit button can be clicked to start up directly into recoveryOS
Lockdown Mode
Messages - Most message attachment types are blocked, other than certain images, video, and audio. Some features, such as links and link previews, are unavailable.
Web browsing - Certain complex web technologies are blocked, which might cause some websites to load more slowly or not operate correctly. In addition, web fonts might not be displayed, and images might be replaced with a missing image icon.
FaceTime - Incoming FaceTime calls are blocked unless you have previously called that person or contact. Features such as SharePlay and Live Photos are unavailable.
Apple services - Incoming invitations for Apple services, such as invitations to manage a home in the Home app, are blocked unless you have previously invited that person. Game Center is also disabled.
Photos - When you share photos, location information is excluded. Shared albums are removed from the Photos app, and new Shared Album invitations are blocked. You can still view these shared albums on other devices that don’t have Lockdown Mode enabled.
Device connections - To connect your iPhone or iPad to an accessory or another computer, the device needs to be unlocked. To connect your Mac laptop with Apple silicon to an accessory, your Mac needs to be unlocked and you need to provide explicit approval.
Wireless connectivity - Your device won’t automatically join non-secure Wi-Fi networks and will disconnect from a non-secure Wi-Fi network when you turn on Lockdown Mode. 2G cellular support is turned off.
Configuration profiles - Configuration profiles can’t be installed, and the device can’t be enrolled in Mobile Device Management or device supervision while in Lockdown Mode.
How do you exclude a website from lockdown mode?
- From the menu bar in Safari, choose the Safari menu > Settings.
- Click Websites.
- In the sidebar, scroll down and click the Lockdown Mode.
- From the menu next to a configured website, turn Lockdown Mode on or off.
What app can identify and read text on physical objects and images around you?
Magnifier App
What needs do iPhone accessibility features support?
Vision
Mobility
Hearing
Speech
Cognitive
How would you trouble shoot FaceID?
- Check for Updates
- Check your Face ID settings
- Check that nothing is covering the TrueDepth camera
- Make sure your face isn’t blocked
- Make sure that you’re facing the trueDepth camera
- Restart your device
- Add an alternate appearance
- Reset Face ID
- Get Service
What 2 things does a revive do to an Apple Silicon Mac
- Updates the firmware
- Updates the recoveryOS to the latest version
In what order will Apple devices choose wifi?
- Your “most preferred” network
- A private network
- A public network
If macOS 13+, iOS/iPadOS16+ finds multiple private or public networks, what order do they prioritize networks?
- Configuration method (MDM)
- Highest supported Wi-Fi standard
- Frequency band (6GHz>5Ghz>5(DFS)>2.4GHz
- Security: WPA Enterprise, then WPA Personal, then WEP.
- Signal strength
won’t autojoin open networks unless you have connected in the last 2 weeks
The first thing you do when an iPad won’t charge?
- Try another cable/outlet
- Make sure iPad is not too hot/cold
- Force Restart iPad
How do you convert a physical SIM to an eSIM on the same iPhone?
eSIM Quick Transfer
What is the shortcut for Accessibility?
press Touch ID three times
What is VoiceOver?
a gesture-based screen reader
will tell you what is on the screen where you are touching
How do you disable Activation Lock on an MDM device?
at the Activation Lock Screen, you can enter the user name and password of the account that created the device enrollment token that links the MDM solution to Apple Business Manager, Apple Business Essentials, or Apple School Manager.
If Activation Lock was allowed on iPhone or iPad, you can clear it by entering the MDM Activation Lock bypass code at the Activation Lock Screen on that device.
What folders does System Integrity Protection protect?
/System
/usr
/bin
/sbin
/var
apps that are pre-installed w/MacOS
What is Gatekeeper software?
Gatekeeper verifies software is from an identified developer, is notarized by Apple to be free of known malicious content, and hasn’t been altered.
What are Apple’s Three layers of defense against Malware?
- Prevent launch or execution of malware App Store or Gatekeeper w/Notorization
- Block malware from running on customer systems: Gatekeeper, Notarization, and XProtect
- Remediate malware that has executed: XProtect
What does the Rapid Security Response for iOS, iPadOS, and macOS?
they deliver important security improvments between software updates
What is the best wifi security?
WPA3 > WPA2/WPA3 Transitional > WPA2 Personal(AES)
How do you troubleshoot Personal Hotspot?
- Check that Personal Hotspot is turned on in Settings > Hotspot
- Restart the iPhone/iPad/Mac
- Make sure you have latest iOS/iPadOS update
- on device go to Settings > General > Transfer or Reset(Device) > Reset, then tap Reset Network Settings
What is shared between Safari profiles?
Autofill Information
Password Information
Security Settings
Websites settings
Privacy settings
What is not shared between profiles?
History, cookies, and other website data are not shared between profiles
Tab Groups are not shared
Start page settings and net tab/window open with… settings
How do Safari Profiles sync?
Profiles automatically sync between all of your devices that are using Safari 17 or later, are signed in with the same Apple ID, and have Safari turned on in the iCloud section of Apple ID settings.
what is a plist?
property list
what is the default naming convention for a plist
the distributor’s revers DNS name prepended to the app or process name, followed by .plist
what happens when you Optimize Storage
Save space by automatically removing Apple TV movies and TV shows that you already watched, and by keeping only recent email attachments on this Mac when storage space is needed.
How do you see hidden admins?
check /private/vars
Where do you delete passkeys?
System Settings > Passwords > enter password > select website, then click the Show Details button > Delete Password/Passkey
What apps require same AppleID (continuity)
AirDrop
AirPlay to Mac
Auto Unlock/Approve w/Apple Watch
Continuity Camera
Continuity Markup
Continuity Sketch
Handoff
Instant Hotspot
Sidecar
Universal Clipboard
Universal Control
Where do you setup Sidecar?
System Settings > Displays
Click the + pop-up menue
How would you troubleshoot Sidecar displays flickering?
- Reduce wireless interference
- Bring devices closer to router and each other
- use a high quality, shielded cable
- avoid physical obstructions in the path of your wireless signal
Which two items in the System Information sidebar below Software allow you to verify that a Mac is enrolled by an MDM solution?
Managed Client and Profiles
what is Notarization?
malware scanning service provided by Apple. Apple scans apps, if no malware is detected it issues a Notarization ticket.
Can issue a revocation ticket for apps known to be malicious
What is Xprotect
signature based detection and removal of malware.
Uses YARA signatures, a tool used to conduct signature based malware detection
What does xProtect do if it detects malware?
When XProtect detects known malware, the software is blocked and the user is notified and given the option to move the software to the Trash.
