Practice Test #1 Questions

Question 1

Jason’s company issued him an old 2018 laptop with an internal hardware security key that he uses to connect to his office network over a VPN while traveling. Without this laptop, Jason cannot access his company’s internal servers, email, or share drive files. The Windows 10 laptop is extremely slow, and the screen recently cracked and needs to be replaced. When Jason returns to the company’s headquarters, the company will provide him with a new laptop due to the broken screen. Until then, he is working out of his hotel room during a 45-day business trip and needs to continue using this laptop. Jason brings the laptop to the computer store you work at and asks for your assistance. Which of the following do you recommend?

a) Replace the display and charge him for the parts/installation
b) Sell him an external 15” tablet/monitor to connect to the laptop as a workaround
c) Replace the display and contact the manufacturer for reimbursement
d) Purchase a new laptop as the cost to repair might be more than a new laptop

Answer 1

b) Sell him an external 15” tablet/monitor to connect to the laptop as a workaround

In this scenario, you should recommend that he purchase an external 15” tablet/monitor to connect to the laptop as a workaround until he can return to the company’s headquarters. Since the laptop has an internal hardware key, if he replaces it with a new laptop then it will not connect to the corporate network over the VPN. The laptop is outside of the warranty period, making the recommendation of replacing the display and being reimbursed by the manufacturer incorrect.
While you could replace the display and charge him for the parts/installation, this would likely be more expensive than simply buying an external tablet/monitor as a workaround. A laptop replacement display usually costs between $300-500, whereas an external tablet/monitor costs between $100-150. The cheapest and quickest option provided would be to purchase an external monitor to use in his hotel until he gets back to the office.

Question 2

You are working on upgrading the memory of a laptop. After removing the old memory chips from the laptop, where should you safely store them until you are ready to reuse them in another laptop?

a) Ziplock bags
b) Antistatic bag
c) Cardboard box
d) Manila envelopes

Answer 2

b) Antistatic bag

To properly handle and store sensitive components, like a memory chip, you should use an ESD strap and place the components in an antistatic bag. An antistatic bag is a bag used for storing electronic components, which are prone to damage caused by electrostatic discharge (ESD) These bags are usually plastic polyethylene terephthalate (PET) and have a distinctive color (silvery for metalized film, pink or black for polyethylene).

Question 3

You are working as a penetration tester and have discovered a new method of exploiting a vulnerability within the Windows 10 operating system. You conduct some research online and discover that a security patch against this particular vulnerability doesn’t exist yet. Which type of threat would this BEST be categorized as?

a) Spoofing
b) Brute force
c) Zero-day
d) DDOS

Answer 3

c) Zero-day

A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability, hence the term zero-day.
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
A brute-force attack consists of an attacker systematically trying all possible password and passphrase combinations until the correct one is found.
Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source.

Question 4

Dion Training is building a new computer for its video editor to use. The new computer will use an octa-core Intel processor, 3 TB of DDR4 memory, and a RAID 0 with two 4 TB SSDs for optimal performance. Which of the following editions of Windows 10 would support all of this computer’s memory properly?

a) Enterprise
b) Pro
c) Home
d) Educational

Answer 4

a) Enterprise

*Microsoft Windows 10 Enterprise supports up to 6TB of RAM while Windows 10 Pro supports up to 2TB of RAM. Microsoft Windows 10 Enterprise and Windows 10 Pro for Workstations are designed to run on devices with high-performance configurations.

Windows 10 Enterprise and Windows 10 Pro for Workstations both support up to four physical CPUs. Windows 10 Pro and Windows 10 Education both only support two physical CPUs and 2 TB of RAM. Windows 10 Home only supports one physical CPU and up to 128 GB of RAM.*

Question 5

A home user brought their Windows 10 laptop to the electronics store where you work. They claim their computer has become infected with malware. You begin troubleshooting the issue by first pressing the power button, and the laptop loads properly without any issues. When you open Microsoft Edge, you notice that multiple pop-ups appear almost immediately. Which of the following actions should you take NEXT?

a) Clear the browser’s cookies and history, enable the pop-up blocker, and scan the system for malware
b) Quarantine the machine and report it as infected to your company’s cybersecurity department for investigation
c) Document the pop-ups displayed and take a screenshot
d) Reinstall or reimage the operating system

Answer 5

a) Clear the browser’s cookies and history, enable the pop-up blocker, and scan the system for malware

Malware often targets the web browser. Malware such as adware and spyware is designed with commercial or criminal intent rather than to vandalize the computer system. Common infection symptoms of spyware or adware are pop-ups or additional toolbars, the home page or search provider changing suddenly, searches returning results that are different to other computers, slow performance, and excessive crashing. Viruses and Trojans may spawn pop-ups without the user opening the browser. Since this is a home user’s laptop, you should remediate the issue and return the system to them. Since this is not a system owned by your company, there is no reason to report it to your company’s cybersecurity department.

Question 6

You are troubleshooting a Windows 10 laptop that is infected with malware. You have already identified the type of malware on the laptop. What should you do NEXT? (Select THREE)

a) Enable System Restore in Windows
b) Disconnect the laptop from the network
c) Educate the end user
d) Schedule scans and run system updates
e) Disable System Restore in Windows
f) Update the anti-malware software

Answer 6

b) Disconnect the laptop from the network
e) Disable System Restore in Windows
f) Update the anti-malware software

b) is Quarantine

Question 7

A new corporate policy dictates that all access to network resources will be controlled based on the user’s job functions and tasks within the organization. For example, only people working in Human Resources can access employee records, and only the people working in finance can access customer payment histories. Which of the following security concepts is BEST described by this new policy?

a) Blocklists
b) Directory permissions
c) Least privilege
d) Permission creep

Answer 7

c) Least privilege

Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints.
Permissions Creep, also known as privilege creep, is what happens when an employee moves between roles in an organization and keeps the access or permissions of the previous role.
Directory permissions are used to determine which users can access, read, write, and delete files or directories within a given directory.
A blocklist is a list of IP addresses, ports, or applications that are not allowed to be run or used on a given system.

Question 8

What is the minimum processor required to install Windows 10 (x86) on a device?

a) 2 GHz single-core processor
b) 1 GHz dual-core processor
c) 2 GHz dual-core processor
d) 1 GHz single-core processor

Answer 8

d) 1 GHz single-core processor

*For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 32 GB of hard drive space.

For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 32 GB of hard drive space.

For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.*

Question 9

A network administrator has set up a firewall and set up only three allow rules so that traffic can be sent over ports 21, 110, and 25. Next, they added a final rule of “deny any any” to the end of the ACL to minimize the attack surface and better secure the network. Unfortunately, now the administrator is receiving complaints from users that they cannot access any web pages using their URLs, such as DionTraining.com. Which of the following should the administrator do to correct this issue?

a) Add a rule to the ACL to allow traffic on ports 110 and 389
b) Add a rule to the ACL to allow traffic on ports 143 and 22
c) Add a rule to the ACL to allow traffic on ports 139 and 445
d) Add a rule to the ACL to allow traffic on ports 80 and 53

Answer 9

d) Add a rule to the ACL to allow traffic on ports 80 and 53

Port 80 is used for HTTP traffic (web traffic)
Port 53 is used for DNS queries (to resolve domain names like DionTraining.com to IP addresses)

Why not the others?
The ports in options a), b), and c) are related to email (POP3, IMAP), remote administration (SSH), and file sharing (SMB, NetBIOS). They do not address web browsing or DNS issues.

Question 10

Which of the following Control Panel sections would allow a technician to add or remove an external scanner from a Windows 10 computer?

a) Devices and Printers
b) System
c) Programs and Features
d) Device Manager

Answer 10

a) Devices and Printers

The Devices and Printers section of the Control Panel allows a technician to manage and add printers, scanners, and other external devices to connect to a Windows computer.
The Device Manager is used to view and control the hardware that is attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.

Question 11

A cybersecurity analyst notices that an attacker is trying to crack the WPS pin associated with a wireless printer. The device logs show that the attacker tried 00000000, 00000001, 00000002 and continued to increment by 1 number each time until they found the correct PIN of 13252342. Which of the following type of password cracking was being performed by the attacker?

a) Brute-force
b) Rainbow table
c) Dictionary
d) Hybrid

Answer 11

a) Brute-force

A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. In a traditional brute-force attack, the passcode or password is incrementally increased by one letter/number each time until the right passcode/password is found.
A dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.
A rainbow table is a precomputed list of possible hashes used when trying to speed up the process of password cracking.
A hybrid password cracking attack combines the use of a brute-force attack with a dictionary attack by using words from the dictionary’s list as the basis for the brute-force attack. For example, if the diction had the word Jason in it, the hybrid attack might try Jason123, Jason!@#, and J@$0n as possible combinations based on the word Jason.

Question 12

What does the command “shutdown /h” do on a Windows workstation?

a) Log off the workstation
b) Enter hibernation mode
c) Shutdown the workstation
d) Reboot the workstation

Answer 12

b) Enter hibernation mode

The shutdown command allows a user or administrator to shut down or restart local or remote computers, one at a time.
Using the /r option will reboot the computer.
Using the /s option will shut down the computer.
Using the /l option will log off the current user.
Using the /h option will enter sleep or hibernation mode.

Question 13

What umask should be set for a directory to have 700 as its octal permissions?

a) rwx——
b) rwxrwxrwx
c) r–r–r–
d) rwx—rwx

Answer 13

a) rwx——

RWX is 7 and — is 0.
In Linux, you can convert letter permissions to octal.
R = 4 | R is for read-only
W = 2 | W is for write
X = 1 | X is for execute
— = 0
The permissions strings are written to represent the owner’s permissions, the group’s permissions, and the other user’s permissions.

Question 14

You have just installed a new photo-sharing social media app on your smartphone. When you try to take a photo with the app, you hear the picture-taking sound. Unfortunately, when you check the app and your photo album, you cannot find any new pictures. Which of the following actions should you take to fix this issue?

a) Perform a firmware update
b) Update all the smartphone’s apps
c) Verify the app has the correct permissions
d) Uninstall and reinstall the app

Answer 14

c) Verify the app has the correct permissions

Each app has to have the proper permissions to use the smartphone’s various components, such as the microphone, camera, and storage. If the app has the correct permissions for the camera but not the storage, it will not store the photos being taken. This issue can be quickly corrected by checking the permissions under the app’s settings and the smartphone’s settings.

Question 15

Dion Training wants to implement a new wireless network in their offices. Which of the following types would support encryption for traffic being sent and received over the network while still allowing users to connect to the open network without a password, passphrase, or digital certificate?

a) WEP
b) WPA
c) WPA2
d) WPA3

Answer 15

d) WPA3

One of the features of WPA3 (WIFI6) is enhanced open. Enhanced Open enables encryption for traffic being sent and received over a wireless network when still using open authentication. WEP, WPA, WPA2 do not provide encryption of traffic sent over the network unless the network is protected by a password, passphrase, or digital certificate.

Question 16

Your company wants to increase the security of its server room. Which TWO of the following should they install to protect the server room’s contents?

a) Privacy window shades
b) Biometric lock
c) Bollard
d) Strong passwords
e) Badge reader

Answer 16

b) Biometric lock & e) Badge reader

A badge reader and biometric lock can be used on a server room door to provide multifactor authentication. Biometrics are identifying features stored as digital data that can be used to authenticate a user.
A badge reader can be used to read a security badge using RFID, a smart card, or a barcode to authenticate a user.
Cable locks are used for laptops, not servers or server rooms.
A bollard is used in the parking lot or the front of a building.
Strong passwords are used for the servers, not the server room itself.
Privacy windows shades could be used, but they are not as strong of a defense as a badge reader and biometric keypad on the door to the server room.

Question 17

An employee’s inbox is now filled with unwanted emails after their email password had been compromised last week. You helped them reset their password and regain access to their account. Many of the emails are coming from different email addresses such as @yahoo.com, @gmail.com, and @hotmail.com. Which of the following actions should the user take to help reduce the amount of spam they receive?

a) Mark each email as spam or junk
b) Establish an allow list of trusted senders
c) Create a domain-based email filter
d) Click the unsubscribe button of each email

Answer 17

a) Mark each email as spam or junk

*At the user level, the software can redirect spam to a junk folder or similar. Email filtering is any technique used to prevent a user from being overwhelmed with spam or junk email. Spam can be blocked from reaching an organization using a mail gateway to filter messages. Anti-spam filtering needs to balance blocking illegitimate traffic with permitting legitimate messages. Anti-spam techniques can also use lists of known spam servers by establishing a blocklist. If an allow list is used, only a small number of senders could send emails to the user. The technician should not create a domain-based email filter since the spammers are using Yahoo, Gmail, and Hotmail accounts to send the spam. If a domain-based email filter is created, it will block emails from all users on those email providers and prevent legitimate emails from being received.

Question 18

You have just installed a second monitor for a bookkeeper’s workstation so they can stretch their spreadsheets across both monitors. This would essentially let them use the two monitors as one combined larger monitor. Which of the following settings should you configure?

a) Refresh rate
b) Resolution
c) Color depth
d) Extended mode

Answer 18

d) Extended mode

The extended mode allows the Windows output to be stretched across two or more monitors as if they were a single monitor. This can be configured under the Display settings in Windows 10. Refresh rate is the measure of how fast an image can be updated on a monitor or display. If a monitor has a lower refresh rate, then blurring and ghosting can occur. Color depth defines how many unique colors can be displayed by the projected image at once. Most monitors have a default or native resolution. When you first connect a monitor to a Windows workstation, this native resolution is detected, and Windows attempts to configure itself automatically. If this creates an imbalance between the two monitors, a technician can adjust the screen’s resolution by changing it in the Display settings area of Windows 10.

Question 19

You have decided that you wanted to install a second operating system on your computer. After installing the OS and rebooting the computer, you see the “Operating System Not Found” error on your display. You verify that the boot.ini file is configured properly, but the error still appears. What is MOST likely causing this error?

a) The MBR bootloader was installed accidentally
b) An unsupported version of Linux is installed
c) An incompatible partition is marked as active
d) Windows Startup services are not properly running

Answer 19

c) An incompatible partition is marked as active

This issue may occur if one or more of the following conditions are true:
(1) the basic input/output system (BIOS) does not detect the hard disk,
(2) the hard disk is damaged,
(3) sector 0 of the physical hard disk drive has an incorrect or malformed master boot record (MBR),
(4) an incompatible partition is marked as Active, or
(5) a partition that contains the MBR is no longer active. The only option provided in this list is that an incompatible partition is marked as active.

Question 20

What type of structure is a “Do While” in scripting?

a) Constant
b) Branch
c) Loop
d) Variable

Answer 20

c) Loop

A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For, For Next, While, or Do While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A branch is used to control the flow within a computer program or script, usually based on some logic condition. Often, these are implemented with IF THEN ELSE statements. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9.

Question 21

You have decided to have DNA genetic testing and analysis performed to determine your exact ancestry composition and possibly find some lost relatives through their database. Which of the following types of data should this be classified?

a) CUI
b) IP
c) PII
d) PHI

Answer 21

d) PHI

Protected health information (PHI) refers to medical and insurance records, plus associated hospital and laboratory test results. Data collected by genetic mapping and heredity companies include the subject’s DNA, making it PHI.
Personally identifiable information (PII) is data that can be used to identify, contact, or locate an individual. Information such as social security number (SSN), name, date of birth, email address, telephone number, street address, and biometric data is considered PII.
Proprietary information or intellectual property (IP) is information created and owned by the company, typically about the products or services that they make or perform.
Controlled Unclassified Information (CUI) is federal non-classified information that must be safeguarded by implementing a uniform set of requirements and information security controls to secure sensitive government information.

Question 22

Madison is trying to open up her anti-malware solution to run a full system scan because she suspects her computer has become infected. When she attempts to run the tool, an error of “Access denied” is received. What security issue is MOST likely occurring?

a) Rogue anti-virus
b) Renamed system files
c) File permission change
d) Disappearing files

Answer 22

c) File permission change

If the user receives an “access denied” error message, it indicates that the file permissions have been changed. If the system files were renamed or the files disappeared, an error of “file not found” would be seen instead. Rogue antivirus is a particularly popular way to disguise a Trojan. In the early versions of this attack, a website would display a pop-up disguised as a normal Windows dialog box with a fake security alert, warning the user that viruses have been detected. As browsers and security software have moved to block this vector, cold calling vulnerable users claiming to represent Microsoft support has become a popular attack.

Question 23

An attacker is using a word list that contains 1 million possible passwords as they attempt to crack your Windows password. What type of password attack is this?

a) Hybrid
b) Brute-force
c) Rainbow table
d) Dictionary

Answer 23

d) Dictionary

A dictionary attack uses a list of common passwords to crack a user’s password. These lists do not have just dictionary words, though. For example, the word Dr@g0nBr3@+h (dragon breath) may be one such word but rewritten by substituting symbols or numbers for various letters. The dictionary file might have words like DRAGON, dragon, Dr@g0n, and many other forms. Most dictionary files contain millions of entries, and the password cracking tries each one until a match is found.
A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly.
A hybrid attack combines a dictionary list with the ability to add brute-force combinations to crack a password that is slightly different than the dictionary list entry.
A rainbow table is a tool for speeding up attacks against Windows passwords by precomputing possible hashes. A rainbow table is used to authenticate users by comparing the hash value of the entered password against the one stored in the rainbow table. Using a rainbow table makes password cracking a lot faster and easier for an attacker.

Question 24

Which of the following types of backups only copies data modified since the last full backup?

a) Synthetic
b) Full
c) Incremental
d) Differential

Answer 24

d) Differential

A differential backup only creates a copy of the selected data that has been modified since the last full backup. It is a good compromise in speed between a full backup (which takes the longest to backup and the least to restore) and an incremental backup (which takes the least to backup and the longest to restore).
An incremental backup only creates a copy of new files and files modified since the last full, incremental, or differential backup. Therefore, it takes the least amount of time to complete a backup. Unfortunately, it also takes the most time to restore since you have to first restore the full backup, then any differential and incremental backups until all your data is restored.
A full backup creates a copy of all the selected data regardless of when it was previously backed up. It takes the most time to complete a backup but is the fastest when conducting a restoral of all the data on a hard drive. Synthetic backup is the process of generating a file from a complete copy of a file created at some past time and one or more incremental copies created at later times. The expression synthetic in this context refers to the fact that the assembled file is not a direct copy of any single current or previously created file. Instead, a synthetic file is merged or synthesized by a specialized application program from the original file and one or more modifications to it.

Question 25

You attempt to boot a Windows 10 laptop and receive an “Operating System Not Found” error on the screen. You can see the hard disk listed in the UEFI/BIOS of the system. Which of the following commands should you use to repair the boot sector of the hard disk?

a) bootrec /fixmbr
b) diskpart list
c) bootrec /rebuildbcd
d) bootrec /fixboot

Answer 25

d) bootrec /fixboot

To repair the drive’s boot sector, you should use the command “bootrec /fixboot” and reboot the computer. If the disk cannot be detected, enter the system setup and try modifying settings (or even resetting the default settings). If the system firmware reports the disk’s presence, but Windows still will not boot, use a startup repair tool to open a recovery mode command prompt and use the bootrec tool to repair the drive’s boot information. The “bootrec /fixmbr” command is used to attempt a repair of the master boot record of a drive. The “bootrec /rebuildbcd” command is used to add missing Windows installations to the Boot Configuration Database (BCD). The diskpart command is a command-line disk-partitioning utility available for Windows that is used to view, create, delete, and modify a computer’s disk partitions.

Question 26

You are configuring a Windows 10 Professional workstation to connect to the Dion Training domain. To provide additional security to its users, Dion Training requires that all uses route their internet traffic through a server located at 10.0.0.15 for inspection before it is sent to the internet. Once inspected, the server will route the traffic to the WAN router whose IP is 10.0.0.1. Which of the following settings should be configured on the workstation to achieve this?

a) Under Network Adapter, configure the workstation’s gateway as 10.0.0.15
b) Under Network Adapter, configure the proxy server address as 10.0.0.15
c) Under Internet Options, configure the workstation’s gateway as 10.0.0.15
d) Under Internet Options, configure the proxy server address as 10.0.0.15

Answer 26

d) Under Internet Options, configure the proxy server address as 10.0.0.15

*A proxy server is a web server that acts as a gateway between a client application. To route all of the workstation’s internet traffic to the proxy server, a technician should configure the proxy server address under the Connections tab of the Internet Options section of the Control Panel. The Internet Options section of the Control Panel allows a technician to manage the Internet settings for their computers, including the security settings, access settings, and add-on control settings. Using Internet Options, a technician can set the homepage of the browser, set up the proxy server connection details, and change the trust and security settings used by the system.

Question 27

A corporate workstation was recently infected with malware. The malware was able to access the workstation’s credential store and steal all the usernames and passwords from the machine. Then, the malware began to infect other workstations on the network using the usernames and passwords it stole from the first workstation. The IT Director has directed its IT staff to develop a plan to prevent this issue from occurring again. Which of the following would BEST prevent this from reoccurring?

a) Monitor all workstations for failed login attempts and forward them to a centralized SYSLOG server
b) Install an anti-virus or anti-malware solution that uses heuristic analysis
c) Install a host-based intrusion detection system on all of the corporate workstations
d) Install a Unified Threat Management system on the network to monitor for suspicious traffic

Answer 27

b) Install an anti-virus or anti-malware solution that uses heuristic analysis

The only solution that could stop this from reoccurring would be to use an anti-virus or anti-malware solution with heuristic analysis. The other options might be able to monitor and detect the issue but not stop it from spreading. Heuristic analysis is a method employed by many computer anti-virus programs designed to detect previously unknown computer viruses and new variants of viruses already in the wild. This is behavior-based detection and prevention, so it should detect the issue and stop it from spreading throughout the network. A host-based intrusion detection system (HIDS) is a device or software application that monitors a system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system. The UTM is also acting as an IDS in this scenario based on the option presented.

Question 28

Which of the following open-source remote access tools allows users to connect to their desktop remotely, see what is on their screen, and control it with their mouse and keyboard?

a) SSH
b) VNC
c) RDP
d) Telnet

Answer 28

b) VNC

VNC (virtual network computing) is a remote access tool and protocol. It is used for screen sharing on Linux and macOS. RDP is not open-source. SSH and telnet are text-based remote access tools. Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection but sends its data in plaintext making it an insecure protocol.

Question 29

A user is complaining about slow data speeds when they are at home in a large apartment building. The user uses Wi-Fi when they get home, and the device works fine on other wireless networks they connect to. Which of the following actions should the user take to increase their data speeds?

a) Enable MAC filtering on their WAP
b) Upgrade to a new smartphone
c) Turn off Wi-Fi and rely on their cellular data plan
d) Increase the Wi-Fi signal being transmitted by their WAP

Answer 29

d) Increase the Wi-Fi signal being transmitted by their WAP

Slow data speeds can be caused by too much interference or a weak signal. Try changing the channel on Wi-Fi routers to less-used channels or boost the signal being transmitted, and the performance should increase. Alternatively, if the cellular signal is too low, you can install a signal booster or microcell in the home or office. Enabling MAC filtering would block devices attempting to connect to the Wi-Fi. Turning off the Wi-Fi and using their cellular data plan might be a valid workaround, but it does not solve the issue of the Wi-Fi not functioning properly at home. Upgrading the smartphone would not increase the speed of their home Wi-Fi, as their current smartphone already operates at faster speeds on other Wi-Fi networks.

Question 30

Dion Training has configured Windows Defender Firewall on all of its corporate Windows 10 laptops. When connected to a public network, the firewall has been configured to allow only inbound connections that match an existing rule and to only allow outbound connections that do match an existing rule to achieve the highest level of security. What type of security posture has Dion Training implemented?

a) Implicit allow for inbound, explicitly allow for outbound
b) Explicit allow for inbound, explicit allow for outbound
c) Explicit allow for inbound, implicit allow for outbound
d) Implicit allow for inbound, implicit allow for outbound

Answer 30

b) Explicit allow for inbound, explicit allow for outbound

The Windows Defender Firewall is a software-based firewall that is installed by default on Windows workstations. The Windows Defender firewall is used to prevent hackers and malicious software from gaining access to the workstation over the Internet or the local area network. Explicit allow refers to a security posture where the system will only allow an item to traverse the firewall if the traffic matches an existing rule. Implicit allow refers to a security posture where the system will allow all traffic to traverse the firewall unless there is a specific rule to prevent it. This type of explicit allow for both inbounder and outbound is known as an allow list posture as opposed to a blocklist or deny list posture.

Question 31

Which type of authentication method is commonly used with physical access control systems and relies upon RFID devices embedded into a token?

a) Smart cards
b) HOTP
c) TOTP
d) Proximity cards

Answer 31

d) Proximity cards

A proximity card is a contactless card that usually utilizes RFID to communicate with the reader on a physical access system. These are commonly used to access secured rooms (such as server rooms) or even a building itself (such as at an access control vestibule). Some smart cards contain proximity cards within them, but the best answer to this question is proximity cards since that is the function of the smart card would be the device used to meet this scenario’s requirements. An HMAC-based one-time password (HOTP) is a one-time password algorithm based on hash-based message authentication codes. A Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password that uses the current time as a source of uniqueness.

Question 32

Samuel’s computer is taking a very long time to boot up, and he has asked for your help speeding it up. Which TWO of the following actions should you perform to BEST resolve this issue with the least amount of expense?

a) Defragment the hard drive
b) Terminate processes in the Task Manager
c) Remove unnecessary applications from startup
d) Replace the hard drive with an SSD
e) Install additional RAM
f) Perform a Disk Cleanup

Answer 32

a) Defragment the hard drive & c) Remove unnecessary applications from startup

To speed up the boot process, you can defragment the hard drive, remove unnecessary applications from startup, install additional RAM, and replace the hard drive with an SSD. But, to do it with the least amount of expense, you can only defragment the hard drive or remove unnecessary applications from starting up since these actions do not require any additional components to be purchased.

Question 33

A programmer is writing a script to display all the numbers from 1 to 100 to the screen. Which of the following should they use in their script?

a) Constant
b) Loop
c) Comment
d) Branch

Answer 33

b) Loop

• A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9. A comment is written into the code to help a human understand the initial programmer’s logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed. A branch is used to control the flow within a computer program or script, usually based on some logic condition. Often, these are implemented with IF THEN ELSE statements.*

Question 34

Which of the following types of software CANNOT be updated via the Windows Update program?

a) Critical fixes
b) Driver updates
c) Firmware updates
d) Security patches

Answer 34

c) Firmware updates

The Windows Update program can download critical fixes, security patches, and driver updates. The Windows Update program cannot download and install firmware updates because the firmware must be updated before the Windows operating system begins running during the boot process.

Question 35

You are troubleshooting a computer that is operating slowly. Which of the following tools should you use to troubleshoot this workstation?

a) Performance monitor
b) Device Manager
c) Task Scheduler
d) DxDiag

Answer 35

a) Performance monitor

Windows Performance Monitor can be used to provide real-time charts of system resources or can be used to log information to a file for long-term analysis. By monitoring different resources at different times of the day, you can detect bottlenecks in a system that are causing problems. It may be that a particular application starts freezing for longer and longer periods. Many things could cause this. Perhaps it is that the processor is too slow, which would cause the requests to take longer. If the hard disk is too slow, this would mean that it takes too long for the computer to open and save files. If the application uses a network link, that link could have become faulty or congested. The task scheduler is a tool included with Windows that allows predefined actions to be automatically executed whenever a certain set of conditions is met. For example, you can schedule a task to run a backup script every night or send you an email whenever a certain system event occurs. Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it. The DirectX diagnostic (dxdiag.exe) utility is used to collect info about devices to help troubleshoot problems with DirectX sound and video. It is a diagnostics tool used to test DirectX functionality and troubleshoot video-related or sound-related hardware problems. DirectX diagnostic can save text files with the scan results.

Question 36

Dion Training wants to implement a new wireless network using WPA3 in their offices. Which of the following features of WPA3 is used to provide a password-based authentication using the dragonfly handshake instead of the older WPA 4-way handshake?

a) SAE
b) Enhanced open
c) AES GCMP
d) Management protection frames

Answer 36

a) SAE

• WPA3 introduces the SAE protocol to replace the WPA2’s 4-way handshake for password-based authentication. SAE is a more secure method for establishing a shared secret key between the client and the access point. It uses the dragonfly handshake, which provides resistance against offline dictionary attacks (a common vulnerability in WPA2’s 4-way handshake). This ensures that even if an attacker intercepts the handshake, they cannot easily guess the password through brute force or dictionary-based methods.

Here’s why the other options are not correct:

b) Enhanced open: This feature is related to WPA3’s support for open networks that use Opportunistic Wireless Encryption (OWE) to provide encryption even on open networks, but it does not involve password-based authentication or the dragonfly handshake.

c) AES GCMP: AES GCMP (Galois/Counter Mode Protocol) is a cryptographic algorithm used in WPA3 for encryption, but it does not relate to the password-based authentication or the handshake process.

d) Management protection frames: These are designed to provide security to management frames in WPA3, preventing certain types of attacks like deauthentication attacks, but they do not address the password-based authentication mechanism.

Thus, SAE is the feature in WPA3 that replaces the WPA2 4-way handshake and uses the dragonfly handshake for more secure password-based authentication.

*

Question 37

Which of the following tools should you utilize to ensure you don’t damage a laptop’s SSD while replacing it?

a) Antistatic bag
b) Air filter mask
c) Latex gloves
d) ESD strap

Answer 37

d) ESD strap

The key to answering this question is the word “while” in the sentence. Since you need to protect the SSD “while” you are replacing it, you must ensure you wear an ESD strap. An ESD strap is placed around your wrist and dissipates any static electricity from your body to protect sensitive hardware such as processors, memory, expansion cards, and SSDs during installation. An electrostatic discharge (ESD) is the release of a charge from metal or plastic surfaces that occurs when a potential difference is formed between the charged object and an oppositely charged conductive object. This electrical discharge can damage silicon chips and computer components if they are exposed to it. An antistatic bag is a packaging material containing anti-ESD shielding or dissipative materials to protect components from ESD damage. An antistatic bag is a packaging material containing anti-ESD shielding or dissipative materials to protect components from ESD damage. An air filter mask is a mask manufactured from polyester sheets that cover your nose and mouth to prevent the dust from being breathed in by a technician. Latex gloves are hand coverings to protect the technician when they are working with toner or other chemicals.

Question 38

Stephanie is installing Windows 10 (64-bit) in a virtual machine on her laptop. The installation is continually failing and producing an error. She has configured the virtual machine with a dual-core 1.7 GHz processor, 1 GB of memory, a 64 GB hard drive, and a 1920 x 1080 screen resolution. Which item in the virtual machine should be increased to fix the installation issue experienced?

a) The screen resolution
b) Number of CPU cores
c) Amount of hard drive space
d) Amount of memory

Answer 38

d) Amount of memory

The amount of memory needs to be increased. For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 20 GB of hard drive space.
For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.
For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 16 GB of hard drive space.

Question 39

Which of the following BEST describes how a DHCP reservation works?

a) By assigning options to the computers on the network by priority
b) By letting the network switches assign IP addresses from a reserved pool
c) By matching a MAC address to an IP address within the DHCP scope
d) By leasing a set of reserved IP addresses according to their category

Answer 39

c) By matching a MAC address to an IP address within the DHCP scope

*Reason: A DHCP reservation works by binding a specific IP address to a device’s MAC (Media Access Control) address. When the device with the specified MAC address requests an IP address from the DHCP server, the server will assign the reserved IP address from the DHCP scope rather than dynamically allocating one. This ensures that the device always receives the same IP address, making it useful for devices that need a static IP, such as printers, servers, or networked appliances.

Here’s why the other options are incorrect:

a) By assigning options to the computers on the network by priority: This refers more to the configuration of DHCP options (like DNS servers, gateway, etc.), but does not specifically describe how DHCP reservations work. DHCP reservations are about binding IP addresses to MAC addresses, not assigning network options by priority.

b) By letting the network switches assign IP addresses from a reserved pool: Network switches do not assign IP addresses; this is the role of the DHCP server. Switches are responsible for forwarding frames based on MAC addresses but do not manage IP address assignment.

d) By leasing a set of reserved IP addresses according to their category: While DHCP does lease IP addresses, a reservation specifically ties an IP to a device’s MAC address, not to a category. A DHCP lease may be assigned based on categories (like subnets or ranges), but that does not define a reservation.

So, matching a MAC address to an IP address within the DHCP scope best describes how DHCP reservation works.*

Question 40

Which type of antivirus scan provides the best protection for a typical home user?

a) Weekly scheduled scans
b) Safe mode scans
c) On-access scans
d) Daily scheduled scans

Answer 40

c) On-access scans

*On-access scans (also known as real-time scanning or active scanning) provide the best protection for a typical home user because they continuously monitor files and programs as they are accessed, executed, or downloaded. This type of scanning provides immediate detection and prevention of malicious activity before it can cause harm to the system. For a home user, this constant protection is crucial, as it prevents malware from running or spreading as soon as it enters the system.

Here’s why the other options are less ideal:
a) Weekly scheduled scans: While regular scanning is important, a weekly scan only provides protection at the time it runs. It leaves the system unprotected between scans, which could allow malware to infect the system during that time.

b) Safe mode scans: Safe mode scans can be helpful in detecting and removing persistent malware that may be difficult to remove while the operating system is running normally. However, this is not a routine scan option and requires a manual intervention to boot into safe mode, which is not ideal for continuous protection.

d) Daily scheduled scans: While daily scans are useful for regular checks, they still do not provide real-time protection. Between scheduled scans, the system could remain vulnerable to threats.

Therefore, on-access scans offer the best ongoing protection by actively monitoring and preventing threats as they occur in real time, which is crucial for typical home users.*

Question 41

Which of the following commands is used on a Linux system to search for lines that match a pattern within a file?

a) grep
b) pwd
c) vi
d) apt-get

Answer 41

a) grep

The grep is a command-line utility for searching plain-text data sets for lines that match a regular expression. The grep command works on Unix, Linux, and macOS operating systems. Grep is an acronym that stands for Global Regular Expression Print.
The apt-get utility is a powerful package management command-line program that works with Ubuntu’s APT (Advanced Packaging Tool) library to install new software packages, remove existing software packages, upgrade existing software packages, and even upgrade the entire operating system. The apt-get utility works with Ubuntu and Debian-based Linux distributions.