Practice Test #4 Questions Flashcards
A user attempted to go to their favorite social media website this morning from their laptop. When they typed in Facebook.com, their browser redirected them to MalwareInfect.com instead. You asked the user to clear their cache, history, and cookies, but the problem remains. What should you do NEXT to solve this problem?
a) Conduct an antivirus scan
b) Upgrade their web browser
c) Check the hosts file
d) Disable System Restore
c) Check the hosts file
The hosts file is a local plain text file that maps servers or hostnames to IP addresses. It was the original method to resolve hostnames to a specific IP address. The hosts file is usually the first process in the domain name resolution procedure. When a user requests a webpage, the hosts.ini file is first checked for the IP address. If the IP address isn’t found in the hosts.ini file, then the workstation requests the IP address from the DNS server. Attackers often modify host.ini files to redirect users to a malicious webpage instead of one they would commonly use like Google, Facebook, and others
You are working on a Windows 10 workstation with a 1 TB HDD and 16 GB of memory that is operating slowly when reading large files from its storage device. Which of the following commands should you use to speed up this workstation?
a) diskpart
b) chkdsk
c) ipconfig
d) format
b) chkdsk
*When a Windows 10 system is experiencing slowness while reading large files from the storage device, it often indicates potential issues with the hard drive, such as file system errors, bad sectors, or other disk problems. The chkdsk command (Check Disk) is used to check the integrity of the file system on a disk and can automatically fix many common file system issues that might be causing the slowdown. It can also mark bad sectors so that the system avoids using them. chkdsk scans and repairs logical file system issues, such as file corruption or missing file entries. It checks for and can attempt to fix bad sectors on the disk, which might be slowing down file reads.
Why not the other options?
a) diskpart: The diskpart command is used for partitioning and managing disks, not for diagnosing or fixing performance issues related to disk reading. It can be used to format or partition a disk, but it’s not designed to address the issues you’re describing.
c) ipconfig: The ipconfig command is related to network configuration. It displays IP address information and can release or renew network interfaces, but it has nothing to do with improving disk performance.
d) format: The format command is used to erase and prepare a disk for use, which would delete all the data on the disk. This command is not appropriate for resolving performance issues when reading files, as it would cause data loss and doesn’t address potential disk integrity problems.*
John is setting up 100 Windows 10 computers for a new corporate office. He wants to ensure that no one can change the boot order and boot from an unauthorized operating system. What feature should he ensure is enabled?
a) Full disk encryption
b) Secure Boot
c) RAM integrity checking
d) BIOS password required
d) BIOS password required
*In a corporate environment where you are setting up multiple computers, enabling a BIOS password is an important step to restrict unauthorized users from accessing the BIOS or UEFI firmware settings. Here’s why this could be considered correct:
BIOS password protection ensures that only authorized personnel can access the BIOS settings, including the boot order.
Without a BIOS password, an attacker or unauthorized user could enter the BIOS/UEFI settings during startup and change the boot order to boot from an unauthorized device (e.g., a USB drive or an external hard drive with a different operating system).
Enabling a BIOS password prevents this type of physical tampering by requiring the password before any changes can be made to the system configuration, including boot sequence settings.
Why Secure Boot (b) is still a valid security measure:
Secure Boot is an additional layer of security that ensures the system only boots trusted operating systems that are signed by authorized authorities. It prevents the system from booting unauthorized operating systems, including potential malware. However, this is effective at the boot process level but does not prevent someone from entering the BIOS settings and disabling Secure Boot or changing the boot order.
So, the distinction:
BIOS password primarily prevents unauthorized access to BIOS settings, ensuring that only authorized users can change the boot order.
Secure Boot protects the integrity of the boot process by only allowing signed and trusted operating systems to boot.
In your case, the focus is on preventing unauthorized users from changing the boot order, which is why d) BIOS password required could be the correct choice if we consider the primary objective: ensuring that no one can change the boot sequence in the BIOS.*
Which of the following types of encryption should be selected on a SOHO access point if you are running a coffee shop and want all of your customers to be able to join it by default?
a) WPA2
b) WEP
c) Open
d) WPA
c) Open
If you’re running a coffee shop and want all of your customers to be able to join the Wi-Fi network by default without requiring any passwords or authentication, the Open encryption option is the most suitable choice. An Open network means that there is no encryption or password protection, allowing anyone within range to easily connect without any hassle. This setup is commonly used in public spaces like coffee shops where convenience for the user is prioritized over strict security.
Why not the other options?
a) WPA2: WPA2 (Wi-Fi Protected Access 2) is a more secure form of encryption used to protect Wi-Fi networks by requiring users to input a password. While it’s great for securing private networks, it would not meet the need for easy, no-password access in a public space like a coffee shop.
b) WEP: WEP (Wired Equivalent Privacy) is an older and insecure encryption standard that is no longer recommended due to vulnerabilities that allow easy cracking of the password. It’s not a good choice, even if you were aiming for a secure option, as it doesn’t offer sufficient protection.
d) WPA: WPA (Wi-Fi Protected Access) is a more secure option than WEP but is also less secure than WPA2. Like WPA2, it requires a password and would prevent customers from joining the network easily without authentication.
You are configuring a SOHO network that will contain 7 devices, but you only have a single public IP address. Which of the following concepts should be configured to allow the 7 devices to share that single IP when connecting to the internet?
a) UPnP
b) NAT
c) Perimeter network
d) DHCP
b) NAT
*NAT (Network Address Translation) is the concept that should be configured to allow multiple devices on a local network (in this case, 7 devices) to share a single public IP address when connecting to the internet. NAT allows a router or gateway device to translate private, internal IP addresses (used within your SOHO network) to a single public IP address. When any of the 7 devices in your network attempt to access the internet, the router will translate the internal addresses to the public IP address, making it appear as though all devices are accessing the internet from the same IP.
When responses from the internet come back, NAT ensures that the data is routed correctly to the specific device in the internal network that made the request.
This is a standard practice in small office or home networks, where there is typically only one public IP address provided by an ISP, but multiple devices within the network need internet access.
Why not the other options?
a) UPnP (Universal Plug and Play): UPnP is a set of protocols that allows devices on the network to discover each other and establish network services automatically. While it can help with setting up services on the local network (like port forwarding), it is not used for sharing a public IP address among multiple devices.
c) Perimeter network: A perimeter network (also called a DMZ) is used to provide an isolated network for services that need to be accessible from the outside, such as web servers. It is not used for sharing a single public IP address for multiple internal devices to access the internet.
d) DHCP (Dynamic Host Configuration Protocol): DHCP assigns private IP addresses to devices on the local network. While it is used to manage IP addresses within your SOHO network, it does not help with sharing a single public IP address for internet access. NAT handles that task.*
Which of the following is a connectionless protocol that utilizes on UDP?
a) TFTP
b) FTP
c) HTTPS
d) HTTP
a) TFTP
*TFTP is a connectionless protocol that uses UDP (User Datagram Protocol) for communication. Here’s why: TFTP is a simple file transfer protocol that operates over UDP, which is a connectionless protocol. UDP doesn’t establish a connection before sending data, and it doesn’t guarantee delivery, order, or error checking. This makes TFTP faster but less reliable compared to protocols that use TCP (like FTP). TFTP is typically used in situations where a lightweight, simple file transfer is needed, such as for transferring boot files to devices in network environments (e.g., network booting).
Why not FTP?
FTP (File Transfer Protocol), on the other hand, is a connection-oriented protocol that uses TCP (Transmission Control Protocol). TCP is a connection-based protocol that ensures reliable data transfer, error checking, and ordered delivery of packets. FTP requires a connection to be established between the client and server before transferring files, making it more reliable but slower compared to UDP-based protocols like TFTP.
Conclusion:
TFTP is the connectionless protocol that utilizes UDP, making a) TFTP the correct answer.
FTP is a connection-oriented protocol that uses TCP, so it does not fit the description of using UDP.*
What is the minimum amount of memory required to install Windows 10 (x64) on a device?
a) 8 GB
b) 4 GB
c) 2 GB
d) 1 GB
c) 2 GB
For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor and 1 GB of RAM.
For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor and 2 GB of RAM.
For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor and 4 GB of RAM.
A printing company uses an isolated Windows XP workstation to print out large format banners for its customers on a custom printer. Unfortunately, the printer does not support newer versions of Windows and would cost $50,000 to replace it. To mitigate this risk, the workstation is not connected to the internet or a local area network. When a customer needs a banner printer, the technician takes a copy of their PDF file and moves it to the Windows XP workstation using a USB thumb drive. The workstation recently became infected with malware when printing a customer’s file. The technician remediated the issue, but the workstation became infected again three weeks later. Which of the following actions did the technician forget to perform?
a) Disable System Restore and remove the previous restore points
b) Manually update the antivirus on the workstation and set it to perform on-access scans
c) Connect the workstation to the Internet to receive the latest Windows XP patches
d) Perform a data wipe operation on the USB thumb drive before its next use
b) Manually update the antivirus on the workstation and set it to perform on-access scans
This is a legacy workstation since it is running Windows XP. Since Windows XP is considered end-of-life, there are no security patches or updates available for it. To mitigate this risk, the workstation should be run only as an isolated workstation. Since the workstation is not connected to a network and receives files through the connection of a USB thumb drive, this would be the only way a piece of malware could enter the system.
The technician most likely neglected to update the antivirus/antimalware software on this workstation during the remediation. The technician should manually update the antivirus/antimalware definitions weekly. The workstation should also be configured to conduct on-access/on-demand scanning, as well.
Christina is attempting to install Windows 10 (32-bit) on an older netbook-style laptop. The installation is continually failing and producing an error. The device has a 1.1 GHz processor, 1 GB of memory, an 8 GB hard drive, and a 720p display. Which component would need to be fixed to allow Windows 10 (32-bit) to be installed on this device?
a) Number of CPU cores
b) Amount of memory
c) The screen resolution
d) Amount of hard drive space
d) Amount of hard drive space
The amount of hard drive space needs to be increased. For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 16 GB of hard drive space.
For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 20 GB of hard drive space.
For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.
You attempt to boot a Windows 10 laptop and receive an “Operating System Not Found” error on the screen. You can see the hard disk listed in the BIOS of the system. Which of the following commands should you use to repair the first 512-byte sector on the hard disk?
a) bootrec /rebuildbcd
b) bootrec /fixboot
c) diskpart list
d) bootrec /fixmbr
d) bootrec /fixmbr
*1) bootrec /fixmbr (for mbr/bios)
2) bootrec /fixboot (for uefi/gpt)
3) bootrec /rebuildbcd (for boot camp / multiple os environment)
A user’s Android smartphone is sluggish in responding when the user tries to open any of its apps. The smartphone has 2 GB of memory and a 16 GB internal storage device. The technician saw that the smartphone currently has 1.7 GB of memory in use and 412 MB of free storage space on the internal storage device. Which of the following should the technician perform to improve the device’s performance?
a) Replace the device’s screen
b) Replace the device’s battery
c) Upgrade the internal storage device
d) Uninstall any unneeded apps
d) Uninstall any unneeded apps
The smartphone is likely running out of memory, attempting to move data from the memory to the swap file, and the swap file is running low on space due to the internal storage device being almost full. Most smartphones do not allow the internal storage to be upgraded by technicians or end users. Some Android devices will have an external memory card slow that can be used for additional storage, but that was not an option presented in this scenario. To increase the performance of the smartphone, the technician should find any unnecessary applications and uninstall them with the consent of the user to free up additional internal storage space.
A corporate user has called the enterprise service desk because they believe their computer has become infected with malware. When you arrive at their desktop to troubleshoot the issue, you notice it was powered down. You press the power button, the system loads without any issues. When you open Google Chrome, you notice that multiple pop-ups appear almost immediately. Which of the following actions should you take NEXT?
a) Quarantine the machine and report it as infected to your company’s cybersecurity department for investigation
b) Reinstall or reimage the operating system
c) Document the pop-ups displayed and take a screenshot
d) Clear the browser’s cookies, history, and enable the pop-up blocker
a) Quarantine the machine and report it as infected to your company’s cybersecurity department for investigation
This is a tricky question because many technicians might try to fix the issue by clearing the browser or reinstalling/reimaging the machine. If this were a home user’s machine, this would be an appropriate response, but you should follow the company’s procedures since this is a corporate workstation. Most companies require any machines suspected of malware infection to be scanned/analyzed by the cybersecurity department before remediating or reimaging them. Therefore, the best thing to do is to remediate the system. This also follows the malware removal process since the technician just investigated and verified the malware symptoms.
Your company is concerned about the possibility of power fluctuations that may occur and cause a small dip in the input power to their server room for an extended period of time. What condition is this known as?
a) Under-voltage event
b) Power failure
c) Power spikes
d) Power surge
a) Under-voltage event
- An under-voltage event is a reduction in or restriction on the availability of electrical power in a particular area. The irregular power supply during an under-voltage event can ruin your computer and other electronic devices. Electronics are created to operate at specific voltages, so any fluctuations in power (both up and down) can damage them. To protect against an under-voltage event, you can use either a battery backup or a line conditioner. If the reduction lasts for minutes or hours, as opposed to short-term voltage sag (or dip). A significant over-voltage event that occurs for a very short period of time is known as a power spike.
A power spike is a very short pulse of energy on a power line. Power spikes can contain very high voltages up to and beyond 6000 volts but usually last only a few milliseconds instead of longer but lower voltage power surges. An extended over-voltage event is known as a power surge.
A power surge is basically an increase in your electrical current. A power surge often has levels of 10-30% above the normal line voltage and lasts from 15 milliseconds up to several minutes.*
Your company is expanding its operations in the European Union and is concerned about additional governmental regulations that may apply. Which of the following regulations applies when processing personal data within the European Union?
a) GDPR
b) PCI
c) PHI
d) PII
a) GDPR
The General Data Protection Regulation (GDPR) is a regulation created in the European Union that creates provisions and requirements to protect the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations, such as the US’s Privacy Shield requirements.
Personally identifiable information (PII) is data used to identify, contact, or locate an individual. Information such as social security number (SSN), name, date of birth, email address, telephone number, street address, and biometric data is considered PII.
Protected health information (PHI) refers to medical and insurance records, plus associated hospital and laboratory test results.
The peripheral component interconnect (PCI) bus is used to provide low-speed connectivity to expansion cards but has been mostly replaced by the faster PCIe bus. The Payment Card Industry Data Security Standard (PCI-DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment and store, process, and transmit cardholder data, you need to securely host your data and follow PCI compliance requirements.
Which of the following components presents the largest risk of electrical shock to a technician?
a) Laptop battery
b) CRT monitor
c) LCD monitor
d) Hard drive
b) CRT monitor
A CRT monitor is an older-style computer monitor that contains large capacitors which retain high levels of electricity even after being disconnected. A CRT should be disposed of carefully. A technician should never open a CRT monitor or stick anything into its interior for fear of electrocution.
Hard drives, LCD monitors, and laptop batteries do not contain high voltage levels.
