Practice Test Questions

Question 1

Karen, a salesperson in your company, is currently on travel this week. She calls your company’s help desk and is yelling because she cannot connect to her email using her hotel room’s WiFi. Her laptop shows that it is connected to the “HotelWiFi” network, but Windows states it has “Limited or no connectivity.” What action should Karen perform to fix this issue?

Answer 1

Open a web browser and agree to the hotel’s capture page AUP. The “Limited or no connectivity” message appears when a computer detects that the wireless network is present and operating, but the system cannot connect to the Internet. This is a common occurrence when connecting to a hotel or other public wireless networks. Many of these networks have a capture page that requires the user to agree to the company’s privacy policy or acceptable use policy before connecting the device to the internet. If the capture page doesn’t appear automatically, the user should open their web browser and visit any website to force the page to load.

Question 2

What is the LEAST secure wireless security and encryption protocol?

Answer 2

WEP. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications that was designed to replace WEP.

Question 3

A corporate workstation was recently infected with malware. The malware was able to access the workstation’s credential store and steal all the usernames and passwords from the machine. Then, the malware began to infect other workstations on the network using the usernames and passwords it stole from the first workstation. The IT Director has directed its IT staff to develop a plan to prevent this issue from occurring again. What would BEST prevent this from reoccurring?

Answer 3

Install an anti-virus or anti-malware solution that uses heuristic analysis. The only solution that could stop this from reoccurring would be to use an anti-virus or anti-malware solution with heuristic analysis. The other options might be able to monitor and detect the issue but not stop it from spreading. Heuristic analysis is a method employed by many computer anti-virus programs designed to detect previously unknown computer viruses and new variants of viruses already in the wild.

Question 4

A cybersecurity analyst is auditing your company’s network logs and identifies that a USB mass storage device was previously inserted into many of the company’s servers. The logs also showed dozens of failed login attempts before a successful login occurred on the servers. Which TWO of the following actions are recommended to eliminate the vulnerabilities identified by the cybersecurity analyst?

Answer 4

Lockout the account after 3 failed login attempts and Modify the Auto Run settings. Since the USB mass storage device was used to connect to the servers, it is recommended to modify the Auto Run settings. To prevent the password guessing attacks used, the servers should be configured to lock out any account after 3 failed login attempts. The other options are all considered good security practices, but they do not directly address the issues presented in this scenario.

Question 5

Last week, a technician remediated a malware infection on Karen’s laptop. Today, she shows up at the service desk, frustrated because her laptop appears to have been infected again. What step of the malware remediation process did the technician MOST likely forget to complete?

Answer 5

Educating the end User. (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

Question 6

You just rebooted your Windows 10 workstation, and the desktop’s background picture looks strange. Upon closer examination, you notice that only a few hundred unique colors are being shown in the image. What settings should you reconfigure?

Answer 6

Color Depth. Color depth is either the number of bits used to indicate the color of a single pixel in a bitmapped image or video frame buffer or the number of bits used for each color component in a single pixel. In Windows 10, you can display up to 32-bits of color depth if your monitor supports it. A larger color depth number allows more unique colors to be displayed. If you only have 4-bit color, for example, you can only have 16 colors. With an 8-bit color depth, you can see 256 colors. Normally, most Windows systems are set to 16-bit (65,536 colors), 24-bit (16.7 million colors), or 32-bit (4.2 billion colors).

Question 7

What devices should you NEVER disassemble during troubleshooting due to the risk of electrocution?

Answer 7

CRT display. A CRT monitor is an older-style computer monitor. It contains large capacitors that could retain high levels of electricity even after being disconnected. A technician should never open a CRT monitor or stick anything into its interior for fear of electrocution. Printers, tablets, and LCD panels all have field replaceable parts that a technician can install, remove, or replace.

Question 8

Your company works as a contractor to the military and has just finished replacing about 500 workstations across its secure network. You have been asked to properly dispose of the workstations and destroy the data on their hard disk drives. What methods would be the MOST effective?

Answer 8

Degauss each of the hard drives. Degaussing is the process of erasing/wiping a hard disk drive or magnetic tape. When exposed to a powerful magnetic field, the magnetic data on a hard disk is neutralized or erased. Degaussing is the guaranteed form of hard drive erasure and is considered fast and efficient, especially with many hard drives.

Question 9

What must be enabled to allow a video game console or VoIP handset to configure your firewall automatically by opening the IP addresses and ports needed for the device to function?

Answer 9

UPnP. Universal plug-and-play (UPnP) is a protocol framework allowing network devices to autoconfigure services, such as allowing a games console to request appropriate settings from a firewall. UPnP is associated with several security vulnerabilities and is best disabled if not required. You should ensure that the router does not accept UPnP configuration requests from the external (internet) interface. If using UPnP, keep up-to-date with any security advisories or firmware updates from the router manufacturer.

Question 10

What pairs of authentication factors should you choose to meet the requirements associated with MFA?

Answer 10

Thumbprint and passwords. Multi-factor authentication (MFA) requires a user to provide at least two different forms of authentication: something you know (username, password, pin), something you have (token, key fob, smartphone), something you are (fingerprint, retina scan), something you do (the way you speak a phrase or sign your name), or somewhere you are (location factor based on IP address or geolocation).

Question 11

What commands is used on a Linux system to copy a file from one directory to another directory?

Answer 11

cp. The CP command is a command-line utility for copying files and directories. It supports moving one or more files or folders with options for taking backups and preserving attributes. Copies of files are independent of the original file, unlike the mv command. The mv command is a command-line utility that moves files or directories from one place to another.

Question 12

A system administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The server manager decides to initiate a rollback. What describes what the system administrator should do next?

Answer 12

Return the system to the original state before the change. By performing a rollback, the administrator will change everything back to the last known good configuration before the change is started. Every change should be accompanied by a rollback (or back out) plan so that the change can be reversed if it has harmful or unforeseen consequences.

Question 13

What authentication protocols was developed by Cisco to provide authentication, authorization, and accounting services?

Answer 13

TACACS+. TACACS+ is an extension to TACACS (Terminal Access Controller Access Control System) and was developed as a proprietary protocol by Cisco. The Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that operates on port 1812 and provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service, but Cisco did not develop it.

Question 14

What TWO of the following devices should have a grounding wire attached to them when installed per the manufacturer’s recommendations?

Answer 14

Server rack and UPS. A server rack and UPS should be installed with a grounding wire attached to them. Grounding is not required for functionality but rather for safety. Numerous issues are involved when there is no ground, including the potential for electric shock, signal attenuation, and unpredictable operation.

Question 15

What command is used to create a new disk partition on a Windows system?

Answer 15

disk part. The disk part command is a command-line disk-partitioning utility available for Windows that is used to view, create, delete, and modify a computer’s disk partitions.

Question 16

A user is complaining about slow data speeds when they are at home in a large apartment building. The user uses Wi-Fi when they get home, and the device works fine on other wireless networks they connect to. What actions should the user take to increase their data speeds?

Answer 16

Increase the Wi-Fi signal being transmitted by their WAP. Slow data speeds can be caused by too much interference or a weak signal. Try changing the channel on Wi-Fi routers to less-used channels or boost the signal being transmitted, and the performance should increase. Alternatively, if the cellular signal is too low, you can install a signal booster or microcell in the home or office.

Question 17

You are troubleshooting a Windows 10 laptop that is infected with malware. You have already identified the type of malware on the laptop. What should you do NEXT? (Select THREE)

Answer 17

Disconnect the laptop from the network, update the anti-malware software, and disable system restore in windows. The seven steps of the malware removal procedures are (1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.

Question 18

What mitigation provides the best return on investment by mitigating the most vulnerable attack vector in an enterprise network?

Answer 18

Provide end-user awareness training for office staff. An enterprise network’s end users are the most vulnerable attack vector. Studies have shown that an investment in end-user cybersecurity awareness training has the best return on investment of any risk mitigation strategy. While all of the options presented are valid security mitigations, only end-user awareness training mitigates the biggest network vulnerability we have: our users.

Question 19

What file types are commonly used by management and administrative tasks in Windows using the Integrated Scripting Environment?

Answer 19

PS1. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line.

Question 20

What file system type is used to mount remote storage devices on a Linux system?

Answer 20

NFS. The Network File System (NFS) is used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system.

Question 21

What remote access protocols should you use to connect to a Linux server securely over the internet?

Answer 21

SSH (Secure Shell) is used to remotely connect to a network’s switches and routers to configure them securely. SSH is typically used for logging into a remote machine and executing commands, but it also supports tunneling, forwarding TCP ports, and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP) protocols. SSH uses the client-server model.

Question 22

What network configurations is used to identify your computer’s individual host identifier and your computer’s network identifier?

Answer 22

Subnet Mask. The subnet mask is used to identify the host identifier and the network identifier uniquely in combination with the IP address. The subnet mask is used by the TCP/IP protocol to determine whether a host is on the local subnet or a remote network.

Question 23

Your company has just installed a new proxy server and has asked you to configure all of the Windows workstations to use it. What Internet Options tabs in the Windows Control Panel should you configure?

Answer 23

Connections. The Connections tab in the Internet Options is used to set up the dial-up and VPN settings and the LAN settings. Under the LAN settings, you can configure the proxy server settings for the system.

Question 24

A coworker is creating a file containing a script. You look over their shoulder and see “net use s:\fileserver\videos” in the file. Based on this, what type of file extension should this script use?

Answer 24

BAT. Batch scripts run on the Windows operating system and, in their simplest form, contain a list of several commands that are executed in a sequence. A .bat file is used for a batch script. You can run the file by calling its name from the command line or double-clicking the file in File Explorer. Generally, batch file scripts run from end to end and are limited in branching and user input.

Question 25

You are troubleshooting a user’s laptop that is unable to print a document. You have verified the printer is working and properly connected to the workstation by USB. What log in Windows 10 would you review to determine if the print spooler service is causing this issue?

Answer 25

System Log. The event viewer shows a log of application and system messages, including errors, information messages, and warnings. It’s a useful tool for troubleshooting all kinds of different Windows problems. The system log contains information about service load failures, hardware conflicts, driver load failures, and more. The file (system. EVTX) is stored in the %System Root%\System32\Win EVT\Logs\ folder and can be opened using the Event Viewer.

Question 26

You are formatting a 4 TB external hard drive on your MacBook. The drive will be used to share files large video files between your MacBook and your friend’s Windows 10 desktop. What file format should you use?

Answer 26

EXFAT. The only file system format that would work for this situation is EXFAT. A macOS system can format a hard drive as APFS, HFS+, HFS, EXFAT, or FAT32. The Windows system would only be able to read EXFAT or FAT32. Unfortunately, FAT32 only supports drive sizes up to 32 GB, and file sizes up to 4 GB. Therefore, EXFAT should be used as it supports sizes up to 128 petabytes.

Question 27

What remote access protocols should you use to connect to a Windows 2019 server and control it with your mouse and keyboard from your workstation?

Answer 27

RDP. The RDP (remote desktop protocol) is a Windows feature that allows a remote user to initiate a connection at any time and sign on to the local machine using an authorized account. This connection allows a Windows administrator to see and control what is on a remote computer’s screen. RDP authentication and session data are always encrypted.

Question 28

What command-line tool is used on a Unix/Linux system to move upward on a directory in the system’s directory structure?

Answer 28

(CD..). The cd command is used to change the directory. If used with the “cd ..” option, it will move up one directory in the file system’s directory structure. If used with the “cd .” option, it will remain in the current directory. The cd command can be used to move directly to another directory or path if entered as “cd (some other directory or path)” into the command line. The ls command lists the files or directories in the current path of a Unix, Linux, or Mac operating system. When invoked without any arguments, ls lists the files in the current working directory.

Question 29

What types of installation would require the use of an XML text file containing the instructions that the Windows Setup program would need to complete the installation?

Answer 29

Unattached installation. An unattended installation is a software or operating system installation where the configuration information is derived from an input file. Windows supports the use of answer files that allows for fully or partially unattended installations. An answer file is an extensible Markup Language (XML) text file that contains all of the instructions that the Windows Setup program will need to install and configure the OS without any administrator intervention.

Question 30

A user attempted to go to their favorite social media website this morning from their laptop. When they typed in Facebook.com, their browser redirected them to MalwareInfect.com instead. You asked the user to clear their cache, history, and cookies, but the problem remains. What should you do NEXT to solve this problem?

Answer 30

Check the host.ini file. The hosts.ini file is a local plain text file that maps servers or hostnames to IP addresses. It was the original method to resolve hostnames to a specific IP address. The hosts file is usually the first process in the domain name resolution procedure. When a user requests a webpage, the hosts.ini file is first checked for the IP address. If the IP address isn’t found in the hosts.ini file, then the workstation requests the IP address from the DNS server. Attackers often modify host.ini files to redirect users to a malicious webpage instead of one they would commonly use like Google, Facebook, and others.

Question 31

What TWO of the following would provide the BEST security for both computers and smartphones?

Answer 31

Enabling multifactor authentication, and Enforcing trusted software access. The use of multifactor authentication is considered an industry best practice for both computers and smartphones. Additionally, any software being installed should come from a trusted source to prevent malware infections. Access controls lists can be easily set up on a computer, but not a smartphone.

Question 32

What types of screen locks uses a secret pattern drawn on the screen to prevent access to a mobile device?

Answer 32

Swipe. A swipe lock is a term for unlocking a device by tracing a predetermined on-screen pattern or joining dots on the screen. This was commonly used in Android devices until biometric methods like fingerprint scanners and facial recognition became more prevalent. The Face ID and Touch ID screen locks rely upon biometric data to securely unlock the device.

Question 33

Your coworker is creating a script to run on a Windows server using PowerShell. What file formats should the script use?

Answer 33

PS1. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line.

Question 34

Eleanor, a user, contacts the help desk to report that her workstation will not boot up this morning. The help desk technician verifies that the workstation’s memory, power supply, and monitor function properly. The technician believes that the hard drive is not recognized by the system based on an error message displayed on the screen. What error messages was being displayed?

Answer 34

No boot device available. “No boot device available” is an error message that indicates the workstation is not recognizing the hard drive. If the error message were “Operating system not found” or “NTLDR not found,” this would indicate that the hard drive was recognized but that the Windows OS was not installed properly. The “BIOS ROM checksum error” would indicate an issue with the BIOS, not the hard drive.

Question 35

You are trying to connect to another server on the network but are unable to ping it. You have determined that the other server is located on the 10.0.0.1/24 network, but your workstation is located on the 192.168.1.1/24 network. What tools should you use to begin troubleshooting the connection between your workstation and the server?

Answer 35

Traceroute. The traceroute command is used on Linux, Unix, and OS X devices to show details about the path that a packet takes from a host to a target and displays information about each hop in the path. While using ping will tell you if the remote website is reachable or not, it will not tell you where the connection is broken. Traceroute performs a series of ICMP echo requests to determine which device in the connection path is not responding appropriately. This will help identify if the connectivity issue lies within your workstation and the server since the traffic must be routed between the two networks.

Question 36

Regardless of what website Michelle types into her browser, she is being redirected to “malwarescammers.com.” What should Michelle do to fix this problem?

Answer 36

Reset the web browser’s proxy settings. When a browser redirect occurs, it usually results from a malicious proxy server setting being added to the browser. Michelle should first check her web browser’s configuration for any malicious proxies under the Connections tab under Internet Options in the Control Panel. Next, she should check the hosts.ini file to ensure that single sites are not being redirected.

Question 37

What type of authentication method is commonly used with physical access control systems and relies upon RFID devices embedded into a token?

Answer 37

Proximity Cards. A proximity card is a contactless card that usually utilizes RFID to communicate with the reader on a physical access system. These are commonly used to access secured rooms (such as server rooms) or even a building itself (such as at an access control vestibule). Some smart cards contain proximity cards within them, but the best answer to this question is proximity cards since that is the function of the smart card would be the device used to meet this scenario’s requirements.

Question 38

A new corporate policy dictates that all access to network resources will be controlled based on the user’s job functions and tasks within the organization. For example, only people working in Human Resources can access employee records, and only the people working in finance can access customer payment histories. What security concepts is BEST described by this new policy?

Answer 38

Least Privilege. Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints. Permissions Creep, also known as privilege creep, is what happens when an employee moves between roles in an organization and keeps the access or permissions of the previous role.

Question 39

What command-line entry would be used on a Windows system to test if your system can reach diontraining.com?

Answer 39

Ping diontraining.com. The ping command is used to test a host’s reachability on an Internet Protocol network. Type “ping diontraining.com” to send a series of ICMP packets will be sent to the Dion Training server. If they are received successfully, your system will receive an echo reply. Your system will then report if the call and response were successful and how long it took in milliseconds. The system file checker (SFC) command is a utility in Windows that allows users to scan for and restore corrupted Windows system files from the command line.

Question 40

What types of installations would you use on a system with slow performance or one that you cannot isolate a single cause of the system’s issues?

Answer 40

Repair Installation. Repair installation is a type of installation that attempts to replace the existing version of the operating system files with a new copy of the same version. A repair installation is useful when trying to repair a Windows computer that will not boot or when you believe the system files have become corrupted.

Question 41

What commands is used on a Linux system to perform installations of new software packages?

Answer 41

APT-GET. The apt-get utility is a powerful package management command-line program that works with Ubuntu’s APT (Advanced Packaging Tool) library to install new software packages, remove existing software packages, upgrade existing software packages, and even upgrade the entire operating system. The apt-get utility works with Ubuntu and Debian-based Linux distributions.

Question 42

During a disaster recovery, what statements is true?

Answer 42

A virtual machine has less downtime than a physical server. A virtual machine can usually be restored much faster than a physical server. Physical servers must be modified to fit the right drivers for the disk drives, NIC, and other necessary components whenever they must be rebuilt after a crash. Often, a new physical server will also be required to replace a faulty one, and then the right drivers are needed to ensure a smooth transition. Conversely, a virtual machine can be recreated using another instance, clone, or restoration from a backup in much less time. Therefore, the downtime associated with virtual machines and their restoral is much lower.

Question 43

Your company wants to provide a secure SSO solution for accessing both the corporate wireless network and its network resources. What technologies should be used?

Answer 43

Radius. With RADIUS and SSO configured, users on the network can provide their user credentials one time when they initially connect to the wireless access point or another RADIUS client and are then automatically authenticated to all of the network’s resources. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request. The Terminal Access Controller Access Control System (TACACS+) is a proprietary alternative to RADIUS developed by Cisco for handling authentication.

Question 44

You are installing a new firewall for Dion Training’s corporate network. What documents should you update FIRST?

Answer 44

Network topology diagrams. A network topology is the shape or structure of a network in a physical or logical format as depicted in a network diagram. Physical network topologies include the actual appearance of the network layout. Logical network topologies include the flow of data across the network. A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy is often part of an organization’s official regulations and may be taught as part of security awareness training. It contains items like password complexity, password age, and password history requirements.

Question 45

The server administrators have asked you to open the default port on the firewall for a new DNS server. What ports should you set to ALLOW in the ACL?

Answer 45

Port 53. Port 53 is used for DNS. The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.