Practice test questions 3. Flashcards
A programmer is writing a script to calculate the disk space needed to perform a daily backup. The programming needs to store the amount of disk space in a temporary placeholder within the program that can be updated and changed during the script’s execution. What would be used to store the value of the disk space needed?
Variable. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9. A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen.
What information should be recorded on a chain of custody form during a forensic investigation?
Any individual who worked with evidence during the investigation. Chain of custody forms list every person who has worked with or who has touched the evidence that is a part of an investigation. These forms record every action taken by each individual in possession of the evidence. Depending on the organization’s procedures, manipulation of evidence may require an additional person to act as a witness to verify whatever action is being taken. While the chain of custody would record who initially collected the evidence, it does not have to record who was the first person on the scene (if that person didn’t collect the evidence). The other options presented by the question are all good pieces of information to record in your notes, but it is not required to be on the chain of custody form.
An employee’s inbox is now filled with unwanted emails after their email password had been compromised last week. You helped them reset their password and regain access to their account. Many of the emails are coming from different email addresses such as @yahoo.com, @gmail.com, and @hotmail.com. What actions should the user take to help reduce the amount of spam they receive?
Mark each email as spam or junk. At the user level, the software can redirect spam to a junk folder or similar. Email filtering is any technique used to prevent a user from being overwhelmed with spam or junk email. Spam can be blocked from reaching an organization using a mail gateway to filter messages. Anti-spam filtering needs to balance blocking illegitimate traffic with permitting legitimate messages. Anti-spam techniques can also use lists of known spam servers by establishing a blocklist. If an allow list is used, only a small number of senders could send emails to the user. The technician should not create a domain-based email filter since the spammers are using Yahoo, Gmail, and Hotmail accounts to send the spam. If a domain-based email filter is created, it will block emails from all users on those email providers and prevent legitimate emails from being received.
You are the first help desk technician on the scene of a potential data breach. What is the FIRST thing you need to do as part of the incident response?
Identify the issue. When conducting an incident response, you must (1) identify, (2) report, and (3) preserve the data/device. Therefore, the first step of the incident response is to identify the issue.
What file types are commonly used by scripts in a web page?
.ps1.JavaScript is a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. JavaScript is stored in a .js file or as part of an HTML file. VBScript is a scripting language based on Microsoft’s Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line.
Your company’s wireless network was recently compromised by an attacker who utilized a brute force attack against the network’s PIN to gain access. Once connected to the network, the attacker modified the DNS settings on the router and spread additional malware across the entire network. What TWO of the following configurations were most likely used to allow the attack to occur?
Guest network enabled, and router with outdated firmware. Wireless networks that rely on a PIN to connect devices use the Wi-Fi Protected Setup (WPS). It is a wireless network security standard that tries to make connections between a router and wireless devices faster and easier. WPS relies on an 8-digit PIN, but it is easily defeated using a brute force attack due to a poor design. Once connected to the network using the WPS PIN, the attacker may have logged into the router using the default administrative login credentials and then modified the router/gateway’s DNS. Commonly, many network administrators forget to change the default username/password of their devices, leaving an easy vulnerability for an attacker to exploit.
A user is complaining that their profile is taking too long to load on their Windows 10 system. What is the BEST solution to this problem?
Rebuild you Windows profile. Each user will normally have a local profile, containing settings and user-created files. Profiles are stored in the “Users” folder or can be redirected to a network folder. Sometimes, a Windows profile can be corrupted over time, making it slow (or even impossible) to load. If this happens, you should re-create or rebuild the user profile and migrate the user’s personal data into the new profile. If you have email messages in an email program, you must import your email messages and addresses to the new user profile separately. Some applications previously installed may need to be reconfigured or reinstalled. If you were logged into Microsoft Store apps like the Store or Movies & TV you may need to log back into those apps to see your previous purchases or restore settings.
Your boss from work just sent you an important email, but you are not in the office. You tried to open the email from your smartphone, but it is encrypted and won’t open. What should you do?
Verify the digital certificate is installed on the device. If an encrypted email does not open in your mail app, you most likely need to verify that your digital certificates are properly installed on the device as these are used to decrypt encrypted emails. If the email was sent to your Gmail account, it would be sent unencrypted. You should not ask for the email to be sent unencrypted since it removes the confidentiality and privacy of the email. Regardless of whether you are using the email client or the mobile web browser, if the digital certificate is not properly installed then the encrypted email will not be able to be read.
Every new employee at Dion Training must sign a document to show they understand the proper rules for using the company’s computers. This document states that the new employee has read the policy that dictates what can and cannot be done from the corporate workstations. What documents BEST describes this policy?
AUP. An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the internet. For example, an AUP may state that they must not attempt to break any computer network security, hack other users, or visit pornographic websites from their work computer. A service level agreement (SLA) is a contract that outlines the detailed terms under which a service is provided, including reasons the contract may be terminated. A statement of work (SOW), or a scope of work, is a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines. A memorandum of understanding (MOU) is a preliminary or exploratory agreement to express an intent to work together that is not legally binding and does not involve monetary exchange.
Your home network is configured with a long, strong, and complex pre-shared key for its WPA3 encryption. You noticed that your wireless network has been running slow, so you checked the list of “connected clients” and see that “Bob’s Laptop” is connected to it. Bob lives downstairs and is the maintenance man for your apartment building. You know that you never gave Bob your password, but somehow he has figured out how to connect to your wireless network. What actions should you take to prevent anyone from connecting to your wireless network without the proper WPA3 password?
Disable WPS. WPS was created to ease the setup and configuration of new wireless devices by allowing the router to automatically configure them after a short eight-digit PIN was entered. Unfortunately, WPS is vulnerable to a brute-force attack and is easily compromised. Therefore, WPS should be disabled on all wireless networks. If Bob could enter your apartment and press the WPS button, he could have configured his laptop to use your wireless network without your WPA3 password. While disabling the SSID broadcast could help prevent someone from seeing your network, the issue was someone connecting to your network without having the password. Disabling the SSID broadcast would not solve this issue.
A computer was recently infected with a piece of malware. Without any user intervention, the malware is now spreading throughout the corporate network and infecting other computers that it finds. What type of malware MOST likely infected these computers?
Worm. A worm is a standalone malware computer program that replicates itself to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. A worm can spread on its own, whereas a virus needs a host program or user interaction to propagate itself. A virus is malicious software designed to infect computer files or disks when it is activated. A virus may be programmed to carry out other malicious actions, such as deleting files or changing system settings. A trojan is a type of malware that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network.
Susan is installing several updates on a Windows computer. Nine of the updates were installed without any issues, but one update produced an error and failed to install. Susan restarts the computer as part of the troubleshooting process, and the computer automatically attempts to install the failed update again. Again, the update fails to install. What should Susan do NEXT?
Research the error number for the failed update an determine if there is a known issue with this update. If an automated system update fails to install, you should research the error number for the failed update to determine if the issue is a known error. Based on the error code, you can then determine the best method to overcome the issue. For example, a common cause of errors is inadequate space on the hard disk. If a technician needs to determine how to solve this issue best, researching the error code at Microsoft.com can help.
You need to move a 75-pound box with a rack-mounted UPS in it. What actions should you take?
Ask a coworker to team lift it with you. Since the box is over 50 pounds, you should ask a coworker to team lift the box with you. Team lifting is when two or more people work together to pick up a heavy or bulky object. When you need to lift or carry items, be aware of what your weight limitations are, as well as any restrictions and guidance outlined in your job description or site safety handbook. Weight limitations will vary depending on context. When lifting objects, always lift using your legs and not your back. A rack-mounted UPS is a self-contained unit, making it impossible to carry up in multiple pieces.
What commands is used on a Linux system to delete all the files and directories in a Linux system’s filesystem?
rm -rf/. The rm command is a command-line utility for removing files or directories. The “rm -rf /” is the most dangerous command to issue in Linux. The rm -rf command is one of the fastest ways to delete a folder and its contents. But a little typo or ignorance may result in unrecoverable system damage. The -r option means that the command will recursively delete the folder and its subfolders. The -f option means that even read-only files will be removed without asking the user. The use of / indicates that the remove command should begin at the root directory (/) and recursively force all files and folders to be deleted under the root. This would delete everything on the system. The . would only begin deleting from the current working directory and then delete all files and folders further down the directory structure, not the entire file system.
You want to ensure that only one person can enter or leave the server room at a time. What physical security devices would BEST help you meet this requirement?
Access control vestibule. An access control vestibule is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens. Video monitoring is a passive security feature, so it won’t prevent two people from entering at once. The thumbprint reader or cipher lock will ensure that only an authorized user can open the door, but it won’t prevent someone from piggybacking and entering with them.
An attacker attempts to crack your Windows password by repeatedly guessing until they either guess your password or try every possible combination. What type of password attack is this?
Brute-Force. A brute force password attack attempts to match the user’s password against one of every possible combination that it could be. If the password is short (under seven characters) and non-complex (using only letters, for instance), someone might crack a password in minutes. Longer and more complex passwords increase the amount of time the attack takes to run. For example, if you wanted to break a four-digit pin, you could try 0000, 0001, 0002, 0003, …, 9998, and 9999. There are only 10,000 combinations to attempt, and you would crack the PIN in very little time using a computer. A dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary. A rainbow table is a tool for speeding up attacks against Windows passwords by precomputing possible hashes. A rainbow table is used to authenticate users by comparing the hash value of the entered password against the one stored in the rainbow table.
What is the minimum amount of RAM needed to install Windows 10 on a 32-bit system?
1 GB. For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 16 GB of hard drive space.
What commands is used on a Linux system to search for lines that match a pattern within a file?
grep. The grep is a command-line utility for searching plain-text data sets for lines that match a regular expression. The grep command works on Unix, Linux, and macOS operating systems. Grep is an acronym that stands for Global Regular Expression Print. The vi (visual) utility is a popular screen-oriented text editor in Linux, Unix, and other Unix-like operating systems. When using vi, the terminal screen acts as a window into the editing buffer. Changes made to the editing buffer shall be reflected in the screen display, and the position of the cursor on the screen will indicate the position within the editing buffer. The pwd command displays the present working directory (current directory) path to the terminal or display. If you are working on a Linux system and are unsure of where you are in the directory structure, type “pwd” and hit enter to display the path to the screen.
An employee at Dion Training is complaining that every time they reboot their Windows 10 workstation a music application is loaded. Which of the following commands would you use to disable the program from starting up each time Windows reboots?
Task Manager. The task manager is an advanced Windows tool that has 7 tabs that are used to monitor the Processes, Performance, App History, Startup, Users, Details, and Services on a computer. If you click on the Startup tab, you will see every program configured to start up when Windows is booted up. This can be used to disable unwanted programs from launching during the boot-up process. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues. The event viewer shows a log of application and system messages, including errors, information messages, and warnings. It’s a useful tool for troubleshooting all kinds of different Windows problems.
An employee at Dion Training complains that every time airplane mode is enabled on their laptop, their external mouse and headphones stop working. What technologies is being disabled by airplane mode and likely causing the issues experienced by this user?
Bluetooth. Bluetooth is a wireless connectivity method that is usually used by external mice and wireless headphones. When airplane mode is enabled, the GPS, cellular, wireless, and Bluetooth radios are usually disabled in smartphones, tablets, or laptops. If the Bluetooth radio is turned off/disabled, it will cause issues with Bluetooth-connected devices like mice and headphones. Bluetooth is a wireless technology standard used for exchanging data between fixed and mobile devices over short distances using UHF radio waves in the industrial, scientific, and medical radio bands from 2.402 GHz to 2.480 GHz and building a personal area network (PAN). Bluetooth is commonly used when connecting wireless devices like mice, trackpads, headphones, and other devices. A GPS (global positioning system) device is used to determine a receiver’s position on the Earth based on information received from 24 GPS satellites, which operate in a constellation in Medium Earth Orbit (MEO).
What is the maximum amount of memory used in a 32-bit version of the Windows operating system?
4 GB. A 32-bit operating system can only access up to 4 GB of memory. Every byte of RAM requires its address, and the processor limits the length of those addresses. A 32-bit processor uses addresses that are 32 bits long. There are only 4,294,967,296, or 4 GB, possible 32-bit addresses. This 4 GB limit applies to the total system memory, so if the system has memory dedicated to the graphics, it is also considered a part of this 4 GB total limit.
What umask should be set for a directory to have 700 as its octal permissions?
rwx——. RWX is 7 and — is 0. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the owner’s permissions, the group’s permissions, and the other user’s permissions.
What version should you use when installing a Linux operating system and are concerned with end-of-life support?
LTS release. The LTS (Long-Term Support) release is well-supported and will be regularly updated by the Linux distribution to support new hardware, performance, and security improvements. These LTS releases are supported for a long time (approximately 10 years), so they are great to use in production systems like servers. A beta release is a pre-release of a software product that is given out to a large group of users to try under real conditions. Beta versions have gone through alpha testing in-house and are generally fairly close in look, feel and function to the final product. A developer release is a pre-release of a software product that is given out to software developers to test and modify their existing products to the upcoming version of an operating system or application. Rolling release is a concept in software development where an application is frequently updated through the release of new features over time.
Your company wants to ensure that users cannot access USB mass storage devices. You have conducted some research online and found that if you modify the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor key, it will prevent USB storage devices from being used. What tools should you use to modify this key?
RegEdit. The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn’t be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit. MSConfig is a system utility to troubleshoot the Microsoft Windows startup processes MSConfig is used to disable or re-enable software, device drivers, and Windows services that run at startup, or to change boot parameters. Remote desktop services (RDS) is used to connect to a remote desktop session host servers or other remote computers, edit an existing remote desktop connection (.rdp) configuration file, and migrate legacy connection files that were created with the client connection manager to the newer .rdp connection file type.