random 2 Flashcards
you will see every program configured to start up when Windows is booted up. This can be used to disable unwanted programs from launching during the boot-up process.
task manager: startup tab
utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues
system information
shows a log of application and system messages, including errors, information messages, and warnings
event viewer
used to prevent malware from damaging a PC by blocking the automatic installation of unauthorized apps and preventing inadvertent changes to system settings.
User account control (UAC)
only creates a copy of new files and files modified since the last full, incremental, or differential backup.
Unfortunately, it also takes the most time to restore since you have to first restore the full backup, then any differential and incremental backups until all your data is restored
Which of the following types of backup requires the LEAST time to complete a backup?
Incremental
only creates a copy of the selected data that has been modified since the last full backup. It is a good compromise in speed
Differential backup
the process of generating a file from a complete copy of a file created at some past time and one or more incremental copies created at later times.
merged or synthesized by a specialized application program from the original file and one or more modifications to it.
Synthetic backup
llows Windows 10 to find other computers and devices on a network. This feature is automatically turned on when connected to private networks like the one in your home or workplace.
Network discovery.
Network discovery is turned off when you’re connected to public networks that shouldn’t be trusted, and you should not allow your PC to be discoverable on those networks. If your Windows 10 computer or device can’t view other computers on the network, two things are probably at fault: either the incorrect network profile is assigned (public instead or private), or network discovery is disabled
tool is used to display the drive status, mount the drive, initialize the drive, and create/split/extend/shrink drive partitions. The utility displays a summary of any fixed and removable drives attached to the system.
disk management.
From the Disk Management console, you can see the S.M.A.R.T. status of each hard disk.
utility in Windows that is used to monitor the activities on CPU and memory activity on a computer.
can only monitor the resource utilization, but it cannot manage or terminate those processes.
performance monitor (perfmon.msc)
is used to view performance data either in real-time or from a log file
an updated file system for optical media supporting multisession writing
The Universal Disk Format (UDF or ISO 13346)
iOS
only be run on iPhones and iPADS, not laptops.
Andriod
can run on laptops
is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network
Trojan
The most common form of a trojan is a Remote Access Trojan (RAT), which allows an attacker to control a workstation or steal information remotely. To operate, a trojan will create numerous processes that run in the background of the system
malicious software designed to infect computer files or disks when it is activated.
such as deleting files or changing system settings
virus
linux command to delete all the files and directories
rm -rf/
.
only begin deleting from the current working directory and then delete all files and folders further down the directory structure, not the entire file system. in linux
You are troubleshooting an issue with a Windows desktop and need to display the machine’s active TCP connections. Which of the following commands should you use?
netstat
command is used to display active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols) on a Windows machine. This is a useful command when determining if any malware has been installed on the system and maybe maintaining a remote connection with a command and control server.
netstat
displays all current TCP/IP network configuration values on a given system
ipconfig
command is used to test a host’s reachability on an Internet Protocol network
ping
command is used to connect to, remove, and configure connections to shared resources such as mapped drives and network printer
net use
Which of the following wireless technologies allows a wireless device to automatically be configured for a SOHO wireless network with the push of a button?
WPS
a mechanism for auto-configuring a WLAN securely for home users. On compatible equipment, users push a button on the access point and connect adapters to associate them securely
WPS
WPS is subject to brute force attacks against the PIN used to secure them, making them vulnerable to attack
uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme
WPA
replaced the original version of WPA after the completion of the 802.11i security standard. ____ features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.
WPA2
is the propagation of radio waves at different frequencies and wavelengths. For example, Wi-Fi network products use a frequency of either 2.4 GHz or 5 GHz.
Radiofrequency
utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues
System information (msinfo32.exe)
utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time.
helps check the performance counters of specific resources and decide a course of action to improve the performance
resource monitor
utility used to view and control the hardware attached to the computer. will highlight a piece of hardware that is not working so that a technician can repair or replace it.
device manager (devmgmt.msc)
group include those rights and permissions that are required to allow members of the _____ group to install devices and to install programs that do not modify the operating system files.
power users
Which of the following is an APIPA or link-local address?
169.254.64.23
Which of the following file types are commonly used to create simple scripts in the Windows command-line environment?
.bat
allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files
shell scripts .sh
You believe the video card driver may be at fault. Which log would you review to determine if the video card driver has been updated recently
system log
OBJ-3.1: If the driver was recently updated and is now causing issues, it will most likely be documented in the system log. The system log contains information about service load failures, hardware conflicts, driver load failures, and more
Which of the following commands should you use to determine if the internal shared drive is mapped to your computer properly?
net use
OBJ-1.2: The net use command is used to connect to, remove, and configure connections to shared resources such as mapped drives and network printers. For example, “net use S: \SERVER\DATA /persistent:yes” would map the DATA folder on the SERVER to your local S: drive on a Windows computer
command is used to test a host’s reachability on an Internet Protocol network
ping
diagnostic utility determines the route to a destination by sending Internet Control Message Protocol (ICMP) echo packets to the destination.
tracert
a type of installation that attempts to replace the existing version of the operating system files with a new copy of the same version. installation is useful when trying to repair a Windows computer that will not boot or when you believe the system files have become corrupted. installation will only affect the system files and not any of the user’s settings, customizations, or applications
Repair installation
an installation of the new operating system on top of an existing version of the operating system. will preserve the applications, user settings, and data files that already exist on the computer.
In-place upgrade
nothing wrong with computer
a type of installation that will recopy the system files and revert most system settings to their default configuration while preserving user personalization settings, data files, and applications installed through the Windows Store. Any applications installed outside of the Windows Store, though, will be deleted
refresh installlation
a password-based authentication and password-authenticated key agreement method used in WPA3 that replaced the 4-way handshake used in WPA-based wireless networks. is also known as the dragonfly handshake
Simultaneous Authentication of Equals (SAE)
Which of the following features of WPA3 is used to provide a password-based authentication using the dragonfly handshake instead of the older WPA 4-way handshake?
windows 10 supports up to 6TB of RAM
Enterprise
windows 10 supports up to 2TB of RAM
Pro
Which of the following allows a user to save their current session to memory and put a Windows 10 computer into a minimal power state?
sleep
Which of the following types would support encryption for traffic being sent and received over the network while still allowing users to connect to the open network without a password, passphrase, or digital certificate?
WPA
Which of the following MacOS features allows you to use multiple desktops or spaces on a single system?
Misson Control
macOS feature for managing applications from the desktop that is similar to the Windows taskbar.
Dock
The Hypertext Transfer Protocol (HTTP) uses port
80
is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. If the outbound port 80 is not open, then users will not be able to connect to a remote web server
The Domain Name System (DNS) uses port
53
translates human readable domain names (for example, www.amazon.com) to machine readable IP addresses.
is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. If the outbound port 53 is not open, then the users will be unable to conduct a DNS name resolution and determine the IP address of the given web server based on its domain name.
Which mitigation provides the best return on investment by mitigating the most vulnerable attack vector in an enterprise network?
provide end-user awareness training for office staff
The seven steps of the malware removal procedures
(1) Investigate and verify malware symptoms, (2) Quarantine the infected systems, (3) Disable System Restore in Windows, (4) Remediate the infected systems, update anti-malware software, scan the system, and use removal techniques (e.g., safe mode, pre-installation environment), (5) Schedule scans and run updates, (6) Enable System Restore and create a restore point in Windows, and (7) Educate the end user.
The workstation will utilize an Intel x86 processor. Which of the following editions of Windows will support installation on this workstation?
All editions of Windows 10 are available in either x86 (32-bit) or x64 (64-bit) versions
Which of the following BEST describes how a DHCP reservation works?
by matching a MAC address to an IP address within the DHCP scope. When the client requests an IP address by sending a message on the network to the DHCP server, the DHCP server will assign an IP from its DHCP scope to the client and reserve it based on its MAC address. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user or client devices.
Your organization has recently suffered a data breach due to a server being exploited. As a part of the remediation efforts, the company wants to ensure that the default administrator password on each of the 1250 workstations on the network is changed. What is the easiest way to perform this password change requirement?
Deploy a new group policy. A group policy is used to manage Windows systems in a Windows network domain environment utilizing a Group Policy Object (GPO). GPOs can include many settings related to credentials, such as password complexity requirements, password history, password length, and account lockout settings. You can force a reset of the default administrator account password by using a group policy update.
