SG: Ch 24: Troubleshooting Operating Systems and Security Flashcards
What is a potential security issue with WAPs running on full signal power?
A. Client signal drops
B. Signals propagating past the physical organization’s perimeter
C. Data transmission over limits
D. Unauthorized location tracking
B. Signals propagating past the physical organization’s perimeter
The potential security issue with WAPs running on full power is eavesdropping outside of the organization’s physical perimeter. Client signal drops would not be effected by WAPs running in a high power mode. Data transmission over limits by clients would not be affected. Unauthorized location tracking would not be affected.
Which of the following programs could be considered anti-malware?
A. Windows Defender Security
B. MDM
C. Windows Action Center
D. VirusTotal
A. Windows Defender Security
Windows Defender Security is considered anti-malware and antivirus protection for the Windows operating system. Mobile device management (MDM) software is used to manage mobile devices. Windows Action Center is a notification center for action to be taken in the operating system. VirusTotal is a third-party site that analyzes virus signatures, but it does not protect you from them.
Which bootrec option can be used in Windows to rebuild the boot configuration file?
A. /FIXBOOT
B. /REBUILDBCD
C. /SCANOS
D. /FIXMBR
B. /REBUILDBCD
The /REBUILDBCD option can be used with the bootrec tool to rebuild the boot configuration data (BCD). The /FIXBOOT option writes a new boot sector to the system partition. The /SCANOS scans all other partitions that are found to have Windows installations. The /FIXMBR writes a new master boot record (MBR) to the partition.
What is one consequence of an overheating mobile device?
A. Higher RAM usage
B. Degraded battery life
C. Inaccurate touchscreen response
D. Inability to decrypt emails
B. Degraded battery life
Degraded battery life can be expected from an overheating mobile device, if the problem persists for a long time. Higher RAM usage will not occur with overheating, but it could be a cause of overheating. Inaccurate touchscreen responses are not a symptom or consequence of overheating. The inability to decrypt emails depends on having the proper certificate installed.
In Windows, which utility is responsible for finding, downloading, and installing Windows patches?
A. Device Manager
B. Microsoft Management Console
C. Download Manager
D. Windows Update
D. Windows Update
Windows Update is responsible for downloading and installing Windows service packs, patches, and security updates. Device Manager is used to view devices installed on the operating system. The Microsoft Management Console is a console that allows snap-ins for management. Download Manager is a component of Internet Explorer.
Which of the following are used to prevent pop-unders from appearing?
A. Anti-malware utilities
B. Pop-up blockers
C. Phishing sites
D. Antivirus software
B. Pop-up blockers
Pop-up blockers are used to prevent pop-ups and pop-unders from appearing. Anti-malware utilities will remove and prevent malware. Phishing sites are used to collect users credentials’ by tricking users. Antivirus software is used to protect the operating system from viruses.
Which tool will allow you to diagnose why Windows Update keeps failing?
A. ntbtlog.txt
B. Windows Update Troubleshooter
C. Windows Recovery Environment
D. Safe Mode
B. Windows Update Troubleshooter
Windows Update Troubleshooter can assist in diagnosing problems with Windows Update. The ntbtlog.txt file is used to diagnose problems with bootup. Windows Recovery Environment is used for problems with Windows outside of problems of Windows Updates. Safe Mode is a boot mode that loads minimal drivers and services.
Which tool do you use to create a restore point in Windows?
A. Windows Backup
B. Previous Version
C. Windows Recover Environment
D. Windows Preinstallation Environment
C. Windows Recover Environment
The Windows Recover Environment allows you to create a restore point. Windows Backup restores only user data, not the Windows operating system. Previous Version is used with Volume Shadow Copy (VSS). Windows Preinstallation Environment is the mini-Windows version used for installation of Windows.
Which partitioning type is required when you have UEFI firmware?
A. GPT
B. MBR
C. POST
D. Boot Sector
A. GPT
When you have UEFI firmware, it is required to have the disk setup with a GUID Partition Table (GPT) partitioning type. The standard master boot record (MBR) partitioning type can be used with BIOS. Power on self-test (POST) is a routine the BIOS or firmware performs to test hardware before boot. The Boot Sector is contained on both MBR and GPT partitioning types.
Which of the following tools allows you to manually fix maliciously modified system files?
A. regedit
B. SFC
C. bootrec
D. UAC
B. SFC
The System File Checker (SFC) allows you to manually scan for modified operating system files and repair them. Regedit is used to modify the Registry. Bootrec is used to repair the boot records on an operating system installation. User Account Control (UAC) is used to control access to administrative credentials.
One of the users you support has a Windows 10 laptop that will not boot up. The user just installed brand new drivers for a graphics card. They need to access a tax application and their data files. What should you try first?
A. System Restore
B. Reset This PC
C. Reimage the laptop
D. Manually reinstall Windows 10
A. System Restore
The System Restore option should be used first to restore the operating system to an earlier point before the problem. This will restore the device back to a previous state before the installation of the drivers. System Restore will not affect user data files. Reset This PC will roll back the PC to a period before the tax application was installed. Reimaging the laptop will erase all programs and data files. Manually reinstalling Windows 10 will erase all programs and data files.
Which of the following components are only used to restore Windows from a suspended state?
A. BCD
B. ntoskrnl.exe
C. winload.exe
D. winresume.exe
D. winresume.exe
Winresume.exe is used to load Windows from a suspended state. The Boot Configuration Data (BCD) is used to direct Windows to boot the proper installation. Ntoskrnl.exe is the Windows kernel. Winload.exe is used for the normal booting of the Windows operating system.
What is a risk of using the autoreconnect feature on a mobile device?
A. The device will reconnect to any SSID.
B. The device could be exploited by an evil twin attack.
C. The device’s battery life could be shortened.
D. You may exceed your cellular data plan’s limits.
B. The device could be exploited by an evil twin attack.
If autoreconnect is configured on an SSID, the device could be susceptible to an evil twin attack, in which the device connects to any device with the same SSID. The device will not reconnect to any SSID, only the SSID configured as autoreconnect. Battery life will remain unaffected with autoreconnect. Over limits can be avoided with autoreconnect, because the wireless network is used for data usage.
In general, how often should you update your antivirus definitions?
A. Weekly.
B. Monthly.
C. Daily.
D. Antivirus definitions do not need to be updated.
C. Daily.
Antivirus definitions should be updated daily, because new viruses are identified by the minute. Updating antivirus definitions weekly or monthly will open you up to the possibility of infection.
Which is an example of possible unauthorized account access? (Choose the best answer.)
A. A login during normal business hours.
B. A login to two different locations during normal hours.
C. A login outside of business hours.
D. A failed attempt at entering a password.
C. A login outside of business hours.
A login outside of business hours is the best example of possible unauthorized account access. A login during normal business hours is normal. A login to two different locations during normal business hours could be normal, as long as it is not at the same time. A failed attempt at entering the proper password is not an example of a possible unauthorized account access.
