Test 2 Flashcards
T/F there is no undo feature in the registry editor
True
What windows utility is used to control third party services installed on a system
Services console
Windows service console startup types include automatic (delayed start) automatic, manual, and
Disables
What windows utility can be used to find out what processes are launched at startup?
System Configuration
Executive services are contained where?
Ntoskrnl.exe
Shows only warning and error events intended for administrator
Administrator events log
Events triggered by windows components
System log
Includes successful and unsuccessful logins to a user account
Security log
Events when applications are installed
Setup log
What type of events are logged by Windows and can be viewed using the Event Viewer
Warning, information and Error
When a user logs into windows what registry key is created
HKEY_Current_User
A custom view filter in event viewer can be saved to a file using what extension
.evtx
The Win32 security _____ provides logon to the system and other security functions including privileges for file access.
Subsystem
Task manager tab that lists currently installed services with status
Services tab
Displays how heavily network being used by a computer
Networking tab
Provides graphs to show how system resources are used
Performance tab
Shows all users currently logged on
User tab
After Registry is built in memory it is organized into five treelike structures called what?
Keys
What command can you run to view DirectX information
Dxdiag.exe
A computer assigns ___ level for determine is position in the queue for CPU resources
Priority
Use ______ to change the level of an open application
Task Manager
A process is also called what?
Instance
What two steps can be done to disable the Aero interface in Windows 7
- Right click the desktop and select personalize from the shortcut menu
- Scroll down to and click Windows 7 Basic
What performance counter tracks the percentage of time the hard drive is in use?
% Disk Time
What Windows Utility is particularly useful in identifying software and hardware bottlenecks and provides the ability to monitor in real time?
Performance Monitor
If you need to find the model and speed of the installed processor and hard drive and the amount of memory installed what utility should you open?
Misinfo32.exe
T/F the home editions of Windows 7 do not include the Local Security Policy or Print Management
True
Five files stored in the C:\Windows\system32\____ colder are used to build registry. These five files are called ______
A. Config
B. Hives
What task can’t be performed by using task manager?
Restart a process
A windows utility to build customized console Windows
Microsoft Management Console
Shell subsystems operate in what mode?
User mode
The windows kernel includes what two main components
Executive services
HAL
Request made to the Win32 subsystem is called what?
Thread
When baking up the full registry use _______ to create a restore point
System protection
Can be set to launch a task or program at a future time including a start up
Task scheduler
Windows tool useful for troubleshooting hardware or network failures
Event Viewer
Uses a flash drive or secure digital memory card to boost hard drive performances
Windows ReadyBoost
Let’s you view the application and processes running on your computer
Task Manager
A database designed with a treelike structure contains configuration information for windows
Registry
The core of the OS that is responsible for interacting hardware
Kernel
The portion of an OS that relates to the user and to applications
Shell
A windows that consolidates several windows administrative tools that you can use to manage the local pc or other computers on the network
Computer Management
A program that runs in the background and is called by other programs to perform a background task
Service
A component of the kernel which makes up the layer closest to the hardware
HAL
T/F changes made to the registry are implemented after rebooting
False
Contains hardware, software and security data
HKEY_LOCAL_Machine
Used to identify each hardware device
HKEY_Current_Config
Used to determine which application opens
HKEY_Classes_Root
Contains data about all users
HKEY_Users
Contains data about the current user
HKEY_Current_User
Six steps of trouble shooting
- Interview the user and back up data
- Examine the system and make your best guess
- test your theory
- Plan your solution and then fix the problem
- Verify the fix and take preventative action
- Document what happened
Command prompt that opens memory diagnostics utility
Mdsched.exe
If you cannot boot from the hard drive boot from where?
The Windows setup DVD and click repair your computer
Can repair a damaged file
System file checker
What taskkill parameter forcefully kills a process
/f
What can you do if you suspect an application requires more privileges than the currently logged on account
Use the run as administrator shortcut menu option
Command returns the process identify
Tasklist command
Command uses the process ID to kill the process
Taskkill
A program associated with a file extension is called what?
Default program
Software that is designed and written to help solve problems
Expert system
What should be entered at a command prompt in order to scan all system files?
sfc/scannow
A cold boot is also known as what?
Hard boot
A hard boot initializes the processor and clears ____
Memory
To restart a PC without turning off the power
Soft boot aka Warm boot
Stores device drivers and information about secure boot on a nonvolatile RAM and in a hidden partition on the hard drive called ESP
Secure Boot UEFI
A bootable partition in a GPT HD used to boot the OS
EFI system partition
The program responsible for loading windows or any other OS.
Boot Manager.
Startup option moves system boot logs from the failing computer to another computer for evaluation.
Enable debugging
Windows RE command that repairs the BCD and boot sectors
Bootrec
Manually edit the BCD
Bcdedit
Repair a dual boot system
Bootsect
Enable networking
Wpeinit
Repair a drive
Chkdsk
What events can occur during BootMGR’s role in a startup?
Dual-boot menu is displayed
The settings in the BCD are read
What do you press to enable boot log in windows 8/10
Press 2 or F2
Enable safe mode within networking
Press 5 or F5
If you suspect corrupted system files are causing issues what command can be run to search for and replace the corrupted files
SFC/scannow
T/F a windows system repair disc can be created using the back up and restore utility
True
What are some of the responsibilities of the kernel during the startup process
Starts critical services
Starts the Session Manager
Activates the HAL
What Windows process is responsible for authenticating users
Lsass.exe
Windows 8 __________ feature automatically launched diagnostics if you restart your computer at least three times within a few minutes
Self healing
What is responsible for getting a system up and going and finding an OS to load
Startup BIOS
Where is the Windows system registry hive?
C:\Windows\System32\Config
When you enable boot logging all files used for the load are recorded in what file?
Ntbtlog.txt
A Windows 8 recovery drive is what?
Bootable USB flash drive
Tool that can be used to find and replace corrupted windows system files
SFC tool
What command can be used to check for file system errors?
Chkdsk/r
What is the file name given to the Windows kernel?
Ntoskrnl.exe
Open source alternative to Windows RE
Hiren’s BootCD PE
Check to see if it has reported a hardware failure
Event Viewer
What two protocols are used for remote access to a server using unencrypted and encrypted transmissions respectively?
Telnet
SSH
What functions as the name of a wireless network
SSID
Data is encrypted in a VPN using a technique called what?
Tunneling
The Remote Desktop application utilizes what port for remote access
3389
IPV6 uses how many bit addresses to identify a network?
128
The name that Identifies a network
Domain name
The letters after the period of a domain name are called what?
Top level domain
What devices handles access to another network for a client computer if it does not have a better option?
Default gateway
Reserved IP addresses
- 255.255.255
- 0.0.0
- 0.0.1
Protocol that is used by a DNS server to find an IP address for a computer when the fully qualified domain name is know.
Domain name system protocol
Identifies a computer and the network to which it belongs to
Fully qualified domain name
Packets are delivered to a single node on a network when using what type of IPv6 address?
Unicast address
The name of a computer and can be used in place of its IP address
Host Name
How are IP Addresses available to the internet classified?
Public
What does WiFi stand for?
Wireless fidelity
Used to identify the network portion and the host portion of an IP address
Subnet mask
Manually and permanently signed to a computer or device
Static IP addresses
What TCP port is utilized by an SSH server listening for connections
22
Uses SSH encryption
Secure FTP
Allows one computer to take control of another computer
Remote Desktop Protocol
The ability to send and receive transmissions at the same time on an Ethernet cable is referred to by what term
Full duplex
What command can be used to flush the local DNS cache?
Ipconfig/flushdns
If a device does not receive an IP address from a DHCP server the device may resort to what kind of IP address?
APIPA
What protocol makes a connection, checks whether the data is received
TCP
Cell phone technology most popular in the US
CDM
What type of IP address is configured by a server when a device first initiates a connection to the network
Dynamic
What protocols are used to deliver mail messages
POP3
IMAP4
SMTP
DHCP server all computer receive their IP address from that router
SOHO Router
Verified an application
Digital signature
When a firewall opens a port because a computer behind the firewall initiates communication on another port
Port triggering
A command that can be used to display the TCP/IP configuration
Ipconfig
A protocol used by various client applications when the application needs to query a database
Lightweight Directory Access Protocol (LDAP)
Assigns an IP Address to a computer and. It first attempts to initiate a connection to the wireless
DHCP server
A group of computers on a peer to peer network that are sharing resources
Workgroup
Protocol used to pass login information to a remote computer and control that computer over a network
Secure shell
Designed to make it easier for users to connect their computers to a wireless network when a hard to remember ssid wnd security key are used
WPS
A security technique that uses encrypted data packets between a private network and a computer on the internet
Virtual private network
A protocol used to convert private IP addresses on a LAN to a public IP address before a data packet is sent over the internet
NAT network address translation
Where is windows Re normally stored
On a hidden partition
T/F you should take ownership of a customers problem as if it’s your own
True
When working with a computer illiterate user over the phone what is not a good practice?
Tell the customer to put someone else on the line
Some older applications may not run properly on new windows versions what can you do?
Run the application in compatibility mode
What taskkill parameter forcefully kills a process?
/F
What is defined as a record of a call for help with a computer problem?
Ticket
When you cannot solve a problem you are working on what can you do?
Escalate the problem
What command will open the memory diagnostics utility?
Mdsched.exe
What should be done first before any changes are made to a system?
Backup data
Software that records the progress and resolution of a problem ticket
Call tracking
Another name for a stop error which happens when processes run in in kernel mode encounter a problem and windows must stop the system
Blue screen of death
A windows utility that protects the system files and keeps cache of current system files in case it needs to refresh a damaged file
System file checker
Assignment of a problem to someone higher in the support chain
Escalate
A tool that can be used to register components
Component services
A utility that is used to register component services
Regsvr32
What does HAL stand for?
Hardware Extraction Layer
