test 3

Question 1

A Windows desktop administrator would like to query the local DNS
server to view the IP address and for www.professormesser.com. Use a
command line utility to view this information.

Answer 1

nslookup www.professormesser.com

Question 2

describe the following command: chmod

Answer 2

Chmod (Change Mode) allows the user to change the access (mode) of a file to
read, write, execute, or a combination of those permissions.

Question 3

A user has contacted the help desk because they are not able to browse any
websites. What command line utility would be able to confirm the
connectivity to a server that could convert fully qualified domain names to
IP addresses?

Answer 3

ipconfig /all command to show the address of the dns server; then use the ping command to ping the DNS server ip address.

Question 4

An application, foothold.exe, has become unresponsive and the user is not
able to close the application normally from the Windows desktop. Use the
Windows command line to terminate this application.

Answer 4

The “taskkill” command is used to terminate tasks at the command line.
The /IM option specifies an “image name” or application name. If the process
ID is known, the taskkill command can be used with the /PID option and /T
(terminate) option.

Question 5

Give a description of this control panel applet: User Accounts.

Answer 5

The User Accounts applet is used to modify user rights, passwords, certificate
information, and more.

i.e. Change an account to an Administrator

Question 6

Give a description of this control panel applet: File Explorer Options.

Answer 6

The Windows 10 File Explorer Options control the general operation of File
Explorer, the file viewing options, and search engine configurations.

i.e. Disable indexing of system directories

Question 7

Give a description of this control panel applet: Credential Manager.

Answer 7

Credential Manager is used to store, view, and delete authentication details for
local devices, applications, and websites.

i.e. Save a website username and password

Question 8

Give a description of this control panel applet: Device Manager.

Answer 8

Device Manager is the central management view of all hardware and devices
connected to the system. All device drivers can be enabled and disabled from
the Device Manager applet.

i.e. Disable a USB audio controller

Question 9

Give a description of this control panel applet: BitLocker.

Answer 9

BitLocker provides full disk encryption for Windows volumes.

i.e. Protect all data saved on a volume

Question 10

Give a description of this control panel applet: Internet Options.

Answer 10

The Content tab of the Internet Options applet can be used to manage
browser certificates.

i.e. View website certificates

Question 11

Give a description of this control panel applet: Sync Center.

Answer 11

Sync Center makes files available when working offline, and synchronizes the
changes when back online.

i.e. Update a spreadsheet when away from the office

Question 12

A system administrator would like to disable the TFTP Client in Windows 10. Which of the following Control Panel applets would be the 
BEST choice for this task?
❍ A. Programs and Features
❍ B. Services
❍ C. Credential Manager
❍ D. File Explorer options

Answer 12

The Answer: A. Programs and Features
The Programs and Features applet of the Control Panel is used to view and
manage installed applications, or to enable or disable individual Windows
features.
The incorrect answers:
B. Services
The Services utility would allow the administrator to disable a TFTP
service, or any other Windows service. To remove a client or Windows
feature, the administrator would need to use Programs and Features.
C. Credential Manager
The Credential Manager stores the usernames and passwords used on
Windows resources and websites. The Credential Manager does not
manage the use of different Windows utilities and programs.
D. File Explorer options
The File Explorer options are used to customize the options available
in the File Explorer, change the view in the window, and modify the
Windows search options. File Explorer does not control the use of
individual applications.

Question 13

A user has recently been assigned a new tablet, but each time she tries to
read email messages she receives the message, “The email could not be
decrypted.” The user has reinstalled the email client, but the problem still
occurs over both Internet and VPN connections. Which of the following
would be the best way for a technician to resolve this issue?
❍ A. Ask the user to reset their password
❍ B. Change the user’s email alias
❍ C. Send the user a certificate with a private key
❍ D. Confirm the wireless network encryption settings

Answer 13

The Answer: C. Send the user a certificate with a private key
A problem with email decryption is most likely associated with the
decryption keys. If the keys are missing or are incorrect, then the local
device will not be able to view the email messages.
The incorrect answers:
A. Ask the user to reset their password
If the user is properly authenticated, then the issue is not related to the
password. Resetting the password would not provide any additional access
to the email messages.
B. Change the user’s email alias
The user’s email alias provides other options for sending messages, but it
would not provide any additional method of decrypting email messages.
D. Confirm the wireless network encryption settings
The wireless network is not part of the email client’s encryption process.
Confirming or modifying wireless network configurations will not resolve
this issue.

Question 14

A user has just installed a driver update from a laptop manufacturer. After
restarting, their system shows a Windows Stop Error before the login
prompt is displayed. Each subsequent reboot causes the same error to be
displayed. Which of the following should the system administrator follow
to BEST resolve this issue?
❍ A. Modify the BIOS boot order
❍ B. Boot to Safe Mode and perform a Windows Reset
❍ C. Perform a System Restore
❍ D. Reinstall the patch files

Answer 14

The Answer: C. Perform a System Restore
A System Restore can be launched from the Advanced Boot Options
under Repair Your Computer. From there, you can select an existing
restore point that will restore the computer to a previous configuration.
The incorrect answers:
A. Modify the BIOS boot order
The BIOS boot order will change the priority for storage drives during the
startup process. This issue appears to be related to a device driver and not
to a specific startup drive.
B. Boot to Safe Mode and perform a Windows Reset
Although Safe Mode may allow a user to login and avoid the reboot
problem, performing a Windows Reset would be a significant change to
the operating system. A Reset will reinstall Windows and can delete files,
settings, and apps that were not included with the computer.
D. Reinstall the patch files
Since the problem occurred when the patch files were installed, installing
them again wouldn’t be advisable. It’s also difficult to reinstall the patch
files if the user can’t login to the computer.

Question 15

An attacker has gained access to a password hash file. Which of the
following will the attacker use to obtain the passwords?
❍ A. DoS
❍ B. Decryption
❍ C. Brute force
❍ D. Phishing

Answer 15

The Answer: C. Brute force
Since a hash is a one-way cryptographic method, the only way to
determine the original plaintext is to try every possible combination until
the hash is matched. This brute force method is the only way to determine
the original source of the hash.
The incorrect answers:
A. DoS
A DoS (Denial of Service) would cause a service to be unavailable to
others. A DoS attack would not determine the original passwords based
on a hash.
B. Decryption
A hash is a one-way function and it’s not encrypted data, so there’s no
option available for decrypting the passwords.
D. Phishing
Phishing is a social engineering method that convinces someone to
willingly provide secret or private information. Performing a brute force
attack on a hash file is not a method of phishing.

Question 16

A desktop administrator is removing a virus from a laptop computer
in a shared lab. The computer has been removed from the network and
the System Restore feature has been disabled. When the administrator
attempts to update to the latest anti-virus signatures, the anti-virus utility
disables itself. Which of the following would be the best NEXT step?
❍ A. Boot to Safe Mode and use signatures downloaded from
a separate computer
❍ B. Roll back to a previous configuration
❍ C. Schedule periodic updates and reconnect to the network
❍ D. Discuss anti-virus strategies with the end user

Answer 16

The Answer: A. Boot to Safe Mode and use signatures downloaded from
a separate computer
It’s not uncommon for viruses to disable access to recovery software. To
work around this issue, a technician may often need to restart in Safe
Mode and copy utilities and recovery files from a different computer.
The incorrect answers:
B. Roll back to a previous configuration
Viruses often infect both the current configuration and those contained
in restore points. In this case, the System Restore feature has already been
disabled, so no restore points would be available on this system.
C. Schedule periodic updates and reconnect to the network
Since the manual update process is failing, it’s most likely an automated
update would also fail.
D. Discuss anti-virus strategies with the end user
Once the virus has been removed and the system is set to automatically
update and scan for viruses, the technician can educate the end user about
ways to avoid this problem in the future.

Question 17

A Linux administrator is using the grep command while monitoring a
database application. Which of the following would BEST describe
this activity?
❍ A. Search through a file for specific text
❍ B. View a list of running processes
❍ C. Change the permissions of a file
❍ D. View the name of the working directory

Answer 17

The Answer: A. Search through a file for specific text
The grep command is used to search through a file or set of files for
specific text.
The incorrect answers:
B. View of list of running processes
The ps (Process List) command is commonly used to view all of the
running processes on a Linux computer. This is similar in functionality to
the Windows Task Manager.
C. Change the permissions of a file
The Linux chmod (Change Mode) command is used to change the
permissions of a file for the file owner, the file group, and everyone else.
D. View the name of the working directory
The pwd (Print Working Directory) command is used to display the
current working directory path. This command is the same in both
Windows and Linux.
More informati

Question 18

A medical center requires that shared computer systems are installed
in hallways and patient rooms for the hospital staff. However, hospital
administrators are concerned that patient information might be visible
if someone leaves the computer without logging out. Which of the
following would help prevent this type of issue?
❍ A. Multi-factor authentication
❍ B. Password expiration policy
❍ C. Login time restrictions
❍ D. Screensaver passwords

Answer 18

The Answer: D. Screensaver passwords
Screensaver passwords would ensure that the information on the computer
would be protected if someone walks away and leaves the system
unattended. Other security enhancements might include a proximity
monitor that would automatically lock the system when someone walks
away, making the screensaver password a good secondary security option.
The incorrect answers:
A. Multi-factor authentication
Additional authentication factors would only provide security during the
login process.
B. Password expiration policy
It’s a good best practice to periodically require updated passwords, but
those policies are not designed to protect a system that has been unlocked.
C. Login time restrictions
A login time restriction would prevent someone from authenticating at a
certain time of the day. This type of restriction would not protect a system
where the authentication has already occurred.

Question 19

A desktop administrator has been tasked with removing malware from
an executive’s laptop computer. The system has been removed from the
network, but the Windows startup process shows a Stop Error before
rebooting into a repeating cycle. Which of the following would be the
best NEXT step in the malware removal process?
❍ A. Perform a Windows Repair installation
❍ B. Boot with a pre-installation environment
❍ C. Schedule periodic scans
❍ D. Create a restore point

Answer 19

The Answer: B. Boot with a pre-installation environment
A Windows PE (Pre-installation Environment) can be used to boot
into the Windows Recovery Console to help resolve problems with the
primary operating system. This is a common task when the primary
operating system has been corrupted or will not boot properly.
The incorrect answers:
A. Perform a Windows Repair installation
A Windows Repair installation may resolve the rebooting issue, but
it may also make unintended changes to the operating system. Before
making significant changes, it would be worthwhile to try fixing the issue
manually.
C. Schedule periodic scans
Because the system is constantly rebooting, it’s not possible to make
configuration changes to the anti-virus scanner or the Task Scheduler.
D. Create a restore point
If a restore point already existed, it may be possible to reboot to a previous
configuration. However, it would be too late to create a restore point with
the existing faulty configuration.

Question 20

An audit has found that numerous email attachments include nonencrypted documents containing credit card numbers. A security
administrator has been asked to prevent this information from being sent
across the network. Which of the following would be the BEST way to
provide this functionality?
❍ A. Enable Windows Firewall
❍ B. Block all email at the Internet firewall
❍ C. Create a Group Policy
❍ D. Use a DLP solution
❍ E. Require multi-factor authentication

Answer 20

The Answer: D. Use a DLP solution
A DLP (Data Loss Prevention) solution usually consists of hardware
and software that monitors application and network traffic to prevent
the loss of sensitive data. A DLP solution would prevent email messages
containing credit card numbers from leaving the local protected network.
The incorrect answers:
A. Enable Windows Firewall
Windows Firewall does not include a method of detecting and blocking
credit card numbers or other sensitive data.
B. Block all email at the Internet firewall
Blocking all email would be an aggressive policy that would certainly
prevent credit card data from being transmitted over email, but it would
also block legitimate email messages.
C. Create a Group Policy
Using Windows Group Policy can manage the use of the operating
system, but it would not block sensitive information in email messages.
E. Require multi-factor authentication
Multi-factor authentication requires additional login credentials, but it
does not prevent the transmission of sensitive information over email.

Question 21

A user is working with a .dmg file on their macOS desktop. Which of the
following would describe the contents of this file?
❍ A. Debug information
❍ B. Disk image
❍ C. Application library
❍ D. Disk maintenance utility

Answer 21

The Answer: B. Disk image
The macOS equivalent to an ISO file is a DMG (Disk Image) file. Disk
images can be created and managed from the macOS Disk Utility.
The incorrect answers:
A. Debug information
Debug information is commonly available in the macOS console or
directly from an application. A .dmg file is not a container of debug
information.
C. Application library
Application library files in macOS are used to contain back-end
configurations, framework classes, and other important application files.
These files are often stored in the Library folder in macOS. The .dmg file
is not used to store application library files.
D. Disk maintenance utility
The macOS Disk Utility can be used to create and manage .dmg files, but
the disk maintenance utility would not necessarily be contained within a
.dmg file.

Question 22

A user in the marketing department needs to move data between macOS
and Windows computers using a USB flash drive. Which of the following
file systems would be the BEST way to easily transfer files between these
operating systems?
❍ A. exFAT
❍ B. HFS+
❍ C. NTFS
❍ D. NFS

Answer 22

The Answer: A. exFAT
The exFAT (Extended File Allocation Table) file system is designed for
flash drives and can be used across Windows, Linux, macOS, and other
operating systems.
The incorrect answers:
B. HFS+
HFS+ (Hierarchical File system Plus) is a macOS file system. HFS+ is
not compatible with Windows and would not be the best choice when
transferring files between systems.
C. NTFS
The NTFS (NT File System) file system is the standard for Windows
devices. Although it can be read by macOS, it is not completely compatible
with the macOS operating system.
D. NFS
NFS (Network File System) is a method of accessing files across the
network as if they were local. NFS is not used for transferring files with a
USB flash drive.

Question 23

Which of the following should a company use to reduce their legal
liability if an employee is dismissed?
❍ A. End user licensing agreement
❍ B. Acceptable use policy
❍ C. Knowledge base articles
❍ D. Operational procedures documentation

Answer 23

The Answer: B. Acceptable use policy
An Acceptable Use Policy (AUP) provides detailed documentation on the
acceptable use of company assets. If someone is dismissed, this document
will provide a well-documented set of reasons that will help to legally
justify the dismissal.
The incorrect answers:
A. End user licensing agreement
An end user licensing agreement (EULA) is a document with the terms of
use for software. Most software installations include an EULA that must
be accepted before the software will begin the install.
C. Knowledge base articles
A knowledge base article is a technical document that describes processes
and procedures for completing certain tasks. A knowledge base article is
generally not used or referenced during a dismissal, and it’s not used to
document the acceptable use of company assets.
D. Operational procedures documentation
Many organizations have a list of internal processes and procedures that
are maintained for all systems. These operational procedures are not used
as a method of documenting the acceptable use of the organization’s
assets.

Question 24

What is the TFTP Client in Windows 10?

Answer 24

the TFTP command transfers files to and from a remote computer.

Question 25

What is a DLP?

Answer 25

A DLP (Data Loss Prevention) solution usually consists of hardware
and software that monitors application and network traffic to prevent
the loss of sensitive data. A DLP solution would prevent email messages
containing credit card numbers from leaving the local protected network