Test 3 Flashcards
Which of the following tools should a technician use to modify the HOSTS file on a Windows 10 system to solve a website address resolution issue?
-Notepad
-MMC
-Services
-Regedit
Notepad
Explanation
OBJ-3.2: Browser redirection usually occurs if the browser’s proxy is modified or the hosts.ini file is modified. If the redirection occurs only for a small number of sites or occurs in all web browsers on a system, it is most likely a maliciously modified hosts.ini file. The hosts.ini file is a local text file that allows a user to specify specific domain names to map to particular addresses. It can be edited using any basic text editor, such as notepad. It works as an elementary DNS server and can redirect a system’s internet connection. For example, if your children are overusing YouTube, you can change YouTube.com to resolve to YourSchool.edu for just your child’s laptop. The Microsoft management console (MMC) is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer. The task manager is an advanced Windows tool that has 7 tabs that are used to monitor the Processes, Performance, App History, Startup, Users, Details, and Services on a computer. By clicking the Services tab, the technician can list all of the services installed on the computer, display their status, and start/stop/restart those services. The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn’t be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit.
What is the minimum processor required to install Windows 10 (x64) on a device?
-1 GHz single-core processor
-2 GHz dual-core processor
-2 GHz single-core processor
-1 GHz dual-core processor
1 GHz single-core processor
Explanation
OBJ-1.7: For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 32 GB of hard drive space. For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 32 GB of hard drive space. For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.
Gina just installed a 4 TB HDD into her Windows 10 computer and wants to assign the drive letter “M” to store her media files. Which type of partition should Gina use if she wants to mount the drive as a single partition?
-FAT32
-MBR
-GPT
-ISO
GPT
Explanation
OBJ-1.1: GPT is a newer way to partition disks that allows partition sizes over the 2 TB limit imposed by MBR. The GUID partition table (GPT) is a modern disk partitioning system allowing large numbers of partitions and very large partition sizes. The GPT is used in modern computers that support the UEFI standard and can support a maximum capacity of up to 9.7 ZB and up to 128 partitions. The master boot record (MBR) is a sector on a hard disk storing information about partitions configured on the disk. The MBR holds the information on how the logical partitions that contain the file systems are organized on the physical disk. Systems that rely on BIOS utilize the MBR to determine which partitions are on a given hard disk. MBR partition tables have a maximum capacity of 2 TB and only 4 separation partitions. An optical disc image (ISO) file is a file that contains all of the contents from an optical disc in a single file which can be mounted to the file system as though it were a physical optical drive. An ISO is a disk image that contains everything that would be written to an optical disc, disk sector by disc sector, including the optical disc file system. The file allocation table 32-bit (FAT32) is the 32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.
What does the command “shutdown /s” do on a Windows workstation?
-Shutdown the workstation
-Log off the workstation
-Reboot the workstation
-Enter sleep mode
Shutdown the workstation
Explanation
OBJ-1.2: The shutdown command allows a user or administrator to shut down or restart local or remote computers, one at a time. Using the /r option will reboot the computer. Using the /s option will shut down the computer. Using the /l option will log off the current user. Using the /h option will enter sleep or hibernation mode.
Which of the following types of encryption uses a 128-bit encryption key but is considered weak due to its use of a 24-bit initialization vector?
-WEP
-WPS
-WPA
-WPA2
WEP
Explanation
OBJ-2.2: Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. The Wi-Fi Protected Setup (WPS) is a mechanism for auto-configuring a WLAN securely for home users. On compatible equipment, users push a button on the access point and connect adapters to associate them securely. WPS is subject to brute force attacks against the PIN used to secure them, making them vulnerable to attack.
A customer runs frantically into your computer repair store. He says that his smartphone fell into a puddle, and now it won’t turn on. He excitedly tells you that he needs the smartphone working again “right now” and cannot wait. What should you do?
-Post about the experience on Facebook after the customer leaves
-Explain to the customer that the repairs may take several days
-Offer the customer the option to replace his phone
-Tell the customer to calm down because it is just a phone
Explanation
OBJ-4.7: In this case, you should offer the customer the option to replace his phone. It is important to set and meet expectations and timelines when dealing with a customer. If you cannot meet the timeline needed, you should offer different repair/replacement options (if applicable). The other options violate the principles of good customer service: (1) Do not argue with customers and/or become defensive; (2) Avoid dismissing customer problems; (3) Avoid being judgmental; (4) Clarify customer statements (ask open-ended questions to narrow the problem’s scope, restate the issue, or question to verify understanding); and (5) Do not disclose experiences via social media outlets.
Which of the following Control Panel options should a technician configure to automatically adjust the volume of different sounds when the computer is being used to place or receive telephone calls?
-USB selective suspend
-Programs and Features
-Ease of Access
-Sound
Sound
Explanation
OBJ-1.4: The Sound section of the Control Panel allows technicians to configure settings for the playback, recording, and sound effects on the computer. Under the communications tab of the Sound section, a technician can adjust whether or not the computer should adjust the volume of other sounds when a telephone call is occurring. The Ease of Access section of the Control Panel brings together the functionality for the accessibility features in Windows, including visual, tactile input, and speech recognition settings to assist those with disabilities. The USB selective suspend feature allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time. The Programs and Features section of the Control Panel allows a technician to install or remove applications, software packages, and features in the Windows operating system.
Which of the following policies or plans would dictate the complexity requirements for a wireless network’s shared secret key?
-Password policy
-Data loss prevention policy
-Acceptable use policy
-Remote access policy
Password policy
Explanation
OBJ-2.6: A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used. A data loss prevention policy is a document that defines how organizations can share and protect data. It guides how data can be used in decision-making without it being exposed to anyone who should not have access to it. The goal of a data loss prevention policy is to minimize accidental or malicious data loss. A remote access policy is a document that outlines and defines acceptable methods of remotely connecting to the internal network.
Which of the following Windows tools can a technician use to display information about the performance of hardware and software resources in real-time?
- resmon.exe
- dxdiag.exe
- msinfo32.exe
- devmgmt.msc
resmon.exe
Explanation
OBJ-1.3: Resource monitor (resmon.exe) is a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time. The resource monitor helps check the performance counters of specific resources and decide a course of action to improve the performance. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues. The DirectX diagnostic (dxdiag.exe) utility is used to collect info about devices to help troubleshoot problems with DirectX sound and video. It is a diagnostics tool used to test DirectX functionality and troubleshoot video-related or sound-related hardware problems. DirectX diagnostic can save text files with the scan results. Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.
Which attack utilizes a wireless access point made to look as if it belongs to the network by mimicking the corporate network’s SSID to eavesdrop on the wireless traffic?
-Rogue access point
-Shoulder surfing
-WEP attack
-Evil twin
Evil twin
Explanation
OBJ-2.4: An evil twin is meant to mimic a legitimate hotspot provided by a nearby business, such as a coffee shop that provides free Wi-Fi access to its patrons. An evil twin is a type of rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the user’s knowledge. This type of attack may be used to steal the passwords of unsuspecting users by monitoring their connections or phishing, which involves setting up a fraudulent website and luring people there. A rogue access point is an access point installed on a network without the network owner’s permission. For example, if an employee connected a wireless access point to a wall jack in their office so that they can use their smartphone or tablet, this would be considered a rogue access point. Therefore, an evil twin is the better answer to this question since it is specifically being made to look like it belongs on the network by mimicking the SSID of the corporate network. A WEP attack is a brute force password attack conducted against a wireless network that relies on WEP for its encryption and security. Shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers, passwords, and other confidential data by looking over the victim’s shoulder.
Which file system type is used to mount remote storage devices on a Linux system?
-NTFS
-exFAT
-NFS
-APFS
NFS
Explanation
OBJ-1.8: The Network File System (NFS) is used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system. The extensible file allocation table (exFAT) is a file system optimized for external flash memory storage devices such as USB flash drives and SD cards. exFAT supports a maximum volume size of up to 128 PB with a recommended maximum volume size of 512 TB for the best reliability. The Apple file system (APFS) is the default file system for Mac computers using macOS 10.13 or later and features strong encryption, space sharing, snapshots, fast directory sizing, and improved file system fundamentals. The NT file system (NTFS) is a Windows file system that supports a 64-bit address space and can provide extra features such as file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas. NTFS can support a maximum volume size of up to 8 PB.
You are troubleshooting a network printer when a document is printed with sensitive employee data on it. Which of the following actions should you take?
-Continue to troubleshoot the printer
-Take the document to the office manager
-Leave the document in the output tray
-Remove the document and shred it
Take the document to the office manager
Explanation
OBJ-4.7: The document contains sensitive employee information; therefore, you should not leave it on the printer. Instead, it would be best if you took it to the office manager so they can deliver it to the owner or they can securely dispose of it.
Which of the following data types would be used to store the value of TRUE?
-String
-Integers
-Floating point
-Boolean
Boolean
Explanation
OBJ-4.8: A boolean stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one). An integer stores a whole number, such as 21, 143, or 1024. An integer data type usually consumes 8 bytes of storage. A floating-point number stores a fractional or decimal number, such as 3.14, 45.5, or 333.33. A floating-point number data type usually consumes 4 to 8 bytes of storage. A string stores a group of characters, such as Hello, PYTHON, or JasonDion. A string data type usually consumes as much storage as necessary. Each character in the string usually requires 1 byte of storage.
You are working as a mobile device technician for a large corporation’s enterprise service desk. A user complains that every time they attempt to launch the company’s mobile email application, it crashes and displays an error message of Code123. Which of the following should you do FIRST to attempt to solve this problem?
-Reinstall the email app
-Rollback the app to an earlier version
-Update the smartphone’s OS
-Clear the app’s cache
Clear the app’s cache
Explanation
OBJ-3.4: Clearing the app cache addresses potential issues with temporary files or data that might be causing the app to crash. This is quick and non-disruptive action can often resolve minor app-related problems without the need for more time-consuming or complicated solutions. By starting with this step, you ensure a simpler and more efficient troubleshooting process before moving on to other, more complex actions if needed from the given options.
Your mother says there is something wrong with her computer, but unfortunately, she doesn’t know how to fix it. She asks if you can remotely connect to her computer and see if you can fix it. Which of the following technologies would BEST allow you to remotely access her computer and interact with her Windows 10 laptop?
-VPN
-RDP
-Telnet
-SSH
RDP
Explanation
OBJ-4.9: Remote Desktop Protocol (RDP) is a Microsoft protocol designed to facilitate application data transfer security and encryption between client user devices and a virtual network server. It enables a remote user to add a graphical interface to the desktop of another computer. Whether across the house or the country, you can now help solve your mother’s computer problems anytime with RDP. Telnet should not be used in a network due to its weak security posture. Telnet transmits all of the data in plain text (without encryption), including usernames, passwords, commands, and data files. For this reason, it should never be used in production networks and has been replaced by SSH in most corporate networks. SSH (Secure Shell) is used to remotely connect to a network’s switches and routers to configure them securely. SSH is typically used for logging into a remote machine and executing commands, but it also supports tunneling, forwarding TCP ports, and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP) protocols. SSH uses the client-server model. A remote-access VPN connection allows an individual user to connect to a private network from a remote location using a laptop or desktop computer connected to the internet. A remote-access VPN allows individual users to establish secure connections with a remote computer network. Once established, the remote user can access the corporate network and its capabilities as if they were accessing the network from their own office spaces.
Joanne is having a drink at the coffee shop near her office. She takes out her Windows 10 laptop and connects it to the coffee shop’s wireless network to check her email. Which type of network should she select to hide their computer from other devices on the network and prevent file sharing with other patrons of the coffee shop?
-Private
-Home
-Public
-Work
Public
Explanation
OBJ-1.6: Joanne should select the public network type when connecting to this coffee shop’s wireless network. The Network and Sharing Center in the Control Panel allows a technician to see information and modify the configuration settings of the network adapters in the workstation. The Network and Sharing Center is used to connect to a network using broadband, dial-up, or VPN connection, or add/remove file and printer sharing over the network on the workstation. When connecting to a network for the first time, the user must select if it is a public or private network. A public network will hide your computer from other devices on the network and prevent file and printer sharing. A private network is considered trusted, allows the computer to be discoverable to other devices on the network, and supports the use of file and printer sharing. In older versions of Windows, there were also Home and Work network types, but those have since been merged into public and private network types, as well.
A user contacts the help desk and complains they are getting an error when they attempt to open a 4 GB .dmg file on their Windows 10 workstation. Which of the following should you tell them?
-“Your workstation need to have 16 GB of RAM to open the file”
-“You need to use macOS to open DMG files”
-“Your hard drive must not have enough free space”
-“You must be a administrator to open that file”
“You need to use macOS to open DMG files”
Explanation
OBJ-3.2: A .dmg file is a disk image file on a macOS computer. These file types normally are used to download and install applications for macOS. Essentially, a .dmg file on a macOS computer is like a .iso file on a Windows computer. Windows cannot open .dmg files without using special software tools.
Which of the following is used to communicate data and preferences to child processes within a script or batch file?
-Constants
-Comments
-Variables
-Environmental variables
Environmental variables
Explanation
OBJ-4.8: Shell scripts and batch files use environment variables to communicate data and preferences to child processes. They can also be used to store temporary values for reference later in a shell script. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A comment is written into the code to help a human understand the initial programmer’s logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9.
A file currently has permissions of 755. Which of the following commands would change file permission to r-xr–r–?
- chmodu-rx,go-r filename
- chmod 544 filename
- chmod r-wr–r– filename
- chmod u+w,go+x filename
chmod 544 filename
Explanation
OBJ-1.11: The chmod command is used to change a file or directory’s permissions from the command line or terminal. A technician can either use u+ to add user permission and g+ to add group permissions, or they can use the octal value. In this case, the octal value of r-wr–r– is 544. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the owner’s permissions, the group’s permissions, and the other user’s permissions.
Jason has built a custom Android application that he wants to install on an Android tablet without having to install it through the Play Store. Which of the following would be required to allow him to install the app’s APK on the device?
- Sideloading
- Jailbroken device
- Developer mode
- Rooted device
Sideloading
Explanation
OBJ-3.5: An android application package (APK) is a third-party or custom program that is installed directly on an Android device to give users and business the flexibility to install apps directly on Android devices. Android supports sideloading through the APK package format. An APK file contains all of that program’s code, including .dex files, resources, assets, certificates, and manifest files. Jailbreaking is conducted on an iOS device to remove manufacturer restrictions on the device and allow other software, operating systems, or networks to work with a device. A rooted device is an Android device that has been hacked to provide the user with administrative rights to install unapproved apps, update OS, delete unwanted apps, underclock or overclock the processor, replace firmware and customize anything else. A rooted device is not required just to install an APK outside of the Play Store, though, on an Android device. Devleoper mode is used on an Android device to show additional diagnostic information when using apps or making network connections.
Which of the following file types are commonly used by scripts in a web page?
- .vbs
- .ps1
- .sh
- .js
.js
Explanation
OBJ-4.8: JavaScript is a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. JavaScript is stored in a .js file or as part of an HTML file. VBScript is a scripting language based on Microsoft’s Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line. A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files.
A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network. The FTP server must be accessible from the Internet. The security team is concerned that the FTP server could be compromised and used to attack the domain controller hosted within the company’s internal network. What is the BEST way to mitigate this risk?
-Migrate the FTP server from the internal network to a screened subnet
-Configure the firewall to utilize an implicit deny statement
-Add a deny rule to the firewall’s ACL that blocks port 21 outbound
-Upgrade the FTP server to an SFTP server since it is more secure
Migrate the FTP server from the internal network to a screened subnet
Explanation
OBJ-2.9: A screened subnet (formerly called a demilitarized zone or DMZ) is a perimeter network that protects an organization’s internal local area network (LAN) from untrusted traffic. A screened subnet is placed between the public internet and private networks. Public servers, such as the FTP server, should be installed in a screened subnet so that additional security mitigations like a web application firewall or application-aware firewall can be used to protect them. SFTP (Secure File Transfer Protocol) is a file transfer protocol that leverages a set of utilities that provide secure access to a remote computer to deliver secure communications by leveraging a secure shell (SSH) connection to encrypt the communication between the client and the server. This will prevent an attacker from eavesdropping on the communications between the SFTP server and a client, but it will not prevent an attacker from exploiting the SFTP server itself. An implicit deny is when a user or group is not granted specific permission in the security settings of an object, but they are not explicitly denied either. This is a best practice to enable, but the FTP server would still have some open ports, such as ports 20 and 21, to operate. These ports could then be used by the attacker to connect to the FTP server and exploit it. Adding a deny rule to the firewall’s ACL that blocks port 21 outbound would simply prevent internal network users and servers from accessing external FTP servers. This would in no way prevent the exploitation of the company’s FTP server since it has port 21 open and listening for inbound connections.
You are working as a military defense contractor and have been asked to dispose of 5 laptop hard drives used in systems that processed classified information. Which of the following physical data destruction and disposal methods is MOST appropriate to ensure the data cannot be recovered?
-Standard formatting of the HDDs
-Degaussing of the HDDs
-Low-level formatting of the HDDs
-Drill/hammer the HDD platters
Degaussing of the HDDs
Explanation
OBJ-2.8: The best option is to use degaussing on the hard drives. Degaussing exposes the disk to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. This renders the data on the disk inaccessible, but the disk will become unusable for other purposes. If the drive needs to be reused, repurposed, or recycled, you should not use degaussing. If the drive contains sensitive or classified information, then it should be degaussed or shredded. Standard formatting of the drives could allow the data to be restored and make the data vulnerable to exposure. Low-level formatting is a hard disk operation that will make recovering data from your storage devices difficult once the operation is complete.
You run the command ipconfig on your laptop and see that you have been assigned an IP address of 169.254.0.56. Which category of IPv4 address is this?
-Public
-Private
-Static
-APIPA
APIPA
Explanation
OBJ-3.5: APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client if the DHCP server is unavailable. A static IP address is used when the DHCP server is disabled and clients are configured manually to join the network properly. A public IP address is the outward-facing (public-facing) IP address assigned to a client. A private IP address lets a router correctly direct traffic within its network and allows devices within a network to communicate with one another, but private IP addresses cannot be used to route traffic across the internet.