Test 3 Flashcards
Which of the following tools should a technician use to modify the HOSTS file on a Windows 10 system to solve a website address resolution issue?
-Notepad
-MMC
-Services
-Regedit
Notepad
Explanation
OBJ-3.2: Browser redirection usually occurs if the browser’s proxy is modified or the hosts.ini file is modified. If the redirection occurs only for a small number of sites or occurs in all web browsers on a system, it is most likely a maliciously modified hosts.ini file. The hosts.ini file is a local text file that allows a user to specify specific domain names to map to particular addresses. It can be edited using any basic text editor, such as notepad. It works as an elementary DNS server and can redirect a system’s internet connection. For example, if your children are overusing YouTube, you can change YouTube.com to resolve to YourSchool.edu for just your child’s laptop. The Microsoft management console (MMC) is a utility that uses snap-ins for various Windows tools such as disk management, computer management, performance monitor, print management, and others to perform operations on a local or networked computer. The task manager is an advanced Windows tool that has 7 tabs that are used to monitor the Processes, Performance, App History, Startup, Users, Details, and Services on a computer. By clicking the Services tab, the technician can list all of the services installed on the computer, display their status, and start/stop/restart those services. The registry editor (RegEdit) allows you to view and make changes to system files and programs that you wouldn’t be able to access otherwise. The registry is a database made up of hives and keys that control various settings on a Windows system. Incorrectly editing the Registry can permanently damage your computer, so it is important to be very careful when modifying the registry using RegEdit.
What is the minimum processor required to install Windows 10 (x64) on a device?
-1 GHz single-core processor
-2 GHz dual-core processor
-2 GHz single-core processor
-1 GHz dual-core processor
1 GHz single-core processor
Explanation
OBJ-1.7: For the Windows 10 (64-bit) operating system, the minimum requirements are a 1 GHz processor, 2 GB of RAM, and at least 32 GB of hard drive space. For the Windows 10 (32-bit) operating system, the minimum requirements are a 1 GHz processor, 1 GB of RAM, and at least 32 GB of hard drive space. For the Windows 11 (64-bit) operating system, the minimum requirements are a dual-core 1 GHz processor, 4 GB of RAM, and at least 64 GB of hard drive space.
Gina just installed a 4 TB HDD into her Windows 10 computer and wants to assign the drive letter “M” to store her media files. Which type of partition should Gina use if she wants to mount the drive as a single partition?
-FAT32
-MBR
-GPT
-ISO
GPT
Explanation
OBJ-1.1: GPT is a newer way to partition disks that allows partition sizes over the 2 TB limit imposed by MBR. The GUID partition table (GPT) is a modern disk partitioning system allowing large numbers of partitions and very large partition sizes. The GPT is used in modern computers that support the UEFI standard and can support a maximum capacity of up to 9.7 ZB and up to 128 partitions. The master boot record (MBR) is a sector on a hard disk storing information about partitions configured on the disk. The MBR holds the information on how the logical partitions that contain the file systems are organized on the physical disk. Systems that rely on BIOS utilize the MBR to determine which partitions are on a given hard disk. MBR partition tables have a maximum capacity of 2 TB and only 4 separation partitions. An optical disc image (ISO) file is a file that contains all of the contents from an optical disc in a single file which can be mounted to the file system as though it were a physical optical drive. An ISO is a disk image that contains everything that would be written to an optical disc, disk sector by disc sector, including the optical disc file system. The file allocation table 32-bit (FAT32) is the 32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.
What does the command “shutdown /s” do on a Windows workstation?
-Shutdown the workstation
-Log off the workstation
-Reboot the workstation
-Enter sleep mode
Shutdown the workstation
Explanation
OBJ-1.2: The shutdown command allows a user or administrator to shut down or restart local or remote computers, one at a time. Using the /r option will reboot the computer. Using the /s option will shut down the computer. Using the /l option will log off the current user. Using the /h option will enter sleep or hibernation mode.
Which of the following types of encryption uses a 128-bit encryption key but is considered weak due to its use of a 24-bit initialization vector?
-WEP
-WPS
-WPA
-WPA2
WEP
Explanation
OBJ-2.2: Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. The Wi-Fi Protected Setup (WPS) is a mechanism for auto-configuring a WLAN securely for home users. On compatible equipment, users push a button on the access point and connect adapters to associate them securely. WPS is subject to brute force attacks against the PIN used to secure them, making them vulnerable to attack.
A customer runs frantically into your computer repair store. He says that his smartphone fell into a puddle, and now it won’t turn on. He excitedly tells you that he needs the smartphone working again “right now” and cannot wait. What should you do?
-Post about the experience on Facebook after the customer leaves
-Explain to the customer that the repairs may take several days
-Offer the customer the option to replace his phone
-Tell the customer to calm down because it is just a phone
Explanation
OBJ-4.7: In this case, you should offer the customer the option to replace his phone. It is important to set and meet expectations and timelines when dealing with a customer. If you cannot meet the timeline needed, you should offer different repair/replacement options (if applicable). The other options violate the principles of good customer service: (1) Do not argue with customers and/or become defensive; (2) Avoid dismissing customer problems; (3) Avoid being judgmental; (4) Clarify customer statements (ask open-ended questions to narrow the problem’s scope, restate the issue, or question to verify understanding); and (5) Do not disclose experiences via social media outlets.
Which of the following Control Panel options should a technician configure to automatically adjust the volume of different sounds when the computer is being used to place or receive telephone calls?
-USB selective suspend
-Programs and Features
-Ease of Access
-Sound
Sound
Explanation
OBJ-1.4: The Sound section of the Control Panel allows technicians to configure settings for the playback, recording, and sound effects on the computer. Under the communications tab of the Sound section, a technician can adjust whether or not the computer should adjust the volume of other sounds when a telephone call is occurring. The Ease of Access section of the Control Panel brings together the functionality for the accessibility features in Windows, including visual, tactile input, and speech recognition settings to assist those with disabilities. The USB selective suspend feature allows the hub driver to suspend an individual port without affecting the operation of the other ports on the hub. Selective suspension of USB devices is helpful when using a laptop computer as it helps to conserve battery power by powering off USB ports that are not needed at the time. The Programs and Features section of the Control Panel allows a technician to install or remove applications, software packages, and features in the Windows operating system.
Which of the following policies or plans would dictate the complexity requirements for a wireless network’s shared secret key?
-Password policy
-Data loss prevention policy
-Acceptable use policy
-Remote access policy
Password policy
Explanation
OBJ-2.6: A password policy is a set of rules created to improve computer security by motivating users to create dependable, secure passwords and then store and utilize them properly. This document promotes strong passwords by specifying a minimum password length, complexity requirements, requiring periodic password changes, and placing limits on the reuse of passwords. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict how the network, website, or system may be used and sets guidelines as to how it should be used. A data loss prevention policy is a document that defines how organizations can share and protect data. It guides how data can be used in decision-making without it being exposed to anyone who should not have access to it. The goal of a data loss prevention policy is to minimize accidental or malicious data loss. A remote access policy is a document that outlines and defines acceptable methods of remotely connecting to the internal network.
Which of the following Windows tools can a technician use to display information about the performance of hardware and software resources in real-time?
- resmon.exe
- dxdiag.exe
- msinfo32.exe
- devmgmt.msc
resmon.exe
Explanation
OBJ-1.3: Resource monitor (resmon.exe) is a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time. The resource monitor helps check the performance counters of specific resources and decide a course of action to improve the performance. System information (msinfo32.exe) is a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues. The DirectX diagnostic (dxdiag.exe) utility is used to collect info about devices to help troubleshoot problems with DirectX sound and video. It is a diagnostics tool used to test DirectX functionality and troubleshoot video-related or sound-related hardware problems. DirectX diagnostic can save text files with the scan results. Device manager (devmgmt.msc) is a utility used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.
Which attack utilizes a wireless access point made to look as if it belongs to the network by mimicking the corporate network’s SSID to eavesdrop on the wireless traffic?
-Rogue access point
-Shoulder surfing
-WEP attack
-Evil twin
Evil twin
Explanation
OBJ-2.4: An evil twin is meant to mimic a legitimate hotspot provided by a nearby business, such as a coffee shop that provides free Wi-Fi access to its patrons. An evil twin is a type of rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the user’s knowledge. This type of attack may be used to steal the passwords of unsuspecting users by monitoring their connections or phishing, which involves setting up a fraudulent website and luring people there. A rogue access point is an access point installed on a network without the network owner’s permission. For example, if an employee connected a wireless access point to a wall jack in their office so that they can use their smartphone or tablet, this would be considered a rogue access point. Therefore, an evil twin is the better answer to this question since it is specifically being made to look like it belongs on the network by mimicking the SSID of the corporate network. A WEP attack is a brute force password attack conducted against a wireless network that relies on WEP for its encryption and security. Shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers, passwords, and other confidential data by looking over the victim’s shoulder.
Which file system type is used to mount remote storage devices on a Linux system?
-NTFS
-exFAT
-NFS
-APFS
NFS
Explanation
OBJ-1.8: The Network File System (NFS) is used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system. The extensible file allocation table (exFAT) is a file system optimized for external flash memory storage devices such as USB flash drives and SD cards. exFAT supports a maximum volume size of up to 128 PB with a recommended maximum volume size of 512 TB for the best reliability. The Apple file system (APFS) is the default file system for Mac computers using macOS 10.13 or later and features strong encryption, space sharing, snapshots, fast directory sizing, and improved file system fundamentals. The NT file system (NTFS) is a Windows file system that supports a 64-bit address space and can provide extra features such as file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas. NTFS can support a maximum volume size of up to 8 PB.
You are troubleshooting a network printer when a document is printed with sensitive employee data on it. Which of the following actions should you take?
-Continue to troubleshoot the printer
-Take the document to the office manager
-Leave the document in the output tray
-Remove the document and shred it
Take the document to the office manager
Explanation
OBJ-4.7: The document contains sensitive employee information; therefore, you should not leave it on the printer. Instead, it would be best if you took it to the office manager so they can deliver it to the owner or they can securely dispose of it.
Which of the following data types would be used to store the value of TRUE?
-String
-Integers
-Floating point
-Boolean
Boolean
Explanation
OBJ-4.8: A boolean stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one). An integer stores a whole number, such as 21, 143, or 1024. An integer data type usually consumes 8 bytes of storage. A floating-point number stores a fractional or decimal number, such as 3.14, 45.5, or 333.33. A floating-point number data type usually consumes 4 to 8 bytes of storage. A string stores a group of characters, such as Hello, PYTHON, or JasonDion. A string data type usually consumes as much storage as necessary. Each character in the string usually requires 1 byte of storage.
You are working as a mobile device technician for a large corporation’s enterprise service desk. A user complains that every time they attempt to launch the company’s mobile email application, it crashes and displays an error message of Code123. Which of the following should you do FIRST to attempt to solve this problem?
-Reinstall the email app
-Rollback the app to an earlier version
-Update the smartphone’s OS
-Clear the app’s cache
Clear the app’s cache
Explanation
OBJ-3.4: Clearing the app cache addresses potential issues with temporary files or data that might be causing the app to crash. This is quick and non-disruptive action can often resolve minor app-related problems without the need for more time-consuming or complicated solutions. By starting with this step, you ensure a simpler and more efficient troubleshooting process before moving on to other, more complex actions if needed from the given options.
Your mother says there is something wrong with her computer, but unfortunately, she doesn’t know how to fix it. She asks if you can remotely connect to her computer and see if you can fix it. Which of the following technologies would BEST allow you to remotely access her computer and interact with her Windows 10 laptop?
-VPN
-RDP
-Telnet
-SSH
RDP
Explanation
OBJ-4.9: Remote Desktop Protocol (RDP) is a Microsoft protocol designed to facilitate application data transfer security and encryption between client user devices and a virtual network server. It enables a remote user to add a graphical interface to the desktop of another computer. Whether across the house or the country, you can now help solve your mother’s computer problems anytime with RDP. Telnet should not be used in a network due to its weak security posture. Telnet transmits all of the data in plain text (without encryption), including usernames, passwords, commands, and data files. For this reason, it should never be used in production networks and has been replaced by SSH in most corporate networks. SSH (Secure Shell) is used to remotely connect to a network’s switches and routers to configure them securely. SSH is typically used for logging into a remote machine and executing commands, but it also supports tunneling, forwarding TCP ports, and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP) protocols. SSH uses the client-server model. A remote-access VPN connection allows an individual user to connect to a private network from a remote location using a laptop or desktop computer connected to the internet. A remote-access VPN allows individual users to establish secure connections with a remote computer network. Once established, the remote user can access the corporate network and its capabilities as if they were accessing the network from their own office spaces.
Joanne is having a drink at the coffee shop near her office. She takes out her Windows 10 laptop and connects it to the coffee shop’s wireless network to check her email. Which type of network should she select to hide their computer from other devices on the network and prevent file sharing with other patrons of the coffee shop?
-Private
-Home
-Public
-Work
Public
Explanation
OBJ-1.6: Joanne should select the public network type when connecting to this coffee shop’s wireless network. The Network and Sharing Center in the Control Panel allows a technician to see information and modify the configuration settings of the network adapters in the workstation. The Network and Sharing Center is used to connect to a network using broadband, dial-up, or VPN connection, or add/remove file and printer sharing over the network on the workstation. When connecting to a network for the first time, the user must select if it is a public or private network. A public network will hide your computer from other devices on the network and prevent file and printer sharing. A private network is considered trusted, allows the computer to be discoverable to other devices on the network, and supports the use of file and printer sharing. In older versions of Windows, there were also Home and Work network types, but those have since been merged into public and private network types, as well.
A user contacts the help desk and complains they are getting an error when they attempt to open a 4 GB .dmg file on their Windows 10 workstation. Which of the following should you tell them?
-“Your workstation need to have 16 GB of RAM to open the file”
-“You need to use macOS to open DMG files”
-“Your hard drive must not have enough free space”
-“You must be a administrator to open that file”
“You need to use macOS to open DMG files”
Explanation
OBJ-3.2: A .dmg file is a disk image file on a macOS computer. These file types normally are used to download and install applications for macOS. Essentially, a .dmg file on a macOS computer is like a .iso file on a Windows computer. Windows cannot open .dmg files without using special software tools.
Which of the following is used to communicate data and preferences to child processes within a script or batch file?
-Constants
-Comments
-Variables
-Environmental variables
Environmental variables
Explanation
OBJ-4.8: Shell scripts and batch files use environment variables to communicate data and preferences to child processes. They can also be used to store temporary values for reference later in a shell script. A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A comment is written into the code to help a human understand the initial programmer’s logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9.
A file currently has permissions of 755. Which of the following commands would change file permission to r-xr–r–?
- chmodu-rx,go-r filename
- chmod 544 filename
- chmod r-wr–r– filename
- chmod u+w,go+x filename
chmod 544 filename
Explanation
OBJ-1.11: The chmod command is used to change a file or directory’s permissions from the command line or terminal. A technician can either use u+ to add user permission and g+ to add group permissions, or they can use the octal value. In this case, the octal value of r-wr–r– is 544. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the owner’s permissions, the group’s permissions, and the other user’s permissions.
Jason has built a custom Android application that he wants to install on an Android tablet without having to install it through the Play Store. Which of the following would be required to allow him to install the app’s APK on the device?
- Sideloading
- Jailbroken device
- Developer mode
- Rooted device
Sideloading
Explanation
OBJ-3.5: An android application package (APK) is a third-party or custom program that is installed directly on an Android device to give users and business the flexibility to install apps directly on Android devices. Android supports sideloading through the APK package format. An APK file contains all of that program’s code, including .dex files, resources, assets, certificates, and manifest files. Jailbreaking is conducted on an iOS device to remove manufacturer restrictions on the device and allow other software, operating systems, or networks to work with a device. A rooted device is an Android device that has been hacked to provide the user with administrative rights to install unapproved apps, update OS, delete unwanted apps, underclock or overclock the processor, replace firmware and customize anything else. A rooted device is not required just to install an APK outside of the Play Store, though, on an Android device. Devleoper mode is used on an Android device to show additional diagnostic information when using apps or making network connections.
Which of the following file types are commonly used by scripts in a web page?
- .vbs
- .ps1
- .sh
- .js
.js
Explanation
OBJ-4.8: JavaScript is a scripting language that is designed to create interactive web-based content and web apps. The scripts are executed automatically by placing the script in the HTML code for a web page so that when the HTML code for the page loads, the script is run. JavaScript is stored in a .js file or as part of an HTML file. VBScript is a scripting language based on Microsoft’s Visual Basic programming language. Network administrators often use VBScript to perform repetitive administrative tasks. With VBScript, you can run your scripts from either the command-line or the Windows graphical interface. Scripts that you write must be run within a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script Host (WSH) for this purpose. Windows PowerShell enables you to perform management and administrative tasks in Windows 7 and later. It is fully integrated with the operating system and supports both remote execution and scripting. Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) to help create and manage your Windows PowerShell scripts. If you want to save a series of PowerShell commands in a file to rerun them later, you effectively create a PowerShell script by creating a text file with a .ps1 extension. The file can contain a series of PowerShell commands, with each command appearing on a separate line. A shell script is a file that contains a list of commands to be read and executed by the shell in Linux and macOS. A .sh file is used for a shell script and its first line always begins with #!/bin/bash that designates the interpreter. This line instructs the operating system to execute the script. Shell scripts allow you to perform various functions. These functions include automation of commands and tasks of system administration and troubleshooting, creating simple applications, and manipulating text or files.
A network technician is tasked with designing a firewall to improve security for an existing FTP server on the company network. The FTP server must be accessible from the Internet. The security team is concerned that the FTP server could be compromised and used to attack the domain controller hosted within the company’s internal network. What is the BEST way to mitigate this risk?
-Migrate the FTP server from the internal network to a screened subnet
-Configure the firewall to utilize an implicit deny statement
-Add a deny rule to the firewall’s ACL that blocks port 21 outbound
-Upgrade the FTP server to an SFTP server since it is more secure
Migrate the FTP server from the internal network to a screened subnet
Explanation
OBJ-2.9: A screened subnet (formerly called a demilitarized zone or DMZ) is a perimeter network that protects an organization’s internal local area network (LAN) from untrusted traffic. A screened subnet is placed between the public internet and private networks. Public servers, such as the FTP server, should be installed in a screened subnet so that additional security mitigations like a web application firewall or application-aware firewall can be used to protect them. SFTP (Secure File Transfer Protocol) is a file transfer protocol that leverages a set of utilities that provide secure access to a remote computer to deliver secure communications by leveraging a secure shell (SSH) connection to encrypt the communication between the client and the server. This will prevent an attacker from eavesdropping on the communications between the SFTP server and a client, but it will not prevent an attacker from exploiting the SFTP server itself. An implicit deny is when a user or group is not granted specific permission in the security settings of an object, but they are not explicitly denied either. This is a best practice to enable, but the FTP server would still have some open ports, such as ports 20 and 21, to operate. These ports could then be used by the attacker to connect to the FTP server and exploit it. Adding a deny rule to the firewall’s ACL that blocks port 21 outbound would simply prevent internal network users and servers from accessing external FTP servers. This would in no way prevent the exploitation of the company’s FTP server since it has port 21 open and listening for inbound connections.
You are working as a military defense contractor and have been asked to dispose of 5 laptop hard drives used in systems that processed classified information. Which of the following physical data destruction and disposal methods is MOST appropriate to ensure the data cannot be recovered?
-Standard formatting of the HDDs
-Degaussing of the HDDs
-Low-level formatting of the HDDs
-Drill/hammer the HDD platters
Degaussing of the HDDs
Explanation
OBJ-2.8: The best option is to use degaussing on the hard drives. Degaussing exposes the disk to a powerful electromagnet that disrupts the magnetic pattern that stores the data on the disk surface. This renders the data on the disk inaccessible, but the disk will become unusable for other purposes. If the drive needs to be reused, repurposed, or recycled, you should not use degaussing. If the drive contains sensitive or classified information, then it should be degaussed or shredded. Standard formatting of the drives could allow the data to be restored and make the data vulnerable to exposure. Low-level formatting is a hard disk operation that will make recovering data from your storage devices difficult once the operation is complete.
You run the command ipconfig on your laptop and see that you have been assigned an IP address of 169.254.0.56. Which category of IPv4 address is this?
-Public
-Private
-Static
-APIPA
APIPA
Explanation
OBJ-3.5: APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client if the DHCP server is unavailable. A static IP address is used when the DHCP server is disabled and clients are configured manually to join the network properly. A public IP address is the outward-facing (public-facing) IP address assigned to a client. A private IP address lets a router correctly direct traffic within its network and allows devices within a network to communicate with one another, but private IP addresses cannot be used to route traffic across the internet.
A programmer is writing a script to calculate the disk space needed to perform a daily backup. The programming needs to store the amount of disk space in a temporary placeholder within the program that can be updated and changed during the script’s execution. Which of the following would be used to store the value of the disk space needed?
-Constant
-Loop
-Comment
-Variable
Variable
Explanation
OBJ-4.8: A variable is a placeholder in a script containing a number, character, or string of characters. Variables in scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the variable name is referenced throughout the script instead of the value itself. A constant is a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is always 5/9 because the formula is C = (F -32) * 5/9. A loop deviates from the initial program path to some sort of logic condition. In a loop, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen. A comment is written into the code to help a human understand the initial programmer’s logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed.
Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that “Invalid credentials” were entered. Chris assumes he must have forgotten his password, so he resets his email username and password and then reenters them into the email client. Again, Chris receives an “Invalid credentials” error. What is MOST likely causing the “Invalid credentials” error regarding Chris’s email client?
-His email account is locked out
-His smartphone has full device encryption enabled
-His email account requires a strong password to be used
-His email account requires multi-factor authentication
His email account requires multi-factor authentication
Explanation
OBJ-2.7: If a user or system has configured their email accounts to require two-factor authentication (2FA) or multifactor authentication, then even if they enter their username and password correctly in the third-party email client, they will receive the “Invalid credentials” error message. Some email servers will allow the user to create an application-specific password to bypass the multifactor authentication requirement to overcome this. If not, then the user will have to use an email client that supports multifactor authentication. His email account is not locked out or requiring a stronger password, otherwise, those issues would have been solved when he reset the password. Full device encryption on the smartphone would not affect the use of the email client since the device is unencrypted once a user enters their PIN, password, TouchID, or FaceID as authentication.
You are working at the Dion Training headquarters in Puerto Rico. The island just suffered a power outage due to a hurricane. The server room in the headquarters has power, but the rest of the office does not. You verify that the diesel generator is running at full electrical load capacity. Which of the following solutions should you recommend to Dion Training to allow them to continue working during a long-term power outage?
-Increase the capacity of their backup generator to support a larger load
-Migrate their servers to the cloud whenever a hurricane is approaching
-Purchase a 1500VA battery backup for each workstation in the office
-Replace all the lightbulbs in the building with LEDs to reduce the electrical load
Increase the capacity of their backup generator to support a larger load
Explanation
OBJ-4.5: When a hurricane causes a power outage on an island, it can be hours, days, or even months before the power is fully restored. Since the Dion Training headquarters is located in Puerto Rico, they should have a large capacity diesel generator to power their entire office during a long-term power outage. After Hurricane Maria in 2017, some parts of Puerto Rico went without grid power for nine-month. We have multiple redundant and high-capacity power sources at the Dion Training offices to ensure we can remain online and work even without any grid power available.
Which of the following contains virtual memory that can supplement the physical system memory in a Linux system?
-ext3
-ext4
-NFS
-Swap Partition
Swap partition
Explanation
OBJ-1.8: The swap partition on a Linux system is a portion of the hard disk formatted with a minimal kind of file system and used in situations when the operating system runs out of physical memory and needs more of it. It can only be used by the memory manager and not for the storage of ordinary data files. The third extended filesystem (ext3) is a journaled file system commonly used by the Linux kernel. The ext3 file system can support a maximum volume size of up to 32 TB. The fourth extended filesystem (ext4) is a journaled file system that is used natively by modern Linux operating systems such as Debian and Ubuntu. The ext4 file system can support a maximum volume size of up to 1 EB. The network file system (NFS) is used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system.
Your home network is configured with a long, strong, and complex pre-shared key for its WPA3 encryption. You noticed that your wireless network has been running slow, so you checked the list of “connected clients” and see that “Bob’s Laptop” is connected to it. Bob lives downstairs and is the maintenance man for your apartment building. You know that you never gave Bob your password, but somehow he has figured out how to connect to your wireless network. Which of the following actions should you take to prevent anyone from connecting to your wireless network without the proper WPA3 password?
-Enable WEP
-Disable WPA3
-Disable SSID broadcast
-Diable WPS
Disable WPS
Explanation
OBJ-2.9: WPS was created to ease the setup and configuration of new wireless devices by allowing the router to automatically configure them after a short eight-digit PIN was entered. Unfortunately, WPS is vulnerable to a brute-force attack and is easily compromised. Therefore, WPS should be disabled on all wireless networks. If Bob could enter your apartment and press the WPS button, he could have configured his laptop to use your wireless network without your WPA3 password. While disabling the SSID broadcast could help prevent someone from seeing your network, the issue was someone connecting to your network without having the password. Disabling the SSID broadcast would not solve this issue.
Which of the following is the LEAST secure wireless security and encryption protocol?
-WPA2
-WPA3
-WEP
-WPA
WEP
Explanation
OBJ-2.2: Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications that was designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption. Wi-Fi protected access version 3 (WPA3) has replaced WPA2 as the most secure wireless encryption method. WPA3 uses the simultaneous authentication of equals (SAE) to increase the security of preshared keys. WPA3 provides the enhanced open mode that encrypts transmissions from a client to the access point when using an open network. WPA3 Enterprise mode supports the use of AES with the Galois/counter mode protocol (GCMP-256) for the highest levels of encryption.
How would you represent r-xrw-r– in octal notation?
-624
-754
-564
-541
564
Explanation
OBJ-2.6: R-X is 5, RW- is 6, and R– is 4. In Linux, you can convert letter permissions to octal by giving 4 for each R, 2 for each W, and 1 for each X. R is for read-only, W is for write, and X is for execute. The permissions strings are written to represent the owner’s permissions, the group’s permissions, and the other user’s permissions.
Which of the following is considered a form of regulated data?
-DMCA
-DRM
-PII
-AUP
PII
Explanation
OBJ-4.6: The four forms of regulated data covered by the exam are PII (Personally Identifiable Information), PCI (Payment Card Industry), GDPR (General Data Protection Regulation), and PHI (Protected Health Information). Personally identifiable information (PII) is data used to identify, contact, or locate an individual. Information such as social security number (SSN), name, date of birth, email address, telephone number, street address, and biometric data is considered PII. An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. While some items in the AUP might help prevent a malware infection (such as not allowing users to download and run programs from the internet), it is considered an administrative control, and choosing a technical control like patch management would better protect the network. Digital rights management (DRM) is a copyright protection technology for digital media. DRM solutions usually try to restrict the number of devices allowed for playback of a licensed digital file, such as a music track or ebook. The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization that criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works.
Your company has just installed a brand new email server, but you determined that the server cannot send emails to another server during your initial testing. You decide to check the firewall’s ACL to see if the server’s outgoing email is being blocked. Which of the following ports should you ensure is open and not blocked by the firewall?
-22
-110
-25
-143
25
Explanation
OBJ-2.1: The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system.
A developer uses a MacBook Pro when working from home, but they need access to both a Windows and macOS system to test their programs. Which of the following tools should be used to allow both operating systems to exist on their MacBook Pro?
-Mission Control
-Device Manager
-Boot Camp
-Terminal
Boot Camp
Explanation
OBJ-1.10: Boot Camp is used to allow dual booting on a Macintosh computer. It allows the user to boot into either macOS (OS X) or Windows as the computer is rebooted. Boot Camp is only supported on Intel-based macOS systems, though. The terminal in macOS is the equivalent to the Windows Command Prompt window. The terminal is used to run network troubleshooting utilities such as the ping command and other advanced commands to modify the macOS environment. Mission Control is an application for facilitating multiple desktops in the macOS environment. The Device Manager is used to view and control the hardware attached to the computer. The device manager will highlight a piece of hardware that is not working so that a technician can repair or replace it.
Which of the following encryption types was used by WPA to better secure wireless networks than WEP?
-TKIP
-IV
-CCMP
-AES
TKIP
Explanation
OBJ-2.2: Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.
Which of the following security controls provides Windows system administrators with an efficient way to deploy system configuration settings across many devices?
-Patch Management
-Anti-Malware
-HIPS
-GPO
GPO
Explanation
OBJ-2.1: Microsoft’s Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users. A Group Policy is the primary administrative tool for defining and controlling how programs, network resources, and the operating system operate for users and computers in an organization. In an active directory environment, Group Policy is applied to users or computers based on their membership in sites, domains, or organizational units. A host-based intrusion detection system (HIDS) is a device or software application that monitors a system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system. Anti-malware software is a program that scans a device or network for known viruses, Trojans, worms, and other malicious software. Patch management is the process of distributing and applying updates to the software to prevent vulnerabilities from being exploited by an attacker or malware. Proper patch management is a technical control that would prevent future outbreaks.
