Troubleshooting Operating Systems and Security Flashcards
In Windows, which utility is responsible for finding, downloading and installing Windows patching?
Device Manager
Download Manager
Windows Update
Windows Update
Windows Update is responsible for downloading and installing Windows service packs, patches, and security updates. Device Manager is used to view devices installed on the operating system. The Microsoft Management Console is a console that allows snap-ins for management. Download Manager is a component of Internet Explorer
Which Startup Setting option allows you to boot with basic drivers?
Enable Debugging
Enable Safe Mode
Enable Low-resolution Video
Enable Safe Mode
Enable Safe Mode allows you to boot with basic drivers and minimal startup of nonessential services. Enable Debugging is used by kernel developers. Disable Driver Signature Enforcement is used to allow an unsigned driver to load during boot. Enable Low-resolution Video will boot the operating system into a VGA mode
Which bootrec option can be used in Windows to rebuild the boot configuration file?
/FIXBOOT
/REBUILDBCD
/SCANOS
/REBUILDBCD
The /REBUILDBCD option can be used with the bootrec tool to rebuild the boot configuration data (BCD). The /FIXBOOT option writes a new boot sector to the system partition. The /SCANOS scans all other partitions that are found to have Windows installations. The /FIXMBR writes a new master boot record (MBR) to the partition
What is the first step in the troubleshooting process for applications?
Establish a theory
Identify the problem
Verify functionality
Identify the problem
The most important step is the first step: Identify the problem. Once you’ve identified the problem, you can then establish a theory. After a fix is in place, you should verify functionality. The final step is to document findings
Which tool do you use to create a restore point in Windows?
Windows Backup
Windows Recovery Environment
Windows Preinstallation Environment
Windows Recovery Environment
The Windows Recovery Environment allows you to create a restore point. Windows Backup restores only user data, not the Windows operating system. Previous Version is used with Volume Shadow Copy (VSS). Windows Preinstallation Environment is the mini-Windows version used for installation of Windows
Which of the following components are only used to restore Windows from a suspected state?
ntoskrnl. exe
winload. exe
winresume. exe
winresume.exe
Winresume.exe is used to load Windows from a suspended state. The Boot Configuration Data (BCD) is used to direct Windows to boot the proper installation. Ntoskrnl.exe is the Windows kernel. Winload.exe is used for the normal booting of the Windows operating system
One of the users you support has a Windows 10 laptop that will not boot up. The user just installed brand new drivers for a graphics card. They need to access a tax application and their data files. What should you try first?
System Restore
Reset This PC
Manually reinstall Windows 10
System Restore
The System Restore option should be used first to restore the operating system to an earlier point before the problem. This will restore the device back to a previous state before the installation of the drivers. System Restore will not affect user data files. Reset This PC will roll back the PC to a period before the tax application was installed. Reimaging the laptop will erase all programs and data files. Manually reinstalling Windows 10 will erase all programs and data files
Which partitioning type is required when you have UEFI firmware?
GPT
MBR
POST
GPT
When you have UEFI firmware, it is required to have the disk setup with a GUID Partition Table (GPT) partitioning type. The standard master boot record (MBR) partitioning type can be used with BIOS. Power on self-test (POST) is a routine the BIOS or firmware performs to test hardware before boot. The Boot Sector is contained on both MBR and GPT partitioning types
Which of the following are used to prevent pop-unders from appearing?
Anti-malware utilities
Pop-up blockers
Phishing sites
Pop-up blockers
Pop-up blockers are used to prevent pop-ups and pop-unders from appearing. Anti-malware utilities will remove and prevent malware. Phishing sites are used to collect users credentials’ by tricking users. Antivirus software is used to protect the operating system from viruses
In general, how often should you update your antivirus definitions?
Weekly
Monthly
Daily
Daily
Antivirus definitions should be updated daily, because new viruses are identified by the minute. Updating antivirus definitions weekly or monthly will open you up to the possibility of infection
One of your users claims that their hard drive seems to be running slowly. Which tool can you use to check to see how fragmented the hard drive is?
Disk Analyzer
Disk Cleanup
Optimize Drives
Optimize Drives
The Optimize Drive tool allows you to analyze and optimize disks for fragmentation. Disk Analyzer is not a tool. Disk Cleanup is a tool used to clean up space on a drive. Chkdsk is a tool used to check for drive errors
Which tool will allow you to diagnose why Windows Update keeps failing?
Windows Update Troubleshooter
Windows Recovery Environment
Safe Mode
Windows Update Troubleshooter
Windows Update Troubleshooter can assist in diagnosing problems with Windows Update. The ntbtlog.txt file is used to diagnose problems with bootup. Windows Recovery Environment is used for problems with Windows outside of problems of Windows Updates. Safe Mode is a boot mode that loads minimal drivers and services
Which of the following programs could be considered anti-malware?
Windows Defender Security
Windows Action Centre
Virus Total
Windows Defender Security
Windows Defender Security is considered anti-malware and antivirus protection for the Windows operating system. Mobile device management (MDM) software is used to manage mobile devices. Windows Action Center is a notification center for action to be taken in the operating system. VirusTotal is a third-party site that analyzes virus signatures, but it does not protect you from them
Which of the following tools allows you to manually fix maliciously modified system files?
SFC
bootrec
UAC
SFC
The System File Checker (SFC) allows you to manually scan for modified operating system files and repair them. Regedit is used to modify the Registry. Bootrec is used to repair the boot records on an operating system installation. User Account Control (UAC) is used to control access to administrative credentials
Which of the following can you do to help to eliminate security problems?
Establish security policies procedures
Optimize drives
Prevent booting into Safe Mode
Establish security policies procedures
Establishing security policies and procedures will help to eliminate security problems and guide employees on what to do if they arise. Optimizing drives will defragment drives and has no consequence to security. Preventing booting into Safe Mode will only hinder diagnostics. Preventing booting into Windows Recovery Environment will hinder diagnostics
A mobile device is running out of RAM. What could be the most likely problem?
The device is not charged to capacity
The device is in DND mode
The device has background application open
The device has background application open
The device most likely has too many background applications open, using RAM. That the device is not charged to capacity would not affect RAM. A digitizer not functioning properly would resemble inaccurate touch screen responses. If the device were in Do Not Disturb mode, the speakers would not work
What is a risk of using auto reconnect feature on a mobile device?
The device will reconnect to any SSID
The device could be exploited by an evil twin attack
The device’s battery life could be shortened
The device could be exploited by an evil twin attack
If auto reconnect is configured on an SSID, the device could be susceptible to an evil twin attack, in which the device connects to any device with the same SSID. The device will not reconnect to any SSID, only the SSID configured as auto reconnect. Battery life will remain unaffected with auto reconnect. Over limits can be avoided with auto reconnect, because the wireless network is used for data usage
What is a potential security issue with WAPs running on full signal power?
Client signal drops
Signals propagating past the physical organization’s perimeter
Data transmission over limits
Signals propagating past the physical organization’s perimeter
The potential security issue with WAPs running on full power is eavesdropping outside of the organization’s physical perimeter. Client signal drops would not be effected by WAPs running in a high power mode. Data transmission over limits by clients would not be affected. Unauthorized location tracking would not be affected
Which is an example of possible unauthorized account access?
A login during normal business hours
A login to two different locations during normal hours
A login outside of business hours
A login outside of business hours
A login outside of business hours is the best example of possible unauthorized account access. A login during normal business hours is normal. A login to two different locations during normal business hours could be normal, as long as it is not at the same time. A failed attempt at entering the proper password is not an example of a possible unauthorized account access
What is one consequence of an overheating mobile device?
Higher Ram usage
Degraded battery life
Inaccurate touch screen response
Degraded battery life
Degraded battery life can be expected from an overheating mobile device, if the problem persists for a long time. Higher RAM usage will not occur with overheating, but it could be a cause of overheating. Inaccurate touch screen responses are not a symptom or consequence of overheating. The inability to decrypt emails depends on having the proper certificate installed
