Troubleshooting Operating Systems and Security

Question 1

In Windows, which utility is responsible for finding, downloading and installing Windows patching?

Device Manager

Download Manager

Windows Update

Answer 1

Windows Update

Windows Update is responsible for downloading and installing Windows service packs, patches, and security updates. Device Manager is used to view devices installed on the operating system. The Microsoft Management Console is a console that allows snap-ins for management. Download Manager is a component of Internet Explorer

Question 2

Which Startup Setting option allows you to boot with basic drivers?

Enable Debugging

Enable Safe Mode

Enable Low-resolution Video

Answer 2

Enable Safe Mode

Enable Safe Mode allows you to boot with basic drivers and minimal startup of nonessential services. Enable Debugging is used by kernel developers. Disable Driver Signature Enforcement is used to allow an unsigned driver to load during boot. Enable Low-resolution Video will boot the operating system into a VGA mode

Question 3

Which bootrec option can be used in Windows to rebuild the boot configuration file?

/FIXBOOT

/REBUILDBCD

/SCANOS

Answer 3

/REBUILDBCD

The /REBUILDBCD option can be used with the bootrec tool to rebuild the boot configuration data (BCD). The /FIXBOOT option writes a new boot sector to the system partition. The /SCANOS scans all other partitions that are found to have Windows installations. The /FIXMBR writes a new master boot record (MBR) to the partition

Question 4

What is the first step in the troubleshooting process for applications?

Establish a theory

Identify the problem

Verify functionality

Answer 4

Identify the problem

The most important step is the first step: Identify the problem. Once you’ve identified the problem, you can then establish a theory. After a fix is in place, you should verify functionality. The final step is to document findings

Question 5

Which tool do you use to create a restore point in Windows?

Windows Backup

Windows Recovery Environment

Windows Preinstallation Environment

Answer 5

Windows Recovery Environment

The Windows Recovery Environment allows you to create a restore point. Windows Backup restores only user data, not the Windows operating system. Previous Version is used with Volume Shadow Copy (VSS). Windows Preinstallation Environment is the mini-Windows version used for installation of Windows

Question 6

Which of the following components are only used to restore Windows from a suspected state?

ntoskrnl. exe
winload. exe
winresume. exe

Answer 6

winresume.exe

Winresume.exe is used to load Windows from a suspended state. The Boot Configuration Data (BCD) is used to direct Windows to boot the proper installation. Ntoskrnl.exe is the Windows kernel. Winload.exe is used for the normal booting of the Windows operating system

Question 7

One of the users you support has a Windows 10 laptop that will not boot up. The user just installed brand new drivers for a graphics card. They need to access a tax application and their data files. What should you try first?

System Restore

Reset This PC

Manually reinstall Windows 10

Answer 7

System Restore

The System Restore option should be used first to restore the operating system to an earlier point before the problem. This will restore the device back to a previous state before the installation of the drivers. System Restore will not affect user data files. Reset This PC will roll back the PC to a period before the tax application was installed. Reimaging the laptop will erase all programs and data files. Manually reinstalling Windows 10 will erase all programs and data files

Question 8

Which partitioning type is required when you have UEFI firmware?

GPT

MBR

POST

Answer 8

GPT

When you have UEFI firmware, it is required to have the disk setup with a GUID Partition Table (GPT) partitioning type. The standard master boot record (MBR) partitioning type can be used with BIOS. Power on self-test (POST) is a routine the BIOS or firmware performs to test hardware before boot. The Boot Sector is contained on both MBR and GPT partitioning types

Question 9

Which of the following are used to prevent pop-unders from appearing?

Anti-malware utilities

Pop-up blockers

Phishing sites

Answer 9

Pop-up blockers

Pop-up blockers are used to prevent pop-ups and pop-unders from appearing. Anti-malware utilities will remove and prevent malware. Phishing sites are used to collect users credentials’ by tricking users. Antivirus software is used to protect the operating system from viruses

Question 10

In general, how often should you update your antivirus definitions?

Weekly

Monthly

Daily

Answer 10

Daily

Antivirus definitions should be updated daily, because new viruses are identified by the minute. Updating antivirus definitions weekly or monthly will open you up to the possibility of infection

Question 11

One of your users claims that their hard drive seems to be running slowly. Which tool can you use to check to see how fragmented the hard drive is?

Disk Analyzer

Disk Cleanup

Optimize Drives

Answer 11

Optimize Drives

The Optimize Drive tool allows you to analyze and optimize disks for fragmentation. Disk Analyzer is not a tool. Disk Cleanup is a tool used to clean up space on a drive. Chkdsk is a tool used to check for drive errors

Question 12

Which tool will allow you to diagnose why Windows Update keeps failing?

Windows Update Troubleshooter

Windows Recovery Environment

Safe Mode

Answer 12

Windows Update Troubleshooter

Windows Update Troubleshooter can assist in diagnosing problems with Windows Update. The ntbtlog.txt file is used to diagnose problems with bootup. Windows Recovery Environment is used for problems with Windows outside of problems of Windows Updates. Safe Mode is a boot mode that loads minimal drivers and services

Question 13

Which of the following programs could be considered anti-malware?

Windows Defender Security

Windows Action Centre

Virus Total

Answer 13

Windows Defender Security

Windows Defender Security is considered anti-malware and antivirus protection for the Windows operating system. Mobile device management (MDM) software is used to manage mobile devices. Windows Action Center is a notification center for action to be taken in the operating system. VirusTotal is a third-party site that analyzes virus signatures, but it does not protect you from them

Question 14

Which of the following tools allows you to manually fix maliciously modified system files?

SFC

bootrec

UAC

Answer 14

SFC

The System File Checker (SFC) allows you to manually scan for modified operating system files and repair them. Regedit is used to modify the Registry. Bootrec is used to repair the boot records on an operating system installation. User Account Control (UAC) is used to control access to administrative credentials

Question 15

Which of the following can you do to help to eliminate security problems?

Establish security policies procedures

Optimize drives

Prevent booting into Safe Mode

Answer 15

Establish security policies procedures

Establishing security policies and procedures will help to eliminate security problems and guide employees on what to do if they arise. Optimizing drives will defragment drives and has no consequence to security. Preventing booting into Safe Mode will only hinder diagnostics. Preventing booting into Windows Recovery Environment will hinder diagnostics

Question 16

A mobile device is running out of RAM. What could be the most likely problem?

The device is not charged to capacity

The device is in DND mode

The device has background application open

Answer 16

The device has background application open

The device most likely has too many background applications open, using RAM. That the device is not charged to capacity would not affect RAM. A digitizer not functioning properly would resemble inaccurate touch screen responses. If the device were in Do Not Disturb mode, the speakers would not work

Question 17

What is a risk of using auto reconnect feature on a mobile device?

The device will reconnect to any SSID

The device could be exploited by an evil twin attack

The device’s battery life could be shortened

Answer 17

The device could be exploited by an evil twin attack

If auto reconnect is configured on an SSID, the device could be susceptible to an evil twin attack, in which the device connects to any device with the same SSID. The device will not reconnect to any SSID, only the SSID configured as auto reconnect. Battery life will remain unaffected with auto reconnect. Over limits can be avoided with auto reconnect, because the wireless network is used for data usage

Question 18

What is a potential security issue with WAPs running on full signal power?

Client signal drops

Signals propagating past the physical organization’s perimeter

Data transmission over limits

Answer 18

Signals propagating past the physical organization’s perimeter

The potential security issue with WAPs running on full power is eavesdropping outside of the organization’s physical perimeter. Client signal drops would not be effected by WAPs running in a high power mode. Data transmission over limits by clients would not be affected. Unauthorized location tracking would not be affected

Question 19

Which is an example of possible unauthorized account access?

A login during normal business hours

A login to two different locations during normal hours

A login outside of business hours

Answer 19

A login outside of business hours

A login outside of business hours is the best example of possible unauthorized account access. A login during normal business hours is normal. A login to two different locations during normal business hours could be normal, as long as it is not at the same time. A failed attempt at entering the proper password is not an example of a possible unauthorized account access

Question 20

What is one consequence of an overheating mobile device?

Higher Ram usage

Degraded battery life

Inaccurate touch screen response

Answer 20

Degraded battery life

Degraded battery life can be expected from an overheating mobile device, if the problem persists for a long time. Higher RAM usage will not occur with overheating, but it could be a cause of overheating. Inaccurate touch screen responses are not a symptom or consequence of overheating. The inability to decrypt emails depends on having the proper certificate installed