Unit 3 - quiz

Question 1

Which Windows registry hive stores information about object linking and embedding (OLE) registrations?

Answer 1

HKEY_CLASSES_ROOT - HKCR

Question 2

Which Windows registry hive stores information about the current hardware profile?

Answer 2

HKEY_CURRENT_CONFIG - HKCC

Question 3

Which Windows registry hive stores information concerning all the user accounts on the host?

Answer 3

HKEY_USERS - HKU

Question 4

Which Windows registry hive stores information concerning the currently logged in user?

Answer 4

HKEY_CURRENT_USERS - HKCU

Question 5

Which Windows registry hive stores system-related information?

Answer 5

HKEY_LOCAL_MACHINE - HKLM

Question 6

Which Windows tool selectively denies traffic to a computer or network segment?

Answer 6

Windows Defender Firewall

Question 7

Which Windows tool logs history, application, security, and system events?

Answer 7

Event Viewer

Question 8

Which windows tool or command can be used to look for inbound or outbound TCP connections on a Windows host that are not authorized?

Answer 8

netstat

Question 9

Which Windows tool provides resource information, such as memory, CPU, disk, and network?

Answer 9

Resource Monitor

Question 10

Which Windows tool is the built-in virus and spyware protection?

Answer 10

Windows Defender

Question 11

Which command or tool finds the IP address of a server from a URL?

Answer 11

Nslookup

Question 12

Which Windows tool provides information about applications, processes, and services running on the computer?

Answer 12

Task Manager

Question 13

Which Windows tool is the database that stores all the information about hardware, applications, users, and system settings?

Answer 13

Windows Registry

Question 14

What is a thread?

Answer 14

A thread is a unit of execution in a process.

Question 15

What is a windows registry?

Answer 15

The Windows Registry is a hierarchical database that stores most of the operating systems and desktop
environment configuration settings

Question 16

How do you access the windows registry?

Answer 16

To access the Windows Registry, click Start > Search for regedit and select Registry Editor. Click Yes
when asked to allow this app to make changes.

Question 17

How are PowerShell Commands, cmdlets constructed?

Answer 17

PowerShell commands, cmdlets, are constructed in the form of verb-noun string. To identify the
PowerShell command to list the subdirectories and files in a directory, enter Get-Alias dir at the
PowerShell prompt.
PS C:\Users\CyberOpsUser> Get-Alias dir

Question 18

What PowerShell would you enter to see the options available for the netstat command?

Answer 18

enter netstat -h to see the options available for the netstat command

Question 19

What PowerShell would you enter to see per-protocol statistics?

Answer 19

Displays per-protocol statistics. By default, statistics are
shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6;
the -p option may be used to specify a subset of the default.

Question 20

What command would you use to display the routing table with the active routes?

Answer 20

To display the routing table with the active routes, enter netstat -r at the prompt.

Question 21

What is the netstat command can also display the processes associated with the active TCP connections.

Answer 21

The netstat command can also display the processes associated with the active TCP connections. Enter
the netstat -abno at the prompt.