1102 Mock Exam #3 Missed Questions

POCKET PREP

While troubleshooting an employee's computer, a technician discovers that they have a file called "passwords" on their desktop. How should the technician handle this situation?

Alert the user to the issue and encourage them to remedy the situation

• A technician should respect a user's privacy. However, they should alert the user to the dangers of keeping password files on their desktop.

A user installs a new app on their smartphone, and it unexpectedly requests to use the device's camera and microphone, even though it is not related to the app's functionality. According to the app store it was downloaded from, the app only has about 100 installs.

What actions can the user take in this situation?

An app that behaves unexpectedly and does not have many downloads in the app store may have malware. The device should be scanned for malware and, if discovered, should be reset to remove all traces of it.

• System restore is a function for Windows desktops and servers. Airplane mode disables wireless communications.

A Linux server is responding slowly to client requests. An administrator logs into the machine to diagnose the issue.

Which command can they run to view real-time information about the system's resource utilization?

top

• The "top" command is used to display real-time information about processes and resource usage. It lets an administrator see the processes and their ID numbers so their usage can be monitored. 

• The "dig" command is used to find information about DNS. The "cat" command is used to display file contents. The "ls" command is used to list directory contents.

A Windows user wants to turn off the setting that lets apps use advertising IDs to make ads more relevant. In which section can they configure this?

Privacy

• The Privacy section lets a user decide on settings that impact how their data is used. By disabling an advertising ID, a user will not get targeted ads in apps.

• The Apps section lets a user remove applications. The System section has settings related to the system, such as displays, sounds, and notifications. The Update and Security section has settings for features such as OS updates and firewalls.

An administrator has several Windows systems that they want to be able to update to the latest patches on command by using scripts. Which utility should they utilize in their script to accomplish this?

wuauclt.exe

• Scripting the updating of Windows patches can make it easier to update many systems all at once. The wuauclt.exe command can be included in the script to detect new patches.

• The net command is used to manage network shares. The echo command is used to send text to standard output. The Get-Service command is used in PowerShell to display services on a system.

Which issue is a common threat vector for IoT devices?

Infrequent updates

• Internet of Things (IoT) devices do not get frequent updates. Because of this, if a vulnerability becomes known, it can spread through the devices easily.

• Social engineering is done against human targets. Cross-site scripting is an attack on a website. SQL injection is an attack on databases through a website.

Which statement is true about private-browsing mode?

It destroys browsing data when the browser is closed.

• When using private-browsing mode, or incognito mode, the browser will not store sensitive information. This includes clearing the browsing history, cookies, and form data.

• Private-mode browsing will not, however, protect from malware, stop a website from collecting data, or change a system's network settings.

Which type of attack inserts malicious code into a web page which can steal a website visitor's information?

XSS

• Cross-site scripting (XSS) involves inserting malicious scripts into a web page. This is often done on sites where users can contribute content, such as message boards.

• A SQL injection attacks a database server. An evil twin attack is a wireless access point that impersonates a legitimate one. An on-path attack is an attack that intercepts communication between two systems.

Which of the following is a symptom of a system experiencing time drift?

Error messages when visiting secure websites

•  Time drift can occur when the system's clock is not accurate, usually because the system's battery is low. This can cause the system to show a date that means that a website's SSL certificates have expired, even though they are still valid.

• Slow-loading user profiles can occur when the user has many start-up services. BSOD crashes can occur when there are memory issues. A system can still boot normally if there is time drift.

What is the shortcut sequence to force quit an app in macOS?

Option+Command+Esc

• Pressing Option+Command+Esc will open a force quit dialogue box in macOS. In iOS, pressing the home button twice will open a list of apps that can be closed by swiping up.

• A Windows application can be closed by using Ctrl+Alt+Delete. A Linux process can be closed with Ctrl+Z. A user can log out of macOS with the Shift+Command+Q shortcut.

A user's Windows computer is showing that it needs to be updated, even though the user has already applied the latest system updates. What tool can they use to determine what is causing this discrepancy?

Windows Update Troubleshooter

• Windows includes a troubleshooting tool that can be used for various situations. The Windows Update Troubleshooter can be accessed from the Update & Security section of Settings.

• The Task Manger is used to view processes and resource usage. The Event Viewer is used to view log files. The Performance Monitor is used to view resource usage. 

An administrator identified malware on a Windows system and quarantined it. After disabling System Restore, they want to start remediating the system.

Which of the following would be an appropriate next step?

Run Microsoft Defender Offline Scan

• To start remediating a system, running a Microsoft Defender Offline Scan is useful. It will boot the system into the Windows Recovery Environment and try to fix any issues.

• Saving the output from running the netstat command is useful when trying to identify malware. Documenting the issue and the solution is useful as a last step. Scheduling automatic updates is useful after remediation.

A macOS user wants to keep the files on their system encrypted. Which utility will provide them full-disk encryption?

FileVault

• FileVault is a macOS tool for full-disk encryption. It protects the startup disk, external hard drive, and removable media with a password.

• Keychain is a password manager. BitLocker is a Windows encryption utility. SSH is used for secure communications.

Which Linux tool is used to create backup images of the operating system?

dd

• The "dd" utility is used to create disk images. These images can restore a system to the imaged state.

• The "dig" tool is used to query DNS servers. The "apt-get" tool is used to install applications. The "df" tool is used to show information about a filesystem.

What is one function of the Reliability Monitor tool?

To see updates that were applied before system crashes

• The Reliability Monitor shows when various failures have occurred and also when updates were made. This can help a user see what may have caused the crashes.

• The Device Manager is used to update hardware device drivers. Backup and Restore is used to recover files after a system failure. Performance Monitor is used to view real-time data about system resource usage.

Which of the following file types are used with cross-platform scripting?

Cross-platform scripts can be written once and run on various types of systems that have the correct interpreters installed. Python scripts have the .py file extension. JavaScript files have the .js extension.

• Windows batch scripts use the .bat extension. PowerShell scripts work in Windows and use the .ps1 extension.

A user wants to be able to reset their PC and bring it back to its desired state without having to reinstall each application individually. What tool should they use when they need to revert the system after an incident?

System Image Recovery

• To bring a system back to a state where all its applications are already installed, an image file can be created. The System Image Recovery tool can be used to recover a saved image.

• The Reset This PC utility will not include applications installed after the initial installation. The Device Manager tool is used to manage hardware. The Microsoft Defender Offline Scan tool is used to recover from malware.

Which feature of a firewall allows for it to translate private IP addresses on an internal network into a public address on the internet?

Port forwarding

• Port forwarding involves having an internal network of computers with private IP addresses that can communicate to the internet through a single public IP address. It is similar to Network Address Translation (NAT) and is also called overloading or Port Address Translation (PAT).

• Port filtering involves blocking traffic on designtated ports. Load balancing refers to spreading out data for fault tolerance. Virtual private networking refers to encrypting traffic between two endpoints.

Which category of third-party tools allows a remote user to control the remote system?

Desktop management software

• Desktop management software is used to let a remote user create inbound connections. It can also be used for screen sharing.

• Screen-sharing software is used to let another user view what is on your display. Videoconferencing software is used for screen sharing with multiple people. File transfer software is used to send files and is included with most screen-sharing and videoconferencing software. 

A user is currently in the Windows command line and is in a directory on the C: drive. They want to switch to the D: drive.

Which commands will accomplish this?

cd /d D:

D:

To change to a different drive, the drive letter can be specified, followed by a colon. Or, the 'cd' command can be used with the /d flag before specifying the drive letter.

A developer is working on a website for a health care company. The site will allow patients to view their medical data.

Which type of data requirements should the developer be aware of in this situation?

PHI

• Personal health information (PHI) is protected data about a patient's medical history. The developer should be certain that this data is not available to anyone but the patient it belongs to.

• Personally identifiable information (PII) is data that can be tied to an individual. Intellectual property (IP) is data that is protected by copyrights and patents. Geolocation is data that ties a user to where they are located.

A user wants to share a file with another user through AirDrop. However, they are not able to make a connection.

What are possible causes for this?

AirDrop is an iOS feature that shares files between devices easily. If the device is in Airplane mode, it will not transfer files. By default, one of the users must be a contact of the other.

• AirDrop uses Bluetooth and Wi-Fi, not NFC. AirDrop is on iOS rather than Android.