CompTIA Core 2 Review

What might a security engineer suggest as a solution to deter lunchtime attacks?

A. Strong password

B. Biometrics

C. Permissions

D. Policies

D. Policies

An IT administrator creates a repository for standard operating procedures (SOPs). What documents does the administrator upload to the repository? (Select all that apply.)

A. Software installation instructions

B. New-user setup checklist

C. Server decommissioning checklist

D. Acceptable computer use policy

A. Software installation instructions

B. New-user setup checklist

C. Server decommissioning checklist

A user with tech knowledge and some access permissions browses the network to identify any available shares on all servers. While browsing, the user tried to find a share containing payroll information. They know the share name is 'payroll' however they are not able to find it when searching. Assuming the user is authorized to access the payroll information, what is the most likely reason why the user cannot view the information within the share?

A. The user's account is not enabled yet.

B. The share is a hidden share.

C. The PC has no network connection.

D. Permissions to the share are incorrect.

B. The share is a hidden share.

A technician receives a company laptop from an employee who states they are trying to authenticate from one Windows system to another in a domain but fails with no error message. They have verified the username and password are correct. What does the technician determine the issue to be?

A. Application crash

B. Time drift

C. Failed service

D. Blue screen of death

B. Time drift

A company looks to dispose of old computers and related equipment.  Which items require special care? (Select all that apply.)

A. Mouse Pad

B. Batteries

C. Toner

D. Motherboard

B. Batteries

C. Toner

D. Motherboard

A user suspects that a USB drive on their system has been tampered with. The user accidentally dropped the USB drive, breaking the chip inside it. What does the user compromise?

A. Incident documentation

B. Digital forensics

C. Latent evidence

D. Chain of custody

C. Latent evidence

An engineer configures an Authentication, Authorization, and Accounting (AAA) server to authenticate credentials for remote users. Credentials are forwarded to the AAA server from a firewall. Which AAA method does the engineer utilize?

A. TACACS+

B. RADIUS

C. Kerberos

D. Active Directory

B. RADIUS

A technician configures a legacy computer for a user.  Which account authentication policies does the technician implement? (Select all that apply.)

A. Change the default admin password.

B. Disable the guest account.

C. Set any user permissions.

D. Secure any critical hardware.

A. Change the default admin password.

B. Disable the guest account.

A user experiences a blue screen of death (BSoD) during startup while using a Windows desktop computer. Upon initial inspection, no debris is observed in the tower. What does a support technician determine to be a good first troubleshooting step?

A. Check the system for malware.

B. Reinstall the operating system.

C. Look for any hardware changes.

D. Clean any dust from the system.

C. Look for any hardware changes.

A problematic Windows system with multiple operating systems installed does not boot properly. A support technician tries to diagnose by outlining the boot process. The technician determines that the system uses an Extensible Firmware Interface (EFI) system partition. Which file does the technician inspect for problems related to a specific operating system boot problem?

A. BOOTMGR

B. NTOSKRNL

C. HAL

D. BOOTMGFW

D. BOOTMGFW

A network engineer implements a proxy at a small company. The configuration does not require settings on every client machine. What type of proxy does the engineer deploy? (Select all that apply.)

A. Manual

B. Transparent

C. Autoconfiguring

D. Intercepting

B. Transparent

D. Intercepting

A technician would like to set every Windows computer at an organization to have a company logo as a desktop wallpaper. What does the technician determine as the best method for deploying the setting?

A. Login script

B. Domain group policy

C. Local group policy

D. Administrative template

B. Domain group policy

A user interacts with a Linux distribution that has no desktop graphical user interface (GUI). As the user types, which stream handles the interaction?

A. stderr

B. std

C. stdout

D. stdin

D. stdin

A systems administrator looks to have a daily backup of a server located across a wide area network (WAN) link. As the link is not fast, the administrator creates a backup scheme that uses little to no bandwidth and acquires an entire backup of the system. Which scheme does the administrator implement?

A. Full

B. Synthetic

C. Incremental

D. Differential

B. Synthetic

A systems administrator is testing a recently configured backup solution. What are some best practices when testing a backup? (Select all that apply.)

A. Verify that the backup contains all the required files.

B. Restore some of the backed-up data into a production directory.

C. Configure the backup software to verify after it writes.

D. Run chkdsk on the virtual machine used for the backup application.

A. Verify that the backup contains all the required files.

C. Configure the backup software to verify after it writes.

An engineer surveys risks tied to environmental impacts for a service computer stored in a server closet. What does the engineer focus on? (Select all that apply.)

A. Temperature

B. Humidity

C. Noise

D. Ventilation

A. Temperature

B. Humidity

D. Ventilation

A systems administrator configures a hardware firewall to allow remote desktop connections to various Windows computers. This involves port forwarding. Which port will the administrator need to change so that each system uses a unique port?

A. 22

B. 5900

C. 443

D. 3389

D. 3389

How might a mobile-device management suite of software detect that a user has rooted an Android device?

A. The device is in developer mode.

B. There is no valid developer code signature. 

C. The iOS device is jailbroken.

D. The battery life is significantly reduced.

B. There is no valid developer code signature.

A computer store help technician installs a Windows 10 edition that is designed for domestic consumers and SOHO business use. What edition has been installed in this instance?

A. Pro 

B. Education

C. Enterprise

D. Home 

D. Home

An IPv6 address is made up of bits that identify the network and host of a system. How many bits long is an IPv6 address in total, and how many bits identify the host portion? (Select all that apply.)

A. 128

B. 32

C. 256

D. 64

A. 128

D. 64

A user wants to use the xcopy command at a command (CMD) prompt but is unfamiliar with the syntax and switches. What can they use to learn more? (Select all that apply.)

A. xcopy help

B. help xcopy

C. xcopy |

D. xcopy /?

B. help xcopy

D. xcopy /?

A user starts experiencing a blue screen of death (BSoD) on start up. Where should the user check for changes after getting back on the computer?
 

A. WSL

B. devmgmt.msc

C. taskschd.msc

D. services.msc

B. devmgmt.msc

A Windows server administrator wants to use a scheduled local script to transfer logs from that server to a central security incident and event monitoring platform. Copying the logs over and ingesting them locally saves on the licensing. Which command should the script use?

A. xcopy Source [Destination] [Switches]

B. md Source [Destination] [Switches]

C. robocopy Source [Destination] [Switches]

D. rmdir Source [Destination] [Switches]

C. robocopy Source [Destination] [Switches]

A Windows administrator wants to become more familiar with Linux but still wants to use Windows primarily. The administrator installs the bash subsystem for Windows and is reading about how Windows has made strides to become more compatible with Linux. Which of the following was part of the changes to the underlying New Technology File System (NTFS) structure?

A. Journaling

B. Snapshots

C. Case-sensitive naming

D. Indexing

C. Case-sensitive naming

A user experiences a slow desktop load, so they want to try to rebuild their local user profile. Which of the following is NOT one of the three files that need to be excluded when rebuilding a profile?

A. NTUSER.POL

B. NTUSER.DAT

C. NTUSER.DAT.LOG

D. NTUSER.INI

A. NTUSER.POL

A project manager implements a new ticketing system that allows the helpdesk to record knowledge, streamline efficiencies, and automate solutions. Which of the following is the least concern for the support team?

A. Licensing

B. Distribution method

C. Support

D. Training

B. Distribution method

A support operator helps a user who is complaining about latency and sluggish performance for a modern computer. Which of the following will be the least helpful in troubleshooting?

A. Perform a system file check (SFC).

B. Use Task Manager.

C. Reboot.

D. Run fewer programs.

A. Perform a system file check (SFC).

A security engineer investigates legacy applications and employees that are still using them. Which of the following user groups represent a security concern?

A. Guest

B. Power users

C. Standard account

D. Local users and groups

B. Power users

A vulnerability manager cleans up the patching program in their enterprise. After getting it back to a good state, the manager focuses efforts on hardening. They begin with a test box and want to look at open connections from services. What command should the manager use?

A. nslookup

B. tracert

C. ipconfig

D. netstat

D. netstat

A security conscientious administrator wants to make authentication more secure. Which of the following would be the optimal method?

A. Device token

B. Facial recognition

C. MFA

D. UAC

C. MFA

An administrator sets up a network share for the marketing team to collaborate. The requirement is to protect the files from a user who has local access to the computer that hosts the shared resource. What type of permission should the administrator set up?

A. NTFS

B. Share-level

C. FAT32

D. ACE

A. NTFS

A penetration tester looks to harvest credentials from users who log in locally. Where should the penetration tester look for users who authenticated locally?

A. SAM

B. Kerberos

C. VPN

D. Web portal

A. SAM

A server administrator wants to connect to a user's computer. They are trying to get their patching numbers up and discover that users must pull the updates, so the administrator wants to push a script that forces the pull. The administrator wants to copy the file to users' automatically hidden shares. Which of the following could the administrator use? (Select all that apply.)

A. C:\Windows$

B. C$

C. C:\Users$

D. ADMIN$

B. C$

D. ADMIN$

A transportation company outfits its mobile units with devices that will enable them to analyze routes, patterns, and create efficiencies. The devices will connect to their cloud servers through a 4G WWAN. What will the company need to ensure the devices connect to the cloud resources?

A. VPN

B. SIM

C. NLA

D. Link-layer Topology Discovery

B. SIM

A PC user is looking at the wireless card adapter properties on their Windows computer. Which of the following is the most important setting to verify in order to ensure the PC is capable of connecting to an existing network?

A. Power transmission

B. SSID

C. Automatic connection

D. Protocol support

D. Protocol support

A jewelry retail chain has just discovered how to create a new form of jewels that has never been seen before. They want to set up an alarm system that triggers when the case is opened. What type of alarm should the jewelry chain install to secure the glass display case containing the jewels?

A. Motion Sensors

B. Radio frequency ID (RFID)

C. Circuit

D. Duress

C. Circuit

A server administrator wants to secure a whole rack of servers. What would be the best way to secure access to the servers?

A. Kensington locks

B. Chassis locks

C. Fingerprint readers

D. Cabinet locks

D. Cabinet locks

A student is interning for a security team at a major company and wants to practice on their home network. They want to make sure devices are easily identified when traffic is examined. Which of the following will help them accomplish this?

A. Port forward

B. UPnP

C. DHCP Reservation

D. Port triggering

C. DHCP Reservation

A security analyst is looking at the overall security status of systems on the network. Which of the following represents the greatest threat?

A. EOL system

B. Unprotected system

C. Zero-day

D. Non-compliant system

A. EOL system

A network administrator analyzes the physical placement of routers or network appliances to ensure a secure location. What non-malicious threat is the administrator helping to prevent?

A. Default password

B. Power off

C. Firmware update

D. Evil twin

B. Power off

A network administrator sets up a network access control solution throughout the enterprise which allows them to see ports with multiple devices connected into a switch port. The administrator uses this to help identify wireless access points throughout the enterprise, especially older ones which may have been forgotten. Which of the following legacy wireless encryption mechanisms is the administrator going to change? (Select all that apply.)

A. WPA2

B. WPA

C. WPA3

D. WEP

B. WPA

D. WEP

A network professional sets up the ability to authenticate over Extensible Authentication Protocol over Wireless (EAPoW). Which of the following will the professional need to configure?

A. TACACS+

B. WPA3

C. Active directory

D. MFA

C. Active directory

A helpdesk operator is reviewing a notification that a user clicked links in a very suspicious email. After verifying there are symptoms of malware, what is the next step the operator should take?

A. Disable System Restore.

B. Look for missing or renamed files.

C. Look for services masquerading as legitimate services.

D. Quarantine.

D. Quarantine.

A security manager wants to set up a program where they can proactively mitigate malware infection as much as possible. Which of the following is least helpful in this endeavor?

A. User training

B. Scheduled scans

C. Update trusted root certificates

D. On-access scanning

C. Update trusted root certificates

A security manager is setting up a password policy for users. Which of the following is the best security practice when it comes to passwords?

A. Password expiration

B. Length

C. Character mix

D. Personal information

B. Length

A security administrator wants to set up anomalistic monitoring around behavioral-based user activity. Which of the following could the administrator implement for monitoring? (Select all that apply.)

A. Failed attempts

B. Login times

C. Concurrent logins

D. Screen lock

A. Failed attempts

B. Login times

C. Concurrent logins

A security manager sets up a defense in depth mechanism and sets up monitoring to catch communications from the attacker to the malware. What is the manager monitoring for?

A. Spyware

B. C2

C. Keylogger

D. Rootkit

B. C2

A security manager puts together a security awareness campaign for mobile devices. Which of the following is least likely to be a symptom of malware?

A. High number of ads

B. Sluggish response time

C. Unexpected Reboots

D. Redirect to spoofed sites

C. Unexpected Reboots

A security analyst working on a monitoring team wants to implement new monitoring mechanisms around Secure Shell (SSH) authentication. Which of the following should the analyst focus on?

A. Monitor netflows for port 443 traffic.

B. Monitor netflows for port 3389 traffic.

C. Monitor for compromised keys.

D. Monitor the screen sharing service.

C. Monitor for compromised keys.

A penetration tester wants to perform drive mapping on an engagement on a Windows-based OS but suspects that the security is monitoring PowerShell commands. What could the tester use to map a network drive while remaining unnoticed?

A. net use

B. New-PSDrive

C. mount

D. echo "New-PSDrive"

A. net use

An administrator wants to test their backups to ensure that in the event of a real emergency there will not be any unforeseen problems. Which of the following is NOT a common validation?

A. Restore data to a test directory.

B. Check job hashes.

C. Wipe all backups.

D. Run chkdsk.

C. Wipe all backups.

A Windows administrator is combing through server logs and sees that a wscript.exe executed a script. What type of script is executed by default?

A. .BAT

B. .PS1

C. .VBS

D. .SH

C. .VBS

A network administrator wants to remotely deploy firmware updates to their managed devices. This type of update usually occurs overnight while devices are turned off. Which of the following tools should the administrator set up in order to facilitate these updates?

A. EDR

B. WOL

C. RMM

D. MDM

B. WOL

A security engineer wants to learn how to code in Python but is running a Windows box. Which of the following is the easiest interpreter to set up for Windows?

A. Pypy

B. Wscript

C. Cscript

D. CPython

D. CPython

A user at a large organization notices that their computer is extremely sluggish. This happened shortly after the user clicked on a link in an email that seemed suspicious. After reporting to the Help Desk, which team will most likely handle the incident?

A. CSIRT

B. EULA

C. Forensics team

D. IT department

A. CSIRT

A security architect sets up a policy for the secure destruction of optical media. Which of the following is NOT an effective method?

A. Degaussing

B. Shredding

C. Incinerating

D. Smashing

A. Degaussing

A user is reviewing a script and comes across the code in one of the lines as follows. What is the line doing?
 
#until ping -c1 "$1" &>/dev/null 

A. Set a variable.

B. Set a loop.

C. Nothing is executing.

D. Prevent from writing to the terminal.

C. Nothing is executing.

An electrical engineer is setting up a secondary power supply to a data center. They want to ensure that if there is a problem with the electrical supply, power is broken in the circuit. What should the engineer use?

A. API

B. MANO

C. SDN

D. Fuse

D. Fuse