Chapter 8
220-1002 Practice Exam B
The previous 220-1002 exam was the introduction. This next test takes the challenge to the next level and can be considered an intermediate practice test. I’ve blended in some more difficult questions this time.
The main goal of this practice exam is to make sure you understand all of the concepts before moving on to the next test. If you haven’t taken a break already, I suggest taking one between exams. If you just completed the first exam, give yourself a half hour or so before you begin this one. If you didn’t score 90 percent or higher on exam A, go back and study; then retake exam A until you pass with 90 percent or higher.
Write down your answers and check them against the answer key, which immediately follows the exam. After the answer key, you will find the explanations for all of the answers. Good luck!
Practice Questions
1. Which of the following statements best describes how to restart the Print Spooler service? (Select the two best answers.)
A. Enter net stop spooler and then net start spooler on the command line.
B. Enter net stop print spooler and then net start print spooler on the command line.
C. Go to Computer Management > Services and restart the Print Spooler service.
D. Go to Computer Management > System Tools > Event Viewer and restart the Print Spooler service.
Quick Answer: 192
Detailed Answer: 193
2. Where is Registry hive data stored?
A. \%systemroot%Windows
B. \%systemroot%WindowsSystem32Config
C. \%systemroot%System32
D. \%systemroot%System32Config
Quick Answer: 192
Detailed Answer: 193
3. Clinton needs a more secure partition on his hard drive. Currently, the only partition on the drive (C:) is formatted as FAT32. He cannot lose the data on the drive but must have a higher level of security, so he is asking you to change the drive to NTFS. Which of the following is the proper syntax for this procedure?
A. change C: /FS:NTFS
B. change C: NTFS /FS
C. convert C: /FS:NTFS
D. convert C: NTFS /FS
Quick Answer: 192
Detailed Answer: 193
4. Tom has a 200 GB hard drive partition (known as C:) on a Windows computer. He has 15 GB free space on the partition. Which of the following statements best describes how he can defrag the partition?
A. He can run the Disk Defragmenter in Computer Management.
B. He can run defrag.exe -f on the command line.
C. He can run defrag.exe -v on the command line.
D. He can run defrag.exe -A on the command line.
Quick Answer: 192
Detailed Answer: 193
5. You are utilizing WSUS and are testing new updates on PCs. What is this an example of?
A. Host-based firewall
B. Application baselining
C. Patch management
D. Virtualization
Quick Answer: 192
Detailed Answer: 194
6. Which versions of Windows 8 allow for joining domains? (Select the two best answers.)
A. Standard
B. Pro
C. Ultimate
D. Enterprise
Quick Answer: 192
Detailed Answer: 194
7. One of your customers reports that there is a large amount of spam in her email inbox. Which of the following statements describes the best course of action to recommend to her?
A. Advise her to create a new email account.
B. Advise her to add the senders to the junk email sender list.
C. Advise her to find a new ISP.
D. Advise her to reply to all spam and opt out of future emails.
Quick Answer: 192
Detailed Answer: 194
8. In Windows, where can devices like the display and hard drives be configured to turn off after a certain amount of time?
A. Power plans
B. Display Properties
C. Computer Management
D. Task Manager
Quick Answer: 192
Detailed Answer: 194
9. Which of the following procedures best describes how to find out which type of connection the printer is using?
A. Right-click the printer, select Properties, and click the Sharing tab.
B. Right-click the printer, select Properties, and click the Advanced tab.
C. Right-click the printer, select Properties, and click the Separator Page button.
D. Right-click the printer, select Properties, and click the Ports tab.
Quick Answer: 192
Detailed Answer: 194
10. Your customer is having problems printing from an application. You attempt to send a test page to the printer. Which of the following statements best describes why a test page should be used to troubleshoot the issue?
A. It allows you to see the quality of the printer output.
B. The output of the test page allows you to initiate diagnostic routines on the printer.
C. It verifies the connectivity and illuminates possible application problems.
D. It clears the print queue and resets the printer memory.
Quick Answer: 192
Detailed Answer: 195
11. A user’s hard drive seems very slow in its reaction time when opening applications. Which of the following statements best describes the most likely cause of this?
A. The drive needs to be initialized.
B. The temporary files need to be deleted.
C. The drive is fragmented.
D. The drive’s SATA data connector is loose.
Quick Answer: 192
Detailed Answer: 195
12. Which of the following actions will not secure a functioning computer workstation?
A. Setting a strong password
B. Changing default usernames
C. Disabling the guest account
D. Sanitizing the hard drive
Quick Answer: 192
Detailed Answer: 195
13. Which utility enables you to implement auditing on a single Windows computer?
A. Local Security Policy
B. Group Policy Editor
C. AD DS
D. Services.msc
Quick Answer: 192
Detailed Answer: 195
14. Which of the following statements best describes the main function of a device driver?
A. Modifies applications
B. Works with memory more efficiently
C. Improves device performance
D. Allows the OS to talk to the device
Quick Answer: 192
Detailed Answer: 196
15. Where are restore points stored after they are created?
A. The Recycler folder
B. The System32 folder
C. The %systemroot% folder
D. The System Volume Information folder
Quick Answer: 192
Detailed Answer: 196
16. Which of the following is considered to be government-regulated data?
A. DRM
B. EULA
C. PII
D. DMCA
Quick Answer: 192
Detailed Answer: 196
17. Which of the following are types of social engineering? (Select the two best answers.)
A. Malware
B. Shoulder surfing
C. Tailgating
D. Rootkits
Quick Answer: 192
Detailed Answer: 196
18. Which of the following is the service that controls the printing of documents in a Windows computer?
A. Printer
B. Print server
C. Print pooling
D. Print Spooler
Quick Answer: 192
Detailed Answer: 196
19. Which of the following is the best way to ensure that a hard drive is secure for disposal?
A. Magnetically erase the drive.
B. Format the drive.
C. Run bootrec /fixmbr.
D. Convert the drive to NTFS.
Quick Answer: 192
Detailed Answer: 197
20. A month ago, you set up a wireless access point/router for a small business that is a customer of yours. Now, the customer calls and complains that Internet access is getting slower and slower. As you look at the WAP/router, you notice that it was reset at some point and is now set for open access. You then guess that neighboring companies are using the service connection. Which of the following statements best describes how you can restrict access to your customer’s wireless connection? (Select the two best answers.)
A. Configure the wireless access point to use WPA2.
B. Configure MS-CHAPv2 on the WAP/router.
C. Disable SSID broadcasting.
D. Move the WAP/router to another corner of the office.
Quick Answer: 192
Detailed Answer: 197
21. A first-level help desk support technician receives a call from a customer and works with the customer for several minutes to resolve the call, but the technician is unsuccessful. Which of the following steps should the technician perform next?
A. The technician should explain to the customer that he will receive a callback when someone more qualified is available.
B. The technician should escalate the call to another technician.
C. The technician should explain to the customer that the problem cannot be resolved and end the call.
D. The technician should continue working with the customer until the problem is resolved.
Quick Answer: 192
Detailed Answer: 197
22. A customer complains that there is nothing showing on the display of his laptop. Which of the following should you attempt first on the computer?
A. You should replace the inverter.
B. You should reinstall the video drivers.
C. You should boot into Safe mode.
D. You should check whether the laptop is in Standby or Hibernate mode.
Quick Answer: 192
Detailed Answer: 197
23. During an installation of Windows, you are given an opportunity to load alternative third-party drivers. Which device are you most likely loading drivers for?
A. CD-ROM
B. SCSI drive
C. USB mouse
D. BIOS/UEFI
Quick Answer: 192
Detailed Answer: 198
24. A Windows 10 computer in a Windows workgroup can have how many concurrent connections?
A. 10 or fewer
B. 15 or fewer
C. 20 or fewer
D. 25 or fewer
Quick Answer: 192
Detailed Answer: 198
25. Megan’s laptop runs perfectly when she is at work, but when she takes it on the road, it cannot get on the Internet. Internally, the company uses static IP addresses for all computers. What should you do to fix the problem?
A. Tell Megan to get a wireless cellular card and service.
B. Tell Megan to use DHCP.
C. Tell Megan to configure the alternate configuration tab of TCP/IP properties.
D. Configure a static IP address in the Alternate Configuration tab of the user’s TCP/IP properties and enable DHCP in the General tab.
Quick Answer: 192
Detailed Answer: 198
26. Which power-saving mode enables for the best power savings, while still allowing the session to be reactivated later?
A. Standby
B. Suspend
C. Hibernate
D. Shutdown
Quick Answer: 192
Detailed Answer: 198
27. John’s computer has two hard drives, each 1 TB. The first is the system drive and is formatted as NTFS. The second is the data drive and is formatted as FAT32. Which of the following statements are true? (Select the two best answers.)
A. Files on the system drive can be secured.
B. Larger logical drives can be made on the data drive.
C. The cluster size is larger, and storage is more efficient on the system drive.
D. The cluster size is smaller, and storage is more efficient on the system drive.
Quick Answer: 192
Detailed Answer: 198
28. When using the command line, a switch ______.
A. enables the command to work across any operating system
B. is used in application icons
C. changes the core behavior of a command, forcing the command to perform unrelated actions
D. alters the actions of a command, such as widening or narrowing the function of the command
Quick Answer: 192
Detailed Answer: 199
29. You need to view any application errors that have occurred today. Which tool should be used?
A. Event Viewer
B. Local Security Policy
C. Msconfig
D. Sfc /scannow
Quick Answer: 192
Detailed Answer: 199
30. Which of the following commands can help you modify the startup environment?
A. Msconfig
B. Ipconfig
C. Boot Config Editor
D. Registry Editor
Quick Answer: 192
Detailed Answer: 199
31. Which of the following log files references third-party software error messages?
A. Security log
B. System log
C. Application log
D. Setuperr.log
Quick Answer: 192
Detailed Answer: 199
32. Which of the following provides the lowest level of wireless security protection?
A. Disable the SSID broadcast.
B. Use RADIUS.
C. Use WPA2.
D. Enable WEP on the wireless access point.
Quick Answer: 192
Detailed Answer: 199
33. A customer uses an unencrypted wireless network. One of the users has shared a folder for access by any computer. The customer complains that files sometimes appear and disappear from the shared folder. Which of the following statements best describes how to fix the problem? (Select the two best answers.)
A. Enable encryption on the router and the clients.
B. Encrypt the drive that has the share using EFS (Encrypting File System).
C. Increase the level of security on the NTFS folder by changing the permissions.
D. Change the share-level permissions on the shared folder.
Quick Answer: 192
Detailed Answer: 200
34. A customer is having difficulties with his hard drive, and the system won’t boot. You discover that the operating system has to be reloaded. Which of the following statements best describes how to explain this to the customer?
A. “I need to rebuild the computer.”
B. “I need to format the hard drive and reload the software.”
C. “I need to run a bootrec /fixmbr on the computer.”
D. “I need to restore the system; data loss might occur.”
Quick Answer: 192
Detailed Answer: 200
35. Users in your accounting department are prompted to provide usernames and passwords to access the payroll system. Which type of authentication method is being requested in this scenario?
A. MFA
B. Single-factor
C. TACACS+
D. RADIUS
Quick Answer: 192
Detailed Answer: 200
36. Which of the following commands makes a duplicate of a file?
A. Move
B. Copy
C. Dir
D. Ls
Quick Answer: 192
Detailed Answer: 200
37. Which tool in Windows enables a user to easily see how much memory a particular process uses?
A. System Information Tool
B. Registry
C. Task Manager
D. Performance Monitor
Quick Answer: 192
Detailed Answer: 200
38. Windows was installed on a computer with two hard drives: a C: drive and a D: drive. Windows is installed to C:, and it works normally. The user of this computer complains that his applications are drive intensive and that they slow down the computer. Which of the following statements best describes how to resolve the problem?
A. Move the paging file to the D: drive.
B. Reinstall Windows on the D: drive rather than on the C: drive.
C. Defrag the D: drive.
D. Decrease the paging file size.
Quick Answer: 192
Detailed Answer: 201
39. Which of the following tools should be used to protect a computer from electrostatic discharge (ESD) while you are working inside it?
A. Multimeter
B. Crimper
C. Antistatic wrist strap
D. PSU tester
Quick Answer: 192
Detailed Answer: 201
40. You are running some cable from an office to a computer located in a warehouse. As you are working in the warehouse, a 55-gallon drum falls from a pallet and spills what smells like ammonia. Which of the following statements best describes the first step you should take in your efforts to resolve this problem?
A. Call 911.
B. Call the building supervisor.
C. Get out of the area.
D. Save the computer.
Quick Answer: 192
Detailed Answer: 201
41. While you are upgrading a customer’s server hard drives, you notice looped network cables lying all over the server room floor. Which of the following statements best describes how to resolve this issue?
A. Ignore the problem.
B. Tell the customer about safer alternatives.
C. Call the building supervisor.
D. Notify the administrator.
Quick Answer: 192
Detailed Answer: 201
42. Which of the following statements best describes the recommended solution for a lithium-ion battery that won’t hold a charge any longer?
A. Throw it in the trash.
B. Return it to the battery manufacturer.
C. Contact the local municipality and inquire as to their disposal methods.
D. Open the battery and remove the deposits.
Quick Answer: 192
Detailed Answer: 202
43. Which of the following statements is not assertive communication?
A. “I certainly know how you feel; losing data is a terrible thing.”
B. “Could you explain again exactly what you would like done?”
C. “Do your employees always cause issues on computers like these?”
D. “What can I do to help you?”
Quick Answer: 192
Detailed Answer: 202
44. A customer has a malfunctioning PC, and as you are about to begin repairing it, the customer proceeds to tell you about the problems with the server. Which of the following statements best describes how to respond to the customer?
A. “Wait until I finish with the PC.”
B. “I’m sorry, but I don’t know how to fix servers.”
C. “Is the server problem related to the PC problem?”
D. “I have to call my supervisor.”
Quick Answer: 192
Detailed Answer: 202
45. Which of the following could be described as the chronological paper trail of evidence?
A. First response
B. Chain of custody
C. Setting and meeting expectations
D. Data preservation
Quick Answer: 192
Detailed Answer: 202
46. Which of the following statements best describes what not to do when moving servers and server racks?
A. Remove jewelry.
B. Move a 70-pound wire rack by yourself.
C. Disconnect power to the servers before moving them.
D. Bend at the knees and lift with your legs.
Quick Answer: 192
Detailed Answer: 202
47. Active communication includes which of the following?
A. Filtering out unnecessary information
B. Declaring that the customer doesn’t know what he or she is doing
C. Clarifying the customer’s statements
D. Mouthing off
Quick Answer: 192
Detailed Answer: 203
48. You are troubleshooting a tablet PC that has a frozen application. You have attempted to end the underlying task of the application but have not succeeded. Which of the following statements best describes the next recommended course of action?
A. Hard reset
B. Force quit the app
C. Soft reset
D. Bring the tablet to an authorized service center
Quick Answer: 192
Detailed Answer: 203
49. Which of the following statements best describes the first course of action to removing malware?
A. Identify malware symptoms.
B. Quarantine infected systems.
C. Disable System Restore.
D. Remediate infected systems.
E. Schedule scans and run updates.
F. Enable System Restore.
G. Educate the end user.
Quick Answer: 192
Detailed Answer: 203
50. You are working on a Windows computer that is performing slowly. Which of the following commands should you use to resolve the problem? (Select the two best answers.)
A. Format
B. Dism
C. Ipconfig
D. Chkdsk
E. Dir
F. Diskpart
Quick Answer: 192
Detailed Answer: 203
51. A customer reports that an optical drive in a PC is no longer responding. Which of the following statements best describes the first question you should ask the customer?
A. “What has changed since the optical drive worked properly?”
B. “Did you log in with your administrator account?”
C. “What did you modify since the optical drive worked?”
D. “Have you been to any inappropriate websites?”
Quick Answer: 192
Detailed Answer: 203
52. A coworker is traveling to Europe and is bringing her desktop computer. She asks you what concerns there might be. Which of the following statements best describes how to respond to the customer? (Select the two best answers.)
A. Advise her that the computer is not usable in other countries.
B. Advise her to check for a compatible power adapter for that country.
C. Advise her to use a line conditioner for the correct voltage.
D. Advise her to check the voltage selector on the power supply.
Quick Answer: 192
Detailed Answer: 204
53. After you remove malware/spyware from a customer’s PC for the third time, which of the following steps should be taken next?
A. Tell him you can’t fix the system again.
B. Do nothing; the customer pays every time.
C. Show him how to avoid the problem.
D. Change his user permissions.
Quick Answer: 192
Detailed Answer: 204
54. You are asked to fix a problem with a customer’s Active Directory Domain Services domain controller that is outside the scope of your knowledge. Which of the following statements best describes the recommended course of action?
A. Learn on the job by trying to fix the problem.
B. Tell the customer that the problem should be reported to another technician.
C. Assure the customer that the problem will be fixed very soon.
D. Help the customer find the appropriate channels to fix the problem.
Quick Answer: 192
Detailed Answer: 204
55. When you are working on a computer, which of the following should be disconnected to prevent electrical shock? (Select the two best answers.)
A. Printer
B. Mouse
C. Telephone cord
D. Power cord
Quick Answer: 192
Detailed Answer: 204
56. You are troubleshooting a Windows Server computer that you have little knowledge about. The message on the screen says that there is a “DHCP partner down” error. No other technicians are available to help you, and your manager wants the server fixed ASAP or you are fired. Which of the following statements best describes the recommended course of action? (Select the two best answers.)
A. Identify the problem.
B. Escalate the problem.
C. Establish a plan of action.
D. Call tech support.
E. Verify full system functionality.
F. Test the theory to determine cause.
Quick Answer: 192
Detailed Answer: 205
57. Which of the following protects confidential information from being disclosed publicly?
A. Classification
B. Social engineering
C. HTTP
D. Hard drive wipe
Quick Answer: 192
Detailed Answer: 205
58. Programs that run when Windows starts are stored in which of the following registry hives?
A. HKEY_CURRENT_CONFIG
B. HKEY_USERS
C. HKEY_LOCAL_MACHINE
D. HKEY_CLASSES_ROOT
Quick Answer: 192
Detailed Answer: 206
59. Typically, which of the following Windows tools enables you to configure a SOHO router?
A. Web Browser
B. Device Manager
C. Msconfig
D. File Explorer
Quick Answer: 192
Detailed Answer: 206
60. Which of the following steps is performed first when running a clean install of Windows on a brand new SAS hard drive?
A. Format the partition.
B. Partition the drive.
C. Configure Windows settings.
D. Load RAID drivers.
Quick Answer: 192
Detailed Answer: 206
61. A coworker maps a network drive for a user, but after rebooting, the drive is not seen within Explorer. Which of the following steps should be taken first to ensure that the drive remains mapped?
A. Check Reconnect at sign-in when mapping the drive.
B. Select the drive letter needed to connect each time the coworker logs on.
C. Check the Folder connection when mapping the drive.
D. Use the net use command instead.
Quick Answer: 192
Detailed Answer: 206
62. Based on the physical hardware address of the client’s network device, which of the following is commonly used to restrict access to a network?
A. WPA key
B. DHCP settings
C. MAC filtering
D. SSID broadcast
Quick Answer: 192
Detailed Answer: 206
63. A print job fails to leave the print queue. Which of the following services may need to be restarted?
A. Print driver
B. Print Spooler
C. Network adapter
D. Printer
Quick Answer: 192
Detailed Answer: 207
64. After installing a network application on a computer running Windows 10, the application does not communicate with the server. Which of the following actions should be taken first?
A. Uninstall the latest service pack.
B. Reinstall the latest security update.
C. Add the port number and name of the service to the Exceptions list of Windows Defender Firewall.
D. Add the port number to the network firewall.
Quick Answer: 192
Detailed Answer: 207
65. A customer reports a problem with a PC located in the same room as cement testing equipment. The room appears to have adequate cooling. The PC will boot up but locks up after 5–10 minutes of use. After a lockup, it will not reboot immediately. Which the following statements best describes the most likely problem?
A. The PC has a virus.
B. The PC air intakes are clogged with cement dust.
C. The CPU heat sink is underrated for the CPU.
D. The power supply is underrated for the electrical load of the PC.
Quick Answer: 192
Detailed Answer: 207
66. One of your Windows users is trying to install a local printer and is unsuccessful based on the permissions for the user account. Which of the following types best describes this user account?
A. Power user
B. Administrator
C. Guest
D. Domain Admin
Quick Answer: 192
Detailed Answer: 208
67. When accessing an NTFS shared resource, which of the following are required? (Select the two best answers.)
A. An active certificate
B. Correct user permissions
C. Local user access
D. Correct share permissions
Quick Answer: 192
Detailed Answer: 208
68. You are contracted to recover data from a laptop. In which two locations might you find irreplaceable, valuable data? (Select the two best answers.)
A. Ntoskrnl.exe
B. Windows folder
C. Pictures
D. Email
E. System32 folder
Quick Answer: 192
Detailed Answer: 208
69. Which utility enables auditing at the local level?
A. OU Group Policy
B. Local Security Policy
C. Active Directory Policy
D. Site Policy
Quick Answer: 192
Detailed Answer: 208
70. A customer has forgotten his password. He can no longer access his company email address. Which of the following statements best describes the recommended course of action?
A. Tell him to remember his password.
B. Ask him for information confirming his identity.
C. Tell him that the password will be reset in several minutes.
D. Tell him that he shouldn’t forget his password.
Quick Answer: 192
Detailed Answer: 208
71. Which of the following can help locate a lost or stolen mobile device?
A. Passcode
B. Auto-erase
C. GPS
D. Encryption
Quick Answer: 192
Detailed Answer: 209
72. Which of the following can be disabled to help prevent access to a wireless network?
A. MAC filtering
B. SSID broadcast
C. WPA2 passphrase
D. WPA key
Quick Answer: 192
Detailed Answer: 209
73. Which of the following commands sets the time on a workstation?
A. Time
B. Net time
C. Net timer
D. Net time set
Quick Answer: 192
Detailed Answer: 209
74. In Windows, which utility enables you to select and copy characters from any font?
A. Language bar
B. Sticky keys
C. Control Panel > Fonts
D. Character map
Quick Answer: 192
Detailed Answer: 209
75. Which of the following can be described as removing the limitations of Apple iOS?
A. Rooting
B. Jailbreaking
C. VirusBarrier
D. Super-admin powers
Quick Answer: 192
Detailed Answer: 210
76. In Windows, which of the following built-in applets should be used by a technician to enable and manage offline files, view conflicts and partnerships, and ensure locally stored files match those stored on an external device or server?
A. File History
B. USMT
C. Robust file copy
D. Sync Center
Quick Answer: 192
Detailed Answer: 210
77. Which language support for representing characters is built into Windows?
A. Unicode
B. EBCDIC
C. ASCII
D. ITU-T
E. .PS1
Quick Answer: 192
Detailed Answer: 210
78. Which of the following is the best source of information about malicious software detected on a computer?
A. Operating system documentation
B. Anti-spyware software website
C. Readme.txt file included with the anti-spyware software installation
D. The user of a previously infected computer
Quick Answer: 192
Detailed Answer: 210
79. You are working for a company as a roaming PC tech and have been assigned work by a network administrator. The admin notifies you that the company is experiencing a DDoS attack. Half a dozen internal Windows PCs are the source of the traffic. The admin gives you the Windows computer names and tells you that they must be scanned and cleaned immediately. Which of the following effects to the PCs should you as a PC technician focus on fixing? (Select the two best answers.)
A. Zombies
B. Spyware
C. Ransomware
D. Worm
E. Virus
F. Botnet
Quick Answer: 192
Detailed Answer: 211
80. You are troubleshooting a networking problem with Windows, and you can’t seem to fix it using the typical Windows GUI-based troubleshooting tools or with the Command Prompt. You have identified the problem and established a theory of probable cause. (In fact, you are on your fourth theory.) Which tool should be used to troubleshoot the problem, and in what stage of the troubleshooting process should you do so?
A. Regsvr32; Conduct external or internal research based on symptoms.
B. GPUpdate; Perform backups before making any changes.
C. USMT; Verify full system functionality.
D. Regedit; Test the theory to determine cause.
E. Boot Camp; Document findings, actions, and outcomes.
Quick Answer: 192
Detailed Answer: 211
Quick-Check Answer Key
1. A, D
2. D
3. C
4. B
5. C
6. B, D
7. B
8. A
9. D
10. C
11. C
12. D
13. A
14. D
15. D
16. C
17. B, C
18. D
19. A
20. A, C
21. B
22. D
23. B
24. C
25. D
26. C
27. A, D
28. D
29. A
30. A
31. C
32. A
33. A, C
34. D
35. B
36. B
37. C
38. A
39. C
40. C
41. B
42. C
43. C
44. C
45. B
46. B
47. C
48. C
49. A
50. B, D
51. A
52. B, D
53. C
54. D
55. C, D
56. A, D
57. A
58. C
59. A
60. D
61. A
62. C
63. B
64. C
65. B
66. C
67. B, D
68. C, D
69. B
70. B
71. C
72. B
73. A
74. D
75. B
76. D
77. A
78. B
79. A, D
80. D
Answers and Explanations
1. Answer: A and D
Explanation: In the command line, this service is simply known as Spooler. Type net stop spooler and net start spooler to restart the service. In Computer Management, the Print Spooler service is found in Services and Applications > Services. Or you could open the Run prompt and type services.msc. From there, you can start, stop, pause, resume, or restart services and also set their Startup type to Automatic, Manual, or Disabled.
Incorrect answers: When stopping a service in the Command Prompt (or PowerShell), remember to use the command-line name, not the name used in the GUI. In this case, the command-line name is spooler, whereas the GUI-based name is Print Spooler. The Event Viewer is used to view and analyze log files.
2. Answer: D
Explanation: Remember that %systemroot% is a variable. It takes the place of whatever folder contains the operating system. This is usually Windows. For example, if you were to run a default installation of Windows, the path to the Registry hives would be C:WindowsSystem32Config. The main hives are SAM, SECURITY, SOFTWARE, SYSTEM, and DEFAULT. You can access and configure them by opening the Registry Editor (Run > regedit.exe) and opening the HKEY_LOCAL_MACHINE subtree. Other hive information is stored in the user profile folders.
Incorrect answers: The other locations are incorrect. The Windows folder is the %systemroot%, so the paths that include \%systemroot%Windows don’t make any sense. The System32 folder houses all of the 64-bit protected system files (and many applications) for Windows.
3. Answer: C
Explanation: The convert command turns a FAT32 drive into an NTFS drive without data loss, allowing for a higher level of data security. The proper syntax is convert volume /FS:NTFS.
Incorrect answers: There is no change command; however, there is a change directory (CD) command, which can allow you to navigate from one folder to another in the command line. The syntax convert C: NTFS /FS is not valid; it would result in the error “Invalid Parameter – NTFS.”
4. Answer: B
Explanation: Use defrag.exe -f. You need to have 15 percent free space on your partition to defrag it in the Disk Defragmenter GUI-based utility. In the scenario, Tom would need 30 GB free on the 200 GB drive. However, you can force a defrag on a partition even if you don’t have enough free space by using the -f switch in the command line. (-f may not be necessary in some versions of Windows.)
Incorrect answers: Because there is only 15 GB of free space on the 200 GB drive (7.5 percent free), the defrag probably won’t work properly from within the Disk Defragmenter utility. The -v switch gives you verbose (or wordy) output. The -a switch gives analysis only and does not perform defragmentation.
5. Answer: C
Explanation: Patch management is the patching of many systems from a central location. It includes the planning, testing, implementing, and auditing stages. There are various software packages you can use to perform patch management. Windows Server Update Services (WSUS) is an example of Microsoft patch management software. Other Microsoft examples include the System Center Configuration Manager (SCCM) and its predecessor Systems Management Center (SMS), but there are plenty of third-party offerings as well.
Incorrect answers: A host-based firewall is a software firewall that is loaded on a computer to stop attackers from intruding on a network. Application baselining is the performance measurements of an application over time. Virtualization occurs when an operating system is installed to a single file on a computer. Often, it runs virtually on top of another OS.
6. Answers: B and D
Explanation: Windows 8 Pro and Enterprise allow for the joining of domains.
Incorrect answers: Windows 8 standard does not. Ultimate is the name used with the most powerful edition of Windows 7. In Windows 10, the Pro, Enterprise, and Education editions can join domains, but Home cannot.
7. Answer: B
Explanation: You should recommend that the user add the senders to the junk email sender list. This blocks those senders’ email addresses (or the entire domain can be blocked). However, this option could take a lot of time; another option is to increase the level of security on the spam filter within the email program. Any further spam can then be sent to the junk email sender list.
Incorrect answers: Users need their email accounts, and creating a new one can result in a lot of work for the user. Finding a new ISP is overreacting a bit; plus, the user has no idea if one ISP will be better at stopping spam than another. Never tell a user to reply to spam. Spam emails should be sent to the spam folder and never replied to—unless you want 10 times the amount of spam.
8. Answer: A
Explanation: To turn off devices after a specified period of time in Windows, access Control Panel > Power Options. Then click Change Plan Settings for the appropriate power plan.
Incorrect answers: Display Properties allows you to modify things such as screen resolution. Computer Management is a commonly used console window in Windows; it includes the Event Viewer, Disk Management, and Services. The Task Manager is used to analyze system resources and end tasks (among other things).
9. Answer: D
Explanation: On the Ports tab, you can find how the printer is connected to the computer. This can be a USB, COM, LPT, or TCP/IP port. You might get to this tab by selecting Properties or Printer Properties, depending on the printer.
Incorrect answers: The Sharing tab allows you to share a locally connected (or remotely controlled) printer on the network. The Advanced tab has options such as print spooling and printer pooling. The Separator page button allows you to configure a page that is inserted after every print job.
10. Answer: C
Explanation: The test page verifies connectivity and gives you insight as to possible application problems at the computer that is attempting to print.
Incorrect answers: In this case, you aren’t worried about the quality of the printer output; it is the computer and the application that you are troubleshooting. You use test pages to make sure the computer can print properly to the printer, not to initiate diagnostic routines. Those would be initiated from the built-in display and menu on the printer, or in Windows by right-clicking the printer, selecting Printer properties, and then selecting Print Test Page. Printing a test page does not clear the print queue or reset printer memory. You would have to do this at the printer and/or at the computer controlling the printer.
11. Answer: C
Explanation: The drive is fragmented. This is why it is very slow in its reaction time. It’s also possible that the OS is infected with a virus. You should analyze and defragment the drive and run an AV sweep of the system.
Incorrect answers: If a drive is not seen by Windows, it might have to be initialized; this can happen when you add a second drive to a system that already has Windows installed. Surplus temporary files might slow down the login process but shouldn’t slow the hard drive when opening applications. You can remove them with the Disk Cleanup program or with third-party applications. If the hard drive’s SATA data connector were loose, the drive should not be able to access applications. In fact, you would probably get a message that says “Missing OS” or something to that effect.
12. Answer: D
Explanation: Sanitizing the hard drive does not secure a computer workstation. It does, however, prevent anyone from accessing data on the drive, but it also ensures the computer workstation won’t be functional anymore. A data sanitization method is the specific way in which a data destruction program or file shredder overwrites the data on a hard drive or other storage device.
Incorrect answers: Setting strong passwords, changing default usernames, and disabling the guest account are all ways of securing a computer workstation.
13. Answer: A
Explanation: Because there is only one computer, you can implement auditing only locally. This is done with the Local Security Policy. (This policy is not available in all editions of Windows.)
Incorrect answers: The Group Policy Editor and Active Directory Domain Services (AD DS) are used by Windows Servers in a domain environment. Some versions of Windows have the Local Group Policy Editor, where auditing can also be turned on. If you type services.msc at the Run prompt, services.msc will open the Services console window; you can turn services on and off and modify their startup type from here.
14. Answer: D
Explanation: Device drivers are the connection between the operating system and the device itself. It is a program that makes the interaction between the two run efficiently. It simplifies programming by using high-level application code. The best device drivers come from the manufacturer of the device. They are the ones who developed the device, so it stands to reason that their code would be the most thoroughly tested and debugged.
Incorrect answers: A device driver does not modify applications, but an updated driver could indirectly affect how an application behaves. Some device drivers use memory better than others; it all depends on how well they are coded. A device driver may or may not improve device performance; that will depend on several factors including whether or not it is an update and how the update is designed to change how the device functions.
15. Answer: D
Explanation: After a restore point is made, it is stored in the System Volume Information folder. To view this folder, you must log on as an administrator, show hidden files and folders, and then assign permissions to the account that wants to view that folder. It is located in the root of the volume that the restore point was created for.
Incorrect answers: The Recycler folder is the place where deleted information is stored temporarily (until the Recycle Bin is emptied). The System32 folder houses many of the 64-bit system files for the operating system. The %systemroot% folder is, by default, C:Windows.
16. Answer: C
Explanation: PII stands for personally identifiable information. It is regulated by many laws such as the Privacy Act of 1974 and several others, including GDPR and PCI-DSS.
Incorrect answers: DRM stands for Digital Rights Management, which is a way of protecting data from illegal copying and distribution. EULA stands for end-user licensing agreement, which is an agreement seen in software such as Windows and Office. DMCA stands for the Digital Millennium Copyright Act, which provides laws dealing with digital information and ownership.
17. Answers: B and C
Explanation: Shoulder surfing and tailgating are both types of social engineering. A shoulder surfer is someone who attempts to view information on a person’s desk or display without the person’s knowledge.
Incorrect answers: Tailgating is when a person attempts to gain access to a secure area by following closely on the heels of another employee, usually without his knowledge. A rootkit is a program that is designed to gain administrator-level access to a computer. It is a type of malicious software abbreviated as malware.
18. Answer: D
Explanation: The Print Spooler controls the queue and the printing of documents.
Incorrect answers: The printer is the physical printing device; Microsoft also refers to the print driver software as the printer. A print server is a device that controls one or more printers; it is usually connected to the network. Print pooling is when two or more printers are grouped together so that a user’s document will print faster: if one printer is occupied, the other takes over.
19. Answer: A
Explanation: Magnetically erase the drive; for example, degauss the drive. Degaussing a drive is an excellent way to remove all traces of data, but only if the drive is electromagnetic! Of course, physical destruction is better (shredding, pulverizing); and degaussing might be used on top of physical destruction.
Incorrect answers: Formatting the drive is not enough due to the data residue that is left behind. Running bootrec /fixmbr rewrites the master boot record of the hard drive (not applicable if a GPT drive), but the data remains. Converting the drive from FAT32 to NTFS (with the convert command) keeps the data intact.
20. Answers: A and C
Explanation: If the WAP/router was reset, any security settings that you originally set up are most likely gone. If you backed up the settings previously, you could restore them. Either way, some type of encryption protocol (preferably WPA2) is necessary. The passphrase or network key generated by the WAP/router needs to be installed on each client before it can be recognized on the network. This passphrase/key should be kept secret, of course. After all the clients have been associated with the WAP/router, disable SSID broadcasting so that no one else can “see” the router (without more advanced software).
Incorrect answers: MS-CHAPv2 is used with remote connections such as VPN. Moving the WAP/router probably won’t work if this is a small business. Today’s SOHO routers have powerful radios with a lot of range. Chances are that moving the router to one corner of the office won’t have any effect.
21. Answer: B
Explanation: The tech should escalate the call to another technician. This is exactly why help desks are configured in groups: Level 1, Level 2, the masters (Level 3), and possibly beyond. Don’t try to be a superhuman. In technology, there is almost always someone who knows more than you about a specific subject. First, route the call to the next-level tech, and then let the customer know that you are doing so.
Incorrect answers: Good help desks are set up in such a way so that someone is always available. Every problem can be resolved. Finding the solution is just a matter of knowledge and persistence. (Remember that when you take the real exams.) Don’t try to fix the problem regardless of the time necessary. Your time—and the customer’s time—is very valuable. Escalate so that you, your organization, and the customer can approach and solve the problem efficiently.
22. Answer: D
Explanation: The computer might need a special keystroke, a press of the power button, or just a little more time to come out of Hibernation mode. Remember, check the simple, quick solutions first because they are usually the culprits.
Incorrect answers: Booting into Safe Mode, reinstalling video drivers, and replacing the inverter are all quite time-consuming but, if necessary, should be attempted in that order—after checking the power state.
23. Answer: B
Explanation: The SCSI hard drive is the most likely answer. SCSI hard drives (such as SAS SCSI) and RAID controllers need special drivers during the Windows installation process if they are not recognized automatically. Click the option for loading third-party drivers when the installation begins.
Incorrect answers: Optical drives and USB devices do not require third-party drivers. The BIOS/UEFI doesn’t use a driver; it is firmware.
24. Answer: C
Explanation: A Windows 10 computer in a Windows workgroup can have 20 maximum concurrent connections to it over the network.
Incorrect answers: If you need more than 20 concurrent Windows workgroup connections over the network, you should consider a Microsoft Domain.
25. Answer: D
Explanation: The issue is that Megan needs to obtain an IP address through DHCP when on the road. But setting the network adapter to obtain an IP address automatically is not enough. To connect to the internal company network, the Alternate Configuration tab must be configured as a “User Configured” static IP address. This solution enables Megan to connect to networks while on the road by obtaining IP addresses automatically and allows her to connect to the internal company network with the static IP address.
Incorrect answers: Megan shouldn’t do anything. As a technician, you should fix the problem, so the other options where Megan is doing her own troubleshooting are incorrect.
26. Answer: C
Explanation: Hibernate mode saves all the contents of RAM (as hiberfil.sys in the root of C:) and then shuts down the system so that it is using virtually no power. To reactivate the system, you must press the power button. At that point, the entire session is loaded from RAM, and you can continue on with the session.
Incorrect answers: Standby (Sleep in Windows) and suspend modes turn off the hard drive and display and throttle down the CPU and RAM, but they still use power. Although these power modes use less power than the computer being powered on, altogether they end up using much more power than Hibernate mode does. Shutdown is great for power savings, but the session is lost when the computer is shut down.
27. Answers: A and D
Explanation: NTFS can use NTFS file-level security, whereas FAT32 cannot. NTFS cluster sizes are smaller than FAT32 clusters. NTFS partitions are therefore more efficient (when installed correctly) than FAT32 partitions.
Incorrect answers: NTFS can create larger partitions (or logical drives) than FAT32 in general, so larger logical drives would exist on an NTFS partition, not a FAT32 partition. Also, logical drives are based on the older MBR partitioning scheme and are not necessary on most of today’s computers that use a GPT partitioning scheme.
28. Answer: D
Explanation: A switch (aka option) alters the action of the command but not by forcing it to perform unrelated actions.
Incorrect answers: The switch works only at the current time within the operating system you are currently using, so “work across any operating system” doesn’t make sense in this scenario. Switches are not used in application icons. They are used within commands—for example, dir /p, which would display directory contents by the page.
29. Answer: A
Explanation: The Event Viewer contains the log files of all the errors that occur on the machine. In this case, you would go to the Application log. Another common log is the System log, which shows errors concerning the OS and drivers.
Incorrect answers: In the Local Security Policy, you can set up auditing and create password policies for the computer. Msconfig enables you to boot the computer in different modes and enable or disable services and applications. Sfc /scannow is a command run in the Command Prompt (as an administrator only) that scans the integrity of the protected system files and repairs them if possible.
30. Answer: A
Explanation: The msconfig utility enables you to modify the startup environment via the General, Boot, and Startup tabs (in Windows 7), and the General and Boot tabs (in Windows 8 and Windows 10).
Incorrect answers: Ipconfig displays all network adapters’ settings. The Boot Config Editor is BCDEdit; it is used to modify the Boot Configuration Data (BCD) store. You might need to modify this if you are trying to dual-boot a computer. The Registry Editor allows you to make changes to Windows by accessing various hives of information and individual entries. Although the BCDEdit and Registry Editor utilities might be able to modify some startup features, they are not “commands” and are used for more advanced and less frequently used modifications than msconfig.
31. Answer: C
Explanation: The Application log in the Event Viewer displays errors concerning Windows applications as well as third-party applications.
Incorrect answers: The Security log shows auditing events. The System log shows events concerning system files, drivers, and operating system functionality. Setuperr.log is a log file that is created during the installation of Windows. If it is created, it is stored in %windir%Panther and is not within the Event Viewer.
32. Answer: A
Explanation: Disabling the SSID broadcast is a security precaution, but it only keeps out the average user. Any attacker with two bits of knowledge can scan for other things the wireless access point broadcasts.
Incorrect answers: Using WEP is more secure than not using any encryption and disabling the SSID. RADIUS is an external method of authenticating users; it often requires a Windows Server. WPA2 is very secure; if you had one security option you could enable, make it WPA2.
33. Answers: A and C
Explanation: Use WPA or WPA2 on the router (and clients) to deny wardrivers and other stragglers access to the customer’s network and, ultimately, any shared folders on the network. Increase the level of NTFS security by changing the permissions in the Security tab of the shared folder.
Incorrect answers: EFS isn’t necessary if you set up WPA2 on the wireless access point, but if you are dealing in seriously confidential information, you might consider using it as well. Here’s the deal: Share-level permissions are rarely modified. NTFS permissions are more configurable, so that is where the bulk of your time configuring permissions will go.
34. Answer: D
Explanation: Always explain specifically and exactly what you must do and what the ramifications are. Verify that the customer agrees to the proposed work (in writing).
Incorrect answers: Try to avoid being vague (“I need to rebuild the computer”), and conversely, avoid technical acronyms or jargon. Always make sure the customer is fully aware of the situation.
35. Answer: B
Explanation: The type of authentication method being used here is single-factor. The only factor of authentication is something the users know—usernames and passwords.
Incorrect answers: MFA stands for multifactor authentication, which is when two or more types of authentication methods are combined—for example, a password and a fingerprint. RADIUS and TACACS+ are authentication protocols, not authentication methods, and are often involved with single sign-on (SSO), federated identity management (FIM), and MFA authentication schemes. Regardless, the scenario said that the users were logging in to a payroll system, which is a separate entity from any authentication servers.
36. Answer: B
Explanation: Copy is used to make a duplicate of the file in another location.
Incorrect answers: Move enables you to take a file and shift it to another location. Dir gives you the contents of a specific folder. Copy, move, and dir are Windows commands. Ls lists the directory contents on a Linux-based system (as does dir in many Linux distros).
37. Answer: C
Explanation: The Task Manager enables a user to see the amount of memory and the percentage of processing power a particular process uses in real time. This can be done on the Processes tab.
Incorrect answers: System Information gives you information about the hardware and software of the computer, but it is static (text only) and doesn’t change in real time. The Registry stores all of the settings of Windows and is modified with the Registry Editor. Performance Monitor can graph the performance of the different components in the computer and, if configured properly, can do the same thing as the Task Manager in this scenario, but not as easily.
38. Answer: A
Explanation: By moving the paging file (or swap file, aka virtual memory) to the D: drive, you are freeing up C: to deal with those drive-intensive programs.
Incorrect answers: Reinstalling Windows is a huge process that you should avoid at all costs, especially when unnecessary, such as in this example. Defragging the C: drive would help if that is where the OS and applications are, but defragging the D: drive will not speed up the applications. Decreasing the page file size never helps. However, increasing the size, moving it, and adding RAM are all ways to make applications run faster.
39. Answer: C
Explanation: Use an antistatic wrist strap when working inside a computer to protect against electrostatic discharge (ESD). Other ways to prevent ESD include using an antistatic mat, touching the chassis of the case (self-grounding), and using antistatic bags.
Incorrect answers: A multimeter is used to run various electrical tests. A crimper is used to connect plugs and other connectors to the ends of a cable—for example, crimping RJ45 plugs on to the ends of a twisted-pair cable. A PSU tester is used to test the voltage of a power supply unit and other electrical connections inside the computer.
40. Answer: C
Explanation: If something is immediately hazardous to you, you must leave the area right away.
Incorrect answers: Afterward, you can call 911, the building supervisor, or your manager, depending on the severity of the situation. Computers and all other technology come second after human life. Remember that. Plus, if backup systems have been implemented properly, you have nothing to lose if a computer is damaged. If the situation is not an emergency, be sure to reference the material safety data sheet (MSDS) for the substance you encounter.
41. Answer: B
Explanation: You need to explain to the customer that there is a safer way. Cable management is very important when it comes to the safety of employees. Trip hazards such as incorrectly routed network cables can have devastating effects on a person.
Incorrect answers: Never ignore the problem. It is not your place to notify the building supervisor or administrator because this is not your company. However, you might opt to tell your manager about the event. A wise consulting company wants to protect its employees and should want to know of potential hazards at customer locations.
42. Answer: C
Explanation: Every municipality has its own way of recycling batteries. They might be collected by the town or county yearly, or perhaps there are other recycling programs that are sponsored by recycling companies. Always call the municipality to find out exactly what to do.
Incorrect answers: You should definitely recycle batteries and not throw them in the trash. Manufacturers probably won’t be interested in batteries that don’t charge any longer. It is more likely that you will recycle them. Be safe—never open a battery!
43. Answer: C
Explanation: Asking a customer if employees always cause issues is just plain rude; this type of communication should be avoided.
Incorrect answers: The other three statements are positive and helpful, or at least consoling. Stay away from being judgmental of the customer.
44. Answer: C
Explanation: Ask if the server problem is related to the PC problem. Try to understand the customer before making any judgments about the problems. Make sure it isn’t a bigger problem than you realize before making repairs that could be futile. If you find out that it is a separate problem, ask the customer which issue should be resolved first.
Incorrect answers: You never know if problems are interrelated, so always listen to the customer and be patient before starting any work. If necessary—and if it is a separate problem—you can escalate the server issue to another technician, but state that you will do that. Statements about what you know and don’t know are rarely necessary. You might have to ultimately call your supervisor about the server issue. But as an A+ technician you might have the server knowledge required. It depends on the problem. Find out the entire scope of the issues at hand and whether or not they are related before beginning any work.
45. Answer: B
Explanation: Chain of custody is the chronological paper trail of evidence that may or may not be used in court.
Incorrect answers: First response describes the steps a person takes when first responding to a computer with prohibited content or illegal activity: it includes identifying what exactly is happening, reporting through proper channels, and preserving data and devices. Setting and meeting expectations deal with customer service; this is something you should do before you start a job for a customer. Data (and device) preservation is a part of first response; a person who first arrives at the scene of a computer incident will be in charge of preserving data and devices in their current state.
46. Answer: B
Explanation: Don’t attempt to move heavy objects by yourself. Ask someone to help you.
Incorrect answers: Removing jewelry, disconnecting power, and bending at the knees and lifting with the legs are all good safety measures.
47. Answer: C
Explanation: One example of active communication is clarifying a customer’s statements. For instance, if you are unsure exactly what the customer wants, always clarify the information or repeat it back to the customer so that everyone is on the same page.
Incorrect answers: Never declare that the customer doesn’t know what he is doing. This is a surefire way to lose the customer and possibly your job. It should go without saying: mouthing off could be the worst thing you could do. Save that for the drive home on the freeway—I’m just kidding! Be professional at all times when working with customers and perhaps while driving as well.
48. Answer: C
Explanation: The next attempt you should make (from the listed answers) is a soft reset of the device. Resetting often requires pressing a special combination of buttons. That keypress (hopefully) restarts the device with the RAM cleared. Then you can troubleshoot the problem application further if necessary.
Incorrect answers: A hard reset is not recommended (yet) because that will wipe the data, and a soft reset hasn’t been attempted yet in the scenario. Force-quitting the app is the same as ending the task for the application. Always try to fix the problem yourself, and always attempt a soft reset, before bringing the device to an authorized service center.
49. Answer: A
Explanation: The first step in the malware removal best practices procedure is to identify malware symptoms.
Incorrect answers: The other steps are (2) quarantine infected systems; (3) disable System Restore; (4) remediate infected systems; (5) schedule scans and run updates; (6) enable System Restore; and (7) educate the end user.
50. Answers: B and D
Explanation: The best listed answers are dism and chkdsk. For a computer that is running slow, try using the chkdsk (check disk) and SFC (system file checker) commands. Then, if those run into problems, try using the dism (Deployment Image Servicing and Management) command. Chkdsk and SFC can repair problems with the drive and with system files. Dism can repair problems with the system image (where SFC will draw information from).
Incorrect answers: Format is used to ready a partition for files. Ipconfig is used to view network IP configuration data on a Windows system. Dir lists the files and folders within a current folder (directory). Diskpart is used to make modifications to the partitions on a hard drive; it is the command-line equivalent of Disk Management. Know your command line!
51. Answer: A
Explanation: You should first ask if anything has changed since the optical drive worked properly.
Incorrect answers: Don’t blame the user by asking what “you” modified; it implies that you think the user caused the issue. Always ask if anything has changed before any other questions. Try not to accuse a user of accessing inappropriate websites because this could be considered inflammatory and harassment. Think like a robot with the single purpose of fixing the problem, but act like a professional and courteous human being.
52. Answer: B and D
Explanation: Your coworker might need an adapter; otherwise, the plug may not fit in some countries’ outlets. Some power supplies have selectors for the United States and Europe (115 and 230 volts). If the wrong voltage is selected, the power supply will not work and the computer will not boot; it can also be a safety concern if the voltage is set incorrectly. Newer power supplies might auto-sense the voltage. If the power supply doesn’t have one of those red switches, check the documentation to see if it can switch the voltage automatically.
Incorrect answers: A computer most certainly can be used in other countries, as long as it is configured properly and you have the right adapter. Line conditioners simply clean the power for a specific voltage. If your circuit has dirty power (for example, it is fluctuating between 113 and 130 volts), a line conditioner will keep it steady at 120 volts.
53. Answer: C
Explanation: Teach the user how to avoid this problem by recommending safe computing practices. The customer will then be more likely to come back to you with other computer problems. ’Nuff said.
Incorrect answers: Avoid saying “can’t”; it’s a negative expression that belittles your own ability, which is most likely greater than that. Embrace the teaching method. Over time, it means that you will encounter the same problem less often, and the customer will ultimately thank you for your input. Changing user permissions might help if the person was an administrator. Better yet, you could urge the customer to use a standard user account by default.
54. Answer: D
Explanation: Make sure that the customer has a path toward a solution before dismissing the issue.
Incorrect answers: Do not try to fix the problem if the scope of work is outside your knowledge. Some PC technicians might not work on domain controllers because they are advanced Microsoft servers that are used in client/server networks.
55. Answers: C and D
Explanation: The power cord carries 120 volts at 15 amps or 20 amps, with all of the obvious danger that such voltage and amperage entails. While normally low voltage, a landline telephone cord carries 80 volts when the phone rings. That and network cables can also be the victims of power surges from central office or networking equipment. It is important to disconnect these before servicing a computer.
Incorrect answers: Now, if you were opening the computer, you would disconnect everything. However, you might be fixing something that doesn’t require you to open the computer—for example, connecting a network cable. Remember to always disconnect any power, data, or telecommunications cables before working on the system.
56. Answers: A and D
Explanation: You should attempt to identify the problem and call Microsoft tech support (or contact them in another manner). The message tells you that the DHCP partner is down. This means that there are two DHCP servers, one acting as a failover. As part of your identification of the problem, you should access the TechNet, for example:
You will find out more about the problem and possibly learn that it isn’t as bad as it might seem, and your manager might be overreacting slightly. (These things happen.) In reality, this message means that the partner DHCP server is down, but the one you are working at locally is still functional and is responding to all DHCP requests. You should indeed fix the problem, of course, but now you can call Microsoft tech support in a methodical and calm way, armed with information about what you think the problem is. When a company purchases a Windows Server operating system, it comes with tech support, either from Microsoft or from the company that built the server. Because your knowledge of Windows Server is limited, tech support is a great way to not only fix the problem but also learn a thing or two from the people who work with the system all the time.
Incorrect answers: Escalating the problem is impossible because no other technicians are available to help you. The other answers refer to the CompTIA troubleshooting process, none of which you should attempt until you have called tech support. Now, if your knowledge of Windows Server is sufficient, you could attempt to solve the problem yourself. Though this might have seemed like a more complex question, it really isn’t. Trust in your fundamentals!
57. Answer: A
Explanation: The classification of data helps prevent confidential information from being publicly disclosed. Some organizations have a classification scheme for their data, such as normal, secret, and top secret. Policies are implemented to make top secret data the most secure on the network. By classifying data, you are determining who has access to it. This is generally done on a need-to-know basis.
Incorrect answers: Social engineering is the art of manipulating people into giving classified information. A remote access server (RAS) allows users to connect remotely to the network. To protect a web-based connection (and data that passes through it), an organization would use HTTPS (and an encrypted certificate), not HTTP. Wiping a hard drive is a vague response. How is it being wiped? If it is being formatted, that is not enough to protect confidential information. You need to perform bit-level erasure with third-party software, degauss the drive, or destroy it to make sure that no one can access the data. The thing is that data is always stored somewhere on a server or NAS device, so properly disposing of a single hard drive doesn’t protect any and all confidential information from being publicly disclosed.
58. Answer: C
Explanation: HKEY_LOCAL_MACHINE is the Registry hive that stores information about the programs Windows runs when it starts. The actual hives are stored in \%windir%System32Config, but it’s okay to call HKEY_LOCAL_MACHINE and the other HKEYs hives. Most technicians do it, and you might see them referred to that way on the exam as well. The HKEY_LOCAL_MACHINE hive is the one you will access the most often. You can configure advanced settings for TCP/IP, the GUI of the OS, and lots more from here.
Incorrect answers: HKEY_CURRENT_CONFIG contains data that generated when the system boots; nothing is permanently stored. HKEY_USERS stores the information for each user profile. HKEY_CLASSES_ROOT contains information about registered applications and file associations.
59. Answer: A
Explanation: A web browser such as Edge, Internet Explorer, Firefox, or Chrome (or any other web browser) is normally used to configure a router. You can type the IP address of the router into the Windows Explorer/File Explorer address bar, but that will simply open an IE (or other browser) tab.
Incorrect answers: In the Device Manager you enable and disable devices and install, update, and roll back drivers for devices. Msconfig is used to modify how the computer boots and to enable/disable programs and services.
60. Answer: D
Explanation: The first thing you need to supply is the driver for any special drives, such as new SCSI drives, SAS drives, or RAID controllers. That, of course, is optional. If you have a typical SATA drive, Windows should recognize it automatically.
Incorrect answers: Once Windows knows which hard drive to install to, partitioning, then formatting, and then configuration of settings can commence, in that order.
61. Answer: A
Explanation: Although Windows has the Reconnect at Sign In check box selected by default, it could have been disabled.
Incorrect answers: You don’t need to select the drive letter each time a connection is made; once you set up the mapped network drive, it uses that drive letter each time automatically. You should check the connection to the folder when mapping the drive, but based on the scenario, this worked fine when the drive was mapped; it was the reboot that caused the issue. If you do choose to use the net use command, be sure to make persistent connections. This is done by adding /persistent:yes to the command syntax.
62. Answer: C
Explanation: MAC filtering is used to restrict computers from connecting to a network; it is based on the physical Media Access Control (MAC) address of the computer’s network adapter. It works with wired or wireless connections.
Incorrect answers: WPA is used to encrypt the wireless session between a computer and the wireless access point (WAP); its key code is required to gain access to the network. DHCP settings simply allow a specific range of IP addresses and other IP data, such as gateway address and DNS server address, to be handed out to clients. The SSID broadcast is the name of the wireless network as broadcast out over radio waves by the WAP.
63. Answer: B
Explanation: The Print Spooler needs to be restarted on the computer that started the print job or the computer that controls the printer. This can be done in the Services console window or in the Command Prompt with the net stop spooler and net start spooler commands, or anywhere else that services can be started and stopped, such as the Task Manager.
Incorrect answers: Print drivers are not services; they are not started, stopped, or restarted. Instead, they are either installed, uninstalled, updated, or rolled back. The network adapter and the printer are devices, not services. Okay, that was an easy one, but the real exam will have a couple easy ones thrown in as well. Don’t think too hard when you actually do receive an easier question.
64. Answer: C
Explanation: Adding the port number and name of service to the Windows Defender Firewall Exceptions list is the correct answer. But I’m going to pontificate more, as I usually do.
Incorrect answers: Uninstalling and reinstalling the service pack or security update do not help this particular situation. Remember that Windows 7 has a service pack, but Windows 8 and newer do not use service packs and simply use “updates.” By default, any of today’s Windows OS versions enable the Windows Defender Firewall automatically and don’t allow inbound connections from the server to the network application. Therefore, you need to make an “exception.” In Windows, use the Windows Defender Firewall with Advanced Security, either from Administrative Tools or by typing wf.msc at the Run prompt. If you decide to add a port, you need to know the port number of the application. For example, VNC applications might use port 5900 or port 5901 for incoming connections.
65. Answer: B
Explanation: The PC air intakes are probably clogged with cement dust. This stops fresh, cool air from entering the PC and causes the CPU to overheat. That’s why the system doesn’t reboot immediately; the CPU needs some time to cool down. You should install a filter in front of the PC air intake and instruct the customer to clean the filter often. While you are working on the computer, you should clean out the inside of the system and vacuum out the exhaust of the power supply (without opening the power supply, of course).
Incorrect answers: If the PC had a virus, that might cause it to lock up or shut down, but you would be able to reboot the computer right away. Plus, there would probably be other indicators of a virus. The CPU heat sink could be an issue and could cause the same results, but this scenario is less likely. Companies often buy computers from popular manufacturers such as Dell and HP; these computer manufacturers spend a lot of time designing their heat sink/fan combinations to work with the CPU. If the power supply were underrated, it would cause intermittent shutdowns but not lockups. Nothing in the scenario would lead you to believe that the computer uses so many powerful components as to make the power supply underrated.
66. Answer: C
Explanation: The Guest account is the most likely answer here. This account has the fewest privileges of all Windows accounts. It cannot install printers or printer drivers. By the way, Standard users can also have issues with printers depending on the version of Windows and the policies involved. But the Guest has absolutely no administrative powers whatsoever.
Incorrect answers: Power Users don’t really have power anymore. They are included for backward compatibility with older versions of applications and how they interact with Windows. The administrator account is the most powerful account on a local Windows system and has complete control over everything, unless there is a domain involved. Then you would want a Domain Administrator account.
67. Answers: B and D
Explanation: The share-level permissions must first be set to enable access to the user. Then the NTFS file-level “user” permissions must also be set; the most restrictive of the two will take precedence (usually this is configured as NTFS being more restrictive).
Incorrect answers: Certificates are normally used in Internet or VPN sessions. Local user access is somewhat vague but doesn’t apply here; the reason is that when a user connects to a shared resource, that person does so over the network to a remote computer.
68. Answers: C and D
Explanation: Pictures and email are possibly valuable, and definitely irreplaceable, if there is no backup.
Incorrect answers: The rest of the answers mention things that can be restored or reinstalled from the operating system disc or image.
69. Answer: B
Explanation: Of all the answers, the only one that deals with the local level is Local Security Policy.
Incorrect answers: Organizational Unit (OU) Group Policy, Active Directory Policy, and Site Policy all require at least one domain controller on the network. You should know some domain-based policy terminology to compare them to security options on the local computer. You can access the Local Security Policy from Administrative Tools or by typing secpol.msc at the Run prompt.
70. Answer: B
Explanation: In many cases, passwords cannot be reset by the user or by the systems admin. If that is the case, you need to verify the identity of the person first. You might need to do so just as a matter of organizational policy.
Incorrect answers: Telling the person not to do that or to simply remember the password is just rude. If the password could be reset and you are allowed to do so, you should reset it immediately.
71. Answer: C
Explanation: GPS can help to locate a stolen or lost mobile device. Plenty of third-party programs allow the user to track the device, as long as it is on and has GPS installed and functioning. If the device is off, the program will display the last known good location.
Incorrect answers: Passcodes are used to secure the device in the event that it is stolen or lost. Auto-erase is used to wipe the contents of the device if lost or stolen. Encryption protects the data in the case that the user no longer has possession of it.
72. Answer: B
Explanation: To aid in preventing access to a wireless network, disable the SSID. But only do this when all computers have been connected. If more computers need to be connected later, they will have to connect manually, or the SSID will have to be reenabled.
Incorrect answers: Although this is an okay security method, it won’t keep smart attackers out of your network. MAC filtering and WPA2 encryption do a much better job at that than disabling the SSID.
73. Answer: A
Explanation: If you are just setting the time on the computer, use the time command. Time can also be set in Windows within the Notification Area. This is a bit of a trick question because you are dealing only with local time, not anything network-related. So the rest of the answers are incorrect.
Incorrect answers: The net time command is needed if you want to synchronize the local computer’s time to another system or just find out the time on a remote system. net timer is not a valid command. The net time command uses the /set option if you wish to synchronize time to another computer.
74. Answer: D
Explanation: The Character Map enables you to copy characters from any font type. To open it, go to Run and type charmap. In Windows 10, go to Start > Windows Accessories > Character Map. In Windows 7, go to Start > All Programs > Accessories > System Tools > Character Map. Otherwise, in any version of Windows, you can locate it simply by searching for it by name.
Incorrect answers: The Language Bar automatically appears when you use handwriting recognition or speech recognition. It can be configured within Region and Languages. Sticky keys is a feature that helps users with physical disabilities; it can be turned on by rapidly pressing the Shift key five times and agreeing Yes. Control Panel > Fonts opens the Fonts folder, where you can add or remove text fonts.
75. Answer: B
Explanation: Jailbreaking is the process of removing the limitations of an Apple device’s iOS. It enables a user to gain root access to the system and download previously unavailable applications, most likely unauthorized by Apple.
Incorrect answers: Rooting is similar, but it is a term typically used with Android-based devices. It gives administrative capabilities to users of Android-based devices. Both jailbreaking and rooting are not recommended and may void device warranties. VirusBarrier was the first AV software designed for iOS; it was developed in response to a particularly nasty jailbreak. Super-admin powers is just a colorful term for what you get when you root or jailbreak a mobile device.
76. Answer: D
Explanation: The Sync Center is located within the Control Panel or can be found using the search tool. It allows you to set up synchronization partnerships with external devices and enables you to manage offline files. Sometimes, the individual icons within the Control Panel are referred to as applets.
Incorrect answers: File History is the name of the backup program in Windows 8/8.1 and Windows 10. The command-line–based User State Migration Tool (USMT) is used to move files and user settings from multiple computers at once. Robust file copy is a Command Prompt tool (Robocopy) that is used to move large amounts of data; it is the successor to xcopy, though xcopy is still available in Windows.
77. Answer: A
Explanation: Unicode is the code used to represent characters among multiple computers’ language platforms. It is commonly used in Microsoft Word and other Office programs. For example, to show the logical equivalence symbol (≡), you would type U+2261, then highlight that text, and then press the Alt+X shortcut on the keyboard, which changes the text into the symbol (≡).Unicode works regardless of the language a person is working in.
Incorrect answers: ASCII and EBCDIC are different types of character encoding sets in the English language only. ITU-T deals with standards for telecommunications. .ps1 is the main file extension used for PowerShell scripts.
78. Answer: B
Explanation: New malicious software (malware) is always being created. Because of this, the best place to find information about spyware, a virus, rootkit, ransomware, or other malware is at a place that can be updated often and easily: the anti-malware company’s website.
Incorrect answers: Operating system documentation usually does not have this kind of information. In addition, the OS documents and the anti-spyware readme.txt file will be outdated soon after they are written. Never trust in what a user has to say about malware. The user is not the person who would remove it—a technician would.
79. Answers: A and D
Explanation: The Windows PCs have probably been infected by a worm and have been compromised and turned into zombies (bots). Trojans could also be involved in this scenario. The Windows PCs are probably part of a botnet that includes other computers as well. The botnet is orchestrated by a master computer that initiates the DDoS (distributed denial-of-service) attack. The infections that you as the technician will have to remove include the worm and the zombie program (or script).You might also be informed that the systems need to be isolated, wiped, and re-imaged before they can be used again.
Incorrect answers: Spyware is software installed on a computer to track the user/computer. Ransomware is malware that is used to encrypt the files on a user’s computer. A virus is similar to a worm, but it does not self-replicate to other systems; also, the worm (or Trojan) is more commonly used as a mechanism to deliver a zombie script or other payload. You as a PC technician won’t be able to do much about the entire botnet.
80. Answer: D
Explanation: Use the Registry Editor (regedit.exe) to try troubleshooting the problem if typical GUI-based and Command Prompt methods have provided no resolution. The Registry Editor allows you to do any configuration necessary in Windows, and using it may be necessary for more complex troubleshooting problems. At this point you are testing the theory to determine cause because you have already identified the problem and established a theory of probable cause. Remember your CompTIA A+ troubleshooting theory from the 220-1001 objectives. I’ve listed them below.
1. Identify the problem.
Question the user and identify user changes to computer and perform backups before making changes.
Inquire regarding environmental or infrastructure changes.
Review system and application logs.
2. Establish a theory of probable cause (question the obvious).
If necessary, conduct external or internal research based on symptoms.
3. Test the theory to determine cause.
Once theory is confirmed, determine next steps to resolve problem.
If theory is not confirmed, reestablish new theory or escalate.
4. Establish a plan of action to resolve the problem and implement the solution.
5. Verify full system functionality and, if applicable, implement preventive measures.
6. Document findings, actions, and outcomes.
Incorrect answers: Regsvr32 is used to register/unregister ActiveX controls and DLLs in the Registry. GPUpdate enables policy changes to take effect without the need for a logoff or restart. USMT is used to migrate user accounts. Boot Camp is a tool used in macOS to dual-boot Mac computers to Windows. It is the only answer listed that is not a Windows-based command.
You Are on Your Way!
That wraps up Exam B. Take a nice long break before moving on to the last 220-1002 exam in this book.
If you scored 90 percent or higher on this 220-1002 practice exam, move on to the next one! If you did not, I strongly encourage you to study the material again and retake the first couple practice exams until you get 90 percent or higher on each. Keep going; you are doing awesome!