🎯CompTIA IT Fundamentals - Practice Exam (85 Questions)

1. Question

On a Windows operating system (OS), when a user wants to uninstall a driver, which page or window does NOT offer the relevant options to complete this task?

a. Control panel

b. Device manager

c. Task manager

d. System properties

Solution

C: Task Manager is not the correct place to uninstall drivers on a Windows OS. The correct options for uninstalling drivers on Windows are typically found in the Control Panel or the Device Manager.

Task Manager is primarily used to manage running processes and applications and does not have the necessary options for driver management.

2. Question

What is the term used to describe technologies that ensure data availability in case of hardware failures?

a. Data encryption

b. Data backup

c. Data compression

d. Data virtualization

Solution

B: The term “Data Backup” refers to technologies and practices that involve creating duplicate copies of data, typically stored on separate hardware or locations.

This duplication helps ensure data availability in the event of hardware failure or data loss, making it an essential aspect of data recovery and continuity planning.

3. Question

What is the primary importance of saving data to a storage device, like a hard disk?

1. To free up RAM (Random Access Memory) for faster system performance.

2. To ensure data persistence and prevent data loss in case of power failure or system shutdown.

3. To improve network connectivity and data sharing.

4. To enhance data processing speed for real-time applications.

Solution

2: Saving data to a storage device, such as a hard disk, is crucial to ensure data persistence and prevent data loss. It allows data to be stored and retrieved even when the computer is powered off or experiences unexpected shutdowns, contributing to data reliability and availability.

4. Question

How can a user safeguard sensitive information from malware when using a public computer?

1. Log out of all accounts and shut down the workstation.

2. Use a strong, unique password for each account.

3. Clear the browser cache and browsing history regularly.

4. Disable automatic updates for the operating system.

Solution

3: Clearing the browser cache and browsing history is an important precaution when using a public workstation to reduce the risk of malware accessing sensitive information that might be stored in the browser.

It helps maintain user privacy and security when using shared computers.

5. Question

What distinguishes scripted languages from scripting languages?

1. Scripted languages are exclusively used for web development, while scripting languages are versatile and used in various applications.

2. Scripted languages are compiled, while scripting languages are interpreted.

3. Scripted languages are statically typed, while scripting languages are dynamically typed.

4. Scripted languages are designed for writing standalone applications, while scripting languages are mainly used for automating tasks and controlling other software.

Solution

4: The primary difference between scripted languages and scripting languages is their intended use. Scripted languages are typically designed for developing standalone applications, while scripting languages are often used for automation, scripting, and controlling existing software and systems.

6. Question

Using a CLI can offer what benefit?

1. Faster execution of tasks and greater resource efficiency.

2. Enhanced visual appeal and ease of use for beginners.

3. More intuitive and user-friendly interactions.

4. Better support for multimedia applications and gaming.

Solution

1: Using a CLI can offer the benefit of faster execution of tasks and greater resource efficiency because it doesn’t have the graphical overhead that GUIs have. This can be particularly advantageous in scenarios where efficiency and resource utilization are critical, such as in server administration or automation tasks.

7. Question

What service is hosted in the cloud?

1. An online email service where users access their email accounts via a web browser.

2. A spreadsheet program installed on a desktop computer.

3. A computer game downloaded and played offline.

Solution

1: An online email service like AOL, which users access through a web browser, is hosted in the cloud, allowing users to access their emails from anywhere with an internet connection.

8. Question

What is a benefit of using a relational database instead of a key/value pair database?

1. Enhanced scalability for large datasets.

2. Simplicity of data modeling and storage.

3. Efficient retrieval of specific data based on complex queries.

4. Better suited for caching and session management.

Solution

3: Relational databases excel at handling complex queries and retrieving specific data efficiently, thanks to their structured nature and support for SQL queries. This is a significant advantage when dealing with datasets that require complex data retrieval operations.

9. Question

What is a method that ensures data is encrypted when it is stored on a storage device or disk?

1. VPN (Virtual Private Network)

2. Full-disk encryption

3. Firewall configuration

4. Intrusion Detection System (IDS)

Solution

2: Full-disk encryption is a method that ensures data is encrypted when it is stored on a storage device or disk. It helps protect data at rest from unauthorized access by encrypting the entire disk or storage volume, making it an essential security measure for data security and privacy.

10. Question

When working with address information that includes a house number and a street name, which data type is most suitable for representing the house number?

1. Integer

2. Text

3. Date

4. Boolean

Solutions

1: The most suitable data type for representing a house number in address information is typically an integer. An integer data type allows you to store whole numbers, which is a common format for house numbers.

11. Question

An attacker installs bot malware on multiple machines and launches a coordinated attack against a web service. What type of availability concern does this describe?

• Power Outage

• Hardware failure

• Man-in-the-Middle (MitM)

• Denial of Service (DoS)

Solution

Correct: Denial of Service (DoS)

A Denial of Service (DoS) attack is where an attacker targets the availability of a service. A DoS attack might tamper with a system or try to overload it in some way. In a power outage, if you lose power, then clearly your computers cannot run. It's common for data corruption to occur when a computer is turned off rather than being shut down. Hardware components in servers fail. A hard disk contains moving parts and will eventually fail. If a disk fails, you will likely lose the data. A Man-in-the-Middle (MitM) attack is an integrity concern not an availability concern. A MitM attack is where a host sits between two communicating nodes, and transparently monitors, captures, and relays all communication between them.

12. Question

A home network needs its second printer set as the default printer. The computer runs Windows 10 version 1809. Which page contains the relevant options to complete the setup?

• Devices and Printers

• Settings/Devices

• Device Drivers

• Device Manager

Solution

Correct: Settings/Devices

In Windows 10 version 1803 and newer, the location for the basic user-configurable settings for peripheral devices is the Devices page within the Settings app.

In Windows 7, Windows 8, and early versions of Windows 10, Devices and Printers is the location for the basic user-configurable settings for peripheral devices attached to the computer.

Device Manager is the page used to perform functions such as updating device drivers or uninstalling devices, not setting a device to be the default.

Device Drivers is not a page in Windows. Drivers are accessed from the Device Manager page.

13. Question

What are the four functions which represent most of the ways that data moves through a computer system?

• Input, output, processing, storage

• Addition, subtraction, division, multiplication

• Typing, editing, copying, printing

• Automation, replication, optimization, recovery

Solution

Correct: Input, output, processing, storage

Computers operate through these four functions: input (the intake of information into the system), output (the presentation of information to the user), processing (the manipulation of information into a new form), and storage (the preservation of information for later use). Typing, editing, copying, and printing are functions related to documents, which is a small part of what computer systems are used for. Addition, subtraction, division, and multiplication are arithmetic functions. Computer systems have much greater capabilities beyond these basic operations. Automation, replication, optimization, and recovery are functions of data management, not the entire functionality of a computer system.

14. Question

What's a true statement about query languages?

• Query language code is the most complex code.

• Query language code is not human-readable.

• Query language code does not need to be compiled.

• Query languages can only be used on one platform.

Solution

Correct: Query language code does not need to be compiled.

Code written in a query language, such as SQL (Structured Query Language), is designed to retrieve specific records from a dataset. The code does not need to be compiled.

Query languages can be used on many platforms. Query languages typically work together with other programming languages, which process the data retrieved by the queries.

The basic structure of query languages has a smaller set of commands than most programming languages. There are advanced components and extended vocabularies in some query languages, but the basic set of commands is sufficient for most operations.

Human-readable data is encoded as text, and machine-readable data (machine code) is the binary representation. Query languages represent a more structured form of the English language.

15. Question

A user installs VirtualBox on a Linux OS (Operating System). Which class of hypervisor is it?

• Type II, because VirtualBox is a software application within a host operating system

• Type I, because VirtualBox manages the virtual machine environment

• Type II, because Linux provides the resources for the virtual environment

• Type I, because the Linux OS is installed directly on the computer

Solution

Correct: Type II, because VirtualBox is a software application within a host operating system

A type II hypervisor runs as a software application within a host operating system. VirtualBox is a third-party virtualization software which can be installed on host systems including Linux. For both type I and II hypervisors, the physical machine (or host) provides the resources, such as CPU and memory, for the virtual environment. Both type I and II hypervisors manage the virtual machine environment and facilitate interaction with the host hardware and network. The Linux OS is installed directly on the computer, but it serves as the host to the type II hypervisor which is the VirtualBox software.

16. Question

Which of the following does NOT follow accepted MAC (Media Access Control) address format?

• 192:168:0.10/100

• a1-b2-c3-d4-e5-f6

• 0123456789ff

• 1111.2222.3333

Solution

Correct: 192:168:0.10/100

The MAC address, also called a hardware address, is a 48-bit value expressed in hexadecimal notation. There are several accepted formats to display the numbers in equal-sized groups, and separators include colons, hyphens, and periods. There is no accepted format with slashes or groups of unequal lengths.

The MAC address is often displayed as six groups of two hexadecimal digits with colon or hyphen separators.

MAC addresses can be displayed with no separators at all, as one 12-digit hex number.

MAC addresses can be displayed as three groups of four hex digits with period separators.

17. Question

A web application contains a form, which users fill out. What is the most likely use for this form?

• To create a flat file for each user

• To create a database

• To manually input data into a database

• To import data from a flat file into a database

Solution

Correct: To manually input data into a database

The manual data input process typically involves a form. The forms can be generic as part of the database administration software, or custom in a desktop or web application.

Importing data from a flat file is typically not done through a form in a web application. It's usually done though database administration tools, or a series of scripts.

A form in a web application is not the right tool to create a database. It's usually done though database administration tools, or a script.

A web application can create files for its users, usually with information about the browsing session. Data that the user fills out on the form is typically for input into a database.

18. Question

What does a database dump contain?

• SQL statements which can recreate all tables

• A flat file with full contents of all tables

• A hard disk with an exact copy of the database

• A formatted report of the contents of all tables

Solution

Correct: SQL statements which can recreate all tables

A database dump is a copy of the database or table schema along with the records in the form of SQL (Structured Query Language) statements, which another database can use to create the tables and import the information.

Flat files with full contents of all tables are backups, not dumps. Dumps contain SQL statements to recreate the schema and data.

Formatted reports of table contents are not very useful for backup and restore purposes.

A hard disk with an exact copy of the database is a full backup, not a dump

19. Question

If a worm propagates over a network, which of the following is the first action to take, to prevent further infection?

• Escalate the problem to a support professional.

• Use antivirus software to try to remove the infection.

• Disconnect the network link.

• Enable on-access scanning.

Solution

Correct: Disconnect the network link.

Malware such as worms propagate over networks. Therefore, one of the first actions should be to disconnect the network link.

If a file is infected with a virus, the antivirus software should detect it and take the appropriate action. You can use antivirus software to try to remove the infection.

After you have determined you cannot clean a file or if the antivirus software does not detect it, and allows the virus to infect the computer, then you should get help by escalating the problem to a support professional.

With on-access scanning, when a file is accessed, the antivirus software scans the file and blocks access if it detects anything suspicious. If a worm propagates, on-access scanning has failed.

20. Question

When a general language performs scripting, what does it call on as part of the code?

• Markup instructions

• Query statements

• System commands

• Machine code

Solution

Correct: System commands

Most languages can call (or "wrap") system commands as part of the code and can therefore also be used for scripting.

Machine code is the instructions converted to strings of ones and zeros for the CPU (Central Processing Unit) to process. Machine code calls can be used to optimize certain parts of a program, but not for scripting.

Query statements are requests to a database, for the purpose of retrieving data which the program needs for additional processing. Embedded query statements are not used for scripting.

Markup instructions can be used to format the output of a program, not for scripting.

21. Question

Why would a programmer create a function instead of a procedure?

• The function needs to include a nested loop, which does not work in a procedure.

• The process which calls the function needs to receive back a return value.

• Procedures do not exist in some programming languages.

• Functions compile more efficiently.

Solution

Correct: The process which calls the function needs to receive back a return value.

The key difference between a procedure and a function is that a function can return a value to whatever called it, whereas a procedure cannot.

Nested loops work the same way in both functions and procedures.

There are many factors which affect code efficiency, including ways to program function calls. But using a function over a procedure for this reason is not a consideration.

Functions and procedures exist in all programming languages. Some languages make very little distinction between the two, and consider functions to be procedures which return a value.

22. Question

Data encryption, firewalls, and backups are examples of what?

• Intellectual property

• Data breach

• Data capture

• Security controls

Solution

Correct: Security controls

Security controls are designed to prevent, deter, detect, and/or recover from attempts to view or modify data without authorization. Typical examples of security controls include backups, access control, data encryption, and firewalls.

Data breach is when private data is exposed publicly without authorization. Preventing data breach is one of the reasons for having security controls in place.

Data capture refers to collection of data points from many different sources as part of data analytics.

Intellectual property refers to information assets, such as patents, which need to be protected from theft.

23. Question

Which file system allows a file with the name "Encyclopedia:Volume 1.txt"?

• FAT32

• HFS+

• Ext4

• NTFS

Solution

Correct: Ext4

File systems have a number of reserved characters which cannot be used in a file name. Ext4 (4th extended file system), used by Linux distributions, only reserves the slash (/), which means that all other characters are acceptable in a file name. No system allows the slash character in their file names, as it's used to indicate folders or subdirectories.

HFS+ (extended Hierarchical File System), used by Apple Mac computers, does not allow colons (:) in addition to the slash.

NTFS (New Technology File System) has 9 reserved characters, including the colon.

FAT32 (File Allocation Table, 32-bit version) has 16 reserved characters, including the colon.

24. Question

Which of the following is an example of an optical drive?

• SSD

• DVD

• HDD

• DDR

Solution

Correct: DVD

DVD (Digital Video Disc) is a storage format for consumer multimedia, such as music and video, and referred to as an "optical" drive because a laser is used to read data from the discs. HDD (Hard Disk Drive) is a mass storage device that uses spinning disk technology. SSD (Solid State Drive) is designed to replicate or supplement the function of the HDD, with flash memory technology. DDR, short for DDR SDRAM (Double Data Rate Synchronous Dynamic Random Access Memory) is a volatile type of storage featuring "double pumped" data transfers.

previous

25. Question

A web browser is an example of productivity software. What type of software is an email client?

• Collaboration software

• Open source software

• Business software

• Productivity software

Solution

Correct: Collaboration software

With collaboration software, multiple users can work together on the same file or project. Email software allows users to compose, send, and receive messages from others, and is considered to be collaboration software.

Productivity software refers to applications that help users complete typical office tasks. A web browser can be used for information and research, and is considered to be productivity software.

Specialized business software is designed to assist with a particular business process or consumer demand, not general office functions and tasks covered by productivity software.

Open source software makes the program code used to design it available to the public. There are open source email clients, as well as those with proprietary code.

26. Question

An employee makes unauthorized copies of customer Social Security numbers, saves them in an unencrypted spreadsheet, and transfers them to the employee’s personal email account. The employee then opens new credit card accounts with this information and uses the cards to buy personal items. Which of the following did NOT occur?

• Identity checks

• Identity theft

• Identity fraud

• Mishandling Personally Identifiable Information (PII)

Solution

Correct: Identity checks

Rigorous identity checks when setting up a new account can help mitigate masquerading, which involves subverting the account creation process.

The rise in consciousness of identity theft as a serious crime is growing. Identity theft is using Personally Identifiable Information (PII) to impersonate an individual.

Staff should be trained to identify PII and to handle personal or sensitive data appropriately, and process Personally Identifiable Information (PII) more sensitively and securely.

Identity fraud can either mean compromising someone's computer account or masquerading as that person. Strong authentication makes this type of attack much more difficult to perform.

27. Question

What is an authorization policy that would help a systems administrator grant rights to users to perform their job and no more?

• Non-repudiation

• Requiring digital signatures

• Least privilege

• Reviewing logging events

Solution

Correct: Least privilege

Authorization policies help to reduce risk by limiting the allocation of privileges as far as possible. Least privilege means that a user should be granted rights necessary to perform their job and no more.

Non-repudiation is the principle that the user cannot deny having performed some action. Accounting is an important part of ensuring non-repudiation.

Accounting is usually provided for by logging events. This allows the accounting system to track what users are doing within the system and enforce non-repudiation.

A digital signature is used to prove that the user was an author of a document (they cannot deny writing it).

28. Question

If a password is short and non-complex, what type of attack can it be vulnerable to?

• Man-in-the-Middle (MitM)

• Malware

• Brute force

• Distributed Denial of Service (DDoS)

Solution

Correct: Brute force

If a password is short (under seven characters) and non-complex (using only letters for instance), a password might be cracked in minutes via brute force.

Denial of Service (DoS) is where an attacker targets the availability of a service. A DoS attack might tamper with a system or overload it. A Distributed Denial of Service (DDoS) uses hosts compromised with bot malware to launch a coordinated attack against a web service.

It is possible to capture cleartext password packets in transit via a Man-in-the-Middle (MitM) attack.

Malware is malicious software threats and tools designed to vandalize or compromise computer systems.

29. Question

The first step in the troubleshooting process is to identify the problem. What are some of the components of this step?

• Approach multiple problems individually; divide and conquer.

• Question users; document findings.

• Research symptoms; consider multiple approaches.

• Duplicate the problem; determine if anything has changed.

Solution

Correct: Duplicate the problem; determine if anything has changed.

The components of identifying the problem are as follows: gather information, duplicate the problem, question users, identify symptoms, determine if anything has changed, and approach multiple problems individually.

Researching symptoms can be part of the information gathering phase of identifying the problem or part of the step to research knowledge base/Internet. Considering multiple approaches is part of the step to establish a theory of probable cause.

Approaching multiple problems individually is part of the first step, but divide and conquer refers to a testing process, which is part of the step to establish a theory of probable cause.

Questioning users is part of the first step, but documenting findings is the final step.

30. Question

A systems administrator is installing a new wireless access point (AP). During installation, the administrator should make sure to complete which of the following?

• Enable all services on the wireless AP.

• Change the SSID to something that helps identify the administrator.

• Change the default password.

• Store a hardcopy of a complex password of at least 12 characters.

Solution

Correct: Change the default password.

You must always change the default password (typically "default," "password," or "admin") for any new device to prevent unauthorized access to it.

It is best practice not to enable services you do not need, especially on a multifunction device such as a wireless access point.

You must choose a strong password that cannot be cracked by password-guessing software. Use a long, memorable phrase of at least 12 characters. However, to maintain confidentiality, you should never write down a password.

It is a good idea to change the SSID from the default to something unique to your network. Remember that the SSID is easily visible to other wireless devices, so do not use one that identifies you personally or your address.

31. Question

Which of the following is NOT part of IoT (Internet of Things) home automation?

• Sprinkler system

• Door lock

• Insulin pump

• HVAC

Solution

Correct: Insulin pump

IoT-enabled medical devices include portable devices such as cardiac monitors/defibrillators and insulin pumps, which allow doctors and nurses to adjust dosages and monitor a patient remotely. While these devices may be located at a patient's home, they are not part of the home controlled by IoT home automation.

The ability to control HVAC (Heating, Ventilation, and Air Conditioning) systems from an app installed on a smartphone is functionality provided by IoT thermostats, part of IoT home automation.

The ability to control alarms, locks, lighting, and entry systems is functionality provided by IoT home automation security systems.

The ability to control devices such as outdoor sprinkler systems is functionality provided by IoT home automation lawn/gardening management systems.

32. Question

When a user has multiple passwords for different services, which of the following can help prevent the user from having to remember all of these passwords or from using the same password for each service?

• A short password history

• Password managers

• Reusing passwords across multiple sites

• The IT department resetting passwords

Solution

Correct: Password managers

Various hardware and software password managers or "fillers" can store passwords for multiple accounts. Users only have to remember one “master” password and prevent the use of the same password for different services.

Reusing a password for different services prevents the user from having to remember different passwords but it is unsecure; your security becomes dependent on the security of other (unknown) organizations.

A system may keep a history of previously used passwords and prevent the user from choosing the same one again but not from writing down the passwords.

If a note containing a password is lost, the IT department should be informed to reset the password quickly. This will not stop users from writing down passwords.

33. Question

Radio Frequency ID (RFID) is a means of tagging and tracking objects using specially-encoded tags. What is a peer-to-peer version of RFID?

• NFC

• NAS

• NIC

• NID

Solution

Correct: NFC

Near Field Communications (NFC) is a peer-to-peer version of RFID; that is, an NFC device can work as both tag and reader to exchange information with other NFC devices.

Network Interface Card (NIC) provides the Ethernet port in the computer to connect it to a network.

A Network Attached Storage (NAS) appliance is one or more hard drives housed in an enclosure with basic server firmware, usually running some form of Linux.

Network Interface Device (NID) is a device that serves as the demarcation point between the carrier's local loop and the customer's on-premises wiring.

34. Question

Which of the following is the best example of variety of data in a database?

• A table with a string, number, and date fields

• A string field with data in multiple languages

• A table with a tinyint, integer, float, and decimal fields

• A number field with values from -999,999,999,999 to 999,999,999,999

Solution

Correct: A table with a string, number, and date fields

Databases support a wider variety of data formats than text files or spreadsheets do. String, number, and date fields offer a wide range of storage and computing formats, as well as processing capabilities.

Tinyint, integer, float, and decimal fields represent numerical data fields. They differ in how they store the data, but not enough in their computing operations.

Variety of data refers to multiple data formats, not languages. A string field has certain operations available to it, such as combining it with another string field, and the multi-language content of the field makes no difference to that.

Variety of data does not refer to a wide range of values in one data format.

35. Question

What is an advantage of the float data type compared to the integer data type?

• The float data type is a more natural way of expressing numbers in computing systems.

• The float data type is not limited to whole numbers.

• The float data type requires less processing time for arithmetic operations.

• The float data type consumes less storage.

Solution

Correct: The float data type is not limited to whole numbers.

The float data type can support decimal fractions, as opposed to integers which are whole numbers.

The float data type does not consume less storage than an integer. An integer data type consumes 1 to 8 bytes of computer storage, while a float consumes between 4 and 8 bytes of storage.

Floating-point operations are slower than integer operations of the same data size, requiring more processing time for arithmetic operations.

An integer exists inside the computer as a true binary value, while a floating-point number needs additional steps to be expressed in binary format for the computer to accurately store its value.

36. Question

What is an advantage of using a CLI (Command Line Interface) instead of GUI (Graphical User Interface)?

• With CLI, it is easier to multitask when working on different things at once

• Non-technical users can learn how to use CLI faster than GUI

• CLI takes up less system resources to run.

• More people use CLI, so there is more help available.

Solution

Correct: CLI takes up less system resources to run.

Running CLI takes a lot less of the computer's system resources than a GUI, which needs to load things like icons, fonts, and additional drivers for components such as video and a mouse.

CLI requires a lot of knowledge and memorization to operate and navigate around it, making the learning curve a lot steeper than visually intuitive GUI.

Being more user friendly than a command line, especially for new or novice users, a GUI is used by more users.

Command line environments are capable of multitasking, but they do not offer the same ease and ability to view multiple things on one screen. GUI users have windows that enable users to view and control multiple programs and folders at once.

37. Question

What type of database uses a schema?

• Document

• Semi-structured

• Key/value pair

• Relational

Solution

Correct: Relational

A schema is the structure of the database. It contains the definition of each table with all of the fields, and the relationships between tables, in the form of primary and foreign keys. These relationships are the basis of a relational database.

A document database does not define tables and fields. Instead, the database adds documents which can be similar in type, or completely different. The lack of database structure means that there is no schema.

A key/value pair database is a means of storing the properties of objects without predetermining the fields used to define an object, which means that there is no schema.

Document and key/value pair databases are examples of semi-structured databases, which are schema-free data models.

38. Question

Which of these practices is unsecure as your security becomes dependent on other organizations' security measures?

• Shortening password expiration

• Reusing across sites

• Writing down password

• Using passphrase with special characters/tabs

Solution

Correct: Reusing across sites

Resuing the same password on different organizations' sites is unsecure, as your security becomes dependent on the security of these other (unknown) organizations.

Passwords should be changed periodically. Many systems can automatically enforce password expiration, meaning users have to choose a new password.

Using a long phrase, perhaps with one or two symbols and numbers mixed into it, can offer a good balance between complexity and memorability.

To maintain confidentiality, users should neither write down passwords nor share them with others. Users must keep their work passwords known only to themselves. Employees should be trained to understand what information is confidential and how to handle it correctly.

39. Question

A computer program contains a boolean variable. What are the stored values of this variable?

• FALSE, TRUE

• "F", "T"

• 0,1

• 'false","true'

Solution

Correct: 0,1

Boolean data types are stored as a special numeric data type, which take up one bit. The only possible values are 0 and 1.

User-friendly constants such as FALSE and TRUE must be defined in the program prior to using them for working with boolean variables. These constants are typically defined as 0 and 1 respectively, which is how they are stored in the system.

Definitions such as "false" or "true" are of string data type, using several bytes of storage instead of one bit that boolean data types use.

Definitions such as "F" or "T" are of char data type, using one byte of storage instead of one bit that boolean data types use.

40. Question

Which of the following SQL (Structured Query Language) commands can run with just one parameter?

• CREATE DATABASE

• CREATE TABLE

• CREATE INDEX

• CREATE VIEW

Solution

Correct: CREATE DATABASE

The CREATE DATABASE command requires just one parameter: the name of the database. Other parameters which configure the new database are optional.

The CREATE TABLE command requires the name of the table, as well as at least one column name and its specifications.

The CREATE INDEX command requires the name of the index, the table that will have the index, and which column(s) are in the index.

The CREATE VIEW command requires the name of the view, and the contents of the view, such as a query from a table with some criteria.

41. Question

A wireless network in a small home office generated poor signal quality. The signal improved when an old cordless phone stopped working. What problem did the cordless phone cause when it was active?

• Bluetooth signal overlap

• Attenuation

• Modulation

• Interference

Solution

Correct: Interference

Wireless radio frequency interference can be caused by many different things, including fluorescent lighting, microwave ovens, cordless phones, and heavy machinery.

Attenuation is the loss of strength of the wireless signal, and is determined by the distance between the wireless client and access point.

Modulation is the process of converting data into radio waves; it is what wireless networks use to send data.

Bluetooth uses the 2.4 GHz frequency range but a different modulation technique, so interference is not common. Even if the cordless phone was used with a Bluetooth-enabled headset, it is unlikely that the signal overlapped with the wireless network.

42. Question

A new scanner is purchased for the office, and the technician is using a disk with driver software instead of Plug-and-Play. What is the most likely reason?

• The technician does not have enough expertise to use Plug-and-Play.

• Plug-and-Play installation did not work for this scanner model.

• The computer is running Windows 7, which does not have Plug-and-Play.

• The scanner is wireless and therefore does not qualify for Plug-and-Play.

Solution

Correct: Plug-and-Play installation did not work for this scanner model.

Windows devices are now all Plug-and-Play (PnP). This means that when a new device is connected Windows identifies it and tries to install a device driver. When Plug-and-Play does not work, driver software may need to be installed manually before the device can be recognized.

Plug-and-Play is an automatic process and does not require any expertise to run.

Wireless devices need to be connected to the computer by adding them to the network or with a USB cable. Once the computer recognizes the device, Plug-and-Play starts automatically.

The earliest version of Windows that attempted PnP (not very successfully) is Windows 95. Windows 2000/XP provided highly improved PnP capability, and all subsequent versions, including Windows 7, have fully functional PnP.

43. Question

What does this pseudocode declare? declare MinutesPerHour as Number = 60

• A primary key

• A constant

• A variable

• An array

Solution

Correct: A constant

A constant is a specific identifier that contains a value that does not change within the program. In this example, the value of MinutesPerHour is always 60 and will not change.

A variable contains a value that can change during the execution of the program. There is no reason to ever change the MinutesPerHour identifier after its declaration.

An array is a type of identifier that can reference multiple values; it's a set of elements. MinutesPerHour is a single identifier.

A primary key is an element of a database, not a pseudocode identifier.

44. Question

What is the easiest way to install a standard mouse, and configure it to use basic settings?

• Get the disk with a special driver.

• Download online driver from the manufacturer.

• Use Control Panel/Settings

• Use the Mouse app on the smartphone.

Solution

Correct: Use Control Panel/Settings

A standard mouse does not need a special driver for installing. Basic settings can be configured using the Mouse applet in Control Panel/Settings.

To access and configure extra buttons on some mice, the manufacturer's driver is needed. The driver is on a disk included with the mouse.

In the absence of a disk with the driver, it can usually be found online on the manufacturer's website, and downloaded for installation. The driver is needed to access and configure extra buttons on some mice, not to install the mouse and configure basic settings.

There are apps on the smartphone which enable the smartphone to operate as a mouse, but they are not used for installing and configuring a standard mouse.

45. Question

Why would a business choose satellite service instead of DSL (Digital Subscriber Line)?

• Satellite systems provide bigger areas of coverage

• Satellite service requires no special installation.

• Satellite connection is faster.

• Satellite connection is more reliable.

Solution

Correct: Satellite systems provide bigger areas of coverage.

Satellite systems provide far bigger areas of coverage than can be achieved using other technologies. Satellite services for business are also expanding, especially in rural areas where DSL or cable services are less likely to be available. Satellite signal is affected by things such as the weather or obstructions including other buildings, making the service not very reliable. Satellite connections experience severe latency problems as the signal has to travel thousands of miles more than terrestrial connections, introducing a delay of 4–5 times what might be expected over a land link. To create a satellite Internet connection, the ISP (Internet Service Provider) installs a satellite dish at the customer's premises and aligns it with the orbital satellite.

46. Question

When does this pseudocode execute the print command?

If i == 0 AND i != 0

Then

print "Yes"

End If

• When i is not equal to 0

• Always

• When i is equal to 0

• Never

Solution

Correct: Never

With the AND operator, both conditions must be true at the same time. In this example, the first condition of "i is equal to 0", and the second condition of "i is not equal to 0", cannot be true at the same time, so the branch sequence never executes. If the operator was OR, then the whole statement would be true at all times, since i is always either equal to, or not equal to, 0. If this example had only the first condition, then the branch sequence would execute when i is equal to 0. If this example had only the second condition, then the branch sequence would execute when i is not equal to 0.

47. Question

What is the main cause of memory leaks?

• Damaged memory chips

• Programming errors

• Outdated software

• Operating system upgrades

Solution

Correct: Programming errors

Memory leaks refer to Windows memory loss, caused by a program or an app. This occurs when an application does not release memory when it's done with it, eventually causing a system slowdown.

If the software that is outdated and no longer supported has proper memory management in the code, then it would not cause more leaks than current but badly written programs.

Damaged memory chips cause problems, but memory leaks refer specifically to memory losses due to software programs incorrectly managing memory allocation.

Upgrading the operating system can be a cause of memory leaks, with an increase in memory usage by the new drivers. Operating system upgrades are done less frequently than everyday use of programs that cause leaks.

48. Question

How does an object store its attributes?

• As a vector

• As comments

• As private variables

• As public variables

Solution

Correct: As private variables

Attributes are values and data types that define the object. The object stores the attributes as fields or private variables.

Other programs cannot access or change the attributes of an object directly, the way that they can with public variables.

Most programming languages support container types called vectors that can grow or shrink in size as elements are added or removed. Vectors are specialized types with their own rules and limitations, and objects do not use them to store their attributes.

Programmers use comments in code to assist with maintaining it, not for attributes of objects.

49. Question

What is true regarding a 32-bit vs. a 64-bit CPU (Central Processing Unit)?

• A 32-bit CPU can run a 64-bit OS.

• All tablets use a 64-bit CPU.

• All smartphones use a 32-bit CPU.

• A 64-bit CPU can run a 32-bit OS.

Solution

Correct: A 64-bit CPU can run a 32-bit OS.

A 64-bit CPU can run a 64-bit or 32-bit OS. 32-bit systems are limited to addressing 4 Gigabytes of system memory, whereas 64-bit systems can address 256 Terabytes (or more), meaning that 64-bit systems run more efficiently, since memory blocks are more easily allocated. They support 64-bit instructions, so they process more data at once than 32-bit systems.

64-bit applications include 64-bit instructions that will not be recognized by a 32-bit processor, so a 32-bit CPU cannot run 64-bit software, only 32-bit.

Not all smartphones use 32-bit CPU. 64-bit CPU dominates the premium sector, while 32-bit is still prevalent on budget and midrange models.

Like smartphones, premium tablets mostly use 64-bit CPU, and budget and midrange models usually run 32-bit.

50. Question

Convert the binary number 1000000 into decimal notation.

• 40

• 32

• 64

• 128

Solution

Correct: 64

A quick way to calculate a binary number which consists of a 1 with the rest being 0's is to count the number of 0's, and then calculate 2 to the power of that number. In this case, there are six 0's, and 2 to the power of 6 = 64.

If the task was to convert 1000000 into hexadecimal notation, the answer would be 40.

If this example had one less 0, i.e., 100000, then the answer would be 32.

If this example had one more 0, i.e., 10000000, then the answer would be 128.

51. Question

What storage technology do SSDs (Solid State Drives) use?

• Magnetic tape

• Optical drive

• Spinning disk

• Flash memory

Solution

Correct: Flash memory

SSDs (Solid State Drives) are designed to replicate or supplement the function of the hard drive. Solid state storage uses a type of non-volatile memory technology called flash memory.

HDD (Hard Disk Drives) host data that is encoded magnetically on specially coated glass or plastic platters accessed by drive heads. The platters are spun at very high speeds, giving rise to the term "spinning disk" drive.

A tape drive is a data storage device that reads and writes data on a magnetic tape. Magnetic tape data storage is typically used for offline, archival data storage.

Disc-based storage formats for consumer multimedia (music and video) are called "optical" drives because a laser is used to read data from the discs.

52. Question

What type of software is project management software?

• Productivity software

• Networking software

• Business software

• Collaboration software

Solution

Correct: Business software

Project management involves breaking a project into a number of tasks and assigning responsibilities, resources, and timescales to ensure the completion of those tasks. Specialized business software such as Microsoft Project assists with this process by visualizing task timelines and dependencies, and recording information about task properties and progress.

Productivity software refers to applications that help users complete typical office tasks. Project management is a more complex task with many functions, and requires specialized business software.

Collaboration software means that multiple users can work together on the same file or project. Working on a project is very different from managing a project, and requires different type of software.

Networking software is for administrators to deploy, manage, and monitor a network.

53. Question

CompTIA's troubleshooting model includes having to establish a theory of probable cause. What is one of the components of this step?

• Question the theory

• Question the obvious

• Question the internet

• Question users

Solution

Correct: Question the obvious

Step 3 in CompTIA's troubleshooting model is to establish a theory of probable cause. Its three components are: question the obvious, consider multiple approaches, and divide and conquer.

Step 1 in CompTIA's troubleshooting model is to identify the problem. One of the six components of this step is to question users.

Step 2 in CompTIA's troubleshooting model is to research knowledge base/Internet, if applicable.

Step 4 in CompTIA's troubleshooting model is to test the theory to determine cause. Steps 3 and 4 form an iterative process of establishing and testing a theory until something works.

54. Question

What does this pseudocode do? declare i as Number = 0 Do While i <= 100 i = i + 1 print i i = i - 1 Loop

• Displays number "1" 100 times

• Produces an infinite loop

• Displays numbers from 0 to 99

• Displays numbers from 1 to 100

Solution

Correct: Produces an infinite loop

In this pseudocode, the variable i never changes. First it increases by 1, and then decreases by 1, so the condition to end the loop is never met. The program never stops displaying number "1", and is stuck in an infinite loop until the system crashes or the user interrupts it.

If the pseudocode did not include "i = i - 1", then it would display numbers from 1 to 100.

If the pseudocode did not include "i = i - 1" and the print statement was first inside the loop, then it would display numbers from 1 to 100.

The pseudocode displays number "1" an infinite number of times.

55. Question

Which of the following exposes a user to a Man-in-the-Middle (MitM) attack?

• Encryption

• Cipher text

• A cryptographic hash

• Plain text

Solution

Correct: Plain text

Plain text is also known as clear text and is an unencrypted message. To secure transmissions from eavesdropping, sniffing and MitM attacks, data should be encrypted.

Cipher text is an encrypted document or message that can travel across a public network, such as the Internet, and remain private.

With encryption, even if an eavesdropper could intercept and examine the data packets, the content would be unreadable.

Cryptographic hashing is a type of encryption that can be used to prove that a message has not been tampered with and for secure storage of data where the original meaning does not have to be recovered (e.g., passwords).

56. Question

What is a proper example of a string definition?

• "It is polite to say "Thank you""

• "The sales person said to the customer: "Have a nice day!" and smiled."

• 'It's going to be a great day.'

• "We're so happy to see you!'

Solution

Correct: "It is polite to say "Thank you""

When single or double quotes can be used to delimit a string, the quotes are not part of the string itself. To use a quote character within a string, an escape character () is used. Embedding "Thank you" into the rest of the string is the proper way of defining it.

The quoted portion needs to have an escape character () preceding each quote character: "Have a nice day!", for the string to be processed correctly.

The apostrophe (single quote) needs to have an escape character () preceding it: 'It's going to be a great day.'

The delimiter needs to be consistent: if it starts with a double quote, it needs to end with a double quote.

57. Question

What is a key difference between copyright and a patent?

• Patents are registered for a limited time only, but copyright protection is permanent

• Copyright is valid for a limited time only, but a patent is granted on a permanent basis

• Patents are granted automatically, but a copyright must be applied for and registered

• Copyright protection happens automatically, but a patent must be applied for and registered

Solution

Correct: Copyright protection happens automatically, but a patent must be applied for and registered.

Copyright is automatic legal protection granted to certain types of work. There is no need to apply for copyright or display any copyright notice in order to be protected by it. The creation of the work ensures copyright protection automatically.

A patent must be applied for and registered because there is no automatic protection, as there is for copyright.

Patents are registered for a limited time only.

Copyright lasts for a number of years after the owner's death. The exact length of time varies between 15 and 70 years depending on the nature of the work. After this time, provided the copyright has not been extended for some reason, the work becomes public domain and may be used freely.

58. Question

A systems engineer wants to control access to critical data. Which of the following describes a security concern regarding storing and transferring data without authorization?

• Confidentiality

• Integrity

• Social engineering

• Availability

Solution

Correct: Integrity

Integrity means that the data being stored and transferred has not been altered without authorization. Threats to integrity include Man-in-the-Middle (MitM), replay, and impersonation attacks.

Confidentiality means that information is only revealed to authorized people. This can be compromised in snooping, eavesdropping/wiretapping, and social engineering/dumpster diving attacks.

Availability means keeping a service running so that authorized users can access and process data whenever necessary. Availability is often threatened by accidents and oversights as well as active attacks.

Social engineering refers to means of getting users to reveal confidential information or obtaining unauthorized physical access to a resource.

59. Question

Which feature of IoT (Internet of Things) for motor vehicles uses a component of IoT home automation?

• In-vehicle entertainment

• Black box

• Parking assist

• Sat-nav

Solution

Correct: In-vehicle entertainment

IoT for motor vehicles include embedded systems for in-vehicle entertainment, which share major elements with IoT home automation's streaming media. Their function is to play content stored on a storage device through smart speakers and screens. Embedded in-vehicle sat-nav (Satellite Navigation) uses GPS (Global Positioning Systems) to identify the vehicle's precise location. There is no need for this in IoT home automation. Some vehicles are now fitted with a "black box", which is an event data recorder that can log the car's telemetry (acceleration, braking, and position). There is no need for this in IoT home automation. There are now sophisticated systems to control the vehicle on behalf of the driver, including automatic collision detection and avoidance, and parking assist.

60. Question

A company operates in 2 offices. Both offices are located in the same town, with about 100 employees in each building. What type of network does it need to connect all of its employees, LAN (Local Area Network), or WAN (Wide Area Network)?

• WAN, because LAN is unable to accommodate more than a few computers

• LAN, because the company owns the equipment and cabling required to set it up

• WAN, because there are multiple locations

• LAN, because the offices are local to each other

Solution

Correct: WAN, because there are multiple locations

LAN is a network in a single location. WAN is a network in different geographic locations but with shared links. A company with employees in more than one location needs to use a WAN.

LAN is not limited to just a few computers; it can accommodate enterprise networks with hundreds of servers and thousands of workstations.

Regardless of how close the offices are to each other, they are not in the same location, so WAN needs to be used.

Even if the company already owns the equipment and cabling required to set up a LAN, it needs a WAN to connect all of the employees across multiple locations.

61. Question

Why would a locally installed application store data files in a user folder and not the application folder?

• To separate the data layer from the application layer

• To be able to uninstall the application without deleting the data files

• For faster backups of the data fileso prevent users from modifying application folders

Solution

Correct: To prevent users from modifying application folders

Data files manipulated by the application can be stored on the local disk, usually in a user folder rather than the application folder. Ordinary users should not be able to modify application folders, for security reasons.

Data and application layers are terms used in database application architecture models, to describe the way that the application interacts with the database. Data files used by the application are not in this category.

If the data files are part of the database uninstall process, they get deleted regardless of their location.

Data files can be backed up regardless of their location, with no impact on the speed of the process.

62. Question

Which of the following is the most likely example of cross-platform software?

• Application that runs on a Dell PC and a Samsung smartphone

• Application that runs on a Dell PC and a Samsung laptop

• Application that runs on a Samsung tablet and a Motorola smartphone

• Application that runs from the Chrome browser on a Dell PC and Safari browser on an iMac

Solution

Correct: Application that runs on a Dell PC and a Samsung smartphone

A Dell PC (Personal Computer) and a Samsung smartphone do not have the same type of OS (Operating System) installed (unless they both have the Linux OS, which is unlikely). In most cases, the PC runs a version of Windows, and the smartphone has a version of Android OS. Applications that run on both of them are cross-platform.

A Dell PC and a Samsung laptop are likely to have the Windows OS. Single-platform software can work on both, even with different versions of Windows.

A Samsung tablet and a Motorola smartphone are likely to have Android OS. An app designed for just the Android OS is not cross-platform.

Web-only applications are single-platform, regardless of which browsers they support.

63. Question

A student is replacing an old computer with a new one, with the help of an external hard drive to transfer the contents of the old computer. The external hard drive arrives with an enclosure. What is the purpose of the enclosure?

• The enclosure provides ports to connect the drive to the computer

• The enclosure protects the fragile drive from water damage

• The enclosure converts a 2.5" portable drive into the 3.5" desktop standard

• Te enclosure converts the external hard drive into internal/tabs

Solution

Correct: The enclosure provides ports to connect the drive to the computer.

The external hard drive is shipped in a special enclosure, which provides some combination of USB, Firewire, eSATA, and/or Thunderbolt ports to connect the drive to the computer.

An external hard drive can be used as an internal drive, but the special enclosure that comes with it is not used for that purpose.

External units may be designed for desk use (3.5" drives) or to be portable (2.5" drives). 3.5" drives require a separate power supply, so most external drives now use the 2.5" form factor. The enclosure that comes with the drive is not used to convert one into the other.

There are special waterproof enclosures available to protect the external drive from water damage, but most do not.

64. Question

What indicates that a website has a highly trusted certificate?

• Green padlock icon in front of address bar

• URL starting with "https"

• Padlock icon in front of address bar

• Green address bar with no icon

Solution

Correct: Green padlock icon in front of address bar

If the website has a certificate that's valid and trusted, a padlock icon is shown. If the certificate is highly trusted, the address bar (with the padlock) is green. Website owners have to go through a more rigorous identity validation procedure for a high assurance certificate.

A padlock icon in front of the address bar indicates that a certificate is valid and trusted, but not at the highest level.

Without a padlock icon, the color of the address bar has no special meaning.

HTTPS (Hypertext Transfer Protocol Secure) encrypts and decrypts user page requests as well as the pages that are returned by the Web server. It is not an indication of a valid and trusted certificate.

65. Question

What type of access control and technology helps ensure non-repudiation, and tracks what users are doing on the network?

• Accounting; logs

• Authorization access

• Least privilege

• Implicit deny

Solution

Correct: Accounting; logs

Accounting is usually provided for by logging events. This allows the accounting system to track what users are doing within the system and enforce non-repudiation.

Least privilege means that a user should be granted rights necessary to perform their job and no more.

As part of least privilege, access controls are usually founded on the principle of implicit deny. This means that unless there is a rule specifying that access should be granted (explicit authorization), any request for access is denied.

Access control or authorization models determine how users receive rights.

66. Question

Which of the following helps to authenticate the user requesting a password reset over the telephone?

• An IP address

• A hardware token

• Personally Identifiable Information (PII)

• Biometric recognition

Solution

Correct: Personally Identifiable Information (PII)

PII is often used for password reset authentication to confirm identity over the telephone.

Password-type credentials are generally seen as not providing adequate security for high-risk applications. One solution is to provide each user with a unique hardware token to prove their identity.

"Something you are" authentication means employing some sort of biometric recognition system. Many types of biometric information can be recorded, including fingerprint patterns, iris or retina recognition, or facial recognition.

An IP address can be used to refer to a logical network segment or it could be linked to a geographic location using geoip.

67. Question

What type of software is Microsoft Office?

• Productivity software

• Project management software

• Collaboration software

• Business software

Solution

Correct: Productivity software

Microsoft Office is considered to be productivity software, because it's a suite of programs which includes spreadsheet software, word processing software, and presentation software.

Microsoft Office includes a database application called Microsoft Access, which is considered to be business software, but the majority of programs in the Microsoft Office suite are in the productivity software category.

Microsoft Office includes an email client called Outlook, which is considered to be collaboration software, but the majority of programs in the Microsoft Office suite are in the productivity software category.

The Microsoft Office "family" includes a project management program called Microsoft Project, but it's not included in the Microsoft Office suite, and is distributed as a separate application.

68. Question

Which of the following does NOT encrypt web page data?

• Hypertext Transfer Protocol Secure (HTTPS)

• Mobile device encryption

• Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

• A transport encryption protocol

Solution

Correct: Mobile device encryption

Data at rest means that the data is in some sort of persistent storage media. In this state, it is usually possible to encrypt the data using techniques such as mobile device encryption.

With data in transit (or data in motion), such as web page data, the data can be protected by Secure Sockets Layer (SSL)/Transport Layer Security (TLS).

With data in transit (or data in motion), such as web page data, the data can be protected with a transport encryption protocol.

When a web browser communicates with a secure Hypertext Transfer Protocol Secure (HTTPS) server, it accepts the server's digital certificate to use its public key to encrypt communications.

69. Question

A senior manager of a regional office branch needs a payroll report of all staff, to calculate next year's budget. Which program is NOT useful for that?

• Accounting software

• Spreadsheet software

• Project management software

• Database software

Solution

Correct: Project management software

Project management software assists with the process of breaking a project into a number of tasks and assigning responsibilities, resources, and timescales to ensure the completion of those tasks. It is not designed for generating payroll reports.

Accounting software is the best way to generate payroll reports. Accounting programs contain ready-made reports which calculate and display payroll data in the most frequently used formats. Reports can also be easily customized to fit most business needs.

Database programmers can use database software to create custom reports from the data stored in the database.

Payroll data can be stored in a spreadsheet, or imported from a database or accounting software into a spreadsheet, and displayed in report format.

70. Question

What is the main purpose of NIC (Network Interface Card) expansion card?

• To serve as a faster alternative to the onboard NIC

• To provide additional NICs to servers on a wired business network

• To replace the outdated NIC on the motherboard

• To allow workstation computers to connect to the network

Solution

Correct: To provide additional NICs to servers on a wired business network

Network Interface Card (NIC) provides the Ethernet port in the computer. Servers with a NIC on the motherboard (onboard card) may have additional NICs supplied on expansion (or add-on) cards.

Almost all workstation computers come with a NIC on the motherboard, allowing for Ethernet connection to the network.

An outdated NIC on the motherboard is not a frequent occurrence.

Both onboard cards and expansion cards operate in the same manner using the same protocols and cable ports. NICs come in many different forms and speeds, but both types come in equal speeds.

71. Question

The person reporting a problem is likely to be the main source of information about it. However, if this is insufficient to successfully troubleshoot, what is a good next step to take?

• View log files

• Escalate the problem.

• Suggest workarounds

• Use a product Knowledge Base

Solution

Correct: View log files

If the information provided about the problem is insufficient to successfully troubleshoot, the next step is to consider other sources, such as viewing system, application, or network log files, or monitoring other support requests to identify similar problems.

Once sufficient information is gathered, then it may be necessary to use a product Knowledge Base or a web/Internet search tool to research the symptoms.

If none of the available resources are sufficient to diagnose or resolve the problem, it may be necessary to escalate it.

If one troubleshooting method does not yield results, it may be time to suggest workarounds which can provide a way for the user to continue to work with the system while the problem is being resolved.

72. Question

What is an example of an output device?

• Digital camera

• Optical disc

• Loudspeaker

• Keyboard

Solution

Correct: Loudspeaker

In a computer system, data is shown or played to the user through an output device, such as a monitor, printer, or loudspeaker system.

User input is when the computer receives data entered by the user through peripheral devices, such as mice, keyboards, scanners, digital cameras, and microphones.

Video input devices, such as digital cameras or camcorders, webcams, image or fingerprint scanners, and barcode readers, are used to digitize images or video into the computer.

Optical disc is a storage device, to which data may be written for future use.

73. Question

A company has an unwritten rule that visitors must always be escorted, but not every employee abides by it. Which of the following would make employees become more aware of the importance of this responsibility, and help enforce this as a company best practice?

• Train staff to identify Personally Identifiable Information (PII).

• Install data monitoring solutions

• Implement an Acceptable Use Policy

• Write a company policy and procedure for escorting visitors

Solution

Correct: Write a company policy and procedure for escorting visitors

If there is a company policy saying that visitors to the workplace must be escorted at all times, the organization needs to create written policies and procedures to help staff understand and fulfill their responsibilities and follow best practices. While the rise in consciousness of identity theft as a serious crime and growing threat is important, it deals with the handling of personal or sensitive data appropriately. An Acceptable Use Policy, or Fair Use Policy, sets out what someone is allowed to use a particular service or resource for. Monitoring data means analyzing data communications to measure an employee's productivity.

74. Question

Which of the following ways best defeats social engineering?

• Training end-users how to identify and report suspicious activity on the network or workstation

• Allowing access to network resources by using innocuous data

• By establishing enough trust with end-users so they will reveal secure information

• Making sure employees directly observe other users type passwords

Solution

Correct: Making sure employees directly observe other users type passwords

Social engineering is best defeated by training users to recognize and respond to social engineering attacks. Users should understand what constitutes secure information and know in what circumstances, if any, it should be revealed to other people.

Shoulder surfing is a social engineering attack that involves stealing a password or PIN, or other secure information, by watching the user type it.

Being convincing or establishing trust is a social engineering trick that usually depends on the attacker obtaining privileged information about the organization.

Often, malicious people can start to gain access to your network resources through the use of seemingly innocuous data.

75. Question

What is an example of using a locally installed application without network access?

• Using Microsoft Word to write a letter

• Using Microsoft Outlook to check email

• Using the Intuit Quicken banking application to pay bills

• Using Apple iTunes to listen to a podcast

Solution

Correct: Using Microsoft Word to write a letter

A locally installed application does not need network access to run, but the network has to be present if the application makes use of network features. Using Microsoft Word to write a letter does not require network connection.

Checking email requires an Internet connection. If done from an application like Outlook, it needs network connection to download messages from the email server.

Quicken is a personal finance management tool. It does many tasks locally, like budget reports, but it needs Internet connection to send a banking institution the instructions for paying bills.

iTunes is a media library and player. It can play locally stored music files, but needs to be connected to the Internet to play or download a podcast.

76. Question

A program is a sequence of what?

• Attributes

• Instructions

• Flow charts

• Functions

Solution

Correct: Instructions

A program is a sequence of instructions which the computer performs. The sequence can consist of just one instruction, such as the popular example "print 'Hello World'", or thousands, even millions of instructions in a single program.

Functions are elements of programs, and can be something that the programmer creates, or internal system functions. But a program is not a sequence of functions.

A graphical flow chart helps to visualize the program sequence and understand the processes. It's a tool that programmers use, not a component of a program.

An attribute is a term of OOP (Object-Oriented Programming) to define objects.

77. Question

How do the CPU (Central Processing Unit) and storage devices in a computer process data?

• As bits and bytes

• As characters and strings

• As integers and decimals

• As zeros and ones

Solution

Correct: As zeros and ones

The CPU and storage devices in a computer only process data as ones and zeros. These hardware components have no conception of what the data mean.

Bits and bytes are units of measure, used to describe computer storage. A bit can represent the value zero or one, which is what the hardware components work with. A byte is a multiple of 8 bits.

Integers and decimals are data types used in computer programs, but they are a collection of ones and zeros from the hardware standpoint.

Characters and strings are data types used in computer programs, but they are a collection of ones and zeros from the hardware standpoint.

78. Question

A Customer object has a field called EmailAddress. Other programs need to have frequent access to this field. What is the best way to set up this field?

• As an attribute of the Customer object

• As its own object

• As an array of variables across all programs

• As a property of the Customer object

Solution

Correct:As a property of the Customer object

Object properties represent a way of accessing a field publicly, instead of the overhead of using methods. Properties allow external code to ask the object to show or change the value of one of its fields.

Object attributes are private variables which other programs cannot access directly. An object needs to have a method which allows another part of the program to access a field, adding extra overhead to the process.

Setting up the EmailAddress field as its own object adds unnecessary overhead and duplication of information. It is much easier to set it up as a property of the Customer object.

An array of variables is an inefficient way to store data, compared to objects.

79. Question

What are the properties of a file "Books/CoverPhoto.js"?

• It's an image file named "Books/CoverPhoto.js".

• It's an executable file named "CoverPhoto.js" in folder "Books".

• It's an image file named "CoverPhoto.js" in folder "Books".

• It's a document file named "Books/CoverPhoto.js".

Solution

Correct: It's an executable file named "CoverPhoto.js" in folder "Books".

An executable file contains program code, and can make changes to the computer system. Executable file extensions include "exe", "bat", "cmd", and "js". The slash symbol (/) is reserved for listing folders or directories in all operating systems, and the back-slash symbol () is also used for this on some systems.

Image file extensions include "jpg" and "jpeg", but not "js" which stands for JavaScript code, a script file that runs within an interpreter.

File names cannot contain the reserved symbol "/", so the entire name is not the file name. "Books" is the folder, and "CoverPhoto.js" is the file.

Document file formats are used by word processing software, with extensions such as "txt", "rtf", "doc", and "docx".

80. Question

Which of the following SQL (Structured Query Language) commands is NOT a DML (Data Manipulation Language) command?

• SELECT

• DELETE

• INSERT

• DROP

Solution

Correct: DROP

of the database. The DROP command deletes (drops) a table or the entire database, and is a DDL (Data Definition Language) command, which modifies the structure of the database.

DML commands include DELETE, which deletes records from a table, and therefore modifies the contents of the database.

DML commands include INSERT, which adds a new row into a table, and therefore modifies the contents of the database.

DML commands include SELECT, which is the first building block of a query to retrieve data from a database.

81. Question

A file contains information about the company's customers. The information includes Name, Address, Phone, and Email for each customer. What's the best way to convert this file into a database?

• Create a database called Customers, with tables called Name, Address, Phone, and Email.

• Create a database called Customers, with fields called Name, Address, Phone, and Email.

• Create a table called Customers, with fields called Name, Address, Phone, and Email.

• Create a table called Customers, with records called Name, Address, Phone, and Email.

Solution

Correct: Create a table called Customers, with fields called Name, Address, Phone, and Email.

A database consists of tables of information, organized into columns and rows. Each row represents a separate record in the database, and each column represents a single field within a record. Name, Address, Phone, and Email are fields for each customer, and the collection of these fields is a table.

Name, Address, Phone, and Email do not need to be individual tables. They are all part of a record for each customer.

Name, Address, Phone, and Email are not records, they are fields, or columns in the table. A record is one set of information about a customer.

Fields make up a table, and tables make up a database.

82. Question

An office computer needs a new keyboard and mouse. Before ordering them, the assistant should check which ports are available, to decide which style to purchase. Which port is NOT part of the consideration?

• PS/2

• USB

• HDMI

• Bluetooth

Solution

Correct: HDMI

HDMI (High Definition Multimedia Interface) is the most widely used graphic device interface. HDMI can be used to connect the computer to an output device, such as a monitor, but not to input devices, such as keyboard or mouse.

Historically, mice and keyboards used the PS/2 interface, which had a round connector with pins. A keyboard PS/2 port is colored purple to differentiate it from the otherwise identical mouse connector, which is color-coded green.

Modern mice and keyboards use USB (Universal Serial Bus) ports to connect to a computer. The connection can be wired or wireless via a USB dongle.

Modern mice and keyboards use Bluetooth ports for wireless connections to a computer.

83. Question

What problem is Windows' UAC (User Account Control) designed to solve?

• Too many guest accounts

• Elevated privileges

• Too many administrative accounts

• Inadequate account authentication

Solution

Correct: Elevated privileges

"Least privilege" means that users receive permissions required to perform tasks and no more. Early versions of Windows led to the problem of "elevated privileges", where all users were given administrative privileges, as otherwise it was difficult to perform typical administrative tasks. UAC was created to solve this problem.

The "Guest" account, used in Windows 7 and 8.1, is a standard, local user account, with very limited permissions. There is typically one such account, but having many of them is not a problem.

UAC enables users to perform common tasks as non-administrators and as administrators without having to switch users. The number of administrative accounts is not relevant to this feature.

Inadequate account authentication is not part of UAC functionality.

84. Question

What is the end result of the iterative process of establishing and testing a theory while troubleshooting?

• Ensure that the problem is never repeated.

• Establish a root cause for the problem.

• Resolve the problem.

• Ientify the person responsible for creating the problem.

Solution

Correct: Establish a root cause for the problem.

The end result of the iterative process of establishing and testing a theory (establish a theory, test it, if it doesn't work, establish another theory) is to establish a root cause for the problem.

The iterative process of establishing and testing a theory is the combination of Steps 3 and 4 of CompTIA's troubleshooting model. Resolving the problem is part of Step 6: implement the solution or escalate as necessary.

Ensuring that the problem is never repeated is part of Step 7: verify full system functionality and, if applicable, implement preventive measures.

Many technical problems are not caused by a specific person, but by events and circumstances, such as power or equipment failure, hardware or software malfunction, etc.

85. Question

The direct database access method is the best method to run which SQL (Structured Query Language) command?

• SELECT

• UPDATE

• GRANT

• INSERT

Solution

Correct: GRANT

Direct access provides tools for database administrators to run SQL commands. They can run commands, which interact with the data or perform database administration tasks. The GRANT command assigns permissions on database objects to users, so the database access methods for non-administrative users should not run it.

Applications with utility or programmatic access use the UPDATE command to make changes to specific records, without risk to the rest of the database.

Applications with utility or programmatic access use the INSERT command to add new information into the database.

All database access methods use the SELECT command to retrieve data for processing, as well as to run queries/reports.