Software Troubleshooting

txt

School

Western Governors University *

*We aren’t endorsed by this school

Course

2017

Subject

Information Systems

Date

Apr 3, 2024

Type

txt

Pages

30

Uploaded by aiyiwu

Report
resume from question 16 (16 from test review, not this file) 1) Your system hangs immediately after the BIOS information is shown and displays an error loading operating system error message. What is the MOST likely source of the problem? Answer Inaccessible boot disk Correct Answer: Corrupt MBR or partition table Missing or corrupt file Incorrect answer: Corrupt boot sector Explanation Symptoms of a corrupt MBR or partition table include the system hanging immediately after the BIOS information is shown and error messages such as missing operating system or MBR corrupt. A corrupt boot sector, inaccessible boot disk, or a missing or corrupt file are less likely to display this type of error message. 2) Which programs run during the startup process to allow user logon? (Select two.) Answer Winload.exe Incorrect answer: NToskrnl.exe Correct Answer: Winlogon Bootmgr.exe Correct Answer:
Wininit Explanation The wininit and winlogon programs run to allow user logon. At this point, the Welcome or user logon screen is displayed. NToskrnl.exe, Bootmgr.exe, and Winload.exe occur before the logon and user configuration stage of startup. 3) Which stage of a legacy BIOS startup loads the boot code in the Master Boot Record (MBR) and then uses the partition table to identify the active disk partition? Answer Incorrect answer: Bootmgr.exe Winload.exe OS startup Correct Answer: Boot loader Explanation On the boot device, the BIOS searches for and loads the boot code in the Master Boot Record (MBR). The MBR is on the first disk sector and uses the partition table to identify the active disk partition. The bootmgr.exe program looks for the BCD store in either the C:\ directory or the System Reserved partition. OS startup and Winload.exe occur after the boot loader. 4) During the Runtime (RT) stage of the UEFI boot process, system control passes to ntoskrnl.exe. Which of the following tasks does ntoskrnl.exe perform? (Select three.) Answer Incorrect answer: Mounts and initializes system drives. Verifies and fully initializes the CPU and chipset.
Correct Answer: Starts services. Incorrect answer: Initializes, verifies, and allocates system memory. Correct Answer: Loads device drivers. Allows user logon. Correct Answer: Configures the OS environment. Explanation The ntoskrnl.exe utility performs the tasks below. Loads device drivers. Starts services. Configures the OS environment. The wininit and winlogon programs run after ntoskrnl.exe to allow user logon. The mounting and initialization of system drives occurs during the Driver Execution Environment stage (DXE), which occurs before the ntoskrnl.exe utility is loaded. The system memory and CPU are initialized during the Pre-EFI Initialization (PEI) stage, which occurs before the ntoskrnl.exe utility is loaded. 5) Rodney, an employee in the Research Department, reports that he is experiencing blue screen errors while using his Windows computer. You ask Rodney if anything has changed on the computer recently. Rodney explains that he recently installed a TV tuner board in an expansion slot, and now he has to reboot the computer every time he loads the TV tuner application to watch TV. You need to fix Rodney's computer and prevent him from using the TV until you can install an updated driver. What should you do? Answer Use the Reset This PC option in the Settings app. Boot the system from a Windows installation disc and select the Startup Repair option.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Re-install Windows from the installation disc. Correct Answer: Boot the system in Safe Mode. Disable the TV tuner driver in Device Manager. Reboot the system and select Safe Mode. Edit the properties of the TV tuner driver in Device Manager and select Roll Back Driver. Explanation You should disable the driver in Safe Mode instead of rolling the driver back. Although you might be able to disable the driver without booting in Safe Mode, booting in Safe Mode is a good way to prevent drivers that could interfere with your task. Resetting or reinstalling the operating system are drastic troubleshooting options. You should try simpler resolutions first before resorting to more aggressive options. Because the boot process is functioning, there is no indication that the boot sector or Master Boot Record need repairs. 6) You have booted your Windows workstation in Safe Mode and enabled boot logging. To which log file is the boot logging information now written? Answer Myboot.txt Bootlog.txt Boot.log Correct Answer: Ntbtlog.txt Explanation When you choose to enable boot logging, entries are written to the Ntbtlog.txt file. This file is created in the %WinDir% folder. Bootlog.txt, boot.log, and myboot.txt are not valid boot logging files. 7) You experience startup errors after you install a new device. What should you do FIRST to resolve the issue? Answer
Recover the system image. Disable automatic restart. Correct Answer: Boot in Safe Mode and roll back the driver. Incorrect answer: Boot in Safe Mode and disable all unnecessary devices. Explanation If you experience startup errors after you install a new device, the first thing you should do is boot in Safe Mode and roll back the driver. You should not disable unnecessary devices, disable automatic restart, or recover a system image before trying other options. 8) Marcus was attempting to edit some registry settings on his Windows 11 system. Now, when he tries to boot his system, it hangs after the Windows splash screen is displayed. Because he cannot boot to Safe Mode, he boots the system from the Windows installation disc and accesses the Recovery Environment. Which Recovery option should Marcus use FIRST to help resolve his boot issue? Answer Go Back to the Previous Build Use BOOTMGR Correct Answer: System Restore Reset this PC Explanation The most common cause of the system hanging after the Windows splash screen is displayed is a bad driver or corrupt registry settings. If you cannot boot to Safe Mode, boot into the Recovery Environment and use System Restore. Resetting the PC or going back to a previous build might also work, but these are more drastic options. You should try simpler recovery options first before moving on to more drastic ones. BOOTMGR is the boot loader program. It is not a recovery option.
9)You have just received a call from one of your customers. She informs you that after turning her computer on, she received the following error: Error loading operating system BOOTMGR is missing Press Ctrl+Alt+Del to restart Every time she restarts her computer, the same error appears. Which of the following tools will work BEST to fix this issue? Answer format chkdsk Correct Answer: bootrec diskpart Explanation To fix a Master Boot Record (MBR) error, run the bootrec /fixmbr command. You could include other switches as well to further repair the boot sector or rebuild the entire boot configuration data. diskpart is a disk partition utility. format is a command that formats a drive, which erases all data on that drive. chkdsk can identify and correct file system errors and make sure that you can continue to load and write data from the hard disk. However, this command will not fix a problem with the MBR. 10) You are troubleshooting a Windows 11 system that won't boot. The system appears to initialize just fine, and POST completes correctly. However, Windows does not load, and an error message is displayed on the screen, indicating that the operating system is not found. You determine that the Master Boot Record (MBR) is corrupt. To fix the issue, you perform the following steps: Boot the system from the Windows 11 installation DVD. Access the Recovery Environment. Open a Command Prompt window. Enter the command that you should run at the Command Prompt to address this issue. ANSWER: bootrec /fixmbr
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Explanation The bootrec /fixmbr command writes a Windows-compatible MBR to the system partition. This command does not overwrite the existing partition table. Use this method when you need to resolve MBR corruption issues or when you have to remove non-standard code from the MBR. 11) One day, while trying to start your Windows 11 computer, the system displays the following error: Windows could not start. Could not read from the selected boot disk. Check boot path and disk hardware. Which of the following solutions will MOST likely fix the problem? Answer Boot into the Recovery Console and copy the NTLDR file to the boot volume. Correct Answer: Boot into the Recovery Environment and run the bootrec /rebuildbcd command. Boot into the Recovery Console and run the fixmbr command on the boot volume. Boot into the Recovery Console and run the bootcfg /rebuild command. Boot into the Recovery Environment and restore to a restore point. Explanation This specific error message is generated when a system cannot find the partition specified in the BCD database (where the operating system files are located). For example, the database might point to the D: drive for the operating system files, but that drive may not exist. Run bootrec /rebuildbcd to rebuild the boot loader database with a list of valid operating system locations. The bootcfg /rebuild and fixmbr commands were used in early versions of Windows. Reverting to a restore point or copying the NTLDR file will not fix the damaged boot files in this scenario. 12) Which of the following is a troubleshooting step to try when troubleshooting application conflicts? Answer Run System File Checker.
Restart services. Rename files in Registry Editor. Correct Answer: Check for application driver updates. Explanation Checking for application driver updates is the best solution. Also, checking for updates to the application itself and Windows are good troubleshooting steps during application conflicts. Restarting services is a troubleshooting step for boot problems. Running System File Checker is a troubleshooting step best suited for boot problems, the inability to open a file, unexpected shutdowns, and slow performance. Renaming files in the Registry Editor is a troubleshooting step for a corrupted Windows user profile. 13) Which of the following is the Not enough USB controller resources warning most often a result of? Answer Correct Answer: Plugging into a 3.0 USB port. An overheated hard drive. Plugging into a 2.0 USB port. Plugging into a USB hub. Explanation The Not enough USB controller resources warning typically happens when plugging into a 3.0 USB port because it is limited to 16 endpoint pairs. The Not enough USB controller resources warning rarely happens with a 2.0 USB port because it has double the capacity of a 3.0 USB port. Plugging into a USB hub should not trigger the Not enough USB controller resources warning because of a hub's large capacity. The Not enough USB controller resources warning would not come from an overheated hard drive.
14) Which of the following can an overheated hard drive cause? Answer USB controller resources warnings Incorrect boot order Time drift Correct Answer: System instability Explanation System instability occurs when a hard drive is overheated. USB controller warnings are related to the USB port's capability. Incorrect boot order is not caused by an overheating hard drive. Time drift is not caused by an overheating hard drive. 15) Which of the following is the No operating system found error likely caused by? Answer Time drift Correct Answer: Incorrect boot order Outdated applications Outdated drivers Explanation Incorrect boot order usually causes the No operating system found error. Outdated applications are not typically the cause of the No operating system found error. Outdated drivers are not typically the cause of the No operating system found error. Time drift is not a cause of the No operating system found error.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
16) Wendy had been searching the internet for a great deal on jewelry. While looking at one site, a pop-up was displayed that told her she had just been chosen as the winner of a nice prize. Being excited to win, Wendy clicked on the link provided to claim her prize. The next day, when Wendy tried to turn on her computer, her computer displayed the Blue Screen of Death (BSOD). After interviewing Wendy, you suspect that the pop-up she clicked on installed some malicious software that has caused her computer to lock up. Which of the following is the BEST place to begin repairing Wendy's computer? Answer Incorrect answer: Boot the computer from the Windows installation disc and run System Restore. Correct Answer: Boot the computer from the Windows installation disc and run Startup Repair. Boot the computer from the Windows installation disc and perform a clean installation of Windows. Boot the computer from the Windows installation disc and run Reset this PC. Explanation Although BSOD can be caused by many things, given the circumstances and your suspicion that malware may be the cause, you should first isolate Wendy's computer and then try to make her computer bootable by running Startup Repair. Startup Repair attempts to fix problems that keep Windows from loading. If this process fixes her computer, you would then take the proper steps to find and remove the malicious software that caused the issue in the first place. If the computer does not boot after completing the above, you can try to run a System Restore. This would recover your computer to a previous point, but all of the changes made after the restore point was created would be lost. If the restore process fails, you could then try to Reset the PC. Keep in mind that this step may get the computer running again, but it will remove all of the applications and settings. If this step does work, you must still check for malicious software that may be disguised as a personal file. If all else fails, a clean installation of Windows can be performed. And if a backup of Wendy's files are available, they can be restored. 17) Nathan, a long-time Mac user, has been using his Mac computer for some time now with no issues. Recently, however, he reported that his cursor turns into a pinwheel and he can't do anything. Which of the following would be the BEST first step for troubleshooting this issue? Answer
Install all available software updates. Correct Answer: Determine if the problem is caused by software or hardware. Update your firmware. Verify that your disk has enough free space. Incorrect answer: Disconnect all external devices except the keyboard and mouse. Explanation When troubleshooting system lockups, a good place to start is to determine if the problem is being caused by software or hardware. Once you know that you can narrow your troubleshooting steps further. All of the other options are valid ways to troubleshoot and fix problems causing a system lockup, but isolating the issue as a software or hardware issue is the first path to explore. 18) As you are working on your Windows 10 computer during a fierce thunder storm, lightning strikes the nearby transformer, and your office loses all power. Since your laptop's battery is dead, your computer instantly turns off. Once power to the building has been restored, you turn your computer on and notice that you are now getting a missing DLL error message. Which of the following tools is MOST likely to rectify this issue? Answer bootrec Correct Answer: sfc chkdsk defrag Explanation System File Checker (SFC) is integrated with Windows Resource Protection, which protects registry keys and folders as well as critical system files. If any changes are detected to a protected system file, the modified file is restored from a cached copy located in the Windows folder itself.
The chkdsk (check disk) command checks the hard drive for errors, such as read errors and other storage related errors. If errors are found, chkdsk has the ability to try to fix these errors and repairs corrupted or missing DLL files. The defrag command lets you defragment your hard disk, but it does not fix missing DLL files. The bootrec command, or the bootrec.exe utility, is a tool provided by Microsoft in Windows Recovery Environment, or the Windows RE. It is typically used to troubleshoot boot issues and is capable of fixing such things as the mater boot record, the boot sector, and the Boot Configuration Data (BCD) store. 19) Which of the following is the BEST step to try first when troubleshooting a Windows operating system problem? Answer Implement Startup Repair. Correct Answer: Reboot the system. Restart services. Incorrect answer: Run a malware scan. Explanation Rebooting is always the first step to try when troubleshooting an operating system error. Rebooting can clear the RAM, end tasks, allow the computer to cool down, and restart an interrupted update. Startup Repair is a tool that fixes damaged or missing system files, which can stop the boot process. While helpful for boot problems, it's always best to try rebooting first. Restarting services, which are low-level tasks that run in the background, can help with problems caused by certain services that are not functioning properly. However, it's best to try rebooting first. Running a malware scan is good to do to check for malware that may be corrupting your files, but it's best to try rebooting first. 20)You have been troubleshooting services on your system. Where is the best place to check to make sure that they are now running properly? Answer File Explorer
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Advanced Options Menu System File Checker Correct Answer: Event Viewer Explanation The best place to check to make sure that services are running properly is Event Viewer. If services are not working properly, you can find error codes in Event Viewer that you can use to further troubleshoot the problem. You cannot view a service's performance in System File Checker, the Advanced Options Menu, or File Explorer. 21) Your Windows OS starts to act strangely. You find out that there was a Windows automatic update three days ago. Which of the following would be BEST to try first to resolve the issue? Answer System Image Recovery Startup Repair Correct Answer: Uninstall the update System Restore Explanation Windows allows you to roll back to the time before a new update (within a short window of time). Simply uninstalling the update is the best choice. System Restore is a utility that allows you to revert the system back to a previously created restore point that does not change files like documents, photos, or email. System Restore is too extreme of a solution to try first. System Image Recovery is a utility that installs a complete image of the Windows system, including the settings, personal files, hardware drivers, and software from an external drive. System Image Recovery is too extreme of a solution to try first. Startup Repair is a utility that fixes damaged or missing system files, which can stop the boot process. Startup Repair is too extreme of a solution to try first. 22) Which of the following troubleshooting utilities scans the operating system
files and replaces corrupt files? Answer System Restore System Image Recovery Services Correct Answer: System File Checker Explanation System File Checker scans the operating system files and replaces corrupt files when possible. System Restore is a utility that lets you revert the system back to a previously created restore point. The Services app lets you control the services that run on your operating system. System Image Recovery is a utility that installs a complete image of the Windows system, including the operating system, settings, personal files, hardware drivers, and software. 23) You want to make sure that you always have the latest patches installed on your workstation for an order entry application created by the DataComLink corporation. What should you do to ensure this? (Select two.) Answer Correct Answer: Configure the application to automatically download and install updates as they are released. Correct Answer: Check the DataComLink website regularly for patches and updates to the software. Configure Windows Update to download and install updates automatically. Incorrect answer: Download any patches from the company as you are notified of them. Configure Windows Update to download updates for other Microsoft products when Windows is updated.
Explanation The best way to make sure that an application is up to date include the following actions: Manually check the manufacturer's website regularly for software updates. Configure the application to automatically download and install updates as they are released. Most software companies do not contact you directly when updates are released. Windows Update only works for Microsoft products and some critical driver files. It will not update third-party software. 24) You have just installed the latest Windows updates on your Windows 11 computer. After the computer has rebooted, you get the following error message: Error: Windows failed to start. A recent hardware or software change might have caused the issue after you installed Windows updates. Because your computer won't start, you have booted your computer into the Advanced Options section of the Windows 11 recovery environment (see image below). While troubleshooting this issue, which of the advanced options would be the BEST to try first? System Image Restore System Image Correct Answer: Startup Repair Command Prompt Startup Settings Explanation The Startup Repair option scans your PC for problems like missing or damaged system files. It can't fix hardware issues or Windows installation problems, but it is the best first place to start if you are experiencing trouble booting into Window. System Restore lets you restore your computer back to a previous restore point. Although this may work, it will undo any change you have made since the last restore point was created. Therefore, it is best to try the Start-up Repair option first. System Image Recovery erases all of the data on your drive and replaces it with an image of Windows, which you must create prior. This would fix your issue, but you would lose any changes made to your computer after the image was created.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
If you are experienced in command-line troubleshooting tools, the Command Prompt option may be of use. However, using this method, you must know the command to use. No menu options are provided. Selecting the Startup Settings option will restart your computer and bring up Startup Settings, a menu full of various special ways to boot to Windows, including Safe Mode. Attempting to boot to Safe Mode is a valid method, but will most likely fail in this scenario, as the installation of the Windows update has probably corrupted or inadvertently deleted a critical file required for booting. 25) While running a presentation editor on your Windows 11 laptop, your computer locks up. When you try powering on your computer, Windows 11 will not start. Which of the following tools should you use FIRST to try and resolve the issue? Answer Restore Files Backup and Restore Correct Answer: Startup Repair Incorrect answer: Recovery Drive Explanation Startup Repair is the first step you should attempt when trying to repair your Windows 11 operating system. The utility will go through and look at all of your startup files, the files that are needed to get Windows up and running, see if there's a file that's missing, any files that are corrupt, files that have been altered by malware, or anything else like that. It will then replace the bad files with a known good copy. If you purchased your system from a major PC manufacturer, it might include a recovery partition (drive) on the hard drive. However, the recovery drive normally restores a Windows image, which erases the hard drive. While this approach can fix the issue with the operating system, it will also remove any user data or installed applications (which is not a good first step in resolving the issue). You can use Backup and Restore to create an image for a full backup of your drive. However, you may lose important user data or installed applications since the last image. The best first step in this scenario is to try and repair the operating system. Restoring files focuses on recovering previous versions of files. It does not perform any maintenance or repair on the operating system. 26) What tool can you use to create a full system image of your Windows drive? Answer
System Repair Incorrect answer: Recovery drive Correct Answer: Backup and Restore Windows Installation Media Explanation The Backup and Restore option can be used to create an image of a Windows 11 computer. A system image creates a full backup of your drive. Although they serve as recovery tools, the recovery drive, system repair, and installation media will not provide a full system image. 27) You have recently purchased a Windows 11 laptop and have just installed several applications, including a graphics editor. Using the application, you have edited several images that you need to send to a company executive for a presentation. However, you are experiencing problems using the application and are deciding whether or not to use the Reset this PC option to remove the application and try re-installing it. What can you expect to happen if you use this option? (Select two.) Answer Correct Answer: The laptop will be reset to the factory defaults. All your edited images will be removed. You can choose to remove only the graphics editor. Correct Answer: You are given the choice to keep your edited images. Incorrect answer: The laptop will be reset to the last restore point. Explanation When you use the Reset this PC option, Windows resets itself to its factory default settings. However, you are given the option to keep your files (such as the edited graphics) or remove everything (including the graphics files).
Reset this PC does not allow you to manage or select a restore point. All your installed apps and configured settings will be removed, including the graphics editor. 28) You are an IT technician for your company. Fred calls you to complain that every time he opens his internet browser, the default home page has been changed to a site he is not familiar with. You suspect this change is being caused by a malware infection on his system. However, after you run antimalware and antivirus software on Fred's system, it is still having the same issue. Which of the following would be the next BEST way to remove the malware? Answer Incorrect answer: Perform an image deployment from a backup image to restore Fred's computer to a known good point. Purchase a new disk and deploy a backup image of Windows. Format Fred's disks and perform a clean installation of the operating system. Correct Answer: Restore Fred's computer back to a previous restore point. Explanation Although all of the options could remove the malware and virus, the best first step is to try to restore the computer back to a restore point prior to the infection. If the infection has been included in all of the restore points, the next best thing would be to restore the drive using a good image that contains the operating system and the programs and files required by your company. 29) Micka, a tech-savvy employee, tried to upgrade her computer from Windows 10 to Windows 11 from the internet. Something went wrong during the upgrade, and Micka's computer will no longer boot to Windows. She has brought her computer to the IT department for you to repair. You have tried to repair the computer, but you are unable to get it to boot to Windows. Which of the following methods would be the QUICKEST way to get Micka's computer back to its original Windows 10 operating system? Answer Incorrect answer: Connect her computer to your external flash drive and install Windows 10 from the
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
data it contains. Download and reinstall Windows 10 from the internet. Correct Answer: Restore her system using the recovery partition. Using the Windows 10 DVD, perform an upgrade. Explanation The recovery partition contains a Windows 10 factory image as it came fresh from the factory, including all of the correct drivers for its devices. Her system can be recovered using this partition, but all of her data will be lost. Since the original installation of Windows 10 was corrupted during the upgrade process, trying to do an upgrade from the source DVD will not detect the old operating system, and it will fail. It would take more time to download and manually install than restoring the image from the recovery partition. Reinstalling Windows using the DVD or an external flash drive would be time- consuming and may require additional steps to download and install the drivers required. 30) To protect a Windows 11 system, you've configured System Restore to automatically protect your system using restore points. Will this adequately protect the user data on the system? Answer Yes. The user data is protected. No. You need to implement a RAID 0 array to protect your data. No. You need to enable Storage Spaces. Correct Answer: No. You need to enable File History. Explanation You also need to create a backup of your user data. You can do this using the File History or Backup and Restore (Windows 7) features. Storage Spaces is used to aggregate available storage space from multiple storage devices in the system.
A RAID 0 array does not provide data redundancy. 31) System Restore is currently disabled for all volumes on a Windows 11 system. You need to enable System Protection for the C: volume. Click the option you would select to do this. Explanation To enable system protection in this scenario, you would select the C: volume from the Available Drives list and then click Configure. The System Restore option is used to revert the system to an existing restore point. The Create option is used to manually create a restore point. However, this can't be done until System Protection is first enabled on the volume. The Advanced tab is used to manage advanced system settings, such as visual effects and virtual memory. 32) To protect user data on a Windows 11 system, you've configured System Restore to automatically create restore points for the C: volume. Given that your user profile data is stored in the default directory (C:\Users), will this strategy adequately protect your users' data? (Select two.) Answer No. You need to implement a RAID 0 array to protect your data. Correct Answer: No. You need to enable File History. Yes. Your workstation data is protected. Correct Answer: No. You need to create a backup of your user data as well. Yes. All user profile data will be restored. Explanation Using restore points alone is an incomplete strategy for protecting user data. You should also use Backup and Restore (Windows 7) in Control Panel to back up user data or enable File History. This is because System Restore on Windows 11 maintains restore points for applications, device drivers, or patches installed since the restore point was taken. However, user data is not affected (include the user profile) by restore points. It remains the same. A RAID 0 array does not provide data redundancy. 33) Which of the following are the FIRST settings you should check if you suspect
that a malware attack has impacted your internet connection? (Select two.) Answer Internet Connection Sharing settings VPN settings BIOS settings Correct Answer: DNS settings Correct Answer: Proxy settings Explanation The two recommended settings you should check first are proxy and DNS settings. Adjusting the proxy settings can redirect the user to another location where the attacker can then integrate penetration tools to find vulnerabilities. A DNS server can be reconfigured to take a user outside the network and on to a similar web page. BIOS, VPN, and Internet Connection Sharing settings are much less likely to be altered by a malware attack. 34) An employee calls to complain that their browser keeps opening up to a strange search engine page, and a toolbar has been added to their browser. Which of the following malware issues are MOST likely causing the problem? Answer Incorrect answer: Internet setting issues Altered file issues Internet connectivity issues Correct Answer: Software issues Explanation Software issues can result in a browser opening to a strange search engine page and unwanted toolbars.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Internet settings and connectivity issues result from a malware attack changing settings in your system. These problems do not normally result in an unwanted search engine page or toolbar. Altered file issues normally deal with an attacker moving, copying, and deleting files or changing file permissions. These alterations do not normally result in an unwanted search engine page or toolbar. 35) While browsing the internet, a pop-up browser window comes up, warning you that your system is infected with a virus. You are directed to click a link to remove the virus. Which of the following are the BEST next actions to take? (Select two.) Answer Click on the link provided to scan for and remove the virus. Correct Answer: Update the virus definitions for your locally installed anti-malware software. Correct Answer: Run a full system scan using the anti-malware software installed on your system. Use an online search engine to learn how to manually remove the virus. Close the pop-up window and ignore the warning. Explanation This scenario is an example of a rogue antivirus attack. As such, you should assume that your system has been infected by some kind of malware, possibly by one of the sites you visited recently. You should first close your browser window and then update the virus definitions for your locally installed antivirus software. Next, you should run a full system scan using the antivirus software installed on your system. Clicking on the link provided would be the worst choice, as it will most likely install a host of other malware on your system. Ignoring the message is unwise, as your system has probably been infected with malware at that point. You should not try to manually remove the virus, as the message displayed by the rogue antivirus attack is probably fictitious. 36) s been receiving error messages, indicating that some of her Windows system files are corrupt or missing. To fix this issue, you ran the Windows System File Checker tool (SFC.exe).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Shortly after the files were repaired, Vivian called again because she is still having the same issue. You now suspect that a corruption or a renaming of the system files is being caused by malware. Which of the following is the FIRST step you should take to remove any malware on the system? Answer Correct Answer: Disconnect Vivian's computer from the network. Perform a scan using anti-malware software. Back up Vivian's critical files and perform a clean install of Windows. Disable System Restore. Explanation When you suspect that a computer may be infected with malware, you should immediately disconnect (quarantine) the computer from the network to prevent propagation of the malware. After the computer is isolated, you can back up the computer and begin to remove the malware by using a virus removal program (anti- malware software) in Safe Mode. Disabling System Restore does not further any removal of malware. Backing up an infected computer and performing a clean install of Windows does not resolve any issues with Vivian's critical files, and it does not prevent any future issues with malware. 37) Which of the following terms describes a Windows 11 operating system patch for a desktop that targets a specific problem and is released on a short-term, periodic basis? Answer Service pack Windows as a Service Correct Answer: Hotfix Targeted software patch
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Explanation A hotfix is an operating system patch that targets a specific problem. A targeted software patch helps describe what a hotfix does, but it is not a type of Windows OS update. Service packs included a collection of hotfixes and other system updates, but were discontinued after Windows 7. Windows as a Service is the approach Microsoft introduced with Windows 10 to deploy, update, and service the operating system. However, it is not a type of update that targets a specific problem. 38)What is the minimum amount of free space recommended for updating a 64-bit machine? Answer 64 GB 16 GB Incorrect answer: 32 GB Correct Answer: 20 GB Explanation You should have at least 16 GB of free space to update your 32-bit machine, or 20 GB of free space to update your 64-bit machine. 39) Which of the following should you do FIRST when you suspect a malware infection? Answer Run a deep malware scan. Incorrect answer: Quarantine the infected system. Disable Windows System Restore. Correct Answer: Investigate and verify the malware symptoms.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Explanation When you suspect a malware infection, you should investigate and verify that the symptoms are not from other causes before taking further steps. Perform the other options after you have investigated and verified the symptoms. 40) Which of the following is a feature of a sheep dip computer? Answer Correct Answer: Has port monitors and file monitors. Incorrect answer: Requires a WinPE image to boot. Only boots into Safe Mode. Has malware preinstalled for analysis. Explanation A special computer that is designed for malware analysis is known as a sheep dip computer. A sheep dip computer has the following characteristics: Is isolated from the network. Has port monitors, file monitors, and anti-malware software. Is used to analyze malware infections and clear the infections. None of the other options are features of a sheep dip computer. 41) You are troubleshooting a malware infection. As part of the remediation process, you have used a USB drive to boot into a lightweight version of Windows. Which of the following did you MOST likely boot into? Answer Safe Mode System Restore Sheep dip computer Correct Answer: WinPE Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
In this scenario, you have most likely booted into a WinPE environment. A Windows Pre-Installation environment (WinPE) is a lightweight version of Windows that boots from a USB drive and is typically used to help deploy Windows in an enterprise environment or to troubleshoot Windows issues. Safe Mode boots Windows with the minimal drivers and applications. Safe Mode is not what was described in this scenario. System Restore is used to roll Windows back to a previous image. System Restore is not what was described in this scenario. A sheep dip computer is a special computer that is used for malware analysis and remediation. A sheep dip computer is not what was described in this scenario. 42) You have been tasked with removing malware from an infected system. You have confirmed that there is an infection, and you continue running scans and removing the malware, but every time the system is rebooted, the malware comes back. Which of the following should you do to help prevent this from happening? Answer Boot into Safe Mode Incorrect answer: Quarantine the system Correct Answer: Disable Windows System Restore Use a different anti-malware program Explanation The first step in the remediation process is to disable Windows System Restore. Many malware programs embed copies of themselves in the System Restore files so that if the computer is rebooted or a System Restore is attempted, the malware simply reinfects the machine. By disabling System Restore, the malware copy is removed and should not be able to reinfect the system. Malware scans should be done in Safe Mode, but booting into Safe Mode will not prevent the malware from reinfecting the system upon a reboot. Quarantining the system will not prevent the malware from reinfecting the system upon a reboot. Using a different anti-malware program does not solve this problem. 43) After a malware infection has been fully remediated, you should re-enable System Restore and run a full system backup. Which of the following is the BEST place to save this backup?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Answer In the cloud On the main hard drive on your computer Correct Answer: On an external drive On the secondary drive on your computer Explanation After your computer has been cleared of a malware infection, perform a full system backup and save it to an external drive. While a backup can be saved to the cloud, it's recommended to save the backup to an external drive so that the backup can be easily accessed and restored if needed. Never save the backup to any drive inside of your computer. 44) You are troubleshooting a malware infection. You have run multiple anti-malware scans, but remnants of the malware remain on the system. Which of the following is your NEXT step? Answer Format and reinstall Windows. Replace the hard drive. Continue running anti-malware scans. Correct Answer: Manually remove any files or Registry keys. Explanation Even after running anti-malware scans, remnants of the malware may remain. Do research to determine if specific files, Registry keys, or settings need to be manually taken care of. If you have run multiple anti-malware scans, running more will not make a difference unless other steps are taken. Formatting and reinstalling Windows is the absolute last option if malware cannot be removed. In this scenario, there are still some additional steps to take.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Never replace the hard drive because of a malware infection. 45) After upgrading to the newest version of Windows, an important application is no longer running. Which of the following is the BEST option for troubleshooting the problem? Answer Stop Windows Defender from checking apps. Install an antivirus program to prevent malware interference. Correct Answer: Enable Hyper-V to run the program on the previous version. In Control Panel, uncheck the box next to Block all incoming connections, including those in the list of allowed apps. Explanation If an application stops running after upgrading to a newer version of Windows, the issue most likely is a compatibility one. So enabling Hyper-V to create a virtual machine and then using the previous version of Windows to run the program would be the best option. Unchecking the box to Block all incoming connections, including those in the list of allowed apps is a firewall issue, not a compatibility issue. Doing so will not likely solve the problem. Installing an antivirus program will not solve a compatibility issue. Stopping Windows Defender from checking apps will not solve a compatibility issue. 46)Your company is creating a financial application that you want to first test on mobile devices. Several customers have asked to be part of the beta testing process. What do the employees need to do on their mobile devices in order to be able to participate in the beta test? Answer Correct Answer: Turn on Developer Mode. Enable authentication on their mobile devices.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Install and use a password manager. Jailbreak their mobile devices. Explanation Developer Mode is made for software companies and manufacturers to be able to create and test applications and features on mobile devices. Jailbreaking a mobile device unlocks all the features and capabilities of that device. Doing this is not required for testing an application from a trusted source. While enabling authentication and having a password manager on your mobile device are both good practices, they are not normally required to participate in a beta test of an application. 47) You have just visited a website on your mobile device when your web browser locks up, and you receive a warning that your device has a virus. You are given a phone number to call to remove the virus. Which of the following describes the type of malware symptom that you are MOST likely experiencing? Answer Increased data usage Connectivity issue Spoofed application Correct Answer: False security warning Explanation Just like a normal desktop system, a mobile device can be the victim of a site that falsely purports to know that a virus was installed (the site might even lock your browser). These are false security warnings that will have address links or a phone number to call. Connectivity is another malware symptom that results in sluggish performance. It may be because an application is leaking data and using all of its bandwidth to constantly transmit its own signal. But there is usually no warning message displayed like the one described in the scenario. If you are experiencing an increased amount of data, this could be a telltale sign that there is an application broadcasting data without permission. But there is usually no warning message displayed like the one described in the scenario.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Spoofed applications are a type of malicious software that appears to be a real program, but is actually a security threat.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

5-3 quiz.docx
SEC310 Project Module 2 - Pietro Mariano.docx
IDS-400 3-2.docx
IDS-402 1-2.docx
Security.txt
Operating Systems.txt
Lab 9 - Security Policies - Navigating OS.docx
Lab 2 - Installing the Security Workstation Virtual Machine (Kali Linux).docx
IS731 Report 2.docx
IS731 Report 1.docx
battery-recycler-lab-exercise.doc
Ind. Final-Fall Reflection Project 2 Final .pdf