A user reports that a workstation is operating sluggishly Several other users operate on the same workstation and have reported that the workstation is operating normally. The systems administrator has validated that the workstation functions normally. Which of the following steps should the systems administrator most likely attempt NEXT?
Correct Answer:
C
Since the systems administrator has validated that the workstation functions normally and other users operate on the same workstation without any issues, the next step should be to rebuild the user’s profile. This will ensure that any corrupted files or settings are removed and the user’s profile is restored to its default state.
Which of the following combinations meets the requirements for mobile device multifactor authentication?
Correct Answer:
C
Mobile device multifactor authentication (MFA) is a method of verifying a user’s identity by requiring two or more factors, such as something the user knows (e.g., password, PIN, security question), something the user has (e.g., smartphone, OTP app, security key), or something the user is (e.g., fingerprint, face, iris)12. The combination of fingerprint and password meets the requirements for mobile device MFA because it uses two different factors: something the user is (fingerprint) and something the user knows (password). The other combinations do not meet the requirements because they use only one factor: something the user knows (password or PIN) or something the user does (swipe). References1: Set up the Microsoft Authenticator app as your verification method2: What is Multi-Factor Authentication (MFA)? | OneLogin
Following a recent power outage, several computers have been receiving errors when booting. The technician suspects file corruption has occurred. Which of the following steps should the technician try FIRST to correct the issue?
Correct Answer:
D
The technician should run the System File Checker (SFC) first to correct file corruption errors on computers after a power outage. SFC is a command-line utility that scans for and repairs corrupted system files. It can be run from the command prompt or from the Windows Recovery Environment. Rebuilding the Windows profiles, restoring the computers from backup, and reimaging the computers are more drastic measures that should be taken only if SFC fails to correct the issue1
A user connected a laptop to a wireless network and was tricked into providing login credentials for a website. Which of the following threats was used to carry out the attack?
Correct Answer:
B
Vishing, also known as voice phishing, is a type of social engineering attack where the attacker tricks the victim into divulging sensitive information over the phone. In this case, the attacker tricked the user into providing login credentials for a website.
Maintaining the chain of custody is an important part of the incident response process. Which of the following reasons explains why this is important?
Correct Answer:
C
Maintaining the chain of custody is important to control evidence and maintain integrity. The chain of custody is a process that documents who handled, accessed, or modified a piece of evidence, when, where, how, and why. The chain of custody ensures that the evidence is preserved, protected, and authenticated throughout the incident response process. Maintaining the chain of custody can help prevent tampering, alteration, or loss of evidence, as well as establish its reliability and validity in legal proceedings. Maintaining an information security policy, properly identifying the issue, and gathering as much information as possible are not reasons why maintaining the chain of custody is important. Maintaining an information security policy is a general practice that defines the rules and guidelines for securing an organization’s information assets and resources. Properly identifying the issue is a step in the incident response process that
involves analyzing and classifying the incident based on its severity, impact, and scope. Gathering as much information as possible is a step in the incident response process that involves collecting and documenting relevant data and evidence from various sources, such as logs, alerts, or witnesses. References:
✑ Official CompTIA learning resources CompTIA A+ Core 1 and Core 2, page 26
