Module 1 / Unit 1 / Common

Computing Devices

Module 1 / Unit 1 / Common Computing Devices

1) True or false? All types of computers use CPU and system memory.

a) True.

2) What type of computer is most likely to need peripheral devices?

a) Desktop computer—you could also call this a Personal Computer

(PC) or a workstation. An All-in-one PC also uses peripheral
devices, with the obvious exception of a monitor.

3) What type of computer is best suited for using in a job where you have to
make notes and be able to move around easily?

a) A tablet or smartphone or possibly a hybrid laptop/tablet. Note-

taking is supported by a touchscreen-based device.

4) Why don't laptops make good servers?

a) There is no room for expansion and you are paying for

components and design (maximum portability) you do not need.

5) Why isn't a smartphone a good tool for writing a report?

a) Touchscreen or mini keyboards are not optimized for writing lots

of text, though it is possible to attach them as peripheral devices.

6) What type(s) of IoT appliance are less likely to be controlled via a home
automation hub?

a) Modern cars and medical devices are unlikely to interface via a

hub. Home automation hubs link to kitchen and domestic
appliances, streaming media players, and potentially security
systems.

Page 1
Module 1 / Unit 1 / Common Module 1 / Unit 2 / Using a Workstation
Computing Devices

1) What should you do before attempting to set up a new computer system?

a) Verify that the environment is suitable and that the installation will
be safe.

2) When setting up a desktop computer, what factor should you consider

when deciding on the location of the system case?

a) You do not want to leave trailing wires over walkways so you need
to consider the position of power outlet(s) and where peripheral
devices will be placed. You also want to ensure adequate air flow
around the system unit.

3) What factors should you consider when positioning input and output
devices?

a) Ensure that they can be used without exerting strain, especially on

the arms/wrists and back/neck. Ensure that cabling is not a trip
hazard. Avoid locations that cause excessive screen glare.

4) You have to sign in to Windows—does it matter if the CAPS LOCK light on

the keyboard is activated?

a) Yes—passwords are case-sensitive.

5) You have to open a word processing application but you cannot see an
icon on the desktop. What should you do?

a) Look for the shortcut in Start Menu or Start Screen—not all

programs add shortcuts on the Desktop.

6) Your colleague has to run many applications at the same time and finds it
difficult to know which icon to choose when switching between them. What
alternative method could you suggest?

a) Press Alt+Tab—this shows previews of the window. Windows can

also show previews of the window contents when pointing at the
taskbar icon.

7) Your colleague is using a laptop and you notice that he laboriously clicks
the mouse repeatedly to scroll through the document you are co-editing.
What technique could he use to be more productive?

a) Use the mouse scroll wheel (or if it doesn't have one drag the
scroll button in the scroll bar).

Page 2
Module 1 / Unit 3 / Using an OS Module 1 / Unit 3 / Using an
OS

1) What function of an operating system is performed by the "shell?"

a) Interface between the user and the computer.

2) What type of file in an OS is the main means of providing coordination of

hardware components?

a) A driver (or device driver).

3) What is an example of an open source operating system?

a) Linux, Chromium, or Android.

4) What type of computing device(s) is macOS designed for installation on?

a) Desktop computers/workstations and laptops.

5) True or false? Windows 10 is the first 64-bit edition of Windows.

a) False—Windows 10 is better described as a version than edition

and there have been 64-bit editions of Windows versions since
Windows XP.

6) You have to open a file located on a network server. What should be your
first step?

a) Open the Network object from Explorer and locate the server
(computer) hosting the file.

7) What is the technical term for a web address?

a) Uniform Resource Locator (URL). In fact, Uniform Resource

Identifier (URI) is now preferred in web standards documentation
but URL is more widely known and used.

8) What key combination can you use to force the browser to ignore any
locally cached files when refreshing a page?

a) Ctrl+F5.

Page 3
Module 1 / Unit 1 / Common Module 1 / Unit 4 / Managing an OS
Computing Devices

1) What is the registry and how does it distinguish Windows and Linux?

a) The registry is a database of configuration settings supporting the

Windows OS. Linux uses individual text files to store settings.

2) What term is used to describe terminating a process that is not responding

to user input?

a) This is often called "killing" the process.

3) Why might you use the Services snap-in to manage background processes
rather than Task Manager?

a) Task Manager allows you to start and stop services but the
Services snap-in also allows you to configure service properties.

4) The Task Scheduler allows you to run a process automatically in Windows.

What is a widely-used Linux equivalent?

a) cron is widely used to run tasks automatically in Linux.

5) What part of the system memory setup is most user-configurable?

a) Use of virtual memory or a pagefile, where disk space is used to

supplement system RAM.

6) What two things are configured on a disk to make storage space on the
disk available to the Windows OS?

a) The disk must contain at least one partition, typically allocated a

drive letter, and the partition must be formatted with a suitable file
system.

7) What is a CLI?

a) A Command Line Interface allows the user to interact with the OS

using typed commands or scripts rather than a GUI.

8) What protection feature in Windows is designed to prevent a script or

software from making unauthorized changes to the OS configuration?

a) User Access Control (UAC). UAC means that the user must input
their credentials or click through an authorization prompt before
the configuration change can be made.

9) True or false? A standard user cannot change their own password.

a) False—ordinary users can change their own password but cannot

change anyone else's.

Page 4
Module 1 / Unit 5 / Troubleshooting and Support Module 1 / Unit 5 /
Troubleshooting and
Support
1) You are advising a colleague about best practices when troubleshooting.
You have identified the following techniques to use to identify a problem:
gather information, duplicate the problem, question users, identify
symptoms, and approach multiple problems individually. If you are
following CompTIA's troubleshooting model, what other piece of advice
should you give?

a) Determine if anything has changed—this is one of the most useful

troubleshooting techniques.

2) You have asked a senior manager to authorize your plan of action for
resolving a fault in a software application. What name is given to the
process you are following?

a) This is escalating the problem. You might escalate a problem to

more experienced staff or seek help with a solution plan that is
beyond your authority to put into action.

3) You are setting up a new computer, but it doesn't seem to be working.

Should you check anything or contact the manufacturer?

a) It would be best to double-check you have connected the cables

correctly (especially power).

4) Your computer locks up periodically and feels hot to the touch. Could these
things be related?

a) Yes, many lockup problems are caused by overheating. The first

step would be to clean the fan exhaust vents of dust.

5) What crucial piece of information would you need when trying to locate
support information about a computer system on the manufacturer's
website?

a) The model number or a service code.

6) If you do not have a support contract, what is likely to be the best option for
obtaining advice about a problem with an application?

a) A product support or community forum.

7) You are looking for content on a topic but your search is returning millions
of matches that are not particularly helpful. What two methods could you
use to get better search results?

a) Use more search keywords (ideally with 'uncommon' words) or

search for an exact phrase by enclosing it in quotes.

8) You want to find something on a particular website, but the site does not
have a search tool. Could you use a general search engine, and if so,
how?

a) Yes—you use an advanced search form or use the site: operator

(for example 'certification site:comptia.org'). Page 5
Module 1 / Unit 1 / Common Module 2 / Unit 1 / Using Data Types and Units
Computing Devices

1) Which notation system supports presenting the largest numbers using the
fewest digits: Binary, Decimal, or Hexadecimal?

a) Hexadecimal. Each hex digit can store 16 bits of information. A

single decimal digit stores 4 bits while binary obviously stores 1
bit.

2) What is the decimal number 75 in binary and hexadecimal?

a) 0100 1011 in binary and 4B in hex. Hex notation is often indicated

using 0x to precede the hex digits, so you may see this written like
0x4b. To work out the answer without a calculator, write out the
place values for each notation system. For binary you'd have
columns for 64, 32, 16, 8, 4, 2, and 1 and put a 1 in each column
you need to add up to 75 and a 0 in the others. For hex you only
need 16 and 1 (75 divided by 16 is 4 remainder 11, which is
represented as "B" in hex).

3) Which data type provides for whole numbers only?

a) Integer.

4) What is the difference between the char and string data types?

a) Char stores a single textual character in a fixed length field

(typically 1 byte). A string is a variable length field for storing a
sequence of characters.

5) Which data representation format can encode the widest range of

characters?

a) Unicode can represent millions of characters (glyphs). ASCII's 7-

bit data structure can only support 128 characters, some of which
are non-printable control characters.

6) What type of legal protection could be obtained for a novel software

algorithm?

a) Patent provides the best protection as it can enforce ownership

even if someone tries to write the algorithm in a slightly different
way. Software code is often protected both by patent and by
copyright however.

7) What data protection technology could you implement in order to restrict

the type of activity that users could employ on digital products that they
have purchased or rented?

a) Digital Rights Management (DRM).

8) What part of the process of data analytics is most closely supported by

meaningful reporting?

a) Insights are the "end product" of the analytic process. Humans

Page 6 need a suitable reporting format to make best use of insights.
Module 2 / Unit 2 / Using Apps Module 2 / Unit 2 / Using
Apps

1) What compatibility information should you confirm before installing a

software application?

a) That it works with the version of Windows that you have and that
your computer meets the system (hardware) requirements.

2) Following installation of a program written for an older version of Windows,

you receive an alert that it might not have installed correctly. What feature
could you use to make the program run correctly?

a) Use the program's Compatibility tab to use settings for the older
Windows version.

3) Why would Windows prompt you to enter a password if you try to install a
software application?

a) Installing an application requires administrator privileges and is

an action protected by User Account Control. If you were logged
on as an administrator already, you might have to enter the
password on a domain; if you were logged on as an ordinary user,
you would have to enter the administrator's user name and
password.

4) Windows comes with web server software but it is not enabled by default.
How would you install this software?

a) Use the Turn Windows features on or off dialog from Programs

and Features.

5) Following installation of an application, another program on your computer

has stopped working. What could you do to try to fix it?

a) Try using the Repair option in Programs and Features (if available)
or re-installing the program.

6) Why might one of your first tasks on receiving a new computer be to

remove software applications?

a) The computer may be bundled with pre-installed software that you

do not want.

7) In order to obtain support, the software vendor wants to know the

application's product ID. How would you locate this information?

a) Usually via the Help > About menu.

8) What is the difference between freeware and open source software?

a) Open source means that the programming code used to design

the software is also made available (and you must make it
available in turn if you sell or distribute any part of it). Freeware
means the software product costs nothing to use but this does not
mean that the code is made available too or that you could modify
the software and distribute it yourself. Page 7
Module 1 / Unit 1 / Common 9) What type of software would you use to configure a server by connecting to
Computing Devices
it over the network?

a) Remote Desktop.

10) What type of software manages tasks, dependencies, and timelines?

a) Project management software.

Module 2 / Unit 3 / Programming and App Development

1) What shows the structure of code without using the specific syntax of any
one language?

a) Pseudocode.

2) What is an interpreted language?

a) Interpreted languages do not need to be compiled. They run within

the context of an interpreter which converts the code to machine
code during runtime.

3) How is a markup language differ from a compiled language?

a) Markup doesn't provide instructions for the CPU to run as such.

Markup is a way of using nested tags within a document to
describe its structure and contents.

4) What are constants and variables examples of?

a) Programming identifiers.

5) What type of programming concept allows for a variable size container?

a) A vector is a variable size container while an array is a fixed size

one.

6) You want to check whether a condition has been met, and if it has, perform
one action. Otherwise, you want your program to perform a second action.
What sort of programming operation would help achieve this?

a) A conditional branch, such as an If…Then statement.

7) In a program, what does a loop do?

a) A loop performs one or more instructions until (or while) a

condition is met.

8) What is the difference between a procedure and a function?

a) A procedure does something while a function does something and

then returns a value to the main program.

9) What three things define an object?

Page 8 a) Properties, attributes, and methods.

 10) What three scripting options are commonly used in Windows 10 to perform Module 2 / Unit 4 / Using
Databases
administrative tasks?

a) Batch files, Windows PowerShell scripts, and VBScripts.

11) True or false? You do not need to install a web application to your
computer; it would be accessed via a browser.

a) True.

12) What is the advantage of a local network hosted application, in terms of

data storage?

a) If data is stored on the server not on the local workstation, it is

easier to apply access controls and to back it up.

Module 2 / Unit 4 / Using Databases

1) What are the structural elements of a database table?

a) Each table stores information about records (rows in the table) in

fields (columns in the tables).

2) What term is used to describe selecting and viewing information in a

database?

a) Query.

3) How does an RDBMS such as Microsoft SQL Server differ from Microsoft
Excel when used to store a dataset?

a) Excel is an example of a flat file system. These do not scale well,

and usually support a single user only. RDBMS platforms enable
many hundreds or thousands of users to connect concurrently,
and can support very large datasets. Also, an RDBMS can enforce
data types for each column and validate information entered as
fields and records.

4) What language is usually used to request data from an RDBMS such as

Oracle?

a) Structured Query Language (SQL) is used to query RDBMS-based

database platforms.

5) What is it that defines the relationship between tables in an RDBMS?

a) Each table contains a primary key whose value is unique for each
record in the table. A foreign table can use the value of a primary
key as a relation, storing the value in a foreign key field.

6) Give an example of unstructured data.

a) Images and text files and other document formats are

unstructured data.
Page 9
Module 1 / Unit 1 / Common 7) Give two examples of semi-structured data stores.
Computing Devices

a) Key/value pair databases and markup language document stores.

8) Is an INSERT statement an example of a definition or manipulation

language statement?

a) Manipulation language—it depends on the structure of a table

(columns, data types, and constraints) being established already.

9) You need a development environment with a library of database functions.

What type of interface are you using?

a) Programmatic access.

10) How can a client-server application architecture be described if there is the

potential for the structure of the application platform to be developed
further?

a) This could be described as a two-tier application. It could be re-

developed as a three-tier application by specifying presentation,
application, and data layers.

Module 3 / Unit 1 / System Components

1) What type of component provides persistent storage?

a) A mass storage device such as a Hard Disk Drive (HDD), Solid

State Drive (SSD), or flash memory. You could also mention
optical discs (CD, DVD, Blu-Ray).

2) What computer component is most restrictive in terms of determining

upgrade potential for a desktop computer?

a) The motherboard—it is difficult and expensive to replace.

3) True or false? A plug-in card is always required to support PC sound.

a) False—sound functions are often provided by the motherboard

chipset.

4) What is the main advantage of using a CPU in 64-bit mode?

a) Makes more system memory accessible. A 64-bit CPU and OS is

also required to run 64-bit applications, but there are not too many
of these yet. 64-bit software is more reliable and a bit faster than
32-bit software.

5) What is a typical speed for a modern CPU to run at?

a) Around 2 GHz; budget models might run as low as 1 GHz while the
fastest run up to about 3 GHz.

Page 10
 6) You want to purchase a computer with a fast graphics interface. What type Module 3 / Unit 2 / Using
Device Interfaces
of expansion slot should you look for?

a) PCIe x16—this is a type of PCI Express slot that uses 16 'lanes'.

Each lane can transfer 250 MBps (or 500 MBps for PCIe 2 and 1
GBps for v3).

7) What type of component provides a passive cooling solution?

a) A heatsink or heat spreader removes heat from the component by

convection with no power required. However, it is usually
necessary to cool the heatsink or heat spreader itself and this is
likely to require active cooling (a fan).

8) How would you access the system setup program on a PC?

a) Historically, by pressing the appropriate key during startup (ESC,

DEL, F1, F2, or F10). Modern PCs often use fast boot modes that
require some other means of booting to the firmware setup
program.

Module 3 / Unit 2 / Using Device Interfaces

1) True or false? Mice and keyboards must be connected to a computer via
PS/2 ports.

a) False—they are now much more likely to use USB or wireless

(Bluetooth or other RF) interfaces.

2) True or false? USB cables have the same connectors at either end.

a) Partly false—the connectors for the host (PC) and device use
different form factors (there are also normal size and mini or micro
device connectors). A new reversible Type C connector is starting
to be used however.

3) A user has two USB drives connected to her PC. She complains that when
she copies large files to both drives at the same time, it seems to take
much longer. Why might this be?

a) Bandwidth on the USB bus is shared between all devices.

4) You want to purchase a flat-panel monitor that can show widescreen

movies. You are considering models with native resolutions of 1400x1050
and 1920x1200. Which should you choose?

a) 1920x1200 as this is a widescreen format.

5) True or false? HDMI is the only type of display interface that supports High
Definition picture resolutions.

a) False—there is also DisplayPort and Thunderbolt and some DVI

formats also support HD resolutions.

Page 11
Module 1 / Unit 1 / Common 6) You are considering buying a new display device. The model you are
Computing Devices
considering accepts digital inputs only. Your computer's graphics adapter
has a blue port with 15 holes. Would this flat-panel be a wise purchase?

a) Probably not, as this connector is VGA, which supports analog

output only. It is possible to buy converters however.

7) You need to configure settings for an input device. What should be your
first step?

a) Open the Settings app or Control Panel.

8) A friend is asking for your help in using her computer. When he presses the
key marked @, a different symbol appears. What could be the cause?

a) The keyboard is set to use a UK layout—you can correct this

using the Language Bar.

9) What type of mouse would you recommend for someone who uses their
computer principally to play computer games and why?

a) Laser mouse—this registers cursor movements more quickly and

accurately.

Module 3 / Unit 3 / Using Peripheral Devices

1) Which Windows interface is used for advanced management and
troubleshooting of devices?

a) Device Manager is used to update drivers and obtain more

advanced troubleshooting information. The basic user interface is
either Devices and Printers or the device pages in the Settings
app, depending on the Windows version.

2) What do you need to know to connect to a device that is configured over

the network?

a) Typically the Internet Protocol (IP) address of its management

page. Some devices may use a name to locate the page instead.
You are also likely to be prompted for a user name and password.

3) True or false? If you want to configure the DPI of a display device, you
would do so via the Personalization app.

a) False—Dots Per Inch (DPI) or scaling is configured via Display

properties. Personalization is for configuring themes and the
appearance of the desktop.

4) You are configuring dual monitors positioned side-by-side. You want to

increase the amount of screen space available. Which multiple display
option should you set?

a) Extend the displays.

Page 12
5) You need to plug a microphone into a computer to make a recording. How Module 3 / Unit 3 / Using
Peripheral Devices
would you identify which jack to use?

a) The jack should be color-coded (pink). There may be an icon to

represent usage though. If neither is present, check the system
documentation.

6) What, if any, type of printer uses a fuser?

a) Laser printer—the fuser bonds the toner to the surface of the

paper using high heat and pressure.

7) What are the four inks used to produce color prints?

a) Cyan, Magenta, Yellow, and Black (CMYK).

8) What type of wired interface is a printer MOST likely to use?

a) Universal Serial Bus (USB).

9) You want to configure a printer to use both sides of the paper (duplex) by
default. You have alt-clicked the printer object—which command should
you select to proceed?

a) Printing preferences.

10) What basic command demonstrates that a printer is connected properly to

a computer and that its driver is installed correctly for Windows?

a) Print Test Page.

11) What function of a scanner would you use if you want to convert a letter
that someone has mailed to you into a computer-editable document?

a) Optical Character Recognition (OCR).

12) True or false? If your PC does not have a flash memory card reader, you
should be able to connect the camera itself to the PC over USB to copy
images off the card.

a) True—must cameras support USB connections.

Page 13
Module 1 / Unit 1 / Common Module 3 / Unit 4 / Using Storage Devices
Computing Devices

1) You have a motherboard that is designed for DDR2 memory that works at
a bus speed of 533 MHz. You have some DDR3 memory modules that also
work at a bus speed of 533 MHz. Are the modules compatible with the
motherboard?

a) No—DDR3 modules cannot be used in DDR2 slots.

2) Why can't you use memory modules designed for a desktop computer in a
laptop?

a) Laptops use a smaller form factor called SO-DIMM while desktops

use DIMMs.

3) A hard drive is rated at 10,000 RPM. What is the significance of this

statistic?

a) The number of revolutions per minute (RPM) is one of the basic

factors determining the speed of the drive. 10,000 rpm represents
good performance (15K rpm is the best available).

4) What type of connector would you use for an external hard drive to connect
to a Windows PC?

a) USB. Firewire, eSATA, or Thunderbird are also possible but not

nearly so popular. Most drives are now USB3 or USB3.1. Note that
you can plug a USB3 drive into a USB2 port, so long as you have a
USB3 device cable.

5) Your computer has 4 SATA ports. How many hard drives can be installed?

a) Four—each SATA port can be used to connect one drive.

6) True or false? A single layer Blu-ray Disc has greater capacity than a dual-
layer, double-sided DVD.

a) True—the capacity of a single layer Blu-ray disc is 25 GB

compared to 17 GB for a dual-layer, double-sided DVD.

7) What sort of device would you need to transfer data from a "Memory
Stick?"

a) Memory card reader/multi-card reader. Do note that Memory Sticks

are no longer in production so you could struggle to locate a
suitable reader.

8) What sort of device could you use to expand the storage capacity of a
smartphone?

a) Flash memory card.

Page 14
Module 3 / Unit 5 / Using File Systems Module 3 / Unit 5 / Using
File Systems

1) In Windows, you can access data via letter-labeled "drives." Do these

correspond exactly to physical disks?

a) Not necessarily in the case of hard disks, which can be configured

with multiple partitions, each of which can be assigned a drive
letter. Optical drives and flash memory cards cannot be
partitioned however.

2) What type of file system must the partition that Windows files are installed
on use?

a) NTFS.

3) What default installation folders contain system and application files that
should not normally be deleted or modified manually?

a) The 'Windows' and 'Program Files' folders.

4) What is the file path to the Documents folder for a user named "David,"
assuming Windows is installed to a hard disk with a single partition using
the default settings?

a) C:\Users\David\Documents

5) How is a Windows library different from a folder?

a) A library acts as a virtual folder by displaying the contents of

multiple folders, which could be located on different drives.

6) If you have made changes to a file and want to keep both the original file
and the modified version, what command should you use?

a) Save As.

7) Why should you be more careful about deleting files from a USB flash drive
than from the main hard drive?

a) The files will not be recycled so there is no possibility of retrieving

them if you change your mind (at least, not without using
specialist data recovery software).

8) What view options could you use to show files of a particular type sorted by
date?

a) Group the files by file type then sort by date.

9) What kind of data would you expect to find in a file with a TIFF extension?

a) This is an image file format.

10) What is a zip file?

a) A file archive containing other files in a compressed format.

Page 15
Module 1 / Unit 1 / Common Module 4 / Unit 1 / Networking Concepts
Computing Devices

1) What is a WAN?

a) A Wide Area Network (WAN) connects sites in different

geographic locations. WANs usually make use of
telecommunications and service provider networks rather than
being directly operated by the network administrators.

2) What is a packet made up of?

a) A packet consists of a number of fields contained within a header

section plus a payload. The payload could be a packet from the
protocol layer above.

3) What are the key features of a packet switching network?

a) Nodes within the network can perform a forwarding function,

allowing a packet to utilize any available path through the network.
This makes the network robust against link failures. If is beneficial
for the network to use small packets that are easy to re-send.

4) What protocol is usually used to provide logical addressing on networks?

a) Internet Protocol (IP).

5) What type of address identifies a network interface in the context of the

local network segment only?

a) A Media Access Control (MAC) address.

6) What type of device is used to transfer packets between different

networks?

a) A router.

7) Which protocol allows people to use names/labels to address network

resources rather than numeric addresses?

a) Domain Name System (DNS).

8) Which of the following parts of a web address is usually depends on a

name resolution service: protocol type, host location, file path?

a) The host location is usually represented by a Fully Qualified

Domain Name (FQDN), such as www.comptia.org, resolved to a
numeric IP address by DNS.

9) What does HTTP stand for?

a) HyperText Transfer Protocol (HTTP).

10) Which email protocol(s) are used to download messages from a mail
server?

Page 16
 a) Either Post Office Protocol (POP) or Internet Message Access Module 4 / Unit 2 /
Connecting to a Network
Protocol (IMAP).

Module 4 / Unit 2 / Connecting to a Network

1) What device is used to connect computers together in an Ethernet
network?

a) A switch.

2) What is the difference between a modem and a router?

a) A modem creates a serial link between two computers over some

sort of long distance media. It operates at the data link layer. A
router makes forwarding decisions between logical networks. It
does not need to take account of the framing and transmission
details—those are the responsibility of the modem (or of an
Ethernet switch or wireless access point). It just needs to know
that a particular logical network can be reached over one of its
interfaces. Most SOHO devices pack all these functions into a
single appliance but it is important to appreciate the differences
between the functions.

3) Can you list at least four Internet access methods?

a) Digital Subscriber Line (DSL), cable/Hybrid Fiber Coax, Fiber to

the Curb (FTTC), satellite, and cellular radio.

4) What is the latest Wi-Fi standard and which frequency band(s) does it use?

a) IEEE 802.11ac works in the 5 GHz band. Most 802.11ac access

points do have 2.4 GHz radios but they use them to support legacy
standards.

5) What information do you need to configure a wireless connection

manually?

a) Service Set ID (SSID)/network name, encryption type, and

authentication information (a preshared key if not using enterprise
authentication).

6) What is the risk of using a free Wi-Fi network to make an order from an
online shop?

a) Data on an open network may be intercepted by the person

running the network or by other computers connected to the
network. You need to ensure that the online store uses a secure
(HTTPS) connection.

7) What does attenuation mean?

a) Attenuation describes the loss of strength of a signal the farther it

has to travel. Attenuation sets the distance limitations on different
network media types.
Page 17
Module 1 / Unit 1 / Common Module 4 / Unit 3 / Secure Web Browsing
Computing Devices

1) If you use an open network, what email configuration setting should you
ensure is enabled?

a) Enable Secure Sockets Layer/Transport Layer Security (SSL/TLS)

encryption to protect the account password.

2) You have installed a screensaver application. Later, after updating your

anti-virus software, a malicious program is found. This appears to have
infected your system at the same time as the screensaver was installed.
What class of malware is this?

a) Trojan Horse.

3) You want to use a website that hosts training modules in a custom media
format. What type of add-on would you need to install to play this media?

a) You would need to install a type of browser add-on called a plug-

in. Plug-ins should be restricted to interacting with the media
object on the web page.

4) What type of file might a website use to track whether you have visited it
before?

a) Cookie.

5) True or false? Browser pop-up windows are definite symptoms of virus

infection.

a) False—these could be a result of adware or part of the design of a

particular site (admittedly, not a site you'd want to visit often).

6) You are using a computer in an Internet cafe. What should you do at the
end of the session?

a) Clear the browser cache or use the workstation's browser

private/incognito browsing mode.

7) What identifies a website as using the secure HTTPS protocol with a valid
certificate?

a) The URL shows the "https://" protocol and the browser shows a
padlock icon. For sites that have passed special validation
regimes, the address bar will be shown in green. If a site uses
https but the certificate is not trusted by the browser, an alert is
displayed.

8) You want to restrict access to a computer on your network to a single

Internet host running a particular application. What two things do you need
to configure in your firewall's access control list?

a) The IP address of the host and the port number of the application.

Page 18
Module 4 / Unit 4 / Using Shared Storage Module 4 / Unit 4 / Using
Shared Storage

1) True or false? A hard disk connected to a computer via a USB port could
be described as "Direct Attached Storage."

a) True.

2) What type of connection would a NAS device use?

a) Network Attached Storage (NAS) means using either a cabled

(Ethernet) or Wi-Fi link to the network.

3) Which admin tool or screen would you use to configure a Windows

computer to join a domain?

a) Via the System applet in Control Panel or via the Settings app
(Access work or school).

4) True or false? Any version or edition of Windows can be used to share files
with other users.

a) True—non-server editions are restricted in the number of

simultaneous clients though.

5) How could you access a network folder called DATA on a network server
called TOWER1 using the Explorer address bar?

a) By entering the UNC path: \\TOWER1\DATA

6) What is a mapped drive?

a) A folder shared by a network server that the client connects to via

a drive letter that redirects to the network share name
(\\Server\Folder).

7) What protocol would be used to provide encrypted file downloads from a

web server?

a) HTTPS—HyperText Transfer Protocol with Secure Sockets

Layer/Transport Layer Security (SSL/TLS).

8) You have made a backup of system data using a removable hard disk.
What should you do next?

a) Store the disk in a secure location—preferably in a different place

to the PC.

Page 19
Module 1 / Unit 1 / Common Module 4 / Unit 5 / Using Mobile Devices
Computing Devices

1) What type of gesture is typically used for zooming on a touchscreen?

a) Pinch.

2) What is the purpose of an accelerometer, as fitted in a mobile device?

a) It is one of the components that detects how the user is moving

the device around. This is used to set the screen orientation and
as an advanced control mechanism.

3) What feature allows data to be removed from a device if is lost or stolen?

a) This is referred to as remote wipe or sometimes as a kill switch.

4) True or false? A smartphone cannot join a Wi-Fi network if the SSID is not
being broadcast.

a) False—the SSID (or network name) can be entered manually, as

with a computer.

5) What is "airplane mode?"

a) A quick toggle for disabling all wireless functionality (cellular, Wi-

Fi, and Bluetooth).

Module 5 / Unit 1 / Security Concerns

1) Which property of secure information is compromised by snooping?

a) Confidentiality—keeping information disclosure restricted to

authorized persons only.

2) An attacker has used a rogue access point to intercept traffic passing

between wireless clients and the wired network segment. What type of
attack is this?

a) This is typical of a Man-in-the-Middle (MitM) attack.

3) What type of access mechanism is MOST vulnerable to a replay attack?

a) Use of a token generated by software. If the token is not

authenticated properly by the server, it could be vulnerable to
replay, where someone else obtaining the token can masquerade
as the original user.

4) Which specific attack uses a botnet to threaten availability?

a) Distributed Denial of Service (DDoS).

Page 20
 5) In considering availability concerns, what use might a lockable faceplate on Module 5 / Unit 2 / Using
Best Practices
a server-class computer be?

a) It may prevent the user switching the machine on or off (useful for
servers) or accessing removable drives and ports.

6) What does AAA stand for?

a) Authentication, Authorization, Accounting.

7) Why should a security policy instruct users not to reveal their password to
technical support staff?

a) It exposes users to social engineering attacks to gather login

credentials for malicious use. Any request for a password should
be treated by users as suspicious.

8) How might someone masquerade as someone else when using email or

Instant Messaging?

a) By accessing their user account—this could be done by stealing

their login information, using an unattended computer that was
still logged in, or using malware such as a Trojan.

9) What are the three main areas where redundancy should be provisioned?

a) Data/storage (RAID), network links, and power. You might

additionally mention site-level redundancy, though this is very
expensive to provision.

10) Why is prioritization a critical task for disaster recovery?

a) Services may have dependencies that make restoring them in the

wrong order futile. Also, disasters lead to scarce resources so the
most critical services must be given priority. These should be
identified before the disaster occurs so that staff working to
recover systems are properly guided.

Module 5 / Unit 2 / Using Best Practices

1) Part of host hardening is to reduce the attack surface. What configuration
changes does reducing the attack surface involve?

a) Removing unwanted and unnecessary software, disabling unused

OS features and services, and closing unnecessary network ports.
This reduces the ways other hosts or processes can interact with
the hardened host.

2) What is the main difference between virus and worm malware?

a) A virus has to infect a file whereas a worm propagates in memory

and over computer networks.

Page 21
Module 1 / Unit 1 / Common 3) How might malware hosted on a website be able to infect your computer
Computing Devices
simply by your browsing the site?

a) By exploiting a vulnerability in software installed on your

computer (a fault or "exploit" in the browser, a browser plug-in, or
the OS for instance).

4) How might spyware be able to steal a password?

a) Typically by monitoring key strokes (a key logger). It might also be

able to steal password databases and decrypt them.

5) What type of malware is being described? The malware encrypts the user's
documents folder and any attached removable disks then extorts the user
for money to release the encryption key.

a) Ransomware.

6) True or false? Most anti-virus software can remediate a system by blocking

access to an infected file but not actually deleting it.

a) True—this is called quarantining the file.

7) What is the main means by which anti-virus software identifies infected

files?

a) Using definitions or signatures of known virus code. These

definitions must be kept up-to-date.

8) What are the two main ways that spam might expose recipients to
hazardous content?

a) Through malware-infected attachments and through links to

malicious websites.

9) Your friend sent you an email link, which you have opened, and now the
browser is asking whether you should install a plug-in to view all the
content on the page. Should you proceed?

a) No—this is a classic phishing attack and your friend's computer

could be infected with a virus or Trojan. Check whether they sent
the link in good faith first.

10) True or false? An OEM site is a reputable source of management software

and drivers for a particular system.

a) True—an Original Equipment Manufacturer (OEM) in the IT

industry, such as Dell or HP, assembles systems made from the
parts and software of various other suppliers. The components
used in their systems may be specific to their brand and so they
host their own support files for any system they sell.

Page 22
Module 5 / Unit 3 / Using Access Controls Module 5 / Unit 3 / Using
Access Controls

1) What are the four processes of an access control system?

a) Identification, Authentication, Authorization, and Accounting.

2) Users should only be granted the minimum sufficient permissions. What

system policy ensures that users do not receive rights unless granted
explicitly?

a) Implicit deny.

3) What is the main type of non-discretionary access control?

a) Mandatory Access Control—though any rules-based system might

restrict discretionary aspects of granting rights.

4) What type of control prevents a user from denying they performed an

action?

a) Non-repudiation. Examples of controls providing non-repudiation

include logging, video surveillance, biometrics, signatures, and
receipts/tokens.

5) What sort of account allows someone to access a computer without

providing a user name or password?

a) Guest account.

6) How does a one-time password work?

a) The password is generated by an asymmetric encryption

algorithm. This means that the authenticating server can
determine that the number was generated by a particular device
(fob) at a particular time. When used with a PIN, it also proves that
the password was input by a particular user.

7) What type of system allows a user to authenticate once to access multiple

services?

a) Single Sign-On (SSO).

8) What type of cryptographic operation(s) are non-reversible?

a) Cryptographic hashing. You might also mention asymmetric

encryption and public/private key pairs, where an operation
performed with one key can only be reversed by the linked key
and NOT by the key that performed the original operation.

9) What class of data is a transport encryption protocol designed to protect?

a) Data in transit (or data in motion).

Page 23
Module 1 / Unit 1 / Common 10) Why is it important not to use simple words or names as a password?
Computing Devices

a) Password-cracking software is configured with dictionaries of

such names and phrases. Even if the password is encrypted, if it
matches a term in the password-cracking dictionary it will be
discovered in seconds.

Module 5 / Unit 4 / Behavioral Security Concepts

1) What is a SOP?

a) Standard Operating Procedure.

2) Apart from passwords and PII, what other type(s) of confidential

information should be governed by classification and handling procedures?

a) Company confidential information and customer information.

3) Why might a company ban use of the corporate network and desktop
software for personal communications?

a) The company might be held responsible for inappropriate content

posted by its employees. The issue of privacy is also complex and
it is often better for both the company and the employee to use
corporate systems for business communications only.

4) What two main privacy issues arise from using a social networking site?

a) Firstly, you need to control how far information you post to the
site is distributed. You could make it private, accessible to close
friends only, accessible to all your contacts, or accessible to
anyone. Secondly, you need to know how the company processes,
stores, and transfers or sells any data it collects about you,
including information you post and your activity on the site.

Page 24