Modules 3 – 4: Operating System Overview Group Exam (Answers)

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer. If the question is not here, find it in Questions Bank.

NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

Checkpoint Exam: Operating System Overview Group Exam Answers

Modules 3 – 4 of the CyberOps Associate 1.0

1. Why would a network administrator choose Linux as an operating system in the Security Operations Center (SOC)?

  • It is easier to use than other operating systems.
  • More network applications are created for this environment.
  • It is more secure than other server operating systems.
  • The administrator has more control over the operating system.

Explanation: There are several reasons why Linux is a good choice for the SOC.
Linux is open source.
The command line interface is a very powerful environment.
The user has more control over the operating system.
Linux allows for better network communication control.

2. Which two methods can be used to harden a computing device? (Choose two.)

  • Allow default services to remain enabled.
  • Allow USB auto-detection.
  • Enforce the password history mechanism.
  • Update patches on a strict annual basis irrespective of release date.
  • Ensure physical security.

Explanation: The basic best practices for device hardening are as follows:
Ensure physical security.
Minimize installed packages.
Disable unused services.
Use SSH and disable the root account login over SSH.
Keep the system updated.
Disable USB auto-detection.
Enforce strong passwords.
Force periodic password changes.
Keep users from reusing old passwords.
Review logs regularly.

3. Which Linux command can be used to display the name of the current working directory?

  • sudo
  • ps
  • pwd
  • chmod

Explanation: One of the most important commands in Linux is the pwd command, which stands for print working directory. It shows users the physical path for the directory they are working in.

4. Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file?

ls –l analyst.txt
-rwxrw-r-- sales staff 1028 May 28 15:50 analyst.txt
  • write only
  • read, write
  • read only
  • read, write, execute

Explanation: The file permissions are always displayed in the User Group and Other order. In the example displayed, the file has the following permissions:
The dash ( – ) means that this is a file. For directories, the first dash would replaced with a “d”.
The first set of characters is for user permission (rwx).
The user, sales, who owns the file can read, write and execute the file.
The second set of characters is for group permissions (rw-). The group, staff, who owns the file can read and write to the file.
The third set of characters is for any other user or group permissions (r–). Any other user or group on the computer can only read the file.

5. A Linux system boots into the GUI by default, so which application can a network administrator use in order to access the CLI environment?

  • system viewer
  • file viewer
  • package management tool
  • terminal emulator

Explanation: A terminal emulator is an application program a user of Linux can use in order to access the CLI environment.

6. What is the well-known port address number used by DNS to serve requests?

  • 25
  • 53
  • 110
  • 60

Explanation: Port numbers are used in TCP and UDP communications to differentiate between the various services running on a device. The well-known port number used by DNS is port 53.

7. Which user can override file permissions on a Linux computer?

  • any user that has ‘group’ permission to the file
  • only the creator of the file
  • any user that has ‘other’ permission to the file
  • root user

Explanation: A user has as much rights to a file as the file permissions allow. The only user that can override file permission on a Linux computer is the root user. Because the root user has the power to override file permissions, the root user can write to any file.

8. Match the commonly used ports on a Linux server with the corresponding service.
Modules 3 - 4: Operating System Overview Group Exam (Answers) 1

  • SMTP: 25
  • DNS: 53
  • HTTPS: 443
  • SSH: 22
  • TELNET: 23

9. Match typical Linux log files to the function.

Modules 3 - 4: Operating System Overview Group Exam (Answers) 2

Operating Systems Basics Final Exam Q13

  • used by RedHat and CentOS computers and tracks authentication-related events: /var/log/secure
  • contains generic computer activity logs, and is used to store informational and noncritical system messages: /var/log/messages
  • stores information related to hardware devices and their drivers: /var/log/dmesg
  • used by Debian and Ubuntu computers and stores all authentication-related events: /var/log/auth.log

10. Which type of tool allows administrators to observe and understand every detail of a network transaction?

  • log manager
  • malware analysis tool
  • ticketing system
  • packet capture software

Explanation: Network packet capture software is an important tool because it makes it possible to observe and understand the details of a network transaction.

11. Why is Kali Linux a popular choice in testing the network security of an organization?

  • It is a network scanning tool that prioritizes security risks.
  • It is an open source Linux security distribution containing many penetration tools.
  • It can be used to test weaknesses by using only malicious software.
  • It can be used to intercept and log network traffic.

Explanation: Kali is an open source Linux security distribution that is commonly used by IT professionals to test the security of networks.

12. Match the octal value to the file permission description in Linux. (Not all options are used.)
Modules 3 - 4: Operating System Overview Group Exam (Answers) 3

  • write only ~~> 010
  • read and execute ~~> 101
  • read and write ~~> 110
  • execute only ~~> 001
  • write and execute ~~> NOT SCORED
  • no access ~~> 000

13. Match the Linux command to the function. (Not all options are used.)
Modules 3 - 4: Operating System Overview Group Exam (Answers) 4

  • Displays the name of the current working directory: pwd
  • runs a command as another user: sudo
  • modifies file permissions: chmod
  • shuts down the system: Empty
  • lists the processes that are currently running: ps

14. What are two advantages of the NTFS file system compared with FAT32? (Choose two.)

  • NTFS is easier to configure.
  • NTFS supports larger files.
  • NTFS allows faster formatting of drives.
  • NTFS allows the automatic detection of bad sectors.
  • NTFS allows faster access to external peripherals such as a USB drive.
  • NTFS provides more security features.

Explanation: The file system has no control over the speed of access or formatting of drives, and the ease of configuration is not file system-dependent.

15. A PC user issues the netstat command without any options. What is displayed as the result of this command?

  • a historical list of successful pings that have been sent
  • a list of all established active TCP connections
  • a network connection and usage report
  • a local routing table

Explanation: When used by itself (without any options), the netstat command will display all the active TCP connections that are available.

16. Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.)

  • nslookup cisco.com
  • net cisco.com
  • ipconfig /flushdns
  • nbtstat cisco.com
  • ping cisco.com

Explanation: The ping command tests the connection between two hosts. When ping uses a host domain name to test the connection, the resolver on the PC will first perform the name resolution to query the DNS server for the IP address of the host. If the ping command is unable to resolve the domain name to an IP address, an error will result.

Nslookup is a tool for testing and troubleshooting DNS servers.

17. What is the purpose of using the net accounts command in Windows?

  • to display information about shared network resources
  • to show a list of computers and network devices on the network
  • to start a network service
  • to review the settings of password and logon requirements for users

Explanation: These are some common net commands:
net accounts – sets password and logon requirements for users
net start – starts a network service or lists running network services
net use – connects, disconnects, and displays information about shared network resources
net view – shows a list of computers and network devices on the network
When used without options, the net accounts command displays the current settings for password, logon limitations, and domain information.

18. Match the Windows 10 boot sequence after the boot manager (bootmgr.exe) loads.
Modules 3 - 4: Operating System Overview Group Exam (Answers) 5

Explanation: Boot Sequence for Windows:
– Power on Self Test (POST)
– POST for each adapter card that has a BIOS
– BIOS reads the MBR
– MBR takes over control of the boot process and starts BOOTMGR
– BOOTMGR reads the Boot Configuration Data file to know which OS to load and where to find the OS on the boot partition
BOOTMGR invokes WINLOAD.EXE in order to load the NTOSKRNL.EXE file and HAL.DLL
BOOTMGR reads the registry files and loads device drivers
NTOSKRNL.EXE starts the WINLOGON.EXE program and displays the Windows login screen

19. A technician has installed a third party utility that is used to manage a Windows 7 computer. However, the utility does not automatically start whenever the computer is started. What can the technician do to resolve this problem?

  • Set the application registry key value to one.
  • Use the Add or Remove Programs utility to set program access and defaults.
  • Change the startup type for the utility to Automatic in Services .
  • Uninstall the program and then choose Add New Programs in the Add or Remove Programs utility to install the application.

Explanation: The Services console in Windows OS allows for the management of all the services on the local and remote computers. The setting of Automatic in the Services console enables the chosen service to start when the computer is started.

20. Which statement describes the function of the Server Message Block (SMB) protocol?

  • It is used to stream media contents.
  • It is used to manage remote PCs.
  • It is used to compress files stored on a disk.
  • It is used to share network resources.

Explanation: The Server Message Block (SMB) protocol is primarily used by Microsoft to share network resources.

21. A user creates a file with .ps1 extension in Windows. What type of file is it?

  • PowerShell function
  • PowerShell cmdlet
  • PowerShell documentation
  • PowerShell script

Explanation: The types of commands that PowerShell can execute include the following:

  • cmdlets – perform an action and return an output or object to the next command that will be executed
  • PowerShell scripts – files with a .ps1 extension that contain PowerShell commands that are executed
  • PowerShell functions – pieces of code that can be referenced in a script

22. Match the Windows command to the description.

Modules 3 - 4: Operating System Overview Group Exam (Answers) 6

Modules 3 – 4: Operating System Overview Group Exam

  • renames a file ~~> ren
  • creates a new directory ~~> mkdir
  • changes the current directory ~~> cd
  • lists files in a directory ~~> dir

23. A user logs in to Windows with a regular user account and attempts to use an application that requires administrative privileges. What can the user do to successfully use the application?

  • Right-click the application and choose Run as Priviledge .
  • Right-click the application and choose Run as Superuser .
  • Right-click the application and choose Run as Administrator .
  • Right-click the application and choose Run as root .

Explanation: As a security best practice, it is advisable not to log on to Windows using the Administrator account or an account with administrative privileges. When it is necessary to run or install software that requires the privileges of the Administrator, the user can right-click the software in the Windows File Explorer and choose Run as Administrator .

24. An IT technician wants to create a rule on two Windows 10 computers to prevent an installed application from accessing the public Internet. Which tool would the technician use to accomplish this task?

  • Local Security Policy
  • Computer Management
  • Windows Defender Firewall with Advanced Security
  • DMZ

Explanation: Windows Firewall with Advanced Security or the Windows 10 Windows Defender Firewall with Advanced Security is used to create inbound and outbound rules, connection security rules such as security traffic between two computers, and monitoring any active connection security rules.

25. What technology was created to replace the BIOS program on modern personal computer motherboards?

  • UEFI
  • MBR
  • CMOS
  • RAM

Explanation: As of 2015, most personal computer motherboards are shipped with UEFI as the replacement for the BIOS program.

26. Match the Linux system component with the description. (Not all options are used.)
Match the Linux system component with the description.

  • CLI : a text based interface that accepts user commands
  • shell : a program that interprets and executes user commands
  • daemon : a background process that runs without the need for user interaction
  • (Empty) : a program that manages CPU and RAM allocation to processes, system calls, and file systems

27. What is the outcome when a Linux administrator enters the man man command?

  • The man man command configures the network interface with a manual address
  • The man man command opens the most recent log file
  • The man man command provides a list of commands available at the current prompt
  • The man man command provides documentation about the man command

Explanation: The man command is short for manual and is used to obtain documentation about a Linux command. The command man man would provide documentation about how to use the manual.

28. Match the description to the Linux term. (Not all options are used.)
Modules 3 - 4: Operating System Overview Group Exam (Answers) 7

  • a type of file that is a reference to another file or directory ~~> symlink
  • a running background process that does not need user interaction ~~> daemon
  • protecting remote access ~~> hardening
  • (Empty) ~~>logging

29. What are two benefits of using an ext4 partition instead of ext3? (Choose two.)

  • an increase in the number of supported devices
  • improved performance
  • compatibility with NTFS
  • increase in the size of supported files
  • decreased load time
  • compatibility with CDFS

Explanation: Based on the ex3 file system, an ext4 partition includes extensions that improve performance and an increase in the of supported files. An ext4 partition also supports journaling, a file system feature that minimizes the risk of file system corruption if power is suddenly lost to the system.

30. Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file?

ls -l analyst.txt
-rwxrw-r-- sales staff 1028 May 28 15:50 analyst.txt
  • read, write, execute
  • write only
  • read only
  • read, write

Explanation: The file permissions are always displayed in the User Group and Other order. In the example displayed, the file has the following permissions:
The dash ( – ) means that this is a file. For directories, the first dash would replaced with a “d”.
The first set of characters is for user permission (rwx).
The user, sales, who owns the file can read, write and execute the file.
The second set of characters is for group permissions (rw-). The group, staff, who owns the file can read and write to the file.
The third set of characters is for any other user or group permissions (r–). Any other user or group on the computer can only read the file.

31. What is the purpose of entering the netsh command on a Windows PC?

  • to configure networking parameters for the PC
  • to change the computer name for the PC
  • to create user accounts
  • to test the hardware devices on the PC

Explanation: The netsh.exe tool can be used to configure networking parameters for the PC from a command prompt.

32. Which type of Windows PowerShell command performs an action and returns an output or object to the next command that will be executed?

  • cmdlets
  • functions
  • routines
  • scripts

Explanation: The types of commands that PowerShell can execute include the following:

  • cmdlets – perform an action and return an output or object to the next command that will be executed
  • PowerShell scripts – files with a .ps1 extension that contain PowerShell commands that are executed
  • PowerShell functions – pieces of code that can be referenced in a script


33. A user creates a file with .ps1 extension in Windows. What type of file is it?

  • PowerShell documentation
  • PowerShell cmdlet
  • PowerShell script
  • PowerShell function

Explanation: The types of commands that PowerShell can execute include the following:
cmdlets – perform an action and return an output or object to the next command that will be executed
PowerShell scripts – files with a .ps1 extension that contain PowerShell commands that are executed
PowerShell functions – pieces of code that can be referenced in a script

34. Match the Windows system tool with the description. (Not all options are used.)

Modules 3 - 4: Operating System Overview Group Exam (Answers) 8

Modules 3 – 4: Operating System Overview Group Exam 34

  • Registry : a hierarchical database of all system and user information
  • Windows Firewall : selectively denies traffic on specified interfaces
  • PowerShell : a CLI environment used to run scripts and automate tasks
  • Event Viewer : maintains system logs
  • (Empty) : provides information on system resources and processes
  • (Empty) : provides virus and spyware protection

35. In the Linux shell, which character is used between two commands to instruct the shell to combine and execute these two commands in sequence?

  • $
  • #
  • %
  • |

Explanation: In the Linux shell, several commands can be combined to perform a complex task. This technique is known as piping. The piping process is indicated by inserting the character “|” between two consecutive commands.

36. Why is Linux considered to be better protected against malware than other operating systems?

  • customizable penetration and protection tools
  • fewer deployments
  • file system structure, file permissions, and user account restrictions
  • integrated firewall

Explanation: The Linux operating design including how the file system is structured, standard file permissions, and user account restrictions make Linux a better protected operating system. However, Linux still has vulnerabilities and can have malware installed that affects the operating system.

37. Match the commonly used ports on a Linux server with the corresponding service. (Not all options are used.)
Modules 3 - 4: Operating System Overview Group Exam (Answers) 9

38. Which Windows tool can be used by a cybersecurity administrator to secure stand-alone computers that are not part of an active directory domain?

  • PowerShell
  • Windows Defender
  • Windows Firewall
  • Local Security Policy

Explanation: Windows systems that are not part of an Active Directory Domain can use the Windows Local Security Policy to enforce security settings on each stand-alone system.

Subscribe
Notify of
guest

43 Comments
Inline Feedbacks
View all comments
Muhammad Alie
Muhammad Alie
1 year ago

Questions and Mutiple-Choice

Onkabetse Mongweotsile
Onkabetse Mongweotsile
2 years ago

Great job. I am very thankful for the help offered. The explanation makes sense for us to understand the concepts.

Onkabetse Mongweotsile
Onkabetse Mongweotsile
2 years ago

Great job. I am very thankful for the help offered. The explanation makes sense for us to understand the comncepts.

Greg
Greg
4 years ago

Q4 and Q30 are the same

Kiro
Kiro
4 years ago

I hope you let us add pictures for the illustrations of the questions, Thanks for your amazing site.

Kiro
Kiro
4 years ago

25- Why would a network administrator choose Linux as an operating system in the Security Operations Center (SOC)?

+ It is easier to use than other operating systems.
+ More network applications are created for this environment.
+ It is more secure than other server operating systems.
+ The administrator has more control over the operating system.

Kiro
Kiro
4 years ago

24- Which two methods can be used to harden a computing device? (Choose two.)

Allow default services to remain enabled.
Allow USB auto-detection.
Enforce the password history mechanism.
Update patches on a strict annual basis irrespective of release date.
Ensure physical security.

Kiro
Kiro
4 years ago

23- Which Linux command can be used to display the name of the current working directory?

sudo
ps
pwd
chmod

Kiro
Kiro
4 years ago

22- Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file?

write only
read, write
read only
read, write, execute

Kiro
Kiro
4 years ago

21- A Linux system boots into the GUI by default, so which application can a network administrator use in order to access the CLI environment?

system viewer
file viewer
package management tool
terminal emulator

Kiro
Kiro
4 years ago

20- What is the well-known port address number used by DNS to serve requests?

25
53
110
60

Kiro
Kiro
4 years ago

19- Which user can override file permissions on a Linux computer?

+any user that has ‘group’ permission to the file
+only the creator of the file
+any user that has ‘other’ permission to the file
+root user

Kiro
Kiro
4 years ago

18- Match the commonly used ports on a Linux server with the corresponding service.

SMTP 25
DNS 53
HTTPS 443
SSH 22
TELNET 23

Kiro
Kiro
4 years ago
Reply to  Kiro

Match the commonly used ports on a Linux server with the corresponding service. (Not all options are used.)

SSH “22” IS NOT FOUND BUT I ADDED IT JUST TO KNOW ITS PORT NUMBER.

Kiro
Kiro
4 years ago

17- Match typical Linux log files to the function.

used by RedHat and CentOS computers and tracks authentication-related events:/var/log/secure

contains generic computer activity logs, and is used to store informational and noncritical system messages:/var/log/messages

stores information related to hardware devices and their drivers:/var/log/dmesg

used by Debian and Ubuntu computers and stores all authentication-related events:/var/log/auth.log

Kiro
Kiro
4 years ago

16- Which type of tool allows administrators to observe and understand every detail of a network transaction?

  • log manager
  • malware analysis tool
  • ticketing system
  • packet capture software
Kiro
Kiro
4 years ago

15- Why is Kali Linux a popular choice in testing the network security of an organization?

  • It is a network scanning tool that prioritizes security risks.
  • It is an open source Linux security distribution containing many penetration tools.
  • It can be used to test weaknesses by using only malicious software.
  • It can be used to intercept and log network traffic.
Kiro
Kiro
4 years ago
Reply to  Kiro

THE CORRECT ANSWER IS;

It is an open source Linux security distribution containing many penetration tools.

Kiro
Kiro
4 years ago

14- Match the octal value to the file permission description in Linux. (Not all options are used.)

write onlyread and executeread and writeexecute onlywrite and executeno access
000
001
010
101
110

Kiro
Kiro
4 years ago
Reply to  Kiro

write only – read and execute – read and write – execute only – write and execute – no access.

I don’t know the answer

Kiro
Kiro
4 years ago
Reply to  Kiro

write only – read and execute – read and write – execute only – write and execute – no access.

THE CORRECT ANSWERES:

010
101
110
001
NOT SCORED
000

Kiro
Kiro
4 years ago

13- Match the Linux command to the function. (Not all options are used.)

hmodudodisplays the name of the current working directory: pwd

runs a command as another user: sudo

modifies file permissions:
chmod

shuts down the system:

lists the processes that are currently running: ps

Kiro
Kiro
4 years ago
Reply to  Kiro

THE ANSWERS ARE CORRECT:

Displays the name of the current working directory: pwd
runs a command as another user: sudo
modifies file permissions: chmod

shuts down the system:

lists the processes that are currently running: ps

Kiro
Kiro
4 years ago

12- What are two advantages of the NTFS file system compared with FAT32? (Choose two.)

  • NTFS is easier to configure.
  • NTFS supports larger files.
  • NTFS allows faster formatting of drives.
  • NTFS allows the automatic detection of bad sectors.
  • NTFS allows faster access to external peripherals such as a USB drive.
  • NTFS provides more security features.
Kiro
Kiro
4 years ago

11- A PC user issues the netstat command without any options. What is displayed as the result of this command?

  • a historical list of successful pings that have been sent
  • a list of all established active TCP connections
  • a network connection and usage report
  • a local routing table
Kiro
Kiro
4 years ago
Reply to  Kiro

The correct answer is:

a list of all established active TCP connections

Kiro
Kiro
4 years ago

10- Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.)

  • nslookup cisco.com
  • net cisco.com
  • ipconfig /flushdns
  • nbtstat cisco.com
  • ping cisco.com
Kiro
Kiro
4 years ago

9- What is the purpose of using the net accounts command in Windows?

  • to display information about shared network resources
  • to show a list of computers and network devices on the network
  • to start a network service
  • to review the settings of password and logon requirements for users
Kiro
Kiro
4 years ago

8- Match the Windows 10 boot sequence after the boot manager (bootmgr.exe) loads.

Step one: The Windows boot loader Winload.exe loads
Step two: Ntosknl.exe and hal.dll are loaded
Step three: Winload.exe reads the registry, chooses a hardware profile, and loads the device drivers.
Step four: Ntoskrnl.exe takes over the process.
Step five: Winlogon.exe is loaded and excutes the logon process.

Yei
Yei
1 year ago
Reply to  Kiro

Step one: The Windows boot loader Winload.exe loads
Step two: Winload.exe reads the registry, chooses a hardware profile, and loads the device drivers.
Step three: Ntosknl.exe and hal.dll are loaded
Step four: Ntoskrnl.exe takes over the process.
Step five: Winlogon.exe is loaded and excutes the logon process.

Name
Name
5 months ago
Reply to  Yei

Yei is incorrect.

Kiro
Kiro
4 years ago

7- A technician has installed a third party utility that is used to manage a Windows 7 computer. However, the utility does not automatically start whenever the computer is started. What can the technician do to resolve this problem?

  • Set the application registry key value to one.
  • Use the Add or Remove Programs utility to set program access and defaults.
  • Change the startup type for the utility to Automatic in Services .
  • Uninstall the program and then choose Add New Programs in the Add or Remove Programs utility to install the application.
Kiro
Kiro
4 years ago
Reply to  Kiro
  • Change the startup type for the utility to Automatic in Services

iS THE CORRECT ANSWER

Kiro
Kiro
4 years ago

6- Which statement describes the function of the Server Message Block (SMB) protocol?

  • It is used to stream media contents.
  • It is used to manage remote PCs.
  • It is used to compress files stored on a disk.
  • It is used to share network resources.
Kiro
Kiro
4 years ago
Reply to  Kiro

The correct answer is;

It is used to share network resources.

Kiro
Kiro
4 years ago

5- A user creates a file with .ps1 extension in Windows. What type of file is it?

  • PowerShell function
  • PowerShell cmdlet
  • PowerShell documentation
  • PowerShell script
Kiro
Kiro
4 years ago
Reply to  Kiro

PowerShell script
iS THE CORRECT ANSWER

Kiro
Kiro
4 years ago

4- Match the Windows command to the description.

renames a file: ren
creates a new directory: mkdir
changes the current directory: cd
lists files in a directory: dir

Kiro
Kiro
4 years ago

3- A user logs in to Windows with a regular user account and attempts to use an application that requires administrative privileges. What can the user do to successfully use the application?

  • Right-click the application and choose Run as Priviledge .
  • Right-click the application and choose Run as Superuser .
  • Right-click the application and choose Run as Administrator .
  • Right-click the application and choose Run as root .
Kiro
Kiro
4 years ago

2- An IT technician wants to create a rule on two Windows 10 computers to prevent an installed application from accessing the public Internet. Which tool would the technician use to accomplish this task?

  • Local Security Policy
  • Computer Management
  • Windows Defender Firewall with Advanced Security
  • DMZ
Kiro
Kiro
4 years ago
Reply to  Kiro

The correct answer is;

Windows Defender Firewall with Advanced Security

Kiro
Kiro
4 years ago

1- What technology was created to replace the BIOS program on modern personal computer motherboards?

  • UEFI
  • MBR
  • CMOS
  • RAM