234 lines
14 KiB
JSON
234 lines
14 KiB
JSON
{
|
|
"TRB-1": [
|
|
{
|
|
"front": "A user reports that Windows displays No OS found at startup. What should you check first?",
|
|
"back": "Check the boot order in firmware/BIOS, confirm the drive is detected, and check the boot files and startup repair options."
|
|
},
|
|
{
|
|
"front": "A user reports a blue screen of death (BSOD). What should you suspect first?",
|
|
"back": "Suspect drivers, hardware, memory, storage, or recent updates, and use Event Viewer, Reliability Monitor, and memory/storage diagnostics to investigate."
|
|
},
|
|
{
|
|
"front": "A user reports that Windows is running slowly overall. What should you check first?",
|
|
"back": "Check Task Manager for CPU, memory, disk, and startup load, check available disk space, and review recently installed apps."
|
|
},
|
|
{
|
|
"front": "A user reports that a Windows service is failing to start. What should you check first?",
|
|
"back": "Check the Services console for the service status, check its dependencies, and review Event Viewer for related errors."
|
|
},
|
|
{
|
|
"front": "A user reports that their Windows profile takes a very long time to load at sign-in. What should you suspect?",
|
|
"back": "Suspect a large profile data set, network profile issues, login scripts, or domain connectivity problems."
|
|
},
|
|
{
|
|
"front": "A user reports that the system clock keeps drifting and showing the wrong time. What should you check?",
|
|
"back": "Check the time zone setting, the CMOS battery, and time synchronization settings."
|
|
},
|
|
{
|
|
"front": "A system fails to boot correctly right after a driver update was installed. What is the likely fix?",
|
|
"back": "Roll back the driver, or boot into Safe Mode to remove or fix the problematic driver."
|
|
},
|
|
{
|
|
"front": "Applications are crashing and you suspect system file corruption. What two tools should you use?",
|
|
"back": "Use SFC (System File Checker) and DISM to repair corrupted system files and the Windows component store."
|
|
},
|
|
{
|
|
"front": "A user reports slow performance and asks you to immediately start changing system settings. What should you do first?",
|
|
"back": "Gather evidence first (e.g., Task Manager, disk space, recently installed apps) before making any changes."
|
|
},
|
|
{
|
|
"front": "What's the memory trick for diagnosing common Windows OS problems?",
|
|
"back": "B-S-S-A-D-P-T: Boot, Services, Storage, Applications, Drivers, Profiles, Time. A Windows symptom usually points to boot, services, storage, drivers, profile, or time."
|
|
},
|
|
{
|
|
"front": "What does sfc /scannow do? (Windows command)",
|
|
"back": "It checks protected Windows system files and attempts to repair any that are corrupted."
|
|
},
|
|
{
|
|
"front": "What does DISM /Online /Cleanup-Image /RestoreHealth do? (Windows command)",
|
|
"back": "It repairs the Windows component store, which SFC relies on to repair system files."
|
|
},
|
|
{
|
|
"front": "What does chkdsk do? (Windows command)",
|
|
"back": "It checks the file system status of a drive."
|
|
},
|
|
{
|
|
"front": "What does eventvwr.msc do? (Windows command)",
|
|
"back": "It opens Event Viewer, which provides logs and error clues for troubleshooting."
|
|
},
|
|
{
|
|
"front": "What does perfmon /rel do? (Windows command)",
|
|
"back": "It opens Reliability Monitor, which shows a timeline of system failures and changes."
|
|
},
|
|
{
|
|
"front": "If a Windows system reports low memory warnings or USB controller resource warnings, which category of the B-S-S-A-D-P-T memory trick does this most likely fall under?",
|
|
"back": "These point toward storage and drivers (resource and driver-related issues), part of the B-S-S-A-D-P-T framework for Windows symptoms."
|
|
}
|
|
],
|
|
"TRB-2": [
|
|
{
|
|
"front": "A mobile app fails to launch or repeatedly crashes. What is the troubleshooting flow?",
|
|
"back": "Restart the app, restart the device, update the app, update the OS, clear the app cache where supported, and reinstall the app if needed."
|
|
},
|
|
{
|
|
"front": "A mobile app will not install or update. What should you check first?",
|
|
"back": "Check available storage, network connectivity, app store account status, and OS compatibility."
|
|
},
|
|
{
|
|
"front": "A user reports their mobile device's battery is draining quickly. What should you check?",
|
|
"back": "Review battery usage by app, check screen brightness, disable unnecessary radios, and check for runaway apps."
|
|
},
|
|
{
|
|
"front": "A user reports Bluetooth or Wi-Fi connectivity problems on a mobile device. What is the troubleshooting flow?",
|
|
"back": "Toggle the affected radio, forget and reconnect to the network or device, check range and pairing mode, and restart the device if needed."
|
|
},
|
|
{
|
|
"front": "A user reports that screen autorotation is not working on their mobile device. What should you check?",
|
|
"back": "Check if rotation lock is enabled, restart the app, and test the device sensors if available."
|
|
},
|
|
{
|
|
"front": "An app cannot be installed on a mobile device. Which two causes are high-probability answers on the exam?",
|
|
"back": "Insufficient storage and OS/app compatibility issues."
|
|
},
|
|
{
|
|
"front": "A mobile device fails to pair with a Bluetooth accessory. What should you check?",
|
|
"back": "Check that the accessory is in pairing mode, and try forgetting the device and re-pairing it."
|
|
},
|
|
{
|
|
"front": "A mobile issue started right after an OS or app update. What should you investigate?",
|
|
"back": "Check for known issues with the update and verify compatibility between the app and the new OS version."
|
|
},
|
|
{
|
|
"front": "Only one app is misbehaving on a mobile device. What should you do before resetting the entire phone?",
|
|
"back": "Focus troubleshooting on that specific app (cache, update, reinstall) before considering a full device reset."
|
|
},
|
|
{
|
|
"front": "What's the memory trick for troubleshooting mobile OS and app issues?",
|
|
"back": "U-S-P-C-R: Update, Storage, Permissions, Connectivity, Restart/reinstall. Most mobile app problems start with update, storage, permission, or connectivity checks."
|
|
},
|
|
{
|
|
"front": "A user reports random reboots on their mobile device. Under which category of mobile troubleshooting checks would you start investigating?",
|
|
"back": "Start with the basic checks: updates, storage, permissions, connectivity, and battery health, since these are the common starting points for most mobile symptoms."
|
|
},
|
|
{
|
|
"front": "What basic checks should be performed for nearly any mobile OS or app problem according to the lesson?",
|
|
"back": "Updates, storage, permissions, connectivity, app cache/data, battery health, and compatibility."
|
|
},
|
|
{
|
|
"front": "A user reports an OS update failure on their mobile device. What category of issue does this fall under, and what should you check?",
|
|
"back": "It falls under update-related issues; check storage space, network connectivity, and compatibility, similar to app install/update failures."
|
|
}
|
|
],
|
|
"TRB-3": [
|
|
{
|
|
"front": "What is application spoofing on a mobile device?",
|
|
"back": "Application spoofing means a fake app pretends to be a legitimate app, often to trick users into installing malware or giving up data."
|
|
},
|
|
{
|
|
"front": "A user's phone has high network traffic, data usage alerts, and many ads outside the browser. What should you suspect?",
|
|
"back": "Suspect malware or unwanted/unauthorized software, and check which app is causing the unusual data usage."
|
|
},
|
|
{
|
|
"front": "A user reports fake antivirus pop-ups and browser redirects on their mobile device. What should you check first?",
|
|
"back": "Check the app source - whether apps were installed from the official app store, whether developer names are correct, and whether permissions/reviews look suspicious."
|
|
},
|
|
{
|
|
"front": "Why are rooted or jailbroken devices considered high risk?",
|
|
"back": "Rooted or jailbroken devices bypass the normal protections built into the mobile OS, making them more vulnerable to malware and unauthorized access."
|
|
},
|
|
{
|
|
"front": "A managed (company) mobile device is suspected of being compromised. What should you do?",
|
|
"back": "Follow company policy, notify support/security, use MDM actions when appropriate, and preserve evidence if required."
|
|
},
|
|
{
|
|
"front": "A personal mobile device is suspected of being compromised by malware. What is the response?",
|
|
"back": "Remove suspicious apps, update the OS and apps, run trusted security tools if available, and change passwords from a known-clean device if compromise is suspected."
|
|
},
|
|
{
|
|
"front": "Why do unofficial app stores increase mobile security risk?",
|
|
"back": "Apps from unofficial app stores are not vetted the same way as official store apps, which increases the risk of installing malware."
|
|
},
|
|
{
|
|
"front": "What should you check regarding device integrity when investigating a mobile security issue?",
|
|
"back": "Check whether the device is rooted or jailbroken, whether developer mode is enabled, and whether installation from unknown sources is allowed."
|
|
},
|
|
{
|
|
"front": "What network and data clues suggest a mobile app may be malicious?",
|
|
"back": "One app using unusual amounts of data, traffic spiking when that app is open, or unexpected VPN/proxy settings."
|
|
},
|
|
{
|
|
"front": "What's the memory trick for mobile security issues?",
|
|
"back": "R-U-D-A: Root/jailbreak, Unofficial store, Developer mode, Ads/alerts. If the source or control model is untrusted, treat the phone as high risk."
|
|
},
|
|
{
|
|
"front": "A user's mobile device shows leaked personal data and unrecognized apps. What should be the immediate concern?",
|
|
"back": "This suggests an unauthorized or malicious app has been installed; check the app source, device integrity (root/jailbreak), and remove suspicious apps."
|
|
},
|
|
{
|
|
"front": "What does it mean for a mobile device's control model to be untrusted, and what should you do if it is?",
|
|
"back": "An untrusted control model means the device's source of apps or its root/jailbreak status cannot be trusted; treat the phone as high risk per the lesson's shortcut."
|
|
},
|
|
{
|
|
"front": "List the four main risk factors for mobile security issues mentioned in the lesson.",
|
|
"back": "Unofficial app stores, sideloaded applications, developer mode, and rooted or jailbroken devices (also unauthorized apps and application spoofing)."
|
|
}
|
|
],
|
|
"TRB-4": [
|
|
{
|
|
"front": "A user reports files on their PC are altered, missing, renamed, or inaccessible. What should you suspect?",
|
|
"back": "This points to ransomware as the likely cause."
|
|
},
|
|
{
|
|
"front": "A user reports frequent pop-ups and browser redirects. What should you suspect?",
|
|
"back": "This points to adware or browser hijacking."
|
|
},
|
|
{
|
|
"front": "A user reports certificate warnings in their browser. What are the possible causes?",
|
|
"back": "Certificate warnings can be caused by something malicious, a misconfiguration, or the wrong system time/date on the PC."
|
|
},
|
|
{
|
|
"front": "A PC cannot access the network at all. What should you check?",
|
|
"back": "Check for misconfiguration causes such as a bad proxy setting, wrong DNS setting, or a firewall/security tool blocking traffic; also consider malware as a cause."
|
|
},
|
|
{
|
|
"front": "A user reports fake antivirus warnings appearing on their desktop. What should you suspect first?",
|
|
"back": "Suspect fake antivirus malware (scareware), and assume compromise until verified."
|
|
},
|
|
{
|
|
"front": "An OS update keeps failing on a PC. What are the possible causes?",
|
|
"back": "OS update failure may be caused by malware, file/system corruption, or network problems."
|
|
},
|
|
{
|
|
"front": "A user's web browser has new extensions they didn't install, plus unexpected sync changes and login alerts. What should you suspect?",
|
|
"back": "Suspect a compromised account - check for unauthorized browser extensions, unexpected sync changes, and new login alerts."
|
|
},
|
|
{
|
|
"front": "What is the first step in the response flow for a suspected PC security compromise?",
|
|
"back": "Identify the symptoms."
|
|
},
|
|
{
|
|
"front": "After identifying symptoms of a suspected active compromise on a PC, what is the next step?",
|
|
"back": "Disconnect the PC from the network if active compromise is suspected."
|
|
},
|
|
{
|
|
"front": "After running trusted security tools and removing or quarantining threats from a compromised PC, what should be done next?",
|
|
"back": "Update the OS, browser, and security software, then change passwords from a known-clean device if credentials may be compromised, and document findings and actions."
|
|
},
|
|
{
|
|
"front": "What's the memory trick for PC security symptoms?",
|
|
"back": "FAN-B: Files changed, Alerts are fake, Network blocked, Browser redirects. Fake alerts plus changed files or redirects means assume compromise until verified."
|
|
},
|
|
{
|
|
"front": "List the categories of common causes for PC security symptoms described in the lesson.",
|
|
"back": "Malware (fake antivirus, ransomware, spyware, adware, browser hijackers), misconfiguration (bad proxy, wrong DNS, expired certificate or wrong system time, firewall blocking traffic), and compromised account (unexpected sync changes, unauthorized extensions, new login alerts)."
|
|
},
|
|
{
|
|
"front": "Why might evidence preservation be part of the response flow for a PC security incident?",
|
|
"back": "Because policy may require preserving evidence of the compromise before remediation, especially in managed or business environments."
|
|
},
|
|
{
|
|
"front": "A user's PC shows degraded browser performance along with unwanted OS notifications. What should you consider?",
|
|
"back": "Consider malware (such as adware or browser hijackers) as well as possible misconfiguration; treat it as a possible compromise per the FAN-B memory trick."
|
|
}
|
|
]
|
|
}
|