He's a little troubled by the fact that his practice tests scores, on average, are ~5% less than his results during Core 1 practice. A simple number can do wonders in terms of irritation.

But then there's the other perspective: it is more content overall, so there's more things to memorize or take note of. Additionally, he's always had an easier time working with / thinking about hardware, so to move more into software and "IT extracurriculars" he calls them (policies, commands, etc.) will come with some form of difficulty even if only a little.

Dion

Test Scores

  • Practice Exam 5 — 84%
  • Practice Exam 6 — 83%

Missed Questions

  • What document specifically governs the rights, restrictions, and compliance requirements associated with accessing and using software hosted on a third-party provider's infrastructure, including terms related to user entitlements, data handling obligations, and subscription based usage limitations? EULA [WRONG] /// Cloud-based Licensing Agreements [RIGHT] EULAs are more for intellectual property rights, installation permissions, warranty disclaimers, and liability limitations rather than comprehensive service-level expectations or ongoing compliance requirements. While an SLA might fit the bill, SLA's are more for downloaded content/apps/services that are manipulated; they are focused primarily on establishing measurable performance targets and the consequences when targets aren't met. The question clearly mentions "software hosted on 3rd-party provider's infrastructure" and "subscriptions" which are indicative of some cloud service/tool; thus, Cloud-based Licensing Agreements is the answer.
  • Dion Training uses a patch management server to control the distribution and installation of security patches. A technician needs to configure a new Windows 10 workstation to not perform Windows Updates automatically. Which of the following features in the Task Manager should the technician use to disable the Windows Update service? Startup [WRONG] /// Services [RIGHT] Startup tab = see every program configured to start up when Windows is booted up. While it is partially correct to associate updates with startup, the question quite literally labels Windows Update as a SERVICE; Services is the answer.
  • Which of the following allows a user to save their current session to memory, put a Windows 10 computer into a minimal power state and allow for the quickest time to return to functionality? Hibernate [WRONG] /// Sleep [RIGHT] Hibernate = save current session to disk, power off Sleep/Standby = save current session to memory, minimal power state Think: question mentions "quickest" return to functionality, like how opening a closed (sleeping) laptop is quick
  • An employee was recently moved from the Human Resources department into the Sales department. Which of the following should you check to ensure they no longer have access to the employee data stored in the Human Resource department share drives? Group Policy [WRONG] /// Security Groups [RIGHT] Group Policy = assign policies to groups to secure PCs, set features/preferences, install programs by group Security Groups = outright monitoring/configuring access per person/group
  • A browser loads an unrecognized search engine with poor results and numerous pop-ups. What TWO actions should you perform first? Delete web browser's cache, temporary files, and cookies [WRONG] /// Disable unapproved applications from Startup ; Reset web browser to default settings [RIGHT] Clearing cache, temporary files, and cookies improves performance, it does not help malware remediation efforts. The idea is to remove unwanted apps (disable startup apps) and rollback (reset web browser)
  • A user's personal settings are not showing up on their computer. You suspect that their profile has become corrupted within Windows. You attempt to look at their profile file but cannot find it in their profile directory. Which of the following options do you need to configure to see this file? User Accounts [WRONG] /// Folder Options [RIGHT] User Accounts would be for user administration tasks: create/delete/change accounts; it has nothing to do w/ it's directory location. The question specifically says he "cannot find [personal settings] in their profile directory", directory = folder → folder is invisible, togglable in Folder settings.
  • What is the maximum amount of memory used in a 32-bit version of the Windows operating system? 1GB [WRONG] /// 4GB [RIGHT] 1GB is what is needed to install 32-bit Windows, not to operate it. The OS itself, once installed, can operate using up to 4GB
  • The corporate network uses a centralized server to manage credentials for all of its network devices. What type of server is MOST likely being used in this configuration? Kerberos [WRONG] /// RADIUS [RIGHT] Kerberos = computer network authentication protocol, works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner; used in Windows Active Directory domains for authentication, not for network device credentials. RADIUS = centrally manage credentials for network devices
  • Your Android device's battery is advertised to last 12 hours, but it drains almost completely within 90 minutes. What should you do FIRST to try and solve this problem? Dim phone's display [WRONG] /// See apps using most battery [RIGHT] While dimming the phone can help preserve battery life (it is normally the biggest battery user), it doesn't do nearly as much damage to the charge as a high-intensity app can like a 90-minute depletion
  • Dion Training wants to implement a new wireless network using WPA3 in their offices. Which of the following features of WPA3 is used to provide a password-based authentication using the dragonfly handshake instead of the older WPA 4-way handshake? AES GCMP [WRONG] /// SAE [RIGHT] AES GCMP = high-performance mode for symmetric encryption; not even an authentication protocol SAE = Simultaneous Authentication of Equals
  • A technician is troubleshooting a slow system where applications frequently freeze. Task Manager shows that 90% of RAM is in use, while CPU and disk usage remain low. What is the best way to improve performance? Replace CPU w/ faster model (improve responsiveness) [WRONG] /// Increase RAM to provide more available memory for apps [RIGHT] Replacing the processor would not resolve the issue: CPU usage is already low, so processing power is not the bottleneck. The bottle neck is RAM, and the only option to increase RAM is to simply buy more RAM.
  • A user contacts the help desk and complains they are getting an error when they attempt to open a 4 GB .dmg file on their Windows 10 workstation. Which of the following should you tell them? "Hard drive must not have enough free space" [WRONG] /// "You need to use macOS to open DMG files" [RIGHT] Remember that .dmg files are ONLY on Macs. (The closest Windows equivalent is a .iso or .img)
  • You've just installed a 2nd monitor for a bookkeeper's workstation so they can stretch their spreadsheets across both monitors. This would essentially let them use the two monitors as one combined larger monitor. Which of the following settings should you configure? Extended mode [WRONG] /// Resolution [RIGHT] Resolution = pixel count on a SINGLE monitor only, not two The OS must recognize the two monitors as one unit first; therefore, Extended Mode must be used
  • A network admin needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall? 25 [WRONG] /// 22 [RIGHT] Port confusion: 25 = SMTP for mail But also slightly confusing: port 22 was taught to be Secure Shell (SSH); the next best guess should have been 21 (or 20) since they are for FTP for file transferring
  • You installed a flat panel television in a conference room, and the facilities manager is concerned that a lightning strike could damage it. The company is not worried about power outages since the room is only used a few times per week. Which of the following should be installed to BEST mitigate the facilities manager's concerns without spending too much money? Line conditioner [WRONG] /// Surge suppressor [RIGHT] Line Conditioner = raise sag/under-voltage event Surge Suppressor = limits surge/over-voltage event
  • Upon booting up a Windows 10 machine, you see an error message stating, "One or more services failed to start." Which of the following actions should you take? Uninstall + Reinstall service [WRONG] /// Verify that disabling a service doesn't affected others [RIGHT] Of the options presented in this question, only the one for verifying that disabling one service has not affected others would help correct a service that fails to start. This is because some services depend on other services to run, so if something or someone has disabled one service, it could have inadvertently affected others.
  • Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which is the MOST likely cause of the issue? SSL certificates [WRONG] /// RADIUS [RIGHT] Secure Sockets Layer (SSL) = security protocol for privacy + authentication over Internet; application-independent, layer 5 [Session], used w/ variety of protocols (HTTP or FTP), not necessarily for Wi-Fi authentication. Captive portals usually rely on 802.1x, which uses RADIUS for authentication.
  • You are trying to open your company's internal shared drive from your Windows 10 laptop but cannot reach it. You open your web browser and can connect to DionTraining.com without any issues. Which of the following commands should you use to determine if the internal shared drive is mapped to your computer properly? chkdsk [WRONG] /// net use [RIGHT] chkdsk = check the file system + metadata(on the disk) net use = connect to/remove/config connections to shared resources (mapped drives, network printers)
  • Which of the following types of attacks is conducted by injecting malicious programming language statements into otherwise trustworthy websites to attack the user's web browser? SQL injection [WRONG] /// Cross-site scripting [RIGHT] SQL injection = insertion into entry field for execution XSS = insertion into website's code
  • User installs 3rd-party email client on their smartphone. After resetting their password, they still receive 'Invalid credentials' errors when logging in. What is MOST likely the cause? Email account is locked out [WRONG] /// MFA requirement [RIGHT] Email account is not locked out, the issue would have been solved when they reset the password (it might even be the reason for the reset at all). More than likely the user simply didn't complete the MFA requirement.
  • Another technician tells you that they are PXE booting a computer. What is the technician MOST likely doing with the computer? Using multiboot configuration [WRONG] /// Installing image to PC over network [RIGHT] PXE booting specifically refers to booting a PC over a network to install an OS image from a server rather than selecting between pre-installed OS's. While both methods involve loading OS's, they serve different purposes and use different processes.
  • Which of the following is required for evidence to be admissible in a court of law? Right to audit [WRONG] /// Chain of custody [RIGHT] A right to audit is a clause in a contract or service agreement that allows a company the authority to audit the systems and information processed. It does not directly involve the handling of evidence, especially much later on in a court case. Chain of custody forms list every person who has worked with or who has touched the evidence that is a part of an investigation. This would be much more relevant for to-be-presented evidence
  • A user is trying to transfer a 5GB video file to a USB drive formatted w/ FAT32, but the process fails. What is the BEST way to resolve this issue? Compress before transfer [WRONG] /// Format drive to NTFS [RIGHT] Compression is more of a workaround rather than a solution; yes the video file will be stored, but the quality will suffer greatly, which is not ideal. The best solution is to reformat to NTFS, which supports much larger files.
  • You receive a support ticket stating that one user is unable to access shared network drives that were previously available. Other users in the same department have no issues accessing the same resources. The user mentions that the problem started after a recent security update, and they now see unexpected system notifications. Which of the following would be the most appropriate solution in this case? Verify user's network settings, reconnect to network drives [WRONG] /// Check for unauthorized software, scan for malware [RIGHT] Inability to access network resources combined with unexpected notifications can be a sign of malware blocking network connections or altering system settings. Scanning for malware ensures the system is clean before troubleshooting connectivity. Simply verifying network settings may not fix a deeper security issue.
  • Which of the following Control Panel options should a technician use to change a person's role from standard to an administrator? Administrative Tools [WRONG] /// User Accounts [RIGHT] Admin "tools" = computer management, disk defrag/cleanup, event viewer, etc., not necessarily for manipulating user permissions (even if the permissions are an upgrade to admin status). As such, User Accounts should be used.
  • A corporate workstation was recently infected with malware. The malware was able to access the workstation's credential store and steal all the usernames and passwords from the machine. Then, the malware began to infect other workstations on the network using the usernames and passwords it stole from the first workstation. The IT Director has directed its IT staff to develop a plan to prevent this issue from occurring again. Which of the following would BEST prevent this from reoccurring? Install Unified Threat Mgmt system to monitor for sus traffic [WRONG] /// Install anti-virus/-malware that uses heuristic analysis [RIGHT] UTM might be able to monitor and detect the issue but not stop it from spreading outright. anti-virus/-malware has that capability.
  • A user's Bluetooth headphones disconnect intermittently during meetings when pacing in a large office. What is the MOST likely cause? Headphones' battery depleting, can't sustain connection [WRONG] /// User is moving beyond effective range of Bluetooth connection [RIGHT] Question the MOST obvious.
  • Your physical security manager, Janice, wants to ensure she can detect any unauthorized access to the data center. Which technology should be used to meet her requirement? Access badge reader [WRONG] /// Video surveillance [RIGHT] Note the wording of the question, that "she can detect". The only technology that has the ability to directly "notify" an admin of access is a security camera whose footage can be watched by the admin as much as possible.
  • After replacing a security device protecting a screened subnet, external users can no longer access a remotely accessible application. Which device was MOST likely misconfigured? DNS [WRONG] /// Firewall [RIGHT] Somewhat stupid mistake DNS = domain names Firewall = network access

Topics for Review

  • Some Windows Tools shortcuts: diskmgmt.msc = Disk Mgmt Console, config in-/external disk partitions dfrgui = Disk Defragmenter, for defragmenting taskschd.msc = Task Scheduler, create/run background cmds/scripts eventvwr.msc = Event Viewer, view log files perfmon.msc = Performance Monitor, extremely in-depth Task Mngr lusrmgr.msc = Local Users & Groups, add/change/disable/delete gpedit.msc = Group Policy Editor, configure Settings across groups certmgr.msc = Certificate Mngr Utility, manage digital certificates msinfo32 = System Info, report all system hardware/software resmon.exe = Resource Monitor, more in-depth Task Mngr msconfig = System Config, change boot/OS-loading settings + files regedit = Registry Editor, database of Hives of keys for all Settings mmc = Microsoft Mgmt Console, create custom admin tool suites

Microsoft Entra ID Notes

Finishing the last hour (+ change) of Microsoft Entra ID learning

Managing Entra ID

  • Identity → Users → All users: show Display name, User principle name (email / login username), Type (Guest = outside of tenant; Member = in tenant) On-premises (Yes = Local, No = Cloud), and Identities (What tenant(s) user is in)
  • Each new user requires: Principle name (w/ verified domain name, i.e., john@domain.com), display name, password, account en-/disable, other PII; can assign different roles (perms) to user
  • Can see Audit logs (admin uses privileges to do a task), Sign-in logs (user logins to any connected Microsoft product); can delete users, reset passwords, and set general user settings
  • Identity → Groups → All groups: show Group name, Object ID, and Group Type (Security, MS 365, Distribution (for only giving info; set in Admin Center only)), w/ pre-configured perms according to group
  • Each new group requires: type, name, description, and membership list (both internal and external users can be part of internal groups)
  • Clicking any group displays group's info: configurable properties, members, owner(s), group's admin role(s), admin unit groupings, parent group membership, general settings, naming policies
  • Admin Unit = grouping of various objects to be administered separately (e.g., admin in charge of supporting 100 specified users and no one else); found in: Identity → Roles & admins → Admin units
  • Each new admin unit only requires a name (members + admins can be added at creation or later on); each admin in a unit can be given a preset of admin-level perms: authentication, helpdesk, licenses, password, etc.
  • Entra ID can work w/ Microsoft Intune/Microsoft Configuration Mngr (an MDM) for device management: Identity → Devices → All devices; can add/change/delete devices to/from tenant to monitor/audit them (less powerful w/out MDM integration, but can still do basic mngmt)
  • Each device lists: name, OS, version, join type, owner; clicking a device show device properties, roles + perms, admin unit member ship
  • Role = specific set of perms/right Role group = grouping of perms/rights Clicking a user + going into Assigned Roles lists all roles; can add preset role(s ) to user (app admin, app developer, Teams communications support engineer, etc., etc., etc.)
  • Identity → Roles & admins → Roles & admins: see all assignable roles: description, privileged status, # of assignees (users/groups), type; clicking any role can show a full description of every single permission given to it (Custom roles only available in paid tiers of Entra ID)

Implementing Identity Governance + Protection

  • Identity Governance = applying governance to ID's: managing in a secure, efficient manner; principle of Least Privilege
  • Entra ID Premium + Entra ID Governance add-on = solution for good governance: Entitled Mngmt, Lifecycle Workflow (automatically apply/remove perms), Access Reviews (regularly audit/manage user access rights), Privilege Identity Mngmt (PIM) (granular role/perm assignment, even timed assignments)
  • Identity Protection = concept of securing credentials to prevent malicious access to company resources w/ various security mechanisms; Entra ID gives Identity Secure Score which evaluates current security posture
  • Conditional Access enforces access requirements (i.e., inside company premises, outside logical network, user in "Managers" group signs in, etc.) (Entra ID Premium feature)
  • MFA was configured in Identity → Users → All users → Per-user MFA; links to old Azure site where individual/bulk users can be given basic MFA requirements/options + service settings Now configured in Identity → Protection → MFA and in Identity → Protection → Authentication methods w/ more settings: (e.g., block users from using MFA)
  • Self-Service Password Reset (SSPR) = allows user to securely reset password on their own in some web portal w/out IT support: user must first register for SSPR, then, once approved, can reset their password; can configure what authentication methods are used in web portal, if notifications of user/admin password resets, etc.
  • Companies may need to implement hybrid practices (e.g., IDs are hosted in cloud but they require access to on-premises resources, or vice versa) Identity → Hybrid management → Microsoft Entra Connect = portal to Azure AD Connect (maybe fully Entra at this point) for authentication for access to both sets of resources (Cloud Sync vs. Connect Sync)
  • Identity → Overview → Monitoring tab: live view of sign-in attempts (more in-depth version: Identity → Users → All users → Sing-in logs)
  • Protection section gives all info regarding security: Security Center for reporting risky users + sign-ins

Job Hunting

Applications

  • Hardy Industries — IT + Telecom Field Technicians PC and printer troubleshooting experience (a strong plus)…At least 1 year of I.T. or Telecom experience, and one of the following: A+, Sec+, 5+ yrs of veritable IT work
  • Solar Landscape — IT Support Specialist Provide initial technical support to end users across the organization. This role serves as the primary point of contact for technical support for resolving hardware, software, and access issues, all while providing top-notch customer service. This role will start with Tier 1 support and will overtime learn the skills and standards used across the IT industry…Certifications preferred but not required: CompTIA A+, Net+

Research, Follow-Ups, and More

The Indeed application for Solar Landscape included some basic IT troubleshooting scenarios as questions which was refreshing and, dare he say, exciting to see for him to exercise his knowledge. Of course, he stuck with what he knew: CompTIA's troubleshooting methodology. Hopefully his robust answers will lead to something promising.

Summary

Sure enough, it only took a little longer for him to start getting scores up. Now it's a matte of retaking exams and finding other practice materials.

On average, he scores higher on Domains 1 and 4 (OS's and Operational Procedures) than on Domains 2 and 3 (Security and Software Troubleshooting), so he'll be revisiting them before flashing through more practice exams tomorrow.

Checkpoints

  • Dion — Practice Exams 5, 6
  • Applications sent: 2

Major Takeaways