Operational Procedures

A technician is decommissioning several hard drives that contained sensitive client data. The drives are still functional but need to be disposed of securely. Which method ensures the data cannot be recovered?

A technician receives a report that several employees have received an email appearing to be from the company's IT department asking them to click a link and enter their login credentials. The technician suspects a phishing attack. What is the FIRST step the technician should take according to incident response procedures?

A small business is upgrading its office equipment and needs to dispose of several old CRT monitors and LCD displays. Which of the following is the MOST environmentally responsible method of disposal for these electronic devices?

A technician is setting up a secure disposal plan for old laptops. Which of the following procedures BEST ensures that all sensitive data is irretrievable before disposal?

A technician is decommissioning several old laptop batteries that are no longer holding a charge. Which of the following is the MOST appropriate method of disposal for these batteries?

A technician is documenting a recurring issue where users lose network connectivity after a specific software update is installed. The technician has identified the root cause and implemented a temporary workaround. According to change management best practices, what is the NEXT step the technician should take?

A technician needs to apply a critical security patch to a server that hosts a legacy application. The patch is known to cause a brief service interruption during installation. According to change management best practices, which of the following should the technician do FIRST before installing the patch?

A company is disposing of several old desktop computers that are still in working condition. The hard drives have been sanitized using a degausser, and the computers will be sold to a refurbisher. Which of the following should the technician do with the original Windows 10 license stickers attached to the cases before releasing the equipment?

A small business owner wants to ensure that employees follow a consistent and documented process when handling sensitive customer data. Which type of document should the technician recommend to outline the step-by-step procedures?

A help desk technician is creating a standard operating procedure (SOP) for handling password reset requests. Which of the following components is MOST important to include in the SOP to ensure consistency and security?

A help desk technician receives a call from a user who states they clicked on a link in an email that appeared to be from the company's CEO requesting urgent action. The user entered their username and password on the resulting webpage. Which of the following is the FIRST step the technician should take according to incident response procedures?

A technician is decommissioning several old magnetic hard disk drives (HDDs) that contain sensitive company data. The drives are no longer in use and will be physically destroyed. Which of the following methods will BEST ensure that the data on these HDDs is irretrievable before disposal?

A technician needs to apply a critical security patch to a production web server. The patch is known to require a service restart, which will cause a brief outage. According to change management best practices, what is the FIRST step the technician should take?

A technician is preparing a change request to update the firmware on a critical file server. The update is known to potentially cause incompatibility with a custom internal application. According to change management best practices, which of the following must the technician include in the change request?

A help desk technician receives a call from a user reporting that their workstation is infected with ransomware. The technician has isolated the system from the network by unplugging the Ethernet cable. According to incident response best practices, what should the technician do NEXT?

A technician needs to replace a failed power supply unit (PSU) in a server that has dual redundant PSUs. The server is in production and is currently running on the remaining functioning PSU. According to change management best practices, which of the following should the technician do FIRST?

A technician needs to apply a critical security patch to a database server that hosts a production application. The patch is known to cause a 10-minute service disruption and cannot be applied during normal business hours. According to change management best practices, which document should the technician submit and have approved BEFORE performing the update?

A technician needs to apply a critical security patch to a database server that runs a line-of-business application. The patch requires a 10-minute service restart. The change management board has approved a maintenance window from 2:00 AM to 3:00 AM. At 2:15 AM, the technician installs the patch and restarts the server. After the restart, the application fails to connect to the database. There are 45 minutes remaining in the window. Which of the following is the MOST appropriate next step according to change management best practices?

A help desk technician is documenting the steps for setting up a new employee workstation to ensure consistency across the team. Which type of document should the technician create to define the step-by-step process?

A company is decommissioning several SSDs from high-security laptops. The SSDs were encrypted with BitLocker. The organization must ensure data is unrecoverable while complying with environmental disposal regulations. Which method should be used?

A technician needs to update the firmware on a network switch that is not business-critical but will cause a brief loss of connectivity for a small workgroup. The technician has identified the correct firmware file and verified a rollback plan. According to change management best practices, what should the technician do FIRST?

A user reports that their workstation is infected with ransomware, and all files on the local drive as well as mapped network drives are encrypted. The technician has already isolated the workstation by unplugging the network cable and powering off the machine. According to incident response best practices, what should the technician do NEXT?

A technician is following the CompTIA A+ troubleshooting methodology to resolve a user's issue with a non-booting computer. The technician asks the user, 'Did you change any hardware or software recently?' This action corresponds to which step of the methodology?

A help desk technician receives a call from a user who reports that they received an email asking them to click a link and enter their corporate credentials to 'verify their account.' The user clicked the link and entered their username and password. According to incident response best practices, what should the technician do FIRST?

A technician needs to create a document that provides step-by-step instructions for setting up a new user account on Windows 10. This document should be used by all help desk staff to ensure consistency. Which type of document does this BEST describe?

A technician is updating the firmware on a network switch during a scheduled maintenance window. The update fails and the switch becomes unresponsive. The technician had prepared a rollback plan and has a backup configuration file. According to change management best practices, what should the technician do NEXT?

A technician is about to perform a firmware update on a critical server after receiving approval from the change advisory board. The technician has downloaded the correct firmware from the vendor and verified the hash. During the maintenance window, the technician begins the update but the server becomes unresponsive after the flash process starts. Which of the following documentation should the technician have prepared BEFORE the update?

A help desk technician needs to create a document that defines the step-by-step process for escalating a security incident within the IT department. Which type of document should be created?

A help desk technician is creating a document that outlines the exact steps to follow when a user forgets their password and needs a reset. The document ensures all technicians follow the same verification process. What type of document is the technician creating?

A technician is scheduled to apply a critical security patch to a file server during a maintenance window. The technician has already tested the patch in a lab environment and has received approval from the change advisory board. During the deployment, a conflict arises with an existing application, causing the server to become unstable. According to change management best practices, what should the technician do NEXT?

A user requests local administrator access on their workstation to install a software program. The company follows the principle of least privilege. What should the technician do?

A technician is planning to apply a critical security patch to a production file server. The patch has been fully tested in a lab environment and the Change Advisory Board (CAB) has approved the change. The maintenance window begins in one hour. According to change management best practices, which of the following should the technician do NEXT?

A technician is applying a critical security patch to a web server during a scheduled maintenance window. The patch was tested in a lab and approved by the Change Advisory Board. During the installation, the server becomes unresponsive and will not boot. The technician has a backup of the server configuration and a system state backup. According to change management best practices, what should the technician do FIRST?

A help desk technician needs to create a document that specifies the exact steps to follow when resetting a user's password, including verification of identity. Which type of document should be created?

A company is decommissioning several workstations that contain confidential client data on traditional HDDs. The company's data disposal policy requires that the data be completely unrecoverable. Which method should the technician use to achieve this?

A technician is applying a critical security patch to a production database server. The patch was fully tested in a lab environment and approved by the Change Advisory Board (CAB). During the scheduled maintenance window, the technician begins the installation. Halfway through, the server becomes unresponsive and fails to restart. Which of the following should the technician do FIRST according to change management best practices?

A company's IT department follows a strict change management process. A technician is implementing a planned change to update the firmware on a network switch. The change has been approved and the maintenance window has started. During the firmware update, the switch loses power due to a circuit breaker tripping. The technician has a backup configuration file. According to best practices, what should the technician do FIRST?

A company follows a strict change management process. A technician is applying a critical security patch to a web server during a scheduled maintenance window. The patch was fully tested in a lab environment and approved by the Change Advisory Board (CAB). During the installation, the technician discovers that the patch requires a software dependency that is not installed on the server. According to change management best practices, what should the technician do FIRST?

A technician is scheduled to apply a firmware update to a storage array during a maintenance window. The change was approved by the Change Advisory Board (CAB). At the start of the window, the technician discovers that the latest firmware version is only available on the vendor's support portal, which requires an active support contract that has expired. According to change management best practices, what should the technician do NEXT?

A technician is applying a critical security patch to a production database server during a scheduled maintenance window. The patch was tested in a lab environment and approved by the Change Advisory Board (CAB). The patch installs successfully, but after the server reboots, a core database service fails to start. A system state backup was taken before the change. According to change management best practices, what should the technician do FIRST?

A help desk technician needs to create a document that provides step-by-step instructions for handling password reset requests, including identity verification and escalation procedures. Which type of document should the technician create?

A technician needs to back up a user's data before upgrading the operating system from Windows 10 to Windows 11. The user has a large folder with documents, photos, and saved games. The technician will use an external USB drive formatted as NTFS. The goal is to secure a single point-in-time copy quickly and completely. Which backup method should the technician choose?

A technician discovers that a user's workstation has been compromised. Logs indicate that sensitive data has been exfiltrated. According to incident response best practices, which action should the technician take FIRST?

A change request to upgrade the operating system on a database server has been approved by the Change Advisory Board (CAB). During the scheduled maintenance window, the technician completes the upgrade successfully. However, after rebooting, a critical business application fails to connect to the database. A full backup of the server was taken before the change. According to change management best practices, what should the technician do NEXT?

A technician is implementing a scheduled change to upgrade a critical application server. The change was approved by the Change Advisory Board (CAB) expecting a 30-minute outage. During the implementation, the technician realizes the actual outage will be closer to two hours due to unexpected data migration steps. According to change management best practices, what should the technician do FIRST?

A change to apply a critical security patch to a production application server has been approved by the Change Advisory Board (CAB) with a detailed implementation plan. During the scheduled maintenance window, the technician begins the patching process and discovers that a required prerequisite update is not installed on the server. The prerequisite update is available for download but was not included in the approved change plan. According to change management best practices, what should the technician do FIRST?

A change request to update the firmware on a network switch has been approved by the Change Advisory Board (CAB) and is scheduled for a maintenance window. During the implementation, the technician discovers that the downloaded firmware file is corrupted. The technician has verified that a backup configuration file exists. According to change management best practices, what should the technician do FIRST?

A change request to apply a critical security patch to a production web server has been approved by the Change Advisory Board (CAB) with a detailed implementation plan. During the scheduled maintenance window, the technician discovers that a required prerequisite patch is missing. The prerequisite patch is available for download and was tested in the lab, but it was not listed in the approved change plan. According to change management best practices, what should the technician do FIRST?

A technician is applying a critical security patch to a production database server during a scheduled maintenance window. The patch was tested in a lab environment and approved by the Change Advisory Board (CAB). During installation, the server prompts for an unexpected reboot. The change plan did not include a reboot, and the maintenance window is only 30 minutes long. According to change management best practices, what should the technician do FIRST?

A help desk technician is escalating a complex issue to a senior technician. According to best practices, which information should the technician include in the escalation documentation?

A help desk technician has been unable to resolve a complex network connectivity issue for a remote user. The technician decides to escalate the issue to a senior technician. According to best practices, which of the following should the technician include in the escalation documentation?

A help desk technician has been unable to resolve a complex network connectivity issue for a remote user. The technician decides to escalate the issue to a senior technician. According to best practices, which information should the technician include in the escalation documentation?

A technician is implementing a scheduled change to replace the power supply in a server. The change was approved by the Change Advisory Board (CAB) with a 30-minute maintenance window. During the replacement, the technician discovers that the new power supply's connector is incompatible with the server's motherboard. The technician has an adapter that could work, but using the adapter was not included in the change plan. According to change management best practices, what should the technician do FIRST?

A technician has completed a scheduled maintenance task to replace a failed hard drive in a server. The new drive is installed and the server is back online and functioning normally. According to best practices, what should the technician do NEXT?

A technician has just applied a critical security patch to a file server during an approved maintenance window. The patch was installed successfully and the server is functioning correctly. According to change management best practices, what should the technician do NEXT?

A technician implemented a scheduled change to update the firmware on a network switch. After the update, the switch becomes unresponsive and the network segment goes down. The change plan includes a rollback procedure that requires re-flashing the original firmware, which will take 20 minutes. However, only 15 minutes remain in the maintenance window, after which normal operations are expected to resume. According to change management best practices, what should the technician do FIRST?

A technician is implementing a scheduled change to replace a server's power supply. The change was approved by the Change Advisory Board (CAB) with a 30-minute maintenance window. During the replacement, the technician discovers that the new power supply's connector is incompatible with the server motherboard. The technician has a compatible adapter available, but using the adapter was not part of the approved change plan. According to change management best practices, what should the technician do FIRST?

A technician is disposing of several old magnetic hard drives that contain confidential client data. The company policy mandates that the data must be completely destroyed and the drives must be rendered unusable. Which method should the technician use?

A technician completes an approved firmware update on a network switch. After the update, the switch functions correctly, but the management interface now requires HTTPS instead of HTTP. The change plan only mentioned updating firmware to patch a security vulnerability. According to change management best practices, what should the technician do NEXT?

A help desk technician has documented a complex issue that required escalation to a senior technician. Which information is MOST important to include in the documentation for future reference?

A technician has completed a scheduled firmware update on a network switch. The update was successful, but the technician notices that the switch's configuration was reset to factory defaults. The technician restores the configuration from a known-good backup. According to change management best practices, what should the technician do NEXT?

A user calls the help desk reporting that their workstation is displaying a full-screen message claiming all files are encrypted and demanding a payment in Bitcoin to unlock them. According to incident response best practices, what should the technician do FIRST?

A technician has completed an emergency change to restore a critical server after a security breach. The change was not pre-approved by the Change Advisory Board (CAB) due to the urgency. According to change management best practices, what should the technician do NEXT?

A technician is called to investigate a potential data breach involving client PII. The technician has identified the affected systems and has taken screenshots of the current state. According to proper incident response procedures, what should the technician do NEXT?

A help desk technician is documenting the steps to resolve a recurring printer issue for the team's knowledge base. Which element is MOST important to include to ensure the documentation is useful for other technicians?

A help desk technician receives a call from a user who claims that their computer is infected with a virus. The user has already run an antivirus scan and deleted some files. The technician follows the incident response plan. What should the technician do FIRST?

A technician is creating a new standard operating procedure for resetting user passwords in a Windows domain. Which element is MOST important to include to ensure the procedure is effective and follows security best practices?

A technician is investigating a potential security incident. A user reports that they clicked a link in an email and entered their corporate credentials on a website that appeared to be the company's VPN portal. The technician confirms the website is malicious and the credentials have been compromised. According to the company's incident response plan, what should the technician do FIRST?

A help desk technician receives a call from a user who claims their password is not working. The technician asks the user to verify their identity by providing their employee ID and date of birth. The user provides this information. According to best practices for password resets, what should the technician do NEXT?

A technician is documenting a security incident involving a potential data breach. The technician has collected logs, taken screenshots, and created a forensic image of the affected hard drive. The company's incident response policy requires that a formal report be submitted to management. Which of the following is the MOST critical element to include in the report?

A technician is preparing a change request to upgrade the operating system on a file server. Which element is MOST important to include in the change request to minimize the impact on users?

A help desk technician has identified a malware infection on a user's workstation. The technician has disconnected the computer from the network to contain the infection. According to the company's incident response plan, what should the technician do NEXT?

A network administrator discovers a critical security vulnerability in a production firewall that could allow external attackers to bypass authentication. The administrator applies a configuration change to fix the vulnerability immediately, without waiting for the next Change Advisory Board (CAB) meeting. After the change is applied and verified to be successful, what should the administrator do NEXT according to change management best practices?

A technician is tasked with disposing of several old hard drives that contained confidential client data. Which of the following disposal methods provides the HIGHEST level of data security?

A technician is preparing a change request to upgrade the operating system on a file server that is currently running Windows Server 2016 to Windows Server 2022. Which of the following elements is MOST important to include in the change request to minimize the risk of a failed implementation?

A security technician has confirmed that a user's workstation is infected with ransomware that has encrypted local files. The technician immediately isolated the system by disconnecting the network cable and then created a forensic image of the hard drive for evidence. According to standard incident response procedures, what should the technician do NEXT?

A help desk technician receives a call from a user who states they forgot their password and need it reset. The technician follows the company's standard operating procedure for password resets. After successfully resetting the password and confirming the user can log in, what should the technician do NEXT according to best practices?

A small business experiences a ransomware attack that encrypted all files on a single workstation. The technician isolates the workstation, removes the malware using a bootable antivirus scanner, and restores the encrypted files from a verified cloud backup. According to best practices for incident response, which step should the technician perform NEXT?

A technician is tasked with deploying a critical security patch to all workstations in the organization. The patch addresses a remote code execution vulnerability. The technician has already tested the patch on a non-production machine and it installed successfully. According to standard change management procedures, what should the technician do BEFORE deploying the patch to production workstations?

A technician needs to deploy a critical security patch to a production file server. The patch has already been tested successfully in a lab environment. According to standard change management best practices, what must the technician do before deploying the patch to production?

A technician is preparing a change request to upgrade the RAM in five office workstations from 8 GB to 16 GB. Which of the following elements is MOST important to include in the change request to ensure it is properly evaluated and approved?

A technician is tasked with implementing a change to update the antivirus software on all company workstations. The change has been approved by the CAB. The technician plans to deploy the update via a centralized management console. During the deployment, the technician notices that some older workstations are failing to install the update. Which of the following should the technician do FIRST?

A technician is preparing to deploy a critical security patch to all company servers. The patch has been tested in a lab environment and approved by the Change Advisory Board (CAB). According to change management best practices, what is the NEXT step the technician should take?

A help desk technician assists a user who cannot log into their workstation because they forgot their password. The technician follows the company's standard operating procedure for password resets. After successfully resetting the password and confirming the user can log in, what is the NEXT step according to best practices?

A technician is implementing a change to deploy new accounting software to 20 workstations. The change has been approved by the Change Advisory Board (CAB). During the deployment, the technician discovers that three workstations have incompatible hardware. According to change management best practices, what should the technician do FIRST?

A technician is documenting a security incident in which a user's company-issued laptop was stolen. The technician has already reported the theft to the security team and initiated a remote wipe of the device. According to incident response best practices, what should the technician do NEXT?

A technician is implementing a change to update the firmware on all network switches in a data center. The change has been approved by the Change Advisory Board (CAB). During the implementation on the first switch, the firmware update fails, and the switch becomes unresponsive. According to change management best practices, what should the technician do FIRST?

A technician is implementing a change to deploy a critical security patch to all company workstations. The change has been approved by the Change Advisory Board (CAB). The technician has successfully tested the patch on a pilot group of ten workstations. According to change management best practices, what should the technician do NEXT?

A technician is tasked with deploying a new software version to all company workstations. The change has been approved by the Change Advisory Board (CAB). During the rollout, the technician discovers that several workstations are not compatible. According to change management best practices, what should the technician do FIRST?

A technician is deploying a critical security patch to all company workstations. The patch has been approved by the Change Advisory Board (CAB) and tested in a lab environment. During the rollout, the technician discovers that several older workstations are not compatible with the patch and the installation fails. According to change management best practices, what should the technician do FIRST?

A technician is implementing a change to deploy a new software update to all workstations. The change has been approved by the Change Advisory Board (CAB). During the rollout, the technician discovers that several workstations are not compatible and the update fails. According to change management best practices, what should the technician do NEXT?

A technician has a change request approved by the Change Advisory Board (CAB) to upgrade the operating system on 50 company workstations. The technician has tested the upgrade on a pilot group of five workstations with no issues. According to change management best practices, what is the NEXT step the technician should take?

A technician has completed the implementation of an approved change to replace all network switches in a branch office with new models. The deployment was successful, and all switches are functioning correctly. According to change management best practices, what is the NEXT step the technician should take?

A technician has just completed a scheduled change that involved updating the operating system on ten company workstations. The update was successful on all workstations. According to change management best practices, which of the following should the technician do to properly close the change?

A technician has completed an approved change to deploy a new printer driver to all workstations in a department. The deployment was successful, and all users can print. According to change management best practices, which of the following should the technician do NEXT?

A technician has an approved change request to deploy a new accounting software package to 20 workstations. During the rollout on the first workstation, the technician discovers that the software requires a newer version of a runtime library that is not installed. The technician checks the remaining workstations and finds that 15 of them already have the required runtime, but five older workstations do not. According to change management best practices, what should the technician do FIRST?

A technician has received approval from the Change Advisory Board (CAB) to upgrade the operating system on 100 company workstations from Windows 10 21H2 to 22H2. The technician first performs the upgrade on a pilot group of five workstations. After the pilot, two of the five workstations are experiencing application compatibility issues. According to change management best practices, what should the technician do NEXT?

A technician is decommissioning an old server that hosts a legacy application. The change has been approved by the Change Advisory Board (CAB). After decommissioning, users report that a critical report no longer runs. The technician discovers that the report depended on a scheduled task on the old server that was not migrated. According to change management best practices, what should the technician have done to prevent this issue?

A technician performs a test restore of a critical database from a backup tape as part of the company's disaster recovery plan. The restore process completes without errors, but when the database is checked for integrity, several errors are found. What is the NEXT step the technician should take?

A technician needs to replace a failed hard drive on a server that is under warranty. The replacement drive is an identical model and the procedure is documented and approved in advance. Which type of change is this?

A technician needs to provide remote assistance to a user who is not on the corporate network. The technician wants to ensure a secure connection. Which of the following should the technician require the user to do first?

A technician has received approval from the Change Advisory Board (CAB) to decommission an old server that hosts a legacy application. The decommissioning is completed successfully. The next day, users report that a critical monthly report no longer runs. The technician discovers that the report depended on a scheduled task on the old server that was not migrated. According to change management best practices, what should the technician have done to prevent this issue?

A technician has completed an approved change to replace a failed hard drive in a server. The server is back online and all services are working. According to change management best practices, which of the following is the NEXT step the technician should take?

A technician receives a report from a user that their workstation is displaying a ransomware note and files are being encrypted. The technician has already isolated the workstation from the network. According to incident response procedures, which of the following is the NEXT step the technician should take?

A technician needs to schedule a maintenance window to apply a critical security patch to a server. The update requires a reboot and will cause a brief service outage. Which of the following is the BEST way to communicate this change to affected stakeholders?

A technician is documenting a standard operating procedure (SOP) for creating new user accounts. The SOP must include a step to verify the identity of the person requesting the account. Which of the following is the BEST method for identity verification?

A technician needs to apply a critical security patch to a file server that requires a reboot, causing a brief outage. The server is used during business hours. According to change management best practices, what should the technician do FIRST?

A technician needs to apply a critical security patch to a file server that requires a reboot, causing a service outage of approximately 10 minutes. According to change management best practices, which document should the technician complete and obtain approval for BEFORE performing the update?

A technician has received approval from the Change Advisory Board (CAB) to apply a critical security patch to a file server. The patch requires a reboot. Which of the following should the technician do NEXT before beginning the installation?

A company requires all changes to production systems to be approved by the Change Advisory Board (CAB). A technician receives an urgent request from a manager to apply a critical security patch that fixes a zero-day vulnerability. The patch requires a reboot, and the server is currently in use. The CAB is not scheduled to meet for another week. Which of the following is the BEST course of action?

A technician is dispatched to replace a faulty motherboard in a desktop computer. The technician has the required replacement part, which is an exact match. The computer is currently in use by an employee. The technician checks the ticketing system and sees the request was approved by the employee's manager. What should the technician do FIRST?

A technician has identified a critical security vulnerability in a production web server that requires an immediate patch. The patch will cause a brief service interruption. According to change management best practices, which of the following is the BEST course of action?

A technician has been granted approval from the Change Advisory Board (CAB) to apply a critical security patch to a web server. The patch requires a reboot, causing a brief outage. The technician has backed up the system and verified the backup is valid. What is the NEXT step the technician should take according to change management best practices?

A technician has received approval from the Change Advisory Board (CAB) to apply a critical security patch to a production database server. The patch requires a reboot and will cause a 15-minute outage during the approved maintenance window. The technician has successfully installed the patch and rebooted the server. The server is back online and appears to be functioning normally. According to change management best practices, what should the technician do NEXT?

A technician is decommissioning a server that contained confidential client data. The hard drives will be donated to a local school. Which of the following data destruction methods is the MOST appropriate to ensure the data is unrecoverable?

A technician finds an unknown USB flash drive in the company parking lot. The drive is labeled 'Confidential Q4 Results'. According to operational procedures, what should the technician do?

A user reports that their workstation is infected with ransomware. The technician instructs the user to disconnect the network cable immediately. According to incident response best practices, what should the technician do NEXT?

A technician has received approval from the Change Advisory Board (CAB) to apply a critical security patch to a file server. The patch requires a reboot, and a maintenance window of 2:00 AM to 3:00 AM has been scheduled. The technician successfully installs the patch, reboots the server, and verifies that the server is functioning normally. According to change management best practices, what should the technician do NEXT?

A technician has a change request approved by the CAB to apply a security patch to a critical file server. The scheduled maintenance window is from 2:00 AM to 4:00 AM. The technician arrives at 2:00 AM and finds that a user is still logged in and running a long data migration job that will not complete until 3:30 AM. The user is not responding to messages. Which of the following should the technician do FIRST?

A user spills coffee on their company-issued laptop. The user quickly dries it with a cloth and tries to power it on, but the laptop does not start. The user calls the help desk. What should the technician advise the user to do FIRST?

A technician is decommissioning a server that contains confidential data stored on multiple SATA SSDs. The SSDs will be physically destroyed by a certified vendor. However, the technician must first render the data unrecoverable before handing over the drives. Which of the following methods is the MOST appropriate for SSDs prior to physical destruction?

A technician has received approval from the Change Advisory Board (CAB) to update the firmware on a critical database server. The change window is scheduled for 1:00 AM. At 12:45 AM, the technician begins the update, but mid-process the server loses power due to an electrical fault. Upon power restoration, the server fails to boot. The technician has a verified full backup. According to change management and incident response procedures, what should the technician do FIRST?

A critical security vulnerability has been discovered in the company's web server software. The vendor has released a patch, and the IT security team has verified it in a test environment. The change requires a server reboot, causing a 30-minute outage. The company's change management policy requires all changes to be pre-approved by the Change Advisory Board (CAB), which meets weekly on Fridays. The vulnerability is actively being exploited in the wild. What should the technician do NEXT?

A technician implemented a change to update a configuration file on a web server during a scheduled maintenance window. After the change, the web server experiences a 500% increase in error rates. The technician has a verified backup of the original configuration file. According to change management best practices, what should the technician do FIRST?

An organization must dispose of several hard disk drives (HDDs) that contain highly sensitive data. Which method of data destruction is most appropriate to ensure the data cannot be recovered?

A technician needs to apply a critical security patch to a production server that cannot be shut down during business hours. According to change management best practices, which step must be completed before implementing this emergency change?

A technician has implemented an approved change to a server. According to standard change management processes, what is the next step?

According to IT best practices, which of the following is a key component of an incident response plan?

After applying a scheduled security patch to a server and verifying its functionality, which change management step should the technician perform next?

A company policy requires that all data on decommissioned laptops be completely destroyed to prevent data breaches. The laptops have non-functional hard drives. Which method of data destruction is most appropriate?

According to IT best practices, which of the following should be included in a change request form?

A technician needs to apply a critical security patch to a production web server to stop an active exploit. The standard change window is not for another week, but the patch has already been approved by the Change Advisory Board (CAB). What should the technician do according to change management best practices?

A small business wants to ensure that all employees formally acknowledge the company's acceptable use policy (AUP) for computers and the internet. Which method provides the most reliable record of employee acknowledgment?

A junior technician discovers what appears to be a data breach involving sensitive customer information on a network server. According to standard incident response procedures, what is the FIRST step the technician should take?

A company performs daily backups of its critical database server. The backup logs show 'completed successfully' each day with no errors. However, during a disaster recovery drill, the database administrators discover that many backup files are corrupt and cannot be restored. What should the technician have done to prevent this situation?

A technician needs to apply a non-critical security patch to a production web server. According to change management best practices, what should the technician do FIRST?

A technician has implemented an approved change to a server and verified that it works correctly. According to change management best practices, what should the technician do NEXT?

A technician discovers that a junior colleague has been using a domain administrator account to perform routine user tasks such as resetting passwords and installing software. Which security principle is being violated?

A technician is implementing a change to a server's network configuration. After making the change, he verifies that connectivity works, but a critical application on another server stops functioning. According to change management best practices, what should the technician have done first?

A junior technician receives a phone call from an angry user whose computer crashed and lost unsaved work. According to professional communication best practices, what should the technician do FIRST?

A technician is creating documentation to help new employees find solutions for common software problems. Which type of documentation is MOST appropriate for this purpose?

A technician is implementing a change to a firewall rule on a production server. After implementing the change, the technician documents the change in the change management system. Which step did the technician likely skip according to change management best practices?

According to incident response best practices, which step should be performed after containment, eradication, and recovery activities have been completed?

A technician implemented a change to a firewall rule on a production server. Shortly after, a critical business application stopped functioning. The technician reverted the change and restored service. According to change management best practices, which of the following should the technician have done BEFORE implementing the change?

After successfully resolving a common printer issue that multiple users had experienced, a technician creates a step-by-step document explaining the solution. Which type of documentation does this represent?

A technician is asked to create a step-by-step guide for setting up new user accounts. Which type of documentation is this?

According to change management best practices, what is the primary purpose of a backout plan?

A technician follows a defined process to ensure all IT infrastructure changes are authorized and documented. Which process is being followed?

A technician receives approval from the Change Advisory Board (CAB) to update the password policy for all domain users. After implementing the change, the help desk is flooded with calls from users who cannot log in because the new policy requires more complex passwords that they were not told about. Which step of the change management process did the technician most likely omit?

A junior technician accidentally assigns a help desk ticket to the wrong category in the ticketing system. This causes a delay in resolution because the ticket is not routed to the appropriate team. According to IT best practices, what should the technician do to help prevent similar incidents in the future?

A technician has been asked to create a policy for the proper disposal of old hard drives that contain sensitive client data. The policy must ensure that data cannot be recovered even with advanced forensic tools. Which of the following methods should the technician recommend?

A technician is part of a Change Advisory Board (CAB) meeting. The team is discussing a proposed change to update the antivirus software on all company servers. The change has a high risk of incompatibility. According to change management best practices, what should the technician recommend as a key part of the change request?

A company has a policy that all changes to network infrastructure must be approved by a supervisor before implementation. A technician notices a critical security vulnerability in a firewall that needs immediate patching. What should the technician do?

A company wants to ensure that all changes to network infrastructure are reviewed and approved. A technician finds a critical vulnerability that needs immediate patching. What should the technician do?

A technician is documenting a standard procedure for resetting user passwords that all help desk staff should follow. This document is best classified as which type of documentation?

A company's change management policy requires all infrastructure changes to be approved by the Change Advisory Board (CAB). A technician discovers a critical security vulnerability that requires immediate patching before the next scheduled CAB meeting. What is the best course of action?

After resetting a user's forgotten password, what is the most appropriate next step for a help desk technician?

A technician is creating a standard operating procedure (SOP) for help desk ticket handling. Which of the following BEST describes the purpose of a ticket escalation process within the SOP?

A technician has resolved a support ticket for a user's printer issue. Which of the following should the technician include in the ticket documentation?

A help desk technician receives two tickets simultaneously. The first ticket is from the company's CEO reporting that their laptop will not turn on. The second ticket is from a sales representative requesting a password reset. According to IT best practices, what should the technician use to determine which ticket to work on first?

A technician has received approval from the Change Advisory Board (CAB) to apply a critical security patch to a production file server. What is the MOST important step the technician should take before applying the patch?

A help desk technician resolves a user's printer connectivity issue by following a procedure found in the company's internal knowledge base. After completing the resolution, what should the technician do to support the continuous improvement of the knowledge base?

A help desk technician has successfully resolved a user's issue with a slow computer. According to IT best practices, which information should the technician include in the ticket documentation?

A company has a standard operating procedure (SOP) for handling password reset requests. Why is it MOST important for help desk technicians to follow this SOP?

A technician is creating a knowledge base article for common printer issues. Which of the following is the MOST important element to include to ensure the article is useful for other technicians?

A help desk technician receives a ticket from a user reporting that their computer is infected with ransomware. All files are encrypted, and a ransom note demands payment. According to the company's incident response policy, what is the FIRST action the technician should take?

A technician is updating the company's standard operating procedure (SOP) for handling phishing emails. Which of the following should be included in the SOP to ensure consistent response?

A help desk technician has resolved a ticket for a remote user who could not connect to the company VPN. The technician updated the user's VPN client and configured the correct server address. According to IT best practices, which TWO actions should the technician perform after resolving the issue? (Choose TWO.)

A change management policy requires that all changes to production systems be approved by the Change Advisory Board (CAB) before implementation. A technician has discovered a critical security vulnerability on a file server that requires immediate patching to prevent a potential data breach. The technician has already obtained verbal approval from the IT manager. What should the technician do NEXT according to change management best practices?

A technician is training a new help desk employee on best practices for handling difficult users. Which behavior should the technician emphasize as MOST important?

A junior technician performed a configuration change on a critical server without following the change management process. As a result, the server went offline for two hours. Which of the following BEST describes the purpose of a change management policy?

A company's security policy prohibits the use of personal cloud storage services. An executive requests that the policy be waived for their department to improve collaboration. Which action should the technician take?

A company is implementing a bring-your-own-device (BYOD) policy and needs to ensure that corporate data on employee mobile devices is protected. Which of the following is the MOST important technical control to implement?

A help desk technician receives a call from a panicked user who reports that they accidentally shared a confidential client list with an unauthorized person via email. According to the company's incident response plan, what should the technician do FIRST?

A technician is creating a checklist for responding to a ransomware incident. According to best practices, which step should be performed FIRST after the ransomware is detected?

A technician is documenting an incident response plan. According to industry best practices, which step should occur FIRST after a security incident is detected?

A technician is documenting a troubleshooting process for future reference. According to best practices, which of the following should be included in the documentation?

A technician is responding to a security incident where malware has been detected on several workstations. According to industry best practices (such as NIST or SANS), which step should the technician perform FIRST after confirming the incident?

A technician is following the CompTIA A+ troubleshooting methodology to resolve a network connectivity issue. After testing the theory and determining a probable cause, what is the NEXT step the technician should perform?

A company's change management policy requires all server changes to be approved by the Change Advisory Board (CAB). A technician discovers that a critical database server's operating system needs a security patch to comply with a new regulatory requirement that takes effect in one week. The patch has a known risk of causing service downtime. The next scheduled CAB meeting is in two weeks. What should the technician do FIRST?

A technician is following the CompTIA A+ troubleshooting methodology to resolve a computer issue. After establishing a theory of probable cause, which step should the technician perform NEXT?

A technician has submitted a change request to replace a failing power supply in a server. The Change Advisory Board (CAB) has approved the request. According to change management best practices, what should the technician do NEXT?

A technician is documenting an acceptable use policy (AUP) for company-issued devices. Which of the following is a key component that should be included in the policy?

A technician is preparing to replace a failed hard drive in a server. According to change management best practices, which step should be completed BEFORE implementing the change?

A technician has identified the need to update a critical server's operating system to meet new security compliance requirements. According to change management best practices, what is the NEXT step the technician should take after identifying the need?

A technician is preparing to replace a failed hard drive in a file server that is still under warranty. The company's change management policy requires all hardware replacements to follow a formal process. Which step must the technician complete BEFORE implementing the replacement?

A company drafts a policy that defines acceptable use of company-provided devices, including internet browsing, email etiquette, and prohibited software. Which type of policy is this?

A technician resolves a printer issue for a user. According to best practices for documentation and ticketing, which step should the technician complete after resolving the issue?

A company's help desk receives a report that multiple users cannot access the internet. The technician quickly discovers that the main router has failed. The technician immediately swaps the router with a spare, which restores connectivity. According to change management best practices, what should the technician do NEXT?

A technician resolves a network connectivity issue for a user by resetting the TCP/IP stack. After confirming the issue is resolved, what should the technician do NEXT according to best practices for documentation and ticketing?

A critical server experiences a hard drive failure, causing downtime. The technician has a compatible spare drive and can replace it immediately. According to change management best practices for emergency situations, what should the technician do?

A technician is informed that a critical vulnerability is being actively exploited against a production web server. The vendor has released an emergency security patch. The company's change management policy requires all changes to be approved by the Change Advisory Board (CAB), but the CAB is not scheduled to meet for two days. What should the technician do FIRST?

After successfully replacing a failed hard drive and restoring data from backup, a technician verifies that the system is functioning normally. According to change management best practices, what should the technician do next?

A company is decommissioning old laptops that contained confidential client data. Which data disposal method ensures the data is completely unrecoverable?

A technician resolves a printer issue by clearing a paper jam. After confirming the printer is working correctly, what should the technician do NEXT according to best practices for documentation and ticketing?

A technician completes a repair of a workstation. According to best practices, what should the technician do before closing the ticket?

A technician is implementing a change to migrate a file server to new hardware. The change management plan requires a rollback plan. Which of the following BEST describes a rollback plan?

A technician has completed a repair on a user's workstation. According to best practices for documentation and ticketing, what should the technician include in the ticket documentation?

A technician is dispatched to replace a faulty power supply in a desktop computer. According to change management best practices for standard repairs, what should the technician do BEFORE replacing the power supply?

A change advisory board (CAB) has approved a plan to update firmware on 50 servers. During the implementation, two servers fail to update and become unbootable. According to change management best practices, what should the technician do FIRST?

A technician is planning to update the BIOS on five company servers. The change management plan requires a backout plan. What does a backout plan typically include?

A technician has completed a repair on a user's workstation, verified that the issue is resolved, and confirmed with the user that everything is working. According to best practices for documentation and ticketing, what should the technician do next?

A technician is implementing a change to update the operating system on several servers. The change management plan includes a rollback plan. What should the rollback plan specify?

A technician is implementing a planned change that has been approved by the CAB. The change management plan includes a backout plan. What should the backout plan specify?

A technician needs to dispose of a hard drive that contained sensitive payroll data. The drive is still functional. Which method ensures complete data destruction?

A technician is replacing a critical server component in a data center when they encounter an unexpected issue that could cause significant downtime if not handled correctly. According to change management best practices, what should the technician do FIRST?

A change to replace a network switch has been approved by the Change Advisory Board (CAB). During the replacement, the technician discovers that the new switch requires a different type of power cable than was expected. The old switch is already disconnected. According to change management best practices, what should the technician do FIRST?

A technician has completed a software update on a user's workstation and verified with the user that everything is working correctly. According to best practices for ticketing and documentation, what should the technician do BEFORE closing the ticket?

A technician resolves a ticket where a user could not access the internet because the network connection was disabled. After enabling the connection, internet access is restored. According to documentation best practices, what should the technician include in the ticket?

A technician is replacing a server's power supply under an approved change. After removing the old power supply, the technician discovers the new unit has a different connector type and cannot be installed. What should the technician do first?

A technician is documenting a change to replace a failed hard drive in a server. The change was approved as a standard change. After the replacement, the server reboots and is online. The technician tests connectivity and verifies data integrity. According to change management best practices, what should the technician do next?

A technician is implementing a change to install a new software update on all company workstations. The change has been approved by the CAB. During the installation, the technician discovers that the update is incompatible with one department's critical application. According to change management, what should the technician do?

A technician has completed a repair on a user's computer. The user confirms the issue is resolved. According to best practices, what should the technician do to properly close the ticket?

A technician is performing a scheduled maintenance task to apply security patches to a server. The change was approved as a standard change with a predefined backout plan. During the patching, the server fails to reboot and becomes unresponsive. According to change management best practices, what should the technician do FIRST?

A technician is documenting a change that replaced a failed network switch. The change was approved as an emergency change due to critical network outage. After the replacement, the network is restored. According to change management best practices, what documentation step should the technician complete within a specified timeframe?

A technician is scheduled to apply security patches to a server during a maintenance window. The change was approved as a standard change. Midway through the patching, the technician discovers that one of the patches is causing a critical line-of-business application to fail. According to change management best practices, what should the technician do first?

A technician is performing a scheduled task to decommission an old server. The change was approved as a standard change. During the process, the technician accidentally unplugs a network cable from a different, active server. What should the technician do first?

A technician has completed a standard change to replace a failed power supply in a server. After verifying that the server is online and all services are running, what should the technician do NEXT according to change management best practices?

A technician is documenting a change that replaced a failed hard drive in a server. The change was approved as an emergency change due to a critical data outage. After the replacement, the server is back online and data integrity is verified. According to change management best practices, what documentation step should the technician complete within a specified timeframe?

A technician notices a user has written their password on a sticky note attached to the edge of their monitor. According to IT security best practices, what should the technician do first?

A technician discovers that a user has installed a game application on their company workstation, which violates the company's acceptable use policy. What is the technician's first action according to standard operational procedures?

A change advisory board (CAB) approved a standard change to update antivirus definitions on all servers. The technician completes the update on a file server and verifies the server is functioning normally. According to change management best practices, what documentation should the technician complete?

A technician has completed a standard change to replace a faulty power supply in a desktop computer. After installation, the computer powers on and all components are recognized. According to change management best practices, what should the technician do NEXT?

A change advisory board (CAB) approved an emergency change to apply a critical security patch to a web server. After applying the patch, the technician documents the change. What documentation step is uniquely required for an emergency change?

A user reports that their workstation is infected with ransomware. The technician isolates the computer from the network by disconnecting the network cable. What should the technician do NEXT according to incident response procedures?

A technician has completed a standard change to replace a failed hard drive in a server. After confirming the server is operational, the technician updates the change request ticket with the completion time and status. According to change management best practices, what documentation step should the technician ensure is completed within 24 hours?

A technician identifies that a workstation is actively infected with a worm that is spreading to other computers on the network. What is the technician's FIRST step according to incident response procedures?

A change advisory board (CAB) approves an emergency change to apply a critical security patch to a critical server. After the patch is applied and the server is verified operational, the technician completes the documentation. According to change management best practices, what post-implementation step is unique to emergency changes?

A change advisory board (CAB) has approved a standard change to update the firmware on a network switch. Before implementing the change, the technician creates a backup of the current configuration and prepares a rollback plan. After successfully applying the firmware update, what should the technician do NEXT according to change management best practices?

A technician is applying a security patch to a file server as part of an approved change. During the patch installation, the server fails to reboot and the technician is unable to start the server. According to change management best practices, what should the technician do FIRST?

A technician needs to replace a hard drive in a server as part of a standard change. The technician has a backup of the data and a rollback plan. After replacing the drive and restoring data, the server is operational. What should the technician do NEXT?

A technician discovers that a workstation is infected with ransomware. The technician has isolated the computer from the network. What should the technician do NEXT according to incident response procedures?

A technician has completed an approved standard change to replace a faulty network switch. After installing the new switch and verifying network connectivity, the technician updates the change request ticket. According to change management best practices, what should the technician do NEXT?

A technician is following incident response procedures after a workstation was infected with malware. The technician has isolated the workstation from the network and created a forensic image of the hard drive. What should the technician do NEXT?

A technician needs to replace a faulty keyboard on a user's workstation. The technician has a spare keyboard in inventory. The replacement is a standard procedure that has been performed many times and is considered low risk. According to change management best practices, which type of change should this be classified as?

A technician is supporting a finance laptop. The immediate goal is to replace business hardware with controlled risk. Which tool, control, or procedure is the best fit?

A technician is supporting a field engineer tablet. The immediate goal is to handle a device that may contain evidence. Which tool, control, or procedure is the best fit?

A technician is supporting a shared training-room workstation. The immediate goal is to track a replaced company device. Which tool, control, or procedure is the best fit?

A technician is supporting a warehouse desktop. The immediate goal is to confirm restore capability before reinstalling an OS. Which tool, control, or procedure is the best fit?

A technician is supporting a remote worker laptop. The immediate goal is to escalate a ticket that exceeds agreed response time. Which tool, control, or procedure is the best fit?

A technician is supporting a service-desk jump box. The immediate goal is to protect components during internal repair. Which tool, control, or procedure is the best fit?

A technician is supporting a clinic workstation. The immediate goal is to reduce shoulder-surfing and information exposure. Which tool, control, or procedure is the best fit?

A technician is working on a reception PC and needs to remove storage devices from service safely. Which two actions are appropriate? (Choose two.)

A technician is supporting a finance laptop. The immediate goal is to support repeatable troubleshooting and handoff. Which tool, control, or procedure is the best fit?