Which of the following Windows console commands deletes a folder (c:\test), whether or not it is empty, without issuing any warnings?

Which of the following Windows console commands deletes a folder (c:\test), whether or not it is empty, without issuing any warnings?

• rd test
• rd test\* /q
• del c:\test\*.* /s
• rd c:\test /s /q 

EXPLANATION

The /s switch deletes ALL elements recursively inside the specified folder.
The /q switch is the silent mode, meaning there will be absolutely no warnings.

Caution

When you run rd /s in quiet mode, the entire directory tree is deleted without confirmation. Ensure that important files are moved or backed up before using the /q command-line option.

 

Read More

Which of the following events would you NOT expect to see in the Windows security log?

Which of the following events would you NOT expect to see in the Windows security log?

• Successful login attempts
• User account deleted
• Hardware driver failures
• Shutdown events 

 

EXPLANATION

All of the above events will be logged in the Windows event log, however there are several different types of log that each contain relevant information.
Application log - contains logging information of events generated by applications.
Security log - contains information related to logon attempts, password changes, group membership, etc.
System log - contains information related to Windows system components, such as driver failures. These logs are predetermined by Windows.
Setup log - contains events related to application setup
ForwardedEvents log - used to store events collected from remote computers

The above alerts appear in the Windows security log as:
Event ID 4624 -  An account was successfully logged on
Event ID 4609 - Windows is shutting down
Event ID 4726 - User account was deleted
Hardware driver failures will appear in the system log

SOURCE

https://technet.microsoft.com/en-us/library/cc722404(v=ws.11).aspx

Read More

On systems running MS Windows, which OS service manages the print queue?

On systems running MS Windows, which OS service manages the print queue?

• Spooler
• LPD
• RAW daemon
• Print manager 

 

EXPLANATION

The spooler service manages print jobs on Windows OS PCs.  Sometimes this service can get "stuck" and otherwise interrupt printing.  A quick and effective troubleshooting idea is to simply stop and restart the service.  This is done through an elevated command prompt:

net stop spooler

Then restart using the following:
net start spooler

Read More

In a Windows command script (cmd.exe), what does the string %~dp0 stand for?

In a Windows command script (cmd.exe), what does the string %~dp0 stand for?

• The script's current working directory
• The path, including drive, where the script resides
• The user's home directory
• The system's temp directory 

EXPLANATION

In the help for the FOR command, the %~ format for variable expansion is discussed.  This can be used outside of the FOR command as well.  The following options are relevant:
%~dI - expands %I to a drive letter only
%~pI - expands %I to a path only
The modifiers can be combined to get compound results, so
%~dp0 - expands %I to a drive letter and path only
Finally, %0 is the built-in variable reference to the path to the batch file that includes the file name (i.e. the 0th argument to the cmd.exe program).
The script's current working directory is returned using cd with no arguments.  It isn't necessarily the same as the script's parent directory, especially if the script is run from a non-system drive or UNC path.  In the latter case, the working directory can end up being set to the Windows directory.
The user's home directory is referenced by the "%HOMEDRIVE%\%HOMEPATH%" or %USERPROFILE% envars.
The system temp directory is referenced by the %TEMP% envar.

SOURCE

http://stackoverflow.com/questions/5034076/what-does-dp0-mean-and-how-does-it-work

Read More

In Windows, out of the following commands, which command line command will show you the last reboot time of your machine?

In Windows, out of the following commands, which command line command will show you the last reboot time of your machine?

• net statistics workstation
• netstat -a
• get-uptime
• uptime 

 

EXPLANATION

The net statistics command displays the statistics log for the local Workstation or Server service, or the running services for which statistics are available. Used without parameters, net statistics lists the running services for which statistics are available.
The available parameters are:
workstation   : Displays statistics for the local Workstation service.
server   : Displays statistics for the local Server service.
net help   command   : Displays help for the specified net command.

https://technet.microsoft.com/en-us/library/bb490714.aspx

SOURCE

https://technet.microsoft.com/en-us/library/bb490714.aspx

Read More

Which of the following does ROBOCOPY stand for?

Which of the following does ROBOCOPY stand for?

• Recursive File Copy
• Robust File Copy
• Read Only Block Option Copy
• Robot Copy 

EXPLANATION

ROBOCOPY, or "Robust File Copy", is a command-line directory and/or file replication command

SOURCE

https://en.wikipedia.org/wiki/Robocopy

Read More

In Windows Server, which of the following is NOT a domain-level Flexible Single Master Operation (FSMO) role?

In Windows Server, which of the following is NOT a domain-level Flexible Single Master Operation (FSMO) role?

• Domain Naming Master
• Relative ID (RID) Master
• Infrastructure Master
• Primary Domain Controller (PDC) Emulator 

EXPLANATION

There are five FSMO Roles represented in a typical Windows Active Directory, three domain-level, two enterprise-level. The forest/enterprise level roles are Schema Master and Domain Naming Master. The domain roles are PDC Emulator, Infrastructure Master, and RID Master.
A more detailed breakdown of FSMO roles can be found here.

Read More

Which of the following wildcard characters can be used in the Windows command line as a substitute for a single character in a file or directory name?

Which of the following wildcard characters can be used in the Windows command line as a substitute for a single character in a file or directory name?

• *
• ?
• @
• $ 

EXPLANATION

The question mark (?) character can be used as a substitute for a single character in a file or directory name. The asterisk (*) character can be used as a wildcard character to replace zero or more characters.

Read More

On Windows, what is the MMC.exe?

On Windows, what is the MMC.exe?

• Microsoft Management Console
• Microsoft Managed Console
• Microsoft Management Control
• Microsoft Managed Control 

 

EXPLANATION

MMC.exe is the Microsoft Management Console application and is used to display various management plug-ins accessed from the Control Panel, such as the Device Manager.

Read More

At a Windows command prompt that is set to the root of the drive, which of the following commands will search the entire drive for all occurrences of the "Testing.docx" file?

At a Windows command prompt that is set to the root of the drive, which of the following commands will search the entire drive for all occurrences of the "Testing.docx" file?

• DIR Testing.docx
• DIR /ALL Testing.docx
• DIR /R Testing.docx
• DIR /S Testing.docx 

 

EXPLANATION

The directory command allows many flags, including the recursive search flag "/S". This flag searches the current folder and all sub folders.

Read More

For a 64Bit installation of Windows using a 32-Bit installation of Microsoft Office, which ODBC setup would you use to connect to data sources

For a 64Bit installation of Windows using a 32-Bit installation of Microsoft Office, which ODBC setup would you use to connect to data sources?

• C:\\Windows\Sys\odbcad32.exe
• C:\Windows\System32\odbcad32.exe
• Data source (ODBC)
• C:\Windows\SysWOW64\odbcad32.exe 

 

EXPLANATION

The default data source (ODBC) uses the 64Bit instance of Microsoft's 32Bit ODBC connector running in the 64Bit memory space.  Microsoft's default Office installation includes the 32Bit version by default for the highest compatibility with other applications.  So, to use ODBC connections with a default installation of Microsoft's Office products, you must use the instance of the ODBCAD32 application that runs in the 32Bit address space that resides in the C:\Windows\SysWOW64 directory.
This is counter intuitive when you look at the directory, one would logically assume that the SysWOW64 directory would be for 64Bit applications but, this is not the case:  "In computing on Microsoft platforms, WoW64 (Windows 32-bit on Windows 64-bit) is a subsystem of the Windows operating system capable of running 32-bit applications that is included on all 64-bit versions of Windows—including Windows XP Professional x64 Edition, IA-64 and x64 versions of Windows Server 2003, as well as 64-bit versions of Windows Vista, Windows Server 2008, Windows 7, Windows 8, Windows Server 2012, Windows 8.1 and Windows 10. In Windows Server 2008 R2 Server Core, it is an optional component. WoW64 aims to take care of many of the differences between 32-bit Windows and 64-bit Windows, particularly involving structural changes to Windows itself." -- https://en.wikipedia.org/wiki/WoW64
https://support.microsoft.com/en-us/help/2721825/unable-to-create-dsn-for-microsoft-office-system-dr...

Read More

At what location in the Microsoft Windows Registry will you find the currently running service definitions?

At what location in the Microsoft Windows Registry will you find the currently running service definitions?

• HKLM\SYSTEM\CurrentControlSet\services
• HKU\.DEFAULT\SYSTEM\CurrentControlSet\services
• HKCC\System\CurrentControlSet\SERVICES
• HKCU\System\CurrentControlSet\Services 

 

EXPLANATION

The HKLM\SYSTEM\CurrentControlSet\Services registry tree stores information about each service on the system. Each driver has a key of the form HKLM\SYSTEM\CurrentControlSet\Services\DriverName. The PnP manager passes this path of a driver in the RegistryPath parameter when it calls the driver's DriverEntryroutine. A driver can store global driver-defined data under its key in the Services tree. Information that is stored under this key is available to the driver during its initialization.

SOURCE

https://docs.microsoft.com/en-us/windows-hardware/drivers/install/hklm-system-currentcontrolset-services-registry-tree

Read More

A user is getting an "Access Denied" message when they try to open a file. How do you change their permissions using the Windows command line?

A user is getting an "Access Denied" message when they try to open a file. How do you change their permissions using the Windows command line?

• ICACLS
• perm
• PERMISSIONS
• CHMOD 

 

EXPLANATION

The ICACLS command is used to modify and view user file permissions. A perm is a way to add body to limp, lifeless hair.

Read More

What is the Security Identifier (SID) for the Network Service Account on Windows OS?

What is the Security Identifier (SID) for the Network Service Account on Windows OS?

• S-1-5-19
• S-1-5-17
• S-1-5-7
• S-1-5-20 

 

EXPLANATION

This is one of the well-known SIDs in a Windows operating system. It presents the computer's credentials (e.g. MANGO$) to remote servers and has its own profile under the HKEY_USERS registry key (HKEY_USERS\S-1-5-20). If you try to schedule a task using it, enter NETWORK SERVICE into the Select User or Group dialog. This account is meant to run standard least-privileged services.and is far more limited than Local System (or even Administrator) but still has the right to access the network as the machine.
 

 

Read More

During Windows Setup, keys and values are drawn from the answer file and the UDF. If a key is specified in both the answer file and the UDF, what happens?

During Windows Setup, keys and values are drawn from the answer file and the UDF. If a key is specified in both the answer file and the UDF, what happens?

• The value in the UDF is used.
• If the keys match, either value can be used.
• The value in the answer file is used.
• No value is set. The user will be prompted for the correct value. 

EXPLANATION

The answer file is a customized script that answers the Setup questions without requiring user input. Information in the answer file is divided into sections. Each section begins with the section name in square brackets, on a line by itself. Each section may contain one or more keys, with associated values. Each key is a character string, recognizable by the Setup program, that controls an element of the configuration to be installed. The same sections and keys are used in the uniqueness data files (UDFs), provided they are used after text-mode setup. If a key is specified in both the answer file and the UDF, the value in the UDF is used.

Read More