Replace CompTIA A+ Certification Exam: Core 2 220-1102 Training Tools

NEW QUESTION 1
A user calls the help desk to report potential malware on a computer. The anomalous activity began after the user clicked a link to a free gift card in a recent email The technician asks the user to describe any unusual activity, such as slow performance, excessive pop- ups, and browser redirections. Which of the following should the technician do NEXT?

• A. Advise the user to run a complete system scan using the OS anti-malware application
• B. Guide the user to reboot the machine into safe mode and verify whether the anomalous activities are still present
• C. Have the user check for recently installed applications and outline those installed since the link in the email was clicked
• D. Instruct the user to disconnect the Ethernet connection to the corporate network.

Answer: D

Explanation:
First thing you want to do is quarantine/disconnect the affected system from the network so whatever malicious software doesn't spread.

NEW QUESTION 2
A user corrects a laptop that is running Windows 10 to a docking station with external monitors when working at a desk. The user would like to close the laptop when it is docked, but the user reports it goes to sleep when it is closed. Which of the following is the BEST solution to prevent the laptop from going to sleep when it is closed and on the docking station?

• A. Within the Power Options of the Control Panel utility click the Change Plan Settings button for the enabled power plan and select Put the Computer to Sleep under the Plugged In category to Never
• B. Within the Power Options of the Control Panel utility, click the Change Plan Settings button for the enabled power plan and select Put the Computer to Sleep under the On Battery category to Never
• C. Within the Power Options of the Control Panel utility select the option Choose When to Turn Off the Display and select Turn Off the Display under the Plugged In category to Never
• D. Within the Power Options of the Control Panel utility, select the option Choose What Closing the Lid Does and select When I Close the Lid under the Plugged in category to Do Nothing

Answer: D

Explanation:
The laptop has an additional option under power and sleep settings that desktops do not have. Switching to do nothing prevents the screen from turning off when closed.

NEW QUESTION 3
A user reports a computer is running slow. Which of the following tools will help a technician identify the issue?

• A. Disk Cleanup
• B. Group Policy Editor
• C. Disk Management
• D. Resource Monitor

Answer: D

Explanation:
Resource Monitor is a Windows utility that can be used to monitor and analyze the system resources and processes running on a computer. It can be used to identify and troubleshoot any issues that might be causing the computer to run slowly, such as CPU usage, memory usage, disk I/O, and network usage.

NEW QUESTION 4
A police officer often leaves a workstation for several minutes at a time. Which of the following is the BEST way the officer can secure the workstation quickly when walking away?

• A. Use a key combination to lock the computer when leaving.
• B. Ensure no unauthorized personnel are in the area.
• C. Configure a screensaver to lock the computer automatically after approximately 30 minutes of inactivity.
• D. Turn off the monitor to prevent unauthorized visibility of information.

Answer: A

Explanation:
The BEST way to secure the workstation quickly when walking away is to use a key combination to lock the computer when leaving1

NEW QUESTION 5
A large company is selecting a new Windows operating system and needs to ensure it has built-in encryption and endpoint protection. Which of the following Windows versions will MOST likely be selected?

• A. Home
• B. Pro
• C. Pro for Workstations
• D. Enterprise

Answer: D

Explanation:
When selecting a new Windows operating system for a large company that needs built-in encryption and endpoint protection, the Enterprise edition is the most likely choice. This edition provides advanced security features such as Windows Defender Advanced Threat Protection (ATP), AppLocker, and BitLocker Drive Encryption. These features can help to protect the company's data and endpoints against malware attacks, unauthorized access, and data theft.
The Home and Pro editions of Windows do not include some of the advanced security features provided by the Enterprise edition, such as Windows Defender ATP and AppLocker. The Pro for Workstations edition is designed for high-performance and high- end hardware configurations, but it does not provide additional security features beyond those provided by the Pro edition.

NEW QUESTION 6
A user requires a drive to be mapped through a Windows command line. Which of the following command-line tools can be utilized to map the drive?

• A. gpupdate
• B. net use
• C. hostname
• D. dir

Answer: B

Explanation:
Net use is a command-line tool that can be used to map a drive in Windows. Mapping a drive means assigning a drive letter to a network location or a local folder, which allows the user to access it more easily and quickly. Net use can also be used to disconnect a mapped drive, display information about mapped drives, or connect to shared resources on another computer. Gpupdate, hostname, and dir are not command-line tools that can be used to map a drive.

NEW QUESTION 7
A user lost a company tablet that was used for customer intake at a doctor's office. Which of the following actions would BEST protect against unauthorized access of the data?

• A. Changing the office's Wi-Fi SSID and password
• B. Performing a remote wipe on the device
• C. Changing the user's password
• D. Enabling remote drive encryption

Answer: B

Explanation:
The best action to protect against unauthorized access of the data on the lost company tablet is to perform a remote wipe on the device. A remote wipe is a feature that allows an administrator or a user to erase all the data and settings on a device remotely, usually through a web portal or an email command. A remote wipe can help prevent the data from being accessed or compromised by anyone who finds or steals the device. Changing the office’s Wi-Fi SSID and password may prevent the device from connecting to the office network but may not prevent the data from being accessed locally or through other networks. Changing the user’s password may prevent the device from logging in to the user’s account but may not prevent the data from being accessed by other means or accounts. Enabling remote drive encryption may protect the data from being read by unauthorized parties but may not be possible if the device is already lost or turned off. References: CompTIA A+ Core 2 (220-1002) Certification Exam Objectives Version 4.0, Domain 3.1

NEW QUESTION 8
Which of the following is the most likely to use NTFS as the native filesystem?

• A. macOS
• B. Linux
• C. Windows
• D. Android

Answer: C

Explanation:
NTFS stands for New Technology File System, which is a proprietary file system developed by Microsoft4. NTFS is the default file system for the Windows NT family of operating systems, which includes Windows 10, Windows Server 2019, and other versions5. NTFS provides features such as security, encryption, compression, journaling, and large volume support45. NTFS is not the native file system for other operating systems, such as macOS, Linux, or Android, although some of them can read or write to NTFS volumes with third-party drivers or tools

NEW QUESTION 9
While staying at a hotel, a user attempts to connect to the hotel Wi-Fi but notices that multiple SSIDs have very similar names. Which of the following social-engineering attacks is being attempted?

• A. Evil twin
• B. Impersonation
• C. Insider threat
• D. Whaling

Answer: A

Explanation:
An evil twin is a type of social-engineering attack that involves setting up a rogue wireless access point that mimics a legitimate one. The attacker can then intercept
or modify the traffic of the users who connect to the fake SSID. The attacker may also use phishing or malware to steal credentials or personal information from the users

NEW QUESTION 10
A user installed a new application that automatically starts each time the user logs in to a Windows 10 system. The user does not want this to happen and has asked for this setting to be changed. Which of the following tools would the technician MOST likely use to safely make this change?

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 11
After clicking on a link in an email a Chief Financial Officer (CFO) received the following error:

The CFO then reported the incident to a technician. The link is purportedly to the organization's bank. Which of the following should the technician perform FIRST?

• A. Update the browser's CRLs
• B. File a trouble ticket with the bank.
• C. Contact the ISP to report the CFCs concern
• D. Instruct the CFO to exit the browser

Answer: A

Explanation:
The technician should update the browser’s CRLs first. The error message indicates that the certificate revocation list (CRL) is not up to date. Updating the CRLs will ensure that the browser can verify the authenticity of the bank’s website.

NEW QUESTION 12
A user clicks a link in an email. A warning message in the user's browser states the site's certificate cannot be verified. Which of the following is the most appropriate action for a technician to take?

• A. Click proceed.
• B. Report the employee to the human resources department for violating company policy.
• C. Restore the computer from the last known backup.
• D. Close the browser window and report the email to IT security.

Answer: D

Explanation:
A warning message in the user’s browser stating the site’s certificate cannot be verified indicates that the site may be insecure, fraudulent, or malicious. This could be a sign of a phishing attempt, where the sender of the email tries to trick the user into clicking a link that leads to a fake website that mimics a legitimate one, in order to steal the user’s personal or financial information. The most appropriate action for a technician to take in this situation is to close the browser window and report the email to IT security, who can investigate the source and content of the email, and take the necessary steps to protect the user and the network from potential harm. Clicking proceed could expose the user to malware, identity theft, or data breach. Reporting the employee to the human resources department for violating company policy is unnecessary and harsh, as the user may not have been aware of the phishing attempt or the company policy. Restoring the computer from the last known backup is premature and ineffective, as the user may not have been infected by anything, and the backup may not remove the email or the link from the user’s inbox

NEW QUESTION 13
While browsing a website, a staff member received a message that the website could not be trusted. Shortly afterward, several other colleagues reported the same issue across numerous other websites. Remote users who were not connected to corporate resources did not have any issues. Which of the following is MOST likely the cause of this issue?

• A. A bad antivirus signature update was installed.
• B. A router was misconfigured and was blocking traffic.
• C. An upstream internet service provider was flapping.
• D. The time or date was not in sync with the website.

Answer: B

Explanation:
The most likely cause of this issue is that a router was misconfigured and was blocking traffic. This would explain why remote users who were not connected to corporate resources did not have any issues.

NEW QUESTION 14
A macOS user reports seeing a spinning round cursor on a program that appears to be frozen. Which of the following methods does the technician use to force the program to close in macOS?

• A. The technician presses the Ctrl+Alt+Del keys to open the Force Quit menu, selects the frozenapplication in the list, and clicks Force Quit.
• B. The technician clicks on the frozen application and presses and holds the Esc key on the keyboard for 10 seconds Which causes the application to force quit.
• C. The technician opens Finder, navigates to the Applications folder, locates the application that is frozen in the list, right-clicks on the application, and selects the Force Quit option.
• D. The technician opens the Apple icon menu, selects Force Quit, selects the frozen application in thelist, and clicks Force Quit.

Answer: D

Explanation:
The technician opens the Apple icon menu, selects Force Quit, selects the frozen application in the list, and clicks Force Quit. This is the most common method of force quitting a program in macOS. This can be done by clicking on the Apple icon in the top left of the screen, selecting Force Quit, selecting the frozen application in the list, and then clicking Force Quit. This will force the application to quit and the spinning round cursor will disappear.

NEW QUESTION 15
Which of the following is used to ensure users have the appropriate level of access to perform their job functions?

• A. Access control list
• B. Multifactor authentication
• C. Least privilege
• D. Mobile device management

Answer: C

Explanation:
Least privilege is the principle that is used to ensure users have the appropriate level of access to perform their job functions. Least privilege means granting users only the minimum amount of access rights and permissions they need to perform their tasks, and nothing more. Least privilege reduces the risk of unauthorized access, data leakage, malware infection, or accidental damage by limiting what users can do on the system or network. Access control list, multifactor authentication, and mobile device management are not principles, but rather mechanisms or methods that can implement least privilege. Access control list is a list that specifies the users or groups that are allowed or denied access to a resource, such as a file, folder, or printer. Multifactor authentication is a method that requires users to provide two or more pieces of evidence to prove their identity, such as a password, a token, or a biometric factor. Mobile device management is a tool that allows managing and securing mobile devices, such as smartphones or tablets, that are used by employees to access corporate data or applications. References:
✑ Official CompTIA learning resources CompTIA A+ Core 1 and Core 2, page 25
✑ [CompTIA Security+ SY0-601 Certification Study Guide], page 1003

NEW QUESTION 16
A systems administrator needs to reset a users password because the user forgot it. The systems administrator creates the new password and wants to further protect the user's account Which of the following should the systems administrator do?

• A. Require the user to change the password at the next log-in.
• B. Disallow tie user from changing the password.
• C. Disable the account
• D. Choose a password that never expires.

Answer: A

Explanation:
This will ensure that the user is the only one who knows their password, and that the new password is secure.
The CompTIA A+ Core 2 220-1002 exam covers this topic in the domain 1.4 Given a scenario, use appropriate data destruction and disposal methods.

NEW QUESTION 17
An administrator is designing and implementing a server backup system that minimizes the capacity of storage used. Which of the following is the BEST backup approach to use in conjunction with synthetic full backups?

• A. Differential
• B. Open file
• C. Archive
• D. Incremental

Answer: D

Explanation:
Incremental backups are backups that only include the changes made since the last backup, whether it was a full or an incremental backup. Incremental backups minimize the capacity of storage used and are often used in conjunction with synthetic full backups, which are backups that combine a full backup and subsequent incremental backups into a single backup set.
Reference: CompTIA A+ Core 2 Exam Objectives, Section 3.3

NEW QUESTION 18
......