CompTIA 220-1102 Online Practice Questions and Exam Preparation

CompTIA 220-1102 Online Questions & Answers

• Question 721:

  When a user is browsing a website on a smartphone, a pop-up appears. The pop-up states that the system has been breached and directs the user to an application to resolve the breach. Which of the following should the user do?

  A. Close the website and ignore the pop-up
  B. Replace the smartphone
  C. Download and install the application to resolve the issue
  D. Analyze the smartphone to find the source of the breach
  A. Close the website and ignore the pop-up

  ---

  Explanation

  This is a scareware scam that attempts to trick users into installing malicious applications. The best action is to close the website and ignore the pop-up.

  Option B: Replace the smartphone, Incorrect. The phone is likely not compromised; it is just displaying a fake warning.

  Option C: Download and install the application to resolve the issue, Incorrect. Doing so could infect the device with malware.

  Option D: Analyze the smartphone to find the source of the breach, Unnecessary, as there is no real breach.

  CompTIA A+ 220-1102, Objective 2.5 ?Common Security Threats

• Question 722:

  A user is attempting to access a shared drive from a company-issued laptop while working from home. The user is unable to access any files and notices a red X next to each shared drive. Which of the following needs to be configured in order to restore the user's access to the shared drives?

  A. IPv6
  B. VPN
  C. IPS
  D. DNS
  B. VPN

  ---

  Explanation

  When a user is unable to access shared drives from a company-issued laptop while working from home, the likely requirement is:

  VPN (Virtual Private Network): A VPN allows secure access to the company's network from a remote location. Without a VPN connection, the user cannot access network resources such as shared drives. IPv6: Involves IP addressing and is

  not directly related to accessing shared drives. IPS (Intrusion Prevention System): Provides network security but does not facilitate access to shared drives.

  DNS: Manages domain name resolution and is not typically the issue when specific shared drives are inaccessible.

  CompTIA A+ 220-1102 Exam Objectives, Section 2.7: Explain common methods for securing mobile and embedded devices.

  VPN configuration and remote access documentation.

• Question 723:

  A systems administrator needs to reset a users password because the user forgot it. The systems administrator creates the new password and wants to further protect the user's account

  Which of the following should the systems administrator do?

  A. Require the user to change the password at the next log-in.
  B. Disallow tie user from changing the password.
  C. Disable the account
  D. Choose a password that never expires.
  A. Require the user to change the password at the next log-in.

  ---

  Explanation

  This will ensure that the user is the only one who knows their password, and that the new password is secure.

  The CompTIA A+ Core 2 220-1002 exam covers this topic in the domain 1.4 Given a scenario, use appropriate data destruction and disposal methods.

• Question 724:

  A PC is taking a long time to boot. Which of the following operations would be best to do to resolve the issue at a minimal expense? (Choose two.)

  A. Installing additional RAM
  B. Removing the applications from startup
  C. Installing a faster SSD
  D. Running the Disk Cleanup utility
  E. Defragmenting the hard drive
  F. Ending the processes in the Task Manager
  B. Removing the applications from startup
  E. Defragmenting the hard drive

  ---

  Explanation

• Question 725:

  A branch office suspects a machine contains ransomware. Which of the following mitigation steps should a technician take first?

  A. Disable System Restore.
  B. Remediate the system.
  C. Educate the system user.
  D. Quarantine the system.
  D. Quarantine the system.

  ---

  Explanation

  The first mitigation step that a technician should take when a machine is suspected to contain ransomware is to quarantine the system. This means isolating the infected machine from the network and other devices, to prevent the ransomware from spreading and encrypting more data. The technician can quarantine the system by disconnecting the network cable, turning off the wireless adapter, or using firewall rules to block the traffic from and to the machine12. This step is more important than the other options because: Disabling System Restore (A) is not a priority, as it will not stop the ransomware from running or spreading. System Restore is a feature that allows users to restore their system to a previous state, but it may not work if the ransomware has encrypted or deleted the restore points. Moreover, disabling System Restore may prevent the user from recovering some data or settings in the future13. Remediating the system (B) is the ultimate goal, but it cannot be done before quarantining the system. Remediating the system means removing the ransomware, restoring the data, and fixing the vulnerabilities that allowed the attack. However, this process requires careful analysis, planning, and execution, and it may not be possible if the ransomware is still active and communicating with the attackers. Therefore, the technician should first isolate the system and then proceed with the remediation steps12. Educating the system user ?is a preventive measure, but it is not a mitigation step. Educating the system user means raising awareness and providing training on how to avoid ransomware attacks, such as by recognizing phishing emails, avoiding suspicious links or attachments, and updating and patching the system regularly. However, this step will not help if the system is already infected, and it may not be effective if the user is not willing or able to follow the best practices. Therefore, the technician should focus on resolving the current incident and then educate the user as part of the recovery plan14.

  References:

  1: How to Mitigate Ransomware Attacks in 10 Steps - Heimdal Security1 2: 3 steps to prevent and recover from ransomware | Microsoft Security Blog3 3: How to use System Restore on Windows 10 | Windows Central5 4: Ransomware Mitigation | Prevention and Mitigation Strategies - Delinea4

• Question 726:

  An IT services company that supports a large government contract replaced the Ethernet cards on several hundred desktop machines to comply with regulatory requirements. Which of the following disposal methods for the non-compliant cards is the most environmentally friendly?

  A. Incineration
  B. Resale
  C. Physical destruction
  D. Dumpster for recycling plastics
  B. Resale

  ---

  Explanation

• Question 727:

  A client wants a technician to set up a proxy server in a branch office to manage internet access. This involves configuring the workstations to use the new proxy server. Which of the following Internet Options tabs in Control Panel would be most appropriate for the technician to use to configure the settings?

  A. Privacy
  B. Advanced
  C. Content
  D. Connections
  E. Security
  D. Connections

  ---

  Explanation

  The Connections tab in Internet Options allows the technician to configure the proxy server settings for the workstations. The technician can enter the proxy server address and port number, and specify which websites to bypass the proxy server for. The other tabs are not relevant for configuring the proxy server settings.

  References: CompTIA A+ Certification Exam Core 2 Objectives, page 9, section 1.7; CompTIA A+ Core 2 (220- 1102) Certification Study Guide, page 140, section 1.7.

• Question 728:

  A business lost all data and equipment after a disaster. Due to the disaster, the business no longer maintains system backups. Which of the following should the business implement to prevent future losses?

  A. Test environment
  B. Local backups
  C. Cold site
  D. Cloud storage
  D. Cloud storage

  ---

  Explanation

  Cloud storage ensures that data is backed up off-site, protecting against physical disasters like fires or floods.

  Option A: Test environment, Incorrect. This is for software testing, not data recovery.

  Option B: Local backups, Incorrect. These could also be destroyed in a disaster.

  Option C: Cold site, Useful for disaster recovery but does not automatically back up data.

  CompTIA A+ 220-1102, Objective 4.1 ?Backup and Recovery Best Practices

• Question 729:

  A technician finds that a new company security policy has broken an application in use at a branch office. Which of the following should the technician do to ensure that the application is fixed and prevent the issue from reoccurring?

  A. Request a policy exception be put in place while the application requirements are addressed
  B. Reinstall the affected software using local administrative rights for each computer
  C. Remove the new security settings and change the administrative accounts on the branch office computers to prevent the settings from being reapplied
  D. Research and procure a replacement application that is not adversely affected by the new policy
  A. Request a policy exception be put in place while the application requirements are addressed

  ---

  Explanation

  If a new security policy disrupts an essential application, the best course of action is to request a policy exception while a permanent solution is developed. This allows the application to function while ensuring compliance with company

  security policies.

  Option B: Reinstall the affected software using local administrative rights for each computer, Incorrect. If the security policy is blocking the application, reinstalling it will not resolve the issue. Option C: Remove the new security settings and

  change administrative accounts, Incorrect. Altering security settings without approval could violate company policies and create security risks. Option D: Research and procure a replacement application, Incorrect. While replacing the

  application may be an option, it is not an immediate solution to restoring functionality.

  CompTIA A+ 220-1102, Objective 2.2 ?Security Best Practices

• Question 730:

  A technician is configuring a workstation's security settings, and the following options are available:

  1.Account lockout policy

  2.Group policy

  3.Two-factor authentication

  4.Password complexity requirements

  5.Firewalls

  6.User accounts

  7.Access control lists

  8.Antivirus software

  Which of the following settings should the technician configure to deploy strong password enforcement across the enterprise?

  A. Account lockout policy
  B. Group policy
  C. Two-factor authentication
  D. Access control lists
  B. Group policy

  ---

  Explanation

  The technician should configure "Group Policy" (Option B) to enforce password complexity across the enterprise. Group Policy in a Windows environment allows administrators to manage various settings, including password policies, at a

  domain level. This can include enforcing complexity requirements (such as minimum length, use of uppercase, lowercase, and special characters), expiration times, and other security measures. Account lockout policy (Option A) controls how

  many failed login attempts trigger a lockout but does not handle password complexity. Two-factor authentication (Option C) is an additional security measure requiring a second form of authentication, but it does not enforce password policies.

  Access control lists (Option D) define which users or systems have access to resources, not how passwords are managed.

  References:

  CompTIA A+ Core 2 2.6 - Configure workstation security best practices, including password complexity and group policies.