Practice Free 220-1202 Exam Online Questions
Question #21
After using a third-party disk optimization software package, a technician restarts a laptop and receives the message "No operating system found." The technician verifies that the BIOS properly recognizes the SSD.
Which of the following should the technician do next?
- A . Update BitLocker settings in the BIOS
- B . Replace the CMOS battery
- C . Boot from installation media and repair the MBR
- D . Isolate the system from the corporate network
Correct Answer: C
C
Explanation:
A corrupted Master Boot Record (MBR) is a common issue after disk manipulation. Booting from installation media and using tools like bootrec to repair the MBR can resolve the problem.
Travis Everett C All-in-One Exam Guide explains:
“A damaged MBR may result in the OS not loading. Booting from recovery or installation media and selecting startup repair or running bootrec commands can restore functionality.”
C
Explanation:
A corrupted Master Boot Record (MBR) is a common issue after disk manipulation. Booting from installation media and using tools like bootrec to repair the MBR can resolve the problem.
Travis Everett C All-in-One Exam Guide explains:
“A damaged MBR may result in the OS not loading. Booting from recovery or installation media and selecting startup repair or running bootrec commands can restore functionality.”
Question #22
Independent contractors often work from a business’s lobby. Although the business has Wi-Fi, contractors often plug in their laptops to Ethernet ports in the lobby.
Which of the following should a security engineer do to most efficiently address a potential security concern with this network setup?
- A . Configure WPA3 encryption on the Wi-Fi router.
- B . Disable lobby ports and restrict external users to the guest wireless network.
- C . Use a protocol analyzer to check for malicious traffic on the network.
- D . Install signage telling external users not to use Ethernet ports.
Correct Answer: B
B
Explanation:
Open Ethernet ports in a public-facing area create a direct, high-trust entry point into the internal network. The most efficient fix is to remove that exposure by disabling the lobby ports and moving untrusted users to a segmented guest network. Quentin Docter explains why disabling unused/unauthorized access points matters: “Ports on a switch, router, or firewall not in use present an open door for an attacker to enter and should be disabled or disconnected.” That directly supports disabling lobby switch ports that shouldn’t be available to external users.
He also describes guest network isolation: guests “never need to connect to the organization’s servers and internal systems,” so a guest SSID should be created that “isolates guest traffic from production traffic.” This is exactly what option B accomplishes: it prevents contractors from gaining internal wired access while still providing Internet access through a controlled guest network.
WPA3 (A) only improves Wi-Fi encryption; it doesn’t stop wired port access. Monitoring traffic (C) is reactive. Signage (D) is weak administrative control compared to disabling the ports.
B
Explanation:
Open Ethernet ports in a public-facing area create a direct, high-trust entry point into the internal network. The most efficient fix is to remove that exposure by disabling the lobby ports and moving untrusted users to a segmented guest network. Quentin Docter explains why disabling unused/unauthorized access points matters: “Ports on a switch, router, or firewall not in use present an open door for an attacker to enter and should be disabled or disconnected.” That directly supports disabling lobby switch ports that shouldn’t be available to external users.
He also describes guest network isolation: guests “never need to connect to the organization’s servers and internal systems,” so a guest SSID should be created that “isolates guest traffic from production traffic.” This is exactly what option B accomplishes: it prevents contractors from gaining internal wired access while still providing Internet access through a controlled guest network.
WPA3 (A) only improves Wi-Fi encryption; it doesn’t stop wired port access. Monitoring traffic (C) is reactive. Signage (D) is weak administrative control compared to disabling the ports.
Question #23
A government client asks a technician to expunge several drives that contain confidential information. The technician must follow regulatory compliance.
Which of the following is the best option?
- A . In-house disk incineration
- B . Certified third-party destruction
- C . Low-level formatting
- D . Targeted file deletion
Correct Answer: B
B
Explanation:
Because this is a government client with confidential data and a strict requirement to follow regulatory compliance, the best practice is to use a certified third-party destruction service that can provide documented proof of destruction. The All-in-One guide explicitly notes that “professional hard drive disposal services are third-party vendors” that guarantee drives are thoroughly destroyed by issuing a certificate of destruction/recycling, which provides assurance that data will not fall into the wrong hands. Mike Meyers’ Lab Manual repeats the same exam point: third-party vendors “will guarantee they have truly, thoroughly destroyed drives by issuing a certificate of destruction/recycling.”
Low-level formatting (often used to mean overwrite/zero-fill) can sanitize drives, but it may not satisfy the requirement for provable compliance and chain-of-custody documentation, especially for regulated environments. Targeted deletion is ineffective because deleted data can remain recoverable. In-house incineration is extreme and may be restricted, unsafe, or noncompliant without proper facilities and documentation. Therefore, Certified third-party destruction (B) is the best option.
B
Explanation:
Because this is a government client with confidential data and a strict requirement to follow regulatory compliance, the best practice is to use a certified third-party destruction service that can provide documented proof of destruction. The All-in-One guide explicitly notes that “professional hard drive disposal services are third-party vendors” that guarantee drives are thoroughly destroyed by issuing a certificate of destruction/recycling, which provides assurance that data will not fall into the wrong hands. Mike Meyers’ Lab Manual repeats the same exam point: third-party vendors “will guarantee they have truly, thoroughly destroyed drives by issuing a certificate of destruction/recycling.”
Low-level formatting (often used to mean overwrite/zero-fill) can sanitize drives, but it may not satisfy the requirement for provable compliance and chain-of-custody documentation, especially for regulated environments. Targeted deletion is ineffective because deleted data can remain recoverable. In-house incineration is extreme and may be restricted, unsafe, or noncompliant without proper facilities and documentation. Therefore, Certified third-party destruction (B) is the best option.
Question #24
A user switches from Linux to Windows and tries to migrate data using an external USB drive. Windows prompts that the device must be formatted. It works fine on Linux.
What should the user do?
- A . Configure Windows firewall to allow data from Linux systems
- B . Replace the cable with Windows-supported hardware
- C . Apply a firmware update from the PC manufacturer
- D . Update the file allocation system to exFAT
Correct Answer: D
D
Explanation:
Windows doesn’t natively support many Linux file systems (like ext4). Reformatting to exFATmakes the drive readable/writable on both Linux and Windows.
From All-in-One Exam Guide:
“For cross-platform compatibility, exFAT is recommended as it supports large files and is recognized by Windows, macOS, and Linux (with exFAT drivers).”
D
Explanation:
Windows doesn’t natively support many Linux file systems (like ext4). Reformatting to exFATmakes the drive readable/writable on both Linux and Windows.
From All-in-One Exam Guide:
“For cross-platform compatibility, exFAT is recommended as it supports large files and is recognized by Windows, macOS, and Linux (with exFAT drivers).”
Question #25
Which of the following depends on system time accuracy to function properly?
- A . Terminal Access Controller Access-control System
- B . Kerberos token
- C . Remote Authentication Dial-in User Service
- D . Wi-Fi Protected Access
Correct Answer: B
B
Explanation:
The correct answer is B. Kerberos token, because Kerberos authentication relies heavily on precise system time synchronization between clients, servers, and the Key Distribution Center (KDC). Kerberos uses time-stamped tickets to prevent replay attacks, and even small time discrepancies can cause authentication failures.
According to the Quentin Docter C CompTIA A+ Complete Study Guide, Kerberos requires clocks on all participating systems to be synchronized within a narrow tolerance (typically five minutes). If system time is inaccurate, Kerberos will reject authentication requests, resulting in login failures and access denial.
The Travis Everett & Andrew Hutz C CompTIA A+ All-in-One Exam Guide explains that Kerberos tokens include timestamps to ensure tickets are valid only for a short time window. This security design protects against attackers reusing captured authentication data.
The Mike Meyers / Mark Soper Lab Manual reinforces that time synchronization issues are a common cause of Kerberos-related login problems in domain environments. Services like TACACS+, RADIUS, and WPA do not depend on strict system time synchronization in the same way Kerberos does.
Because Kerberos authentication cannot function correctly without accurate system time, B is the correct answer.
B
Explanation:
The correct answer is B. Kerberos token, because Kerberos authentication relies heavily on precise system time synchronization between clients, servers, and the Key Distribution Center (KDC). Kerberos uses time-stamped tickets to prevent replay attacks, and even small time discrepancies can cause authentication failures.
According to the Quentin Docter C CompTIA A+ Complete Study Guide, Kerberos requires clocks on all participating systems to be synchronized within a narrow tolerance (typically five minutes). If system time is inaccurate, Kerberos will reject authentication requests, resulting in login failures and access denial.
The Travis Everett & Andrew Hutz C CompTIA A+ All-in-One Exam Guide explains that Kerberos tokens include timestamps to ensure tickets are valid only for a short time window. This security design protects against attackers reusing captured authentication data.
The Mike Meyers / Mark Soper Lab Manual reinforces that time synchronization issues are a common cause of Kerberos-related login problems in domain environments. Services like TACACS+, RADIUS, and WPA do not depend on strict system time synchronization in the same way Kerberos does.
Because Kerberos authentication cannot function correctly without accurate system time, B is the correct answer.
Question #25
Which of the following depends on system time accuracy to function properly?
- A . Terminal Access Controller Access-control System
- B . Kerberos token
- C . Remote Authentication Dial-in User Service
- D . Wi-Fi Protected Access
Correct Answer: B
B
Explanation:
The correct answer is B. Kerberos token, because Kerberos authentication relies heavily on precise system time synchronization between clients, servers, and the Key Distribution Center (KDC). Kerberos uses time-stamped tickets to prevent replay attacks, and even small time discrepancies can cause authentication failures.
According to the Quentin Docter C CompTIA A+ Complete Study Guide, Kerberos requires clocks on all participating systems to be synchronized within a narrow tolerance (typically five minutes). If system time is inaccurate, Kerberos will reject authentication requests, resulting in login failures and access denial.
The Travis Everett & Andrew Hutz C CompTIA A+ All-in-One Exam Guide explains that Kerberos tokens include timestamps to ensure tickets are valid only for a short time window. This security design protects against attackers reusing captured authentication data.
The Mike Meyers / Mark Soper Lab Manual reinforces that time synchronization issues are a common cause of Kerberos-related login problems in domain environments. Services like TACACS+, RADIUS, and WPA do not depend on strict system time synchronization in the same way Kerberos does.
Because Kerberos authentication cannot function correctly without accurate system time, B is the correct answer.
B
Explanation:
The correct answer is B. Kerberos token, because Kerberos authentication relies heavily on precise system time synchronization between clients, servers, and the Key Distribution Center (KDC). Kerberos uses time-stamped tickets to prevent replay attacks, and even small time discrepancies can cause authentication failures.
According to the Quentin Docter C CompTIA A+ Complete Study Guide, Kerberos requires clocks on all participating systems to be synchronized within a narrow tolerance (typically five minutes). If system time is inaccurate, Kerberos will reject authentication requests, resulting in login failures and access denial.
The Travis Everett & Andrew Hutz C CompTIA A+ All-in-One Exam Guide explains that Kerberos tokens include timestamps to ensure tickets are valid only for a short time window. This security design protects against attackers reusing captured authentication data.
The Mike Meyers / Mark Soper Lab Manual reinforces that time synchronization issues are a common cause of Kerberos-related login problems in domain environments. Services like TACACS+, RADIUS, and WPA do not depend on strict system time synchronization in the same way Kerberos does.
Because Kerberos authentication cannot function correctly without accurate system time, B is the correct answer.
Question #27
After installing a new video card in their workstation, a user reports that the workstation randomly crashes. The user updates the drivers according to the manufacturer’s recommendation, but the issue persists.
Which of the following steps should a technician take next to troubleshoot the issue?
- A . Add additional fans for cooling.
- B . Check the anti-malware software for recent activity.
- C . Install third-party graphics drivers for better stability.
- D . Review system logs for error messages.
Correct Answer: D
D
Explanation:
When a system begins randomly crashing after a hardware change (installing a GPU) and the correct vendor driver update does not resolve it, the best next troubleshooting step is to collect evidence about what is failing. Windows records crash details, driver faults, and unexpected shutdowns in Event Viewer (System/Application logs) and related reliability tools. Quentin Docter specifically states that Event Viewer should be the first place you look when the solution is not evident because applications and the OS often create log entries that help verify operation and diagnose problems. These logs can reveal whether the crash is tied to a display driver fault, power/kernel events, or another subsystem. Docter also notes you can often find more information about application crashes by reviewing the Application log, and for instability/shutdown patterns you “start combing through the logs” in Event Viewer to determine whether the system lost power or crashed. Mike Meyers adds that Event Viewer is the tool used to read and understand Windows logs (Application/System/Setup/Security) for diagnosing what’s happening on a system.
Reference: Quentin Docter C CompTIA A+ Complete Study Guide (Event Viewer as first stop; crash/shutdown investigation via logs); Travis Everett & Andrew Hutz C CompTIA A+ All-in-One Exam Guide (Event Viewer logs and event levels for troubleshooting); Mark Soper C Mike Meyers’ A+ Lab Manual (Event Viewer and the “big four” Windows logs).
D
Explanation:
When a system begins randomly crashing after a hardware change (installing a GPU) and the correct vendor driver update does not resolve it, the best next troubleshooting step is to collect evidence about what is failing. Windows records crash details, driver faults, and unexpected shutdowns in Event Viewer (System/Application logs) and related reliability tools. Quentin Docter specifically states that Event Viewer should be the first place you look when the solution is not evident because applications and the OS often create log entries that help verify operation and diagnose problems. These logs can reveal whether the crash is tied to a display driver fault, power/kernel events, or another subsystem. Docter also notes you can often find more information about application crashes by reviewing the Application log, and for instability/shutdown patterns you “start combing through the logs” in Event Viewer to determine whether the system lost power or crashed. Mike Meyers adds that Event Viewer is the tool used to read and understand Windows logs (Application/System/Setup/Security) for diagnosing what’s happening on a system.
Reference: Quentin Docter C CompTIA A+ Complete Study Guide (Event Viewer as first stop; crash/shutdown investigation via logs); Travis Everett & Andrew Hutz C CompTIA A+ All-in-One Exam Guide (Event Viewer logs and event levels for troubleshooting); Mark Soper C Mike Meyers’ A+ Lab Manual (Event Viewer and the “big four” Windows logs).
Question #28
Which of the following is the quickest way to move from Windows 10 to Windows 11 without losing data?
- A . Using gpupdate
- B . Image deployment
- C . Clean install
- D . In-place upgrade
Correct Answer: D
D
Explanation:
An in-place upgrade is the fastest and most efficient way to upgrade from Windows 10 to Windows 11 while keeping all user data, applications, and settings intact. This method is often used when the hardware meets Windows 11 requirements and no system reconfiguration is necessary.
D
Explanation:
An in-place upgrade is the fastest and most efficient way to upgrade from Windows 10 to Windows 11 while keeping all user data, applications, and settings intact. This method is often used when the hardware meets Windows 11 requirements and no system reconfiguration is necessary.
Question #29
A technician needs to perform remote maintenance on devices across the network. The devices may be unattended or in use by employees. Cross-platform support and built-in security are required.
Which of the following remote technologies best meets these requirements?
- A . VNC
- B . RDP
- C . VPN
- D . SSH
Correct Answer: D
D
Explanation:
The correct answer is D. SSH. Secure Shell is the best choice because it provides encrypted remote administrative access and is commonly supported across platforms, especially Linux, UNIX, macOS, network devices, and modern Windows systems. Quentin Docter’s Complete Study Guide explains that SSH is commonly used for remote access through a text console, encrypts communication between the SSH client and server, and uses TCP port 22. It also supports authentication through public/private key pairs or username and password credentials. The Mike Meyers/Mark Soper material also identifies SSH as the secure modern replacement for Telnet and explains that the entire connection is encrypted to prevent eavesdropping. VNC is cross-platform, but it is not encrypted by default and often requires plug-ins for encryption. RDP is mainly associated with Windows graphical remote access, and VPN provides secure network connectivity but is not itself a remote maintenance shell or control tool.
D
Explanation:
The correct answer is D. SSH. Secure Shell is the best choice because it provides encrypted remote administrative access and is commonly supported across platforms, especially Linux, UNIX, macOS, network devices, and modern Windows systems. Quentin Docter’s Complete Study Guide explains that SSH is commonly used for remote access through a text console, encrypts communication between the SSH client and server, and uses TCP port 22. It also supports authentication through public/private key pairs or username and password credentials. The Mike Meyers/Mark Soper material also identifies SSH as the secure modern replacement for Telnet and explains that the entire connection is encrypted to prevent eavesdropping. VNC is cross-platform, but it is not encrypted by default and often requires plug-ins for encryption. RDP is mainly associated with Windows graphical remote access, and VPN provides secure network connectivity but is not itself a remote maintenance shell or control tool.
Question #30
A technician is installing a cloud-based productivity suite and gets an error saying the installation is unavailable.
What should be tried first?
- A . Reinstall the productivity suite
- B . Download an open-source alternative
- C . Check the license device limit
- D . Update the device OS
Correct Answer: C
C
Explanation:
Cloud-based software often enforces device limits per license. Before reinstallation or switching software, checking license allocations is the most logical first step.
From Quentin Docter C CompTIA A+ Complete Study Guide:
“Many cloud apps enforce user or device count restrictions. When an install fails, check licensing before troubleshooting other areas.”
C
Explanation:
Cloud-based software often enforces device limits per license. Before reinstallation or switching software, checking license allocations is the most logical first step.
From Quentin Docter C CompTIA A+ Complete Study Guide:
“Many cloud apps enforce user or device count restrictions. When an install fails, check licensing before troubleshooting other areas.”