Practice Free 220-1202 Exam Online Questions
Question #71
A user’s application only works with a legacy version of the OS. The OS is reaching its end-of-life date. For security reasons, the company is migrating to the current version of the OS.
Which of the following is the most efficient way to complete the migration while maintaining accessibility to the application?
- A . Terminal server
- B . Bare-metal server
- C . Multiboot
- D . Virtualization
Correct Answer: D
D
Explanation:
Virtualization allows the legacy OS to be run in a virtual machine (VM) on top of the newer OS. This method provides backward compatibility without requiring outdated operating systems on physical hardware.
From Quentin Docter C CompTIA A+ Complete Study Guide:
“Using virtualization is a preferred method when legacy applications are needed after migrating to newer operating systems. It allows legacy environments to exist securely within a modern OS framework.”
D
Explanation:
Virtualization allows the legacy OS to be run in a virtual machine (VM) on top of the newer OS. This method provides backward compatibility without requiring outdated operating systems on physical hardware.
From Quentin Docter C CompTIA A+ Complete Study Guide:
“Using virtualization is a preferred method when legacy applications are needed after migrating to newer operating systems. It allows legacy environments to exist securely within a modern OS framework.”
Question #72
A user is working from home and is unable to access work files on a company laptop.
Which of the following should a technician configure to fix the network access issue?
- A . Wide-area network
- B . Wireless network
- C . Proxy network settings
- D . Virtual private network
Correct Answer: D
D
Explanation:
A VPN creates a secure tunnel from the user’s home network into the corporate network, providing the necessary routing and access controls for the laptop to reach internal file servers. Without a VPN, the device remains outside the corporate LAN and cannot directly reach protected resources.
A VPN creates a secure tunnel from the user’s home network into the corporate network, providing the necessary routing and access controls for the laptop to reach internal file servers. Without a VPN, the device remains outside the corporate LAN and cannot directly reach protected resources.
D
Explanation:
A VPN creates a secure tunnel from the user’s home network into the corporate network, providing the necessary routing and access controls for the laptop to reach internal file servers. Without a VPN, the device remains outside the corporate LAN and cannot directly reach protected resources.
A VPN creates a secure tunnel from the user’s home network into the corporate network, providing the necessary routing and access controls for the laptop to reach internal file servers. Without a VPN, the device remains outside the corporate LAN and cannot directly reach protected resources.
Question #73
A technician thinks that an application a user downloaded from the internet may not be the legitimate one, even though the name is the same. The technician needs to confirm whether the application is legitimate.
Which of the following should the technician do?
- A . Compare the hash value from the vendor.
- B . Run Task Manager and compare the process ID.
- C . Run the application in safe mode.
- D . Verify the file name is correct.
Correct Answer: A
A
Explanation:
To ensure the authenticity of a downloaded application, the most reliable method is to verify the file’s hash (e.g., SHA256, MD5) against the value provided by the legitimate vendor. If the hash values match, the file has not been altered or tampered with. This verification confirms the integrity and authenticity of the executable.
B. Process IDs are dynamic and not unique to specific software.
C. Running in safe mode doesn’t validate legitimacy―it only runs the app in a minimal environment.
D. File names can be spoofed; matching the name does not prove authenticity.
Reference: CompTIA A+ 220-1102 Objective 2.2: Compare and contrast authentication and software integrity verification methods.
Study Guide Section: Hash verification for software authenticity and digital integrity
A
Explanation:
To ensure the authenticity of a downloaded application, the most reliable method is to verify the file’s hash (e.g., SHA256, MD5) against the value provided by the legitimate vendor. If the hash values match, the file has not been altered or tampered with. This verification confirms the integrity and authenticity of the executable.
B. Process IDs are dynamic and not unique to specific software.
C. Running in safe mode doesn’t validate legitimacy―it only runs the app in a minimal environment.
D. File names can be spoofed; matching the name does not prove authenticity.
Reference: CompTIA A+ 220-1102 Objective 2.2: Compare and contrast authentication and software integrity verification methods.
Study Guide Section: Hash verification for software authenticity and digital integrity
Question #74
An organization sees unauthorized apps installed and licensing prompts.
What should the security team do?
- A . Deploy an internal PKI to filter encrypted web traffic.
- B . Remove users from the local admin group.
- C . Implement stronger controls to block suspicious websites.
- D . Enable stricter UAC settings on Windows.
Correct Answer: B
B
Explanation:
Removing users from the local admin group prevents them from installing unauthorized software.
From Quentin Docter C Complete Study Guide:
“Local admin privileges allow users to install unauthorized apps. Removing them from this group restricts installations and helps prevent malware.”.
B
Explanation:
Removing users from the local admin group prevents them from installing unauthorized software.
From Quentin Docter C Complete Study Guide:
“Local admin privileges allow users to install unauthorized apps. Removing them from this group restricts installations and helps prevent malware.”.
Question #75
A technician needs to disable guest log-ins on domain-joined desktop machines.
Which of the following should be used?
- A . Group Policy
- B . Firewall
- C . Microsoft Management Console
- D . MSConfig
Correct Answer: A
A
Explanation:
Group Policy is the standard administrative tool for setting user permissions across domain-joined systems.
From QUENTIN DOCTER C COMPLETE Study Guide:
“Use Group Policy to enforce user rights, including disabling guest account access on domain computers.”
A
Explanation:
Group Policy is the standard administrative tool for setting user permissions across domain-joined systems.
From QUENTIN DOCTER C COMPLETE Study Guide:
“Use Group Policy to enforce user rights, including disabling guest account access on domain computers.”
Question #76
Which of the following is required to have a central log-in for a Windows computer?
- A . Domain membership
- B . Workgroup
- C . Active Directory
- D . Local Group Policy Editor
Correct Answer: A
A
Explanation:
A “central log-in” means users can authenticate using a centralized account database rather than separate local accounts on each PC―this is a core feature of a Windows domain. Mike Meyers explains that a Windows domain makes it easy for anyone with a domain account to log on to any computer in the domain with a single account, a process called “single sign-on (SSO),” and that users do not need a separate local account stored on every computer. The All-in-One guide reinforces the same: in a domain, the domain controller stores domain accounts and “a user logging on to any computer on the domain may use their one domain account to log on to the entire network.”
Active Directory is the directory service commonly used to implement domains, but the question asks what is required for centralized logon on the workstation side―the computer must be joined to the domain (domain membership). Workgroups use only local accounts, and Local Group Policy Editor manages policies locally, not centralized authentication.
A
Explanation:
A “central log-in” means users can authenticate using a centralized account database rather than separate local accounts on each PC―this is a core feature of a Windows domain. Mike Meyers explains that a Windows domain makes it easy for anyone with a domain account to log on to any computer in the domain with a single account, a process called “single sign-on (SSO),” and that users do not need a separate local account stored on every computer. The All-in-One guide reinforces the same: in a domain, the domain controller stores domain accounts and “a user logging on to any computer on the domain may use their one domain account to log on to the entire network.”
Active Directory is the directory service commonly used to implement domains, but the question asks what is required for centralized logon on the workstation side―the computer must be joined to the domain (domain membership). Workgroups use only local accounts, and Local Group Policy Editor manages policies locally, not centralized authentication.
Question #77
A user calls the help desk to report an issue with their smartphone. After the user returns from a business trip, the user is no longer able to access email or visit websites without a Wi-Fi connection on the smartphone.
Which of the following would the user do to most likely resolve the issue?
- A . Enable cellular data.
- B . Increase data limits.
- C . Disconnect the VPN.
- D . Reinstall the SIM card.
Correct Answer: A
A
Explanation:
If the phone works on Wi-Fi but not off Wi-Fi, the most likely issue is that cellular data is disabled (or restricted). This aligns directly with the CompTIA A+ objective language for mobile troubleshooting, which explicitly includes “wireless/cellular data network (enable/disable).” After travel, users often enable airplane mode or disable cellular data to avoid roaming charges, and sometimes forget to re-enable it.
Quentin Docter’s mobile connectivity discussion repeatedly distinguishes Wi-Fi access from cellular connectivity and treats cellular settings as a primary area to verify when Internet access is not available away from Wi-Fi. While data caps/limits could throttle service, they usually don’t make all non-Wi-Fi browsing and email impossible immediately. VPN issues might block some access, but the simplest “most likely” resolution based on the symptom is re-enabling cellular data. Reinstalling the SIM is possible, but again not the first, most likely fix given the scenario framing. Therefore, Enable cellular data (A) is correct.
A
Explanation:
If the phone works on Wi-Fi but not off Wi-Fi, the most likely issue is that cellular data is disabled (or restricted). This aligns directly with the CompTIA A+ objective language for mobile troubleshooting, which explicitly includes “wireless/cellular data network (enable/disable).” After travel, users often enable airplane mode or disable cellular data to avoid roaming charges, and sometimes forget to re-enable it.
Quentin Docter’s mobile connectivity discussion repeatedly distinguishes Wi-Fi access from cellular connectivity and treats cellular settings as a primary area to verify when Internet access is not available away from Wi-Fi. While data caps/limits could throttle service, they usually don’t make all non-Wi-Fi browsing and email impossible immediately. VPN issues might block some access, but the simplest “most likely” resolution based on the symptom is re-enabling cellular data. Reinstalling the SIM is possible, but again not the first, most likely fix given the scenario framing. Therefore, Enable cellular data (A) is correct.
Question #78
A user cannot find multiple files on their machine. A technician finds that the files have been renamed with a different extension. The files cannot be opened when changed back to the original file type. Additionally, the user reports receiving pop-ups that request cryptocurrency payments.
Which of the following steps should the technician take next?
- A . Reimage the machine and restore files from backup.
- B . Scan the system after updating anti-malware.
- C . Remove the machine from the network.
- D . Turn off the machine and restart it in Safe Mode.
Correct Answer: C
C
Explanation:
The correct answer is C because the symptoms strongly indicate ransomware: files renamed with a new extension, files still unusable after renaming them back, and payment demands in cryptocurrency. Quentin Docter’s Complete Study Guide explains that ransomware commonly encrypts files, renames them with a unique extension, and places ransom instructions for payment. The Mike Meyers/Mark Soper material also states that ransomware encrypts accessible local or network data and demands payment for decryption keys. According to the CompTIA A+ malware-removal procedure, after investigating and verifying malware symptoms, the next step is to quarantine infected systems. Removing the machine from the network prevents the ransomware from spreading to shared drives or other systems. Reimaging and restoring from backup may be required later, and updating/scanning anti-malware is part of remediation, but isolation must happen first.
C
Explanation:
The correct answer is C because the symptoms strongly indicate ransomware: files renamed with a new extension, files still unusable after renaming them back, and payment demands in cryptocurrency. Quentin Docter’s Complete Study Guide explains that ransomware commonly encrypts files, renames them with a unique extension, and places ransom instructions for payment. The Mike Meyers/Mark Soper material also states that ransomware encrypts accessible local or network data and demands payment for decryption keys. According to the CompTIA A+ malware-removal procedure, after investigating and verifying malware symptoms, the next step is to quarantine infected systems. Removing the machine from the network prevents the ransomware from spreading to shared drives or other systems. Reimaging and restoring from backup may be required later, and updating/scanning anti-malware is part of remediation, but isolation must happen first.
Question #79
A user keeps seeing malicious ads in the bottom-right corner of the screen. When the ads appear, the icon for the Internet browser process is visible in Task Manager. A technician runs an anti-malware scan that shows no results.
Which of the following is the cause of this issue?
- A . Browser notifications
- B . Remote access Trojan
- C . Browser cache
- D . Browser hijacker
Correct Answer: A
A
Explanation:
The correct answer is A. Browser notifications. The clue is that the browser process appears in Task Manager when the ads appear, but the anti-malware scan finds nothing. This points to allowed browser push notifications rather than an installed malware infection. Quentin Docter’s Complete Study Guide explains that browser push notifications can be abused when a user is tricked into allowing notifications from a malicious site. The site can then push notifications to the operating system that look like system messages or advertisements. The guide also recommends periodically reviewing which sites are allowed to send notifications. A browser hijacker usually changes browser behavior such as search engines, home pages, or redirections. Browser cache stores website files but does not normally generate persistent malicious notifications. A remote access Trojan would involve unauthorized remote control, not simply browser-generated ad notifications with no malware scan result.
A
Explanation:
The correct answer is A. Browser notifications. The clue is that the browser process appears in Task Manager when the ads appear, but the anti-malware scan finds nothing. This points to allowed browser push notifications rather than an installed malware infection. Quentin Docter’s Complete Study Guide explains that browser push notifications can be abused when a user is tricked into allowing notifications from a malicious site. The site can then push notifications to the operating system that look like system messages or advertisements. The guide also recommends periodically reviewing which sites are allowed to send notifications. A browser hijacker usually changes browser behavior such as search engines, home pages, or redirections. Browser cache stores website files but does not normally generate persistent malicious notifications. A remote access Trojan would involve unauthorized remote control, not simply browser-generated ad notifications with no malware scan result.
Question #80
Which of the following authentication methods is the best way to prevent users from frequently entering their credentials?
- A . Access control list
- B . Single sign-on
- C . Multifactor authentication
- D . One-time password
Correct Answer: B
B
Explanation:
Single sign-on (SSO) allows users to authenticate once and gain access to multiple systems without re-entering credentials, which significantly enhances user convenience while maintaining security.
From Quentin Docter C CompTIA A+ Complete Study Guide:
“Single sign-on streamlines authentication by allowing users to log in once and access all authorized resources, reducing credential fatigue and improving security.”
B
Explanation:
Single sign-on (SSO) allows users to authenticate once and gain access to multiple systems without re-entering credentials, which significantly enhances user convenience while maintaining security.
From Quentin Docter C CompTIA A+ Complete Study Guide:
“Single sign-on streamlines authentication by allowing users to log in once and access all authorized resources, reducing credential fatigue and improving security.”