CompTIA A+ 220-1102 2.0 Security

Ref:📕Mike Meyers’ CompTIA A+ Core 2 Certification Passport (Exam 220-1102)

1 / 251

What is the best way to protect data at rest as per the CompTIA A+ Core 2 exam?

A. Using Antivirus software

B. Regular Data Backups

C. File compression

D. Encryption

2 / 251

Which application does Windows 10 mobile devices use for file backup and restore?

A. iCloud

B. Google Sync

C. iTunes

D. OneDrive

3 / 251

What is one significant difference between Bring Your Own Device (BYOD) and Corporate-Owned Personally Enabled (COPE) policies in organizations?

A. In BYOD, the device is not permitted to access company data, while in COPE, it is.

B. In BYOD, employees personally pay for the device service while in COPE, the organization bears the cost.

C. In BYOD, devices are owned by the company, whereas in COPE, the devices are personally owned by the employees.

D. In BYOD, devices cannot be used for personal reasons, while in COPE they can be used as if personally owned.

4 / 251

What is the main function of domain isolation in Windows Defender Firewall with Advanced Security?

A. It allows only the network traffic that is necessary and approved by firewall rules.

B. It prevents unsolicited messages from non-domain member devices from reaching domain member devices.

C. It limits access to a server to only those devices authorized to do so.

D. It authenticates clients and servers using certificates.

5 / 251

Which of the following is NOT one of the best defenses for protecting e-mail mentioned in the text?

A. Encryption

B. Anti-Spam Filter

C. Using a VPN

D. User Training

6 / 251

What tasks does Universal Plug and Play (UPnP) perform through network protocols like TCP, IP, HTTP, and DHCP?

A. Configure a network device with an IP address, build convergence with existing devices on a network, and create a web page interface for viewing device status

B. Configure a network device with an IP address, but does not build convergence with existing devices on a network or create a web page interface for viewing device status

C. Builds convergence with existing devices on a network and creates a web page interface for viewing device status, but does not configure a network device with an IP address

D. Creates a web page interface for viewing device status, but does not configure a network device with an IP address or build convergence with existing devices on a network

7 / 251

What are the benefits of keeping a router’s firmware up to date?

A. Fixes bugs and adds new features

B. Decreases the security functions of the router

C. The router loses its automatic firmware update feature

D. The router’s performance decreases

8 / 251

What does an authenticator application do?

A. Generates single-use passcodes.

B. Removes the need for password authentication.

C. Validates only the simple login credentials of a user.

D. Ensures the codes are valid forever.

9 / 251

What is vishing in computer security?

A. It is a type of malware attack

B. It is a type of ransomware attack

C. It is a type of phishing attack that uses VoIP

D. It is a type of DDoS attack

10 / 251

What describes an unprotected system?

A. A computer with both anti-virus and anti-malware installed

B. A workstation with an updated firewall

C. A computer, either a server or workstation, without any form of intrusion detection installed

D. A system that is not connected to the internet

11 / 251

What is the process of Spoofing in terms of network security?

A. It is the process of protecting data by placing information into your packets.

B. It is the process of pretending to be someone or something you are not by placing false information into your packets.

C. It is the process of intruding a network system by destroying its core security system.

D. It is the process of securing a network by putting up firewalls to protect data.

12 / 251

Which protocols are most commonly used to protect cellular and VoIP voice calls?

A. HTTP and SMTP

B. FTP and Pop3

C. TLS, SIP with TLS, and SRTP

D. TCP and UDP

13 / 251

What is the main purpose of an ad blocker?

A. Enhancing audio quality

B. Removing codes from web page file that display ads

C. Increasing data speed

D. Improving graphic display

14 / 251

What is Folder Redirection primarily used for in an Active Directory network?

A. To delete a known folder and recreate it in a different location

B. To transfer files from one folder to another

C. To redirect users of a known folder to a different folder, like from a local Documents folder to a user’s home folder

D. To rename a known folder

15 / 251

Why is it important to change the default user name and password after purchasing a new SOHO router?

A. To personalize the router

B. Because the default credentials may not function properly

C. To prevent others from easily accessing your network

D. Because it’s a rule set by the manufacturers

16 / 251

What are some recommended actions an organization should take when using a third-party disposal company?

A. Perform a background check on the vendor

B. Monitor the vendor’s employees when they are on the organization’s premises

C. Inspect the vendor’s operating sites for security and privacy

D. All of the above

17 / 251

What must a domain controller (DC) have installed to function correctly?

A. Windows 10 Professional

B. Internet Information Services (IIS) server role

C. Active Directory Domain Services (AD DS) server role

D. Microsoft Office Suite

18 / 251

What is a common function of using pattern locks on smartphones?

A. Prevent accidental dialing or app starts

B. Creating personalized design backgrounds

C. Improving battery life

D. Enhancing the phone’s processing speed

19 / 251

What is the most secure protection for data at rest?

A. Application-level encryption

B. File system encryption

C. Database encryption

D. Full disk encryption (FDE)

20 / 251

What does a screened subnet refer to in networking terminology?

A. A router that separates internal and external networks

B. A router configured into three separate subnetworks

C. A networking technique to connect two separate networks

D. A type of router specialized for wireless connections

21 / 251

What does the principle of least privilege state in terms of logical security and access control?

A. Users should be given as many permissions as possible

B. Users are not assigned any permissions and rights

C. The permissions and rights assigned to a user account should be no higher than those needed by the user to perform their assigned tasks

D. All users should have equal permissions and rights

22 / 251

What is the default browser provided on an Android operating device?

A. Edge

B. Safari

C. Firefox

D. Chrome

23 / 251

How can you disable the Guest Account in Windows to minimize security risks?

A. Go to My Network Places | Properties

B. Go to Local Policies | Security Options and change Guest Account Status to Disabled

C. Directly right-click the Guest Account and select Disable

D. Go to User Accounts and change the status of Guest Account to Disabled

24 / 251

How can the logon time restrictions be set up for specific users?

A. By creating a new user account

B. By using group policy on a domain controller

C. By changing user permissions

D. By using the Windows Firewall

25 / 251

Which Login/Sign-in option for a Windows 10/11 system makes use of a hardware device like a USB key?

A. Windows Hello Face

B. Windows Hello PIN

C. Security Key

D. Password

26 / 251

What makes an unpatched system highly vulnerable to attack?

A. The system is not up to date with the latest user interface upgrades

B. The system is not up to date with the latest performance improvements

C. The system is not up to date with the latest security-related patches, fixes, or upgrades

D. The system did not install the latest gaming features

27 / 251

Which of the following is NOT a recommended defense for protecting e-mail from attacks mentioned in the passage?

A. Encryption

B. Spam filter

C. Anti-malware software

D. Anti-virus software

28 / 251

Which setting in the Local Security Policy app would you adjust to ensure passwords aren’t stored with reversible encryption?

A. Enforce password history

B. Maximum password age

C. Store passwords using reversible encryption

D. Password must meet complexity requirements

29 / 251

What happens when the ’Never notify’ setting is active in the User Account Control (UAC) of a Windows 10/11 system?

A. UAC will always display a notification for any changes, including trusted Windows settings.

B. UAC will display the challenge/warning box only when an application attempts to make a change to a system setting or resource.

C. UAC will continue operating but won’t dim the Desktop.

D. No notice or warning is given for any changes.

30 / 251

What does the ’Enforce password history’ setting in the Local Security Policy app on Windows 10/11 system do?

A. It indicates when a user last changed their password, in days.

B. It allows or disallows the minimum password length to be greater than 14 characters.

C. It enables/disables a log file entry each time a user creates a password that is less than a certain value.

D. It sets the maximum number of unique and not previously used passwords that must be associated with a user account before a previously used password can be reused.

31 / 251

What does a swipe lock do on a mobile device such as a smartphone?

A. It matches the motion and direction of a swipe pattern across the screen to a stored pattern to unlock the device

B. It allows the user to swipe any pattern to unlock the device

C. It uses a swipe to close the device

D. It uses the direction of a swipe to track the user’s location

32 / 251

What does the system lockout do when the number of unsuccessful login attempts exceeds the threshold value in the system’s settings?

A. Locks the system indefinitely

B. Erases all data in the system

C. Changes the system’s password

D. Protects the device from brute-force attacks

33 / 251

How do anti-malware programs detect polymorphic malware?

A. By comparing the drive’s boot sector to a standard boot sector

B. Through actively scanning for lurking malware

C. By computing and storing a checksum from the contents of each executable file

D. By comparing files against a library of signatures

34 / 251

What is the purpose of a certificate of destruction within an organization?

A. To prove that data was destroyed in accordance with industry or government regulations

B. To prove that the organization has the ability to recover destroyed data

C. To certify that the organization has performed a recycling process

D. To certify that an organization has properly stored confidential data

35 / 251

Why is it particularly important to create unique passwords for each account, application, and sensitive item on the computer?

A. To prevent a screensaver from displaying

B. To ensure compliance with GDPR

C. To protect personally identifiable information

D. So if one password is compromised, all the others remain secure

36 / 251

Where can content filtering feature be added?

A. Client level

B. Network level

C. Through a web-based service

D. All of the above

37 / 251

Which storage media can be rendered unrecoverable by using a shredder?

A. Hard drives, flash drives, and magnetic tapes

B. Power supplies

C. Motherboards and memory boards

D. All of the above

38 / 251

Which is the correct order of wireless encryption protocols from strongest to weakest?

A. WPA, WPA2, WPA3, WEP

B. WPA3, WPA2, WPA, WEP

C. WEP, WPA, WPA2, WPA3

D. WPA2, WPA3, WPA, WEP

39 / 251

What does a ’Connected’ type of hard token do in Multi-Factor Authentication (MFA)?

A. It is inserted into a token reader and transfers security & authentication data automatically to a system.

B. It generates a one-time access code without needing physical insertion into a reader.

C. It sends security or authenticated codes using Bluetooth or an RF signal.

D. It requires manual entry of a time-based passcode by the user.

40 / 251

Why is it recommended to disable unused ports on a router?

A. To increase the network speed

B. To reduce the risk of an attack

C. To free up space on the hard drive

D. To reduce power consumption

41 / 251

What are the primary vulnerability types created by Bring-your-own-device (BYOD) policies?

A. Data deletion and software crashes

B. Data leakage and malware infections

C. Password hijacking and user lockouts

D. Network slow down and application interruptions

42 / 251

What does a boot sector virus do?

A. It infects the RAM of the system

B. It changes the code in the master boot record (MBR) with harmful code

C. It corrupts the files on the system

D. It infects the BIOS of the system

43 / 251

What does an eye scan in a biometric system capture?

A. It captures the image of the face

B. It captures the pattern of the retina and iris parts of a person’s eye

C. It captures the veins in the hands

D. It captures the shape of the eyes, nose, mouth, lips, chin, and jaws

44 / 251

Which of the following firewall design isolates particular server to limit its access only to those devices that are authorized to do so?

A. Basic

B. Domain isolation

C. Server isolation

D. Certificate-based

45 / 251

What is the best practice concerning the guest account on a wireless router?

A. It is always secure, and you should enable it

B. Enable it only if you expect many guests

C. It is insecure and should always be enabled

D. It is insecure and should always be disabled

46 / 251

Which feature within the Windows 10 Settings app allows users to use the ’Find My Device’ service?

A. Privacy & Security

B. Update & Security

C. Device & Bluetooth

D. Network & Internet

47 / 251

What does BitLocker Drive Encryption do in Windows 10/11 Pro and Enterprise editions?

A. It allows you to double-click the BitLocker Drive Encryption icon

B. It enables you to encrypt removable media

C. It encrypts the whole drive, including every user’s files

D. It validates on boot that the computer has not changed

48 / 251

What is the purpose of setting strong passwords on Windows 10/11 systems?

A. To increase the speed of the system

B. To make the system resistant to a calculated attack by password-guessing programs

C. To improve the user interface of the system

D. To free up storage space on the system

49 / 251

What is a noncompliant system?

A. A system that has had all the necessary updates and patches applied

B. A system that has not had operating system updates and security patches, anti-malware updates and patches, or driver updates applied

C. A system that is only vulnerable to attack

D. A system that cannot be used as an attack vector

50 / 251

What is the main benefit of using the address reservation method in DHCP?

A. It allows devices to change their IP addresses frequently

B. It eliminates the chance of an IP address being issued to two different devices

C. It enables a device to have multiple IP addresses

D. It increases the DHCP address pool

51 / 251

In the ’Password must meet complexity requirements’ setting on a Windows 10/11 system, what is the main function of this setting?

A. It specifies the lifespan of a password

B. It sets the length requirement for new passwords

C. It either enables or disables the use of strong passwords

D. It keeps a log file entry of a user’s password history

52 / 251

What is the purpose of different types of tools and methods in terms of malware threats mentioned in the text?

A. To enable malware

B. To increase the number of malware threats

C. To decrease the efficiency of systems

D. To fight back against malware threats

53 / 251

What does the ’Minimum password length audit’ setting do in the Windows 10/11 Local Security Policy?

A. It creates a length requirement for any new password.

B. It creates a log file entry each time a user creates a password that is less than a certain value.

C. It is a toggle setting that enables or disables the complexity requirements of passwords.

D. It allows or disallows the minimum password length to be greater than 14 characters.

54 / 251

According to the text, how does the policy of password expiration and password history enforcement contribute to system security?

A. It allows users to remember their password more easily.

B. It reduces the exposure of a user’s password to random attacks.

C. It ensures the user has a unique password for every account.

D. It automatically locks out users after too many incorrect attempts.

55 / 251

Why can policies and procedures relating to mobile devices be more complex than those for other types of computing devices?

A. Because mobile devices usually have less processing power

B. Because of questions regarding device ownership and management

C. Because mobile devices are usually more expensive

D. Because mobile devices lack security features

56 / 251

What is the common restriction placed on files from untrusted or unknown sources across different operating systems?

A. The files can be opened without any restrictions

B. The files are automatically deleted

C. The files are restricted from being installed or used

D. The files are restricted from being downloaded

57 / 251

What must you have enabled to use Windows Hello on a Windows 10/11 system?

A. Touch ID

B. A PIN

C. Face recognition

D. Gmail account

58 / 251

What is the role of NTFS permissions while sharing a file or folder in Windows?

A. They define what any group or account can or cannot do with a file or folder.

B. They grant everyone Full Control network permissions.

C. They are only applied when the resource is locally accessed.

D. They only controls local user access, and does not affect network users.

59 / 251

Which editions of Windows 10/11 support the Encrypting File System (EFS)?

A. Home

B. Basic

C. Pro

D. Starter

60 / 251

What is implied when an Operating System (OS) has reached end-of-life (EOL) status?

A. The OS will get upgraded with new features

B. The provider will issue all the updates, fixes, and patches

C. Any discovered bugs or flaws will not be corrected by the provider

D. The OS will get enhanced security

61 / 251

What is a ’Dictionary Attack’ in the context of cybersecurity?

A. An attack based on the meanings of dictionary words.

B. An attack that uses every password ever leaked online to guess a user’s password.

C. An attack where the hacker suggests a word and the user has to guess its meaning.

D. An attack where the hacker uses a physical dictionary to find passwords.

62 / 251

What technology does a microwave sensor use and for what purpose in a commercial or industrial context according to CompTIA A+ (220-1102)?

A. It uses radio waves to penetrate walls and furniture to detect any motion.

B. This type of sensor absorbs heat emitted by bodies entering its monitored range.

C. The sensor uses a light beam and triggers an event if the beam is interrupted.

D. This sensor emits microwave pulses that are reflected back to the device. Changes in the wave patterns help determine position and movement of an interfering object.

63 / 251

What is the first line of defense against shoulder surfing?

A. Screen filters

B. User education

C. Privacy

D. Firewalls

64 / 251

What definition does the U.S. Cybersecurity and Infrastructure Security Agency (CISA) give for ’insider threat’?

A. It is a threat that comes from external sources

B. It is the threat triggered by unauthorized users

C. It is a threat to an organization’s data by competitors

D. It is the threat that an insider will use his or her authorized access, wittingly or unwittingly, to do harm to an organization’s resources

65 / 251

What does a keylogger do?

A. It captures images from your computer screen

B. It records your keystrokes and captures login information, banking or e-commerce transactions

C. It scans your computer for viruses

D. It blocks unwanted internet content

66 / 251

What is a zero-day attack in context of software security?

A. An attack that is carried out using known vulnerabilities.

B. An attack that exploits a vulnerability that was unknown to the software’s developers.

C. An attack carried out ten days after a vulnerability is discovered.

D. An attack that targets old or outdated software versions.

67 / 251

What does a magnetometer, also known as a walk-through metal detector, measure?

A. The weight of the metallic object

B. The temperature of the metallic object

C. The strength and direction of the magnetic field emitted by a metallic object

D. The color of the metallic object

68 / 251

What are the primary non-overlapping channels in the United States?

A. 1, 2, and 3

B. 2, 4, and 8

C. 1, 6, and 11

D. 5, 10, and 15

69 / 251

Which of the following statements about biometric door locks is NOT true?

A. Biometric door locks can be programmed

B. They use fingerprint or hand readers for identity

C. Biometric locks are not suitable for high-security areas

D. Biometric locks vary in number of fingerprints they can store

70 / 251

What does anti-phishing or phishing-awareness training mainly aim to achieve?

A. Help employees recognize natural human tendencies and combat them

B. Show employees how to carry out successful phishing attacks

C. Give employees understanding of how a malware attack starts

D. Both A and C

71 / 251

What are the categories of multifactor authentication (MFA) elements?

A. Something you own, something you forgot, somewhere you’ve been

B. Something you have, something you recall, someplace you once were

C. Something you have, something you know, something you are, somewhere you are

D. Something you possess, something you used to know, somewhere you might go

72 / 251

What is the primary function of a soft token in the context of computer security?

A. To hinder a user’s access to a system

B. To verify a user’s identity and grant them access to a system

C. To generate a one-time password (OTP) that is valid indefinitely

D. To solely integrate with smartphones and biometric devices

73 / 251

What does synchronization mean in the context of web browsers and mobile devices?

A. The process of deleting outdated browser data

B. The ability to coordinate browser software and settings between devices

C. The process to update browsers and mobile device OSs.

D. Transferring data from one mobile device to another

74 / 251

What steps must be followed to make hidden files visible on a Windows 10/11 system?

A. Click the File Explorer Options icon, then on View tab, find the Hide Protected Operating System Files option and uncheck it.

B. Click the View tab on the Control Panel, find the Hidden Files and Folders attribute and select the Show Hidden Files option.

C. Click the File Explorer Options icon on the Control Panel, select the View tab, find the Hidden Files and Folders attribute and select the Show Hidden Files, Folders, and Drives radio button.

D. Click on the Advanced Settings list in the Control Panel, find the Hidden Files and Folders attribute then select the Show Hidden Files option.

75 / 251

Which of the following is true about Facial biometric technology?

A. It captures the pattern of the retina and iris parts of a person’s eye.

B. It captures an image of a section of a finger or a palm.

C. It performs two tasks: capturing an image and matching the pattern of the characteristics.

D. It captures the image of a person’s face and analyzes the structure of the cheek bones as well as the shape of the eyes, nose, mouth, lips, chin, and jaws.

76 / 251

What is the function of the ’Active mode’ in the Defender antivirus tool?

A. It disables all actions, and no files are scanned.

B. It scans files, reports threats, but leaves the remediation to other software.

C. It is the primary antivirus tool of the Windows OSs, scans files for threats, and reports the found attacks

D. It allows manual download of the latest definitions from Microsoft.

77 / 251

What is the main objective of a phishing attack?

A. To trick a person into providing their personally identifiable information (PII) to someone they believe to be a legitimate requestor

B. To steal a person’s computer

C. To spread computer viruses

D. To make a legitimate request for information

78 / 251

What is the difference between a DoS and a DDoS attack?

A. In a DoS attack, multiple devices are used while a DDoS attack uses a single device

B. A DDoS attack uses multiple coordinated devices while a DoS attack is an attempt by a single device

C. A DDoS attack typically involves botnets while a DoS attack does not

D. There is no difference; they are the same thing

79 / 251

What is a Disconnected hard token in MFA procedure?

A. It is a physical device inserted into a token reader.

B. It generates a one-time access code that is passed as a signal to a receiver.

C. It uses Bluetooth or an RF signal to pass the security codes.

D. It is a physical key fob.

80 / 251

What is the primary benefit of using User Account Control (UAC) on a Windows 10/11 system?

A. It allows automatic installation of all applications

B. It prevents major system changes and keeps unauthorized or unsigned applications from being installed

C. It accelerates the process of system changes

D. It enables installation of unsigned applications without warning

81 / 251

What triggers an event in a magnetic sensor?

A. Interruption of a light beam

B. Alterations in wave patterns

C. Disturbance in the returning wave pattern

D. Breaking of the sensor’s magnetic connection

82 / 251

What happens when Microsoft Defender Antivirus is configured in ’Disabled mode’?

A. It becomes the primary antivirus tool and actively scans files for viruses

B. It works in the background behind other antivirus software and scans files

C. No actions take place, no files are scanned, no data is reported, and no remediation takes place

D. It provides up-to-date descriptions and signatures of known malware and virus attacks

83 / 251

What is the primary purpose of the Terminal Access Controller Access-Control System Plus (TACACS+) in wireless networks?

A. For device user administration

B. For network security

C. For device administration

D. For network optimization

84 / 251

What is ’Somewhere you are’ in the context of a multifactor authentication (MFA) scheme?

A. A physical device in possession of the user providing security code

B. A remembered code or phrase

C. A biometric data like finger or hand print, iris details, voice, etc.

D. A GPS reading or locations in a facility where one is authorized to access

85 / 251

What type of technology does an active sensor use in a home or small office setting?

A. It uses a light beam

B. It uses magnetic connections

C. It uses ultrasonic waves

D. It absorbs heat

86 / 251

Which of the following is a recommended practice for ensuring the security of end user accounts, data, and resources?

A. Use the same password for all accounts

B. Use a unique password for each account

C. Share your password with trusted friends

D. Use easy-to-remember passwords like ’123456’

87 / 251

What does CompTIA mean by password best practices?

A. Enforcing policies that allow easy passwords

B. Setting up open password policies

C. Enforcing policies that increase the chances of successful attacks

D. Setting up password policies that reduce the likelihood that attacks against password-protected resources will succeed.

88 / 251

What modes can the Defender antivirus be configured into?

A. Active, Passive, Disabled

B. Active, Passive, Enabled

C. Active, Passive, Sleep

D. Active, Passive, Offline

89 / 251

Which of the following options is NOT a function of the recovery mode on a Windows 10/11 system?

A. Removing an OS update

B. Reinstalling the OS

C. Improving device performance

D. Using the Startup Repair function

90 / 251

What is the primary reason it could be a good idea to disable or limit the use of AutoRun and AutoPlay on a Windows 10/11 system?

A. To enhance the system performance

B. To prevent malware or other bad stuff from being transferred onto the system

C. To increase the speed of disc reading

D. To reduce power consumptions

91 / 251

In the context of physical security programs for staff, what do the policies often define?

A. The lunch breaks and holidays

B. The penalty for late staff

C. The control mechanisms, methods, and devices that are used to implement a policy’s restrictions

D. The tasks and roles of each employee

92 / 251

Which encryption method is applied to Windows 10/11 mobile devices for storage and removable storage?

A. Full device encryption

B. Gilster’s Law

C. BitLocker or BitLocker To Go

D. Android Encryption

93 / 251

What is the purpose of a login script?

A. It resets the user’s password

B. It is used to set up variables for the user such as mapping folders to drive letters, setting a default printer for a specific user, capturing information about the user or device that is logged in, and more.

C. It initiates the shutdown sequence

D. It sends automated email responses

94 / 251

What methods are commonly used for authentication on wireless networks?

A. Single-factor authentication

B. RADIUS, TACACS+, or multiple-factor authentication processes

C. Password-only authentication

D. Manual user identification

95 / 251

Which of the following is not a type of screen lock mechanism discussed for the CompTIA A+ Core 2 (220-1102) exam?

A. Pattern lock

B. Fingerprint lock

C. Passcode lock

D. Firewall lock

96 / 251

When using multifactor authentication (MFA), what are the types of factors commonly used for the second factor?

A. Something you need, such as a phone number

B. Something you know, such as a password

C. Something you have, such as a smart card, badge, or token

D. Something you ate, like your last meal

97 / 251

Which of the following statements about the configuration and settings of a router in a home or SOHO network is correct?

A. All SOHO networks have a specific device called a router.

B. Home networks have become primarily wired.

C. SOHO networks have remained solely wired.

D. Home networks have become primarily wireless while SOHO networks may be wired or include wireless devices.

98 / 251

What is the focus of logical security in the context of CompTIA A+ Core 2 objectives?

A. Physical security measures

B. AAA model (authentication, authorization, and accounting)

C. Repairing hardware components

D. Network topology design

99 / 251

Which of the following is NOT a method of physical security mentioned in the text?

A. Door locks

B. Privacy tokens

C. Firewall

D. Prevention of misuses

100 / 251

What does a properly-configured firewall do?

A. It allows all inbound and outbound network traffic

B. It permits authorized inbound and outbound network traffic and denies what its rules specifically exclude

C. It blocks all network traffic

D. It allows only outbound traffic

101 / 251

Which of the following is NOT used in biometric technologies for physical security programs?

A. Hand and fingerprints

B. Blood pressure readings

C. Retina and iris patterns

D. Facial structure characteristics

102 / 251

What is a recommended best practice to optimize operating system security?

A. Leave the default Administrator or Guest accounts with their default names and passwords.

B. Name the accounts according to the company’s CEO name to avoid forgetting it.

C. Rename default accounts and apply strong passwords.

D. Only use the accounts that do not have admin privileges.

103 / 251

Which of the following is NOT a key consideration when physically placing a wireless router or an access point?

A. Obstructions to the signal path

B. Radio frequency and electromagnetic interference

C. Visibility to all network nodes

D. Site survey prior to installation

104 / 251

What are the steps to create a new inbound rule that allows traffic for a specific port number to pass through the Windows Defender Firewall?

A. Open the Firewall & Network Protection page, click Advanced Settings, choose Inbound Rules, select Port option, choose port TCP or UDP, select allow options, choose location policy, and name the rule.

B. Access the Settings app, click on Update & Security, select Windows Security, open Virus & threat protection, select Manage settings, and allow the new inbound rule.

C. Go to the Windows Defender Firewall, click on Firewall settings, select new rule, enter port number, select connectivity options, choose location policy, name the rule, and save.

D. Open the Network & Internet settings, select Windows Firewall, create a new rule, allow the connection, choose the location policy, name the rule, and close the window.

105 / 251

What purpose do bollards serve in the security of a secured facility?

A. They deter intruders from using lock picks on door locks

B. They prevent USB devices from being connected to servers

C. They provide protection against physical damage or breaches caused by vehicles

D. They restrict access to server ports and drives

106 / 251

Which of the following options is not a way to secure IoT devices according to the text?

A. Keeping their firmware up to date

B. Isolating devices on their networks as much as possible

C. Installing antivirus software

D. Limiting access to them from the outside

107 / 251

What are USB locks and how can they contribute to security?

A. USB locks are software interventions that block certain types of USB devices to be connected to the servers

B. USB locks are physical contraptions that are inserted into USB ports and lock in place, preventing unauthorized USB usage.

C. USB locks are special USB drives with encryption features that guard the data stored on them

D. USB locks are fingerprint based security systems for more secure access to USB drives

108 / 251

What does the ’Notify me only when apps try to make changes to my computer (default)’ option do in User Account Control (UAC) settings on a Windows 10/11 system?

A. It never displays a notification for any changes made.

B. It gives warnings only in the event of a change to a system setting or resource by an application and asks for a response before the system can resume operations.

C. It always sends a notification for any changes, including trusted Windows settings.

D. It continues to run processes in the background without dimming the Desktop.

109 / 251

What is the main objective of implementing Mobile Device Management (MDM) in an organization?

A. To manage workloads of IT admins

B. To control the connection, use, and location of mobile devices

C. To reduce workstation costs

D. To automate device management processes

110 / 251

What are the recommended practices to secure a laptop that is used in a stationary location for some time?

A. Use a cooling pad and a cable lock

B. Put it in a laptop locker or use a security plate

C. Both A and B are correct

D. Do not use it in a stationary location

111 / 251

What is a ’Contactless’ hard token as used in a MFA procedure?

A. A device that is physically inserted into a token reader

B. A token that generates a one-time access code without being physically inserted into a reader

C. A proximity device that uses Bluetooth or an RF signal to pass codes to the security system

D. A device that requires physical contact to transfer security codes

112 / 251

What benefits can reinstalling the operating system (OS) provide?

A. Improved system performance

B. Installation of malware

C. Accumulation of junk files

D. Slowing down of the system

113 / 251

What is the role of policies in account management in Windows?

A. They prevent users from creating accounts

B. They restrict actions a group or account can perform

C. They help in setting up hardware

D. They are only available in Home version of Windows

114 / 251

What are the two basic types of Access Control Lists (ACLs)?

A. A list of MAC addresses and a list stored on the processor

B. A list of IP addresses and a list stored on the wireless access point

C. A list stored on the boot drive of a file system and a list of MAC addresses on a WAP

D. A list of wireless networks and a list stored on the router

115 / 251

What is the primary function of Data destruction software?

A. It prepares a new disk by setting up the sectors and tracks.

B. It writes over all data on a device with various strings of data.

C. It overwrites all of the bits on the disk with zeroes.

D. It uninstalls unnecessary software from the device.

116 / 251

What are the three layers of protection provided by SSL/TLS for a web page that is transmitted back to the user?

A. Confidentiality, Encryption, Integrity

B. Encryption, Authentication, Integrity

C. Authentication, Confidentiality, Non-repudiation

D. Encryption, Confidentiality, Non-repudiation

117 / 251

What is the purpose of security protocols and encryption standards in wireless networks?

A. They enhance the performance of the wireless network

B. They safeguard the wireless networks

C. They stabilize the frequency of wireless signal transmission

D. They increase the range of wireless signal transmission

118 / 251

Which of the following actions can trigger the initial infection of a virus?

A. Installing an application

B. Copying a file

C. Opening an infected file

D. Cleaning the computer

119 / 251

What does the term ’Login timeout’ refer to in the context of security practices?

A. Enabling a screensaver with a timeout setting after a short period of inactivity

B. Enabling system logout after the system idles for an extended period

C. Securing laptop or notebook PCs in a stationary location using a cable lock

D. Using a unique password for each Microsoft account and other applications or websites

120 / 251

What is the function of the ’Notify me only when apps try to make changes to my computer (do not dim my desktop)’ option in the User Account Control (UAC) settings for Windows 10/11?

A. It stops all processes running in the background.

B. It allows a system setting or resource change without any notification or warning.

C. It displays a warning box when an application tries to make changes but allows other processes to continue running without dimming the desktop.

D. It shows a notification for any changes, including trusted Windows settings.

121 / 251

Which among the following is NOT a type of equipment lock?

A. Door Lock

B. USB Lock

C. Vehicle Lock

D. Server Lock

122 / 251

What does the ’Always notify me when’ option do in User Account Control (UAC) settings in Windows 10/11?

A. It sets the UAC to never display a notification for any changes.

B. It sets the UAC to display the challenge/warning box only when an application attempts to make a change to a system setting or resource.

C. It sets the UAC to always display a notification for any changes, including trusted Windows settings.

D. It keeps processes running in the background without dimming the Desktop.

123 / 251

What does a brute-force attack attempt to discover?

A. System clock speed

B. Set of instructions for a CPU

C. Passwords, open ports, network IDs, IP addresses, or user names

D. Firewall settings

124 / 251

What is an ’Evil Twin’ attack in a Wi-Fi network?

A. An attack in which a mover twins the MAC address of a user’s device

B. A social-engineering attack in which a person manipulates others into revealing their passwords

C. A method where an attacker places a fake access point to steal users’ data when they connect to it

D. An attack that involves deploying a twin server to monitor network traffic

125 / 251

Which method of physical destruction is suitable for rendering storage devices inoperable at home?

A. Incinerating

B. Shredding

C. Degaussing

D. Drilling

126 / 251

What type of features and functions do the settings on most browsers enable or disable?

A. Internet connection and Wi-Fi settings

B. Multiple windows and tab control

C. Pop-up and ad blockers, browsing history, and other basic functions

D. Sound control and video playback optimization

127 / 251

What should be considered while placing a router in a wireless network to mitigate signal path obstructions?

A. Accessibility by unauthorized individuals

B. Proximity to RF transmitters

C. Placement near heavy wooden objects

D. All of the above

128 / 251

What are the three primary considerations when selecting a security fence to enclose a secured facility?

A. Can it be climbed? Can it be painted? What color is it?

B. How much does it cost? Can it be penetrated? What material is it made from?

C. Can it be climbed? Can it be penetrated? How much does it cost?

D. What is its height? Can it be easily seen through? How much does it cost?

129 / 251

Which of the following is NOT a method used in social engineering as described in the text?

A. Talking with people to gather information

B. Posing as a cleaning personnel

C. Gathering passwords, employee names, and office numbers

D. Using cryptography to decipher encrypted data

130 / 251

What is the length of a pre-shared key (PSK) used in a WPA2 protocol?

A. 1 to 20 characters

B. 5 to 35 characters

C. 8 to 63 characters

D. 10 to 100 characters

131 / 251

Which type of permission allows read, write, and execute actions?

A. Full Control

B. Modify

C. Read & Execute

D. Write

132 / 251

What is the primary purpose of software firewalls in relation to individual mobile devices?

A. To interact with the traffic that a typical firewall blocks

B. To filter specific traffic coming into the host, which may also include anti-malware and basic intrusion detection

C. To protect the Wi-Fi networks that the mobile devices connect to

D. To serve as a backup for the cellular networks’ firewall

133 / 251

What is the primary function of the Private Browsing Mode in web browsers?

A. To send anonymous emails

B. To prevent online activities and caching of downloaded files

C. Providing encrypted access to webpages

D. To provide an ad-free browsing experience

134 / 251

What is impersonation in the context of cybersecurity?

A. The act of counterfeiting a product to exploit its brand popularity

B. Claiming to be someone else, like another employee or personnel, to illicitly gather sensitive information

C. Using a pseudonym online to hide one’s real identity

D. Copying someone else’s behavior or body language to persuade others

135 / 251

What does a passive sensor do in a motion detection system?

A. Emits ultrasonic waves to detect movement

B. Absorbs heat emitted by bodies entering its monitored range

C. Breaks a magnetic connection to trigger an alarm

D. Uses light beam and triggers an event if the beam is interrupted

136 / 251

How do you block pop-ups and redirects in Microsoft Edge?

A. Click the three-dot icon, select Settings, select Privacy and Security, scroll to Content section, select Pop-ups and Redirects

B. Click the three-bar icon, scroll menu, select Settings, in left-side navigation select Privacy & Security, on Browser Privacy page select Block Pop-up Windows

C. Click the three-dot symbol, scroll and select Settings, on Settings page click the three-line symbol, select Cookies and Site Permissions, scroll to All Permissions and select Popups and Redirects

D. Click on Settings, scroll to Privacy & Security, select Cookies and Site Permissions, select Pop-ups and Redirects

137 / 251

What is the specific functionality of Defender Antivirus in Passive Mode?

A. It scans for viruses and performs remediation

B. It doesn’t scan for viruses but reports threats to Windows Security

C. It works in the background, scanning for viruses and reports threats to Windows Security, but doesn’t perform any remediation

D. It disables all antivirus actions and reports no data

138 / 251

What is a whaling attack in the context of cybersecurity?

A. It’s an attack where a hacker tries to gain access to a network by pretending to be a low-level company employee

B. It’s an attack where a hacker targets a high-ranking individual within a company by pretending to be someone of similar rank

C. It’s an attack where a whale species is used as a code name for a dangerous virus

D. It’s an attack where a company uses phishing techniques to compete against other businesses

139 / 251

What are the recommended practices when using screensaver locks for computer security?

A. Only enable screensaver locks during night time

B. Apply screensaver with a timeout that will display the screensaver in a prolonged time period and you should have a simple, easy-to-remember password requirement to close the screensaver

C. Having screensaver without any lock or password

D. Enable screensaver with a timeout setting that will display the screensaver in a short time period and you should have a password requirement to close the screensaver

140 / 251

Which of these is not a recommended practice for ensuring the security of Personally Identifiable Information (PII)?

A. Sharing PII cautiously

B. Using a unique password for each account

C. Knowing where your PII is stored

D. Using the same password for all accounts

141 / 251

In Google Chrome, where can you find the settings for managing ’Pop-ups and Redirects’?

A. Under Privacy and Security in Settings

B. Under General Settings in Settings

C. Under Cookies and Site Permissions in Settings

D. Directly in the three-dot menu

142 / 251

What is tailgating in the context of IT security?

A. Unauthorized person using an authorized user’s computer when they are away

B. Unauthorized person entering a secure facility by physically sharing space with an authorized individual

C. Unauthorized person gaining access to a network by riding on a valid user’s connection

D. Unauthorized person stealing package deliveries left at the facility entrance

143 / 251

What are the improvements brought by Wi-Fi Protected Access 3 (WAP3) over WPA2?

A. It simplifies the protocol’s use and increases its encryption strength.

B. It reduces the encryption strength for faster transmission.

C. It maintains the same level of encryption as WPA2 but is easier to use.

D. It only provides a fix to the WPA2 KRACK flaw without improving the encryption methods.

144 / 251

What is an effective method to protect the contents of an e-mail and its attachments making it unreadable cipher text?

A. Anti-malware software

B. User training

C. Encryption using PKI and other methods

D. Secure e-mail gateway (SEG)

145 / 251

What is the function of the ’Certificate-based’ design policy in Windows Defender Firewall with Advanced Security?

A. It permits only required and authorized network traffic.

B. It blocks unsolicited messages from non-domain devices.

C. It limits access to a server to only authorized devices.

D. It uses certificates for authenticating clients and servers, including non-Windows OS devices.

146 / 251

What is the main function of a tomographic sensor?

A. It uses a light beam and triggers an event if the beam is interrupted.

B. It emits microwave pulses that are reflected back to the device.

C. It uses radio waves, which can penetrate walls and furniture, to detect an intruder or motion.

D. It uses ultrasonic waves, and when the returning wave pattern is disturbed, an alarm is triggered.

147 / 251

What is the main purpose of disabling the SSID broadcast on an AP according to the CompTIA objective?

A. To secure a wireless network

B. To avoid interference with other wireless devices

C. To enhance Wi-Fi speed

D. To hide an SSID from wireless scanning programs

148 / 251

Which of the following is NOT a method of completely erasing or wiping all data from a storage device?

A. Data destruction software

B. Low-level formatting

C. Undelete functions

D. Physical formatting

149 / 251

What two types of data are typically saved by a browser?

A. Random data and browsing data

B. Cached data and browsing data

C. Temporal data and cached data

D. Browsing data and temporal data

150 / 251

What is an on-path attack and what are its characteristics?

A. An on-path attack is a cyber attack carried out by the user, often targeting a secure email server.

B. An on-path attack is a type of man-in-the-middle (MITM) attack where the attacker positions themselves between a user and a network in order to intercept or alter data.

C. An on-path attack is a form of DNS attack where the attacker reroutes the user to a spoofed website.

D. An on-path attack is a malicious act carried out by an off-path attacker, who executes their attack from outside the network.

151 / 251

Which of the following is NOT recommended as an end-user best practice for ensuring the security of accounts, data, and resources?

A. Use different strong passwords for each account and keep them private

B. Enable a system logout after idling for an extended period

C. Secure laptop and notebook PCs with a cable lock

D. Create identical passwords for all Microsoft accounts and other applications

152 / 251

Which of the following represents the best practice for downloading a Web browser to a PC or mobile device according to the text?

A. Download it from any site that offers it

B. Download it from the developer’s website

C. Randomly select a third-party site

D. Download multiple files from untrusted source

153 / 251

Which of the following statements is TRUE about enabling the Windows Hello Face feature for facial recognition on a Windows system?

A. The system does not require any special hardware for setup.

B. Windows Hello Face can also be used to unlock the Microsoft Passport.

C. The Android OS includes a Trusted Face app for facial recognition.

D. Facial recognition on Windows does not use the Windows Biometric Framework (WBF).

154 / 251

What was the purpose of Temporal Key Integrity Protocol (TKIP) in WPA2?

A. To allow user authentication through EAP

B. To protect against attacks to which WEP was vulnerable

C. To replace CCMP and SAE

D. To provide a separate encryption key for each received packet

155 / 251

What are some of the benefits of reinstalling an OS?

A. Improved system performance

B. Elimination of malware

C. Elimination of junk files

D. All of the above

156 / 251

How can a port be opened on Windows Defender Firewall?

A. By closing all other applications

B. By configuring another application to communicate with the port

C. By allowing a particular application and its associated port to pass or by configuring the port directly using an inbound rule

D. By resetting the network settings

157 / 251

What does AES employ to create a multilayered cipher text that is impossible to crack?

A. Asymmetric key algorithm

B. Substitution permutation network (SPN) algorithm

C. Quantum computing

D. Elliptic Curve Cryptography (ECC)

158 / 251

Whichever profile of Firewall & Network Protection in Windows Security is used by default for new network connections and is considered to be the most secure initially due to the presumption that a public network isn’t secure?

A. Domain Network

B. Private Network

C. Public Network

D. SOHO Network

159 / 251

What benefits does Single Sign-On (SSO) provide to a user?

A. It permits access to multiple applications by using more than one username and password combination

B. It eliminates the need for the user to have a separate local account for every computer they wish to access.

C. It restricts a single Windows account to log on to any system in a domain.

D. It allows all users to access all machines on a domain without a username or password.

160 / 251

What is the purpose of server isolation in the context of Windows Defender Firewall configuration?

A. It blocks unsolicited messages from devices that aren’t domain members.

B. It allows a device to receive messages from non-domain member devices.

C. It restricts access to a specific server to only those devices specifically authorized.

D. It uses certificates for authenticating clients and servers.

161 / 251

What is the process to allow a particular application to pass through Windows Defender Firewall?

A. Access the Firewall & Network Protection page, search for the application and modify its settings

B. Manually enter the application name in the Firewall settings

C. Use the Browse button to locate the application, then enter it into the Firewall white list

D. Go to ’Allow Another App’ and search for the application directly

162 / 251

What is the main function of ’Inheritance’ in NTFS permissions?

A. It manipulates existing folder permissions.

B. It determines the permissions for new files or folders.

C. It disables all parent folder permissions for subfolders.

D. It allows users to adjust the priority of permissions.

163 / 251

What is the best practice to reduce vulnerability to dumpster diving?

A. Throw away the sensitive documents

B. Immediately shred unneeded documents

C. Donate the documents to a recycling center

D. Search the dumpster first before throwing away documents

164 / 251

What is Low-level formatting?

A. A process that overwrites all of the bits on the disk with zeroes.

B. A type of software, which is generally available for free, writes over all data on a device with strings of gibberish (or junk data) several times.

C. A process of recycling or repurposing storage devices.

D. A function to undelete files from a storage device.

165 / 251

What is one of the benefits of reinstalling the OS in the context of ’Elimination of junk files’?

A. It removes any malware on the system

B. It removes accumulated temporary or task-related files

C. It improves the system performance by removing unnecessary disk files

D. It helps in file sharing

166 / 251

What is a vulnerability in the context of the CompTIA A+ Core 2 exam?

A. A type of malware

B. A flaw or weakness in the physical or logical systems, controls, or processes

C. A specific type of cyber attack

D. The process of securing a system

167 / 251

What are the benefits of having security guards even if your organization uses badge readers, key fobs, or smart cards?

A. They can program the biometric door locks

B. They eliminate the need of any physical locks

C. They provide an extra level of security and deterrence

D. They enforce Group Policy settings

168 / 251

When considering a door lock, why could a door lock combined with an access control vestibule improve security?

A. It creates extra noise, which can alert security.

B. It ensures that only authorized personnel with the key can enter.

C. The vestibule recognises the identity of the person.

D. It deter a determined intruder.

169 / 251

What is the function of a Photo-sensor in a motion sensor system?

A. It uses ultrasonic waves to detect movement

B. It absorbs heat emitted by bodies

C. It triggers an event when a light beam is interrupted

D. It emits microwave pulses that are reflected back to the device

170 / 251

Which of the following statements regarding the security of Short Message Service (SMS) is true?

A. SMS messaging is fully private and secure

B. SMS messages are encrypted over its entire path

C. Cell service providers don’t have access to SMS content

D. SMS security can be compared to that of a fax machine that sends its content in the open.

171 / 251

What is the primary difference between browser extensions and plug-ins, according to the passage?

A. Extensions add features while plug-ins remove features.

B. Extensions provide a link to an application while plug-ins add features.

C. Extensions enhance the browser while plug-ins provide a link between the browser and an application.

D. There is no difference; they are used interchangeably.

172 / 251

What is a characteristic of a Trojan?

A. It replicates itself frequently

B. It tricks users into installing it by appearing useful

C. It asks users for permission before performing any action

D. It strengthens the security of the system it is installed on

173 / 251

What is the term for any program or code designed to harm a system or network?

A. Debugging

B. Scanning

C. Sandbox

D. Malware

174 / 251

What is the function of a Secure e-mail gateway (SEG) in an organization’s security policies?

A. It is a form of firewall that scans inbound and outbound e-mail for illicit content

B. It trains users to detect social engineering attacks

C. It turns the contents of an e-mail and its attachments into unreadable cipher text

D. It detects unwanted or dangerous e-mail and senders and then quarantines or destroys detected messages

175 / 251

Where do you need to go to enable account lockout duration or to set an account lockout threshold?

A. Security Settings | Account Properties | Account Lockout Policy

B. Account Settings | Security Policies | Account Lockout Policy

C. Account Settings | Account Policies | Account Lockout Policy

D. Security Settings | Account Policies | Account Lockout Policy

176 / 251

What does the ’Maximum password age’ setting in the Local Security Policy app of a Windows 10/11 system do?

A. Determines the number of unique passwords that must be associated with an account before an old one can be reused

B. Sets the minimum number of days a password must be used before it can be changed

C. Specifies the length in days after a password change before it should be changed again

D. Establishes the requirement for new password length

177 / 251

What components make up a typical alarm system?

A. Detection devices, a video processor, viewing monitors, and a storage device

B. Fire extinguishers, an intruder alarm, CCTVs, and a video processer

C. Servers, viewing monitors, a video processor, and a failsafe system

D. An intruder alarm, a video processor, temperature sensors, and a failsafe system

178 / 251

Which of the following is not a common key for booting into BIOS?

A. DEL

B. F8

C. ESC

D. F12

179 / 251

What is the primary purpose of a BIOS/UEFI password?

A. To prevent all unauthorized or ill-intended users from booting a system

B. To stop users from using USB drives

C. To provide a backup feature for data recovery

D. To ensure compatibility with Windows 10 and Windows 11

180 / 251

Which of the following is the default profile for new network connections in Windows firewall and is initially the most secure of the three location profiles?

A. Domain network

B. Private network

C. Public network

D. Workgroup network

181 / 251

What does the ’Minimum password length’ setting in the Local Security Policy app in a Windows 10/11 system do?

A. It sets a requirement for the password to include both upper- and lowercase characters, numbers, and special characters.

B. It ensures that the passwords are stored using a reversible encryption.

C. It creates a length requirement for any new password.

D. It sets the length of time in days that after a password is changed, it must be changed again.

182 / 251

What is an Organizational Unit (OU) in Active Directory?

A. A single user within a domain

B. An Active Directory container that holds users, groups, and computers

C. A domain that manages multiple computers

D. A policy that is applicable to a particular group

183 / 251

Which of the following describes the ’Domain network’ profile in Windows Defender Firewall?

A. This is the default profile for new network connections and is initially the most secure.

B. This profile is used for SOHO networks on which the users and devices are trusted.

C. The computer is connected to a domain controller.

D. It allows the computer to have direct internet access without any security measures.

184 / 251

What does the ’Minimum password age’ setting define in a Windows 10/11 system’s strong password policy?

A. The maximum number of days a password must be used before it can be changed

B. The minimum number of unique passwords that must be associated with a user account

C. The minimum length requirement for any new password

D. The minimum number of days that a password must be used before it can be changed again

185 / 251

In the Local Security Policy app on a Windows 10/11 system, which policy enables you to set a limit on the number of unique passwords that must be associated with a user account before a previously used password can be reused?

A. Enforce password history

B. Maximum password age

C. Minimum password age

D. Minimum password length

186 / 251

Which tool, usually contained in most anti-malware packages, can detect unwanted or dangerous e-mail and senders and then quarantine or destroy detected messages?

A. User training

B. Secure e-mail gateway (SEG)

C. Spam filter

D. Encryption

187 / 251

What requirements are needed for a router’s static IP configuration in a WAN?

A. It requires coordination with the ISP, DNS server and gateway addresses

B. It requires coordination with only the ISP

C. It needs to be internally configured with no assistance from ISP

D. It requires DNS server and gateway addresses only

188 / 251

Which of the following is not a type of encryption that can be applied to data at rest?

A. Application-level

B. File system

C. VPN-level

D. Full disk encryption (FDE)

189 / 251

Which devices receive OS and firmware updates from mobile service providers?

A. Windows 10/11 mobile devices and iOS devices

B. Android tablets without cellular service

C. Android smartphones and cellular-equipped tablets

D. iOS devices only

190 / 251

According to the text, which of the following factors are important to consider when physically placing a router in a wireless network?

A. Accessibility by unauthorized individuals

B. Proximity to noisy devices which emit strong electromagnetic interference

C. Proximity to RF transmitters such as TV or radio transmitters

D. The color and design of the router

191 / 251

What is the function of Active Directory in a Windows Server domain?

A. It provides gaming services

B. It provides directory services

C. It provides dictation services

D. It provides writing services

192 / 251

What is the primary difference between a low-level format and a standard format?

A. A low-level format is only used with internal drives, while a standard format is used with removable media.

B. A low-level format overwrites data and sector markings, whereas a standard format leaves the data but makes it inaccessible if requested through the file system.

C. A low-level format can be used to recover lost data, whereas a standard format can’t.

D. A low-level format is only possible with modern SATA drives, while a standard format can be used with any type of drive.

193 / 251

Why is it not advisable to drill the power supply of a device while attempting data disposal?

A. It can cause an explosion

B. It holds essential data that could be lost

C. It contains capacitors that store electrical power

D. Drilling it does not render the device inoperable

194 / 251

What tasks are performed when a fingerprint or palm print scan is conducted in biometric security systems?

A. Captures an image and matches it against pre-scanned images of the same hand or finger

B. Analyzes the structure of the cheek bones

C. Captures the pattern of the retina and iris parts of a person’s eye

D. Records the person’s voice

195 / 251

What does the ’Enforce password history’ setting do in the Windows 10/11 Local Security Policy app?

A. Limits password length

B. Sets a logging function for password creation

C. Sets the maximum number of unique used and expired passwords before a password can be reused

D. Disallows minimum password length to be greater than 14 characters

196 / 251

What is a common method used in a Cross-Site Scripting (XSS) attack?

A. XSS attacks involve the attacker interfering with a router to interrupt internet service

B. XSS attacks are performed by inserting malicious code into a web page that executes when the web page is displayed in a user’s browser

C. XSS attacks are done by flooding a network with excessive data to deny service for genuine users

D. XSS attacks involve using software vulnerabilities to take control of multiple computers and use them to generate large-scale attacks

197 / 251

How can the system be protected from casual snooping?

A. By enabling the system to lock the display screen after a period of inactivity

B. By turning off the system after a period of inactivity

C. By removing the login requirement on the system

D. By changing the desktop wallpaper

198 / 251

Which of the following could potentially become a threat on a computer system?

A. Regular system updates

B. Strongly encrypted passwords

C. Insecure data and information

D. Secure firewalls and internetworking devices

199 / 251

What are some purposes of pop-ups?

A. To display advertisements

B. To show messages while malware is being transferred

C. To present surveys

D. All of the above

200 / 251

Which of the following is the most secure protection for data at rest?

A. Application-level encryption

B. File system encryption

C. Database encryption

D. Full disk encryption (FDE)

201 / 251

What are some of the benefits of reinstalling the OS on a system?

A. Improved system performance

B. Elimination of malware

C. Accumulation of junk files

D. All of the above

202 / 251

What is the purpose of an access control vestibule (ACV) in security systems?

A. To provide an additional entry and exit point

B. To detect and prevent unauthorized individuals from carrying weapons into a facility

C. To provide a resting area for security personnel

D. To control the air ventilation in facilities

203 / 251

What is regarded as the most dangerous form of spyware?

A. Adware

B. Matcash

C. Legitimate software

D. Search redirection

204 / 251

Which of the following statements about the Remote Authentication Dial-In User Service (RADIUS) protocol is NOT true?

A. RADIUS is primarily used in larger wireless networks

B. The user enters a standard domain/network login to request access on a RADIUS network

C. RADIUS uses Transmission Control Protocol (TCP) for communication

D. RADIUS protocol is partially encrypted

205 / 251

According to the Fair and Accurate Credit Transactions Act (FACTA) regulations, what are the responsibilities of a business when using an outside vendor for data and device destruction and disposal?

A. The business can delegate all responsibility to the outside vendor

B. The business must ensure the outside vendor adheres to FACTA regulations for data disposal

C. The business only needs to follow FACTA regulations if they deal with consumer’s private information

D. The business is not responsible for proper destruction and disposal of its data

206 / 251

What is the correct order of steps to open the UEFI interface on a Windows 10/11 system?

A. Open Settings, click Update & Security, Click Recovery, Restart Now, Choose an Option, Troubleshoot, Advanced Options, UEFI Firmware Settings, Restart.

B. Open Settings, click Recovery, Restart Now, Choose an Option, Troubleshoot, Advanced Options, UEFI Firmware Settings, Restart.

C. Open Settings, click Update & Security, Click Advanced Options, Choose Troubleshoot, Click Recovery, Restart Now, UEFI Firmware Settings, Restart.

D. Open Settings, click UEFI Firmware Settings, Choose Troubleshoot, Click Recovery, Restart Now, Choose an Option, Advanced Options, Restart.

207 / 251

What is the difference between a Windows AD domain-based group policy and the Local Group Policy Editor?

A. The Windows AD domain-based group policy applies to several systems, while the Local Group Policy Editor applies only to the local machine.

B. The Windows AD domain-based group policy can only be used in a workgroup, while the Local Group Policy Editor can be used in a domain.

C. The Windows AD domain-based group policy prohibits a user from editing the Registry, while the Local Group Policy Editor allows it.

D. The Windows AD domain-based group policy can only be used on servers, while the Local Group Policy Editor can only be used on clients.

208 / 251

Which of the following are wireless-specific security settings?

A. MAC address and IP address

B. SSID and security settings

C. Passwords and usernames

D. DHCP and DNS settings

209 / 251

What is a rootkit?

A. A program to optimize your system’s hardware

B. A program that burrows deep into the system’s operating system or hardware

C. An anti-malware tool

D. A program that helps to create botnets

210 / 251

What is the primary function of a firewall in a home or SOHO network?

A. To examine the efficiency of data packets

B. To block or allow incoming traffic that isn’t a response to outgoing traffic

C. To enhance the speed of data transmission

D. To allow all incoming and outgoing traffic without examination

211 / 251

What are some of the complexity requirements for setting a password according to the Local Security Policy app?

A. The password must contain the user’s full name

B. The password can be less than six characters in length

C. The password can contain the account’s username

D. The characters in a password must include at least three of the following four categories: uppercase alphabetic characters, lowercase alphabetic characters, digits, and special characters

212 / 251

Which of the following is an example of the ’Something you have’ factor used in a multifactor authentication (MFA) scheme?

A. Remembered code or phrase

B. GPS reading

C. Iris details

D. Bank card

213 / 251

What is the reason for the Windows 10/11 File Explorer to hide system files and folders by default?

A. To save space

B. To protect against a standard user accidentally or purposefully changing or erasing these files

C. To enhance the system speed

D. To prevent virus attacks

214 / 251

What is the impact of not arranging IP filtering rules in a logical order?

A. Increased network traffic

B. Degradation of network speed

C. Address may be denied that are supposed to be allowable

D. Failure of the router or firewall

215 / 251

What is a detrimental effect of cryptominers being installed on enterprise servers?

A. They cause data loss

B. They increase power demands and electric bill

C. They physically damage the servers

D. They block server access

216 / 251

Which of the following options is NOT a step in the process of viewing or modifying the attributes of a file or folder on a Windows 10/11 system?

A. Use the File Explorer to navigate to the folder in which the targeted file is contained.

B. Right-click the file you want to view or modify.

C. Use the Start menu to find the attributes of the file.

D. In the Attributes settings at the bottom of the General tab, alter the file’s attributes to make it read-only or hidden.

217 / 251

What is the first line of defense against malware attacks and how can it be implemented?

A. The first line of defense is the anti-malware software and assigning an IT administrator to regularly update the software.

B. The first line of defense is user education and training them to be cautious with emails from unrecognized senders, avoid questionable websites, install apps from trusted sources, and keep their anti-malware software up-to-date.

C. The first line of defense is a virus shield and ensuring it scans email, downloads and running programs automatically.

D. The first line of defense is limiting the users’ say over their systems and having the admin regulate all actions.

218 / 251

Which platform includes a native antivirus and anti-malware protection?

A. iOS

B. Android

C. Windows 10/11 mobile

D. None of the above

219 / 251

What is a profile in terms of mobile device management?

A. A photo of the user for identification

B. A collection of configuration and security settings

C. An overview of the user’s favorite apps

D. A list of device malfunctions and issues

220 / 251

Which of the following is NOT one of the four types of encryption that can be applied to data at rest?

A. Application-level

B. File system

C. Network-level

D. Full disk encryption (FDE)

221 / 251

What is the purpose of a cable lock in a security context?

A. To stop cars and trucks from crashing into the facility

B. To lock USB ports and prevent unauthorized connection of devices

C. To provide physical security for portable devices with Kensington security lock connectors

D. To identify individuals via fingerprints or handprints

222 / 251

On Windows 10/11 systems, how can you run administrative commands at an elevation level?

A. Left-click on the command and choose Standard User

B. Right-click on the command on the Start menu and choose Run as Administrator

C. Go to security settings and change user to Administrator

D. Double-click on the command on the Desktop and choose Run as Administrator

223 / 251

Which of the following options represents an example of the ’Something you are’ factor in a multifactor authentication (MFA) scheme?

A. Answer to a security question

B. Bank card

C. Facial recognition

D. GPS reading

224 / 251

Which of the following types of hard tokens is a proximity device, transferring security codes through Bluetooth or an RF signal?

A. Connected

B. Disconnected

C. Contactless

D. Ad-hoc

225 / 251

What could an SQL injection (SQLi) attack potentially accomplish in a business database?

A. Share posts on the company’s social media account

B. Gain administrator rights to the database and possibly access and manipulate sensitive data

C. Submit a job application on the company’s behalf

D. Change the company’s registered email

226 / 251

What does the ’Remote Wipe’ capability do that can help protect personal data?

A. Allows to remotely turn off the device

B. Enables a user to physically wipe the device

C. Manages the device from a remote location

D. Erases the data on the device to prevent unauthorized access

227 / 251

What is the primary purpose of Kerberos in the authentication process, according to the text?

A. Send passwords over the internet.

B. Offer a variety of encryption methods.

C. Authenticate a user without transmitting a password over the Internet.

D. Act as the main database for websites.

228 / 251

What is the main benefit of using a home folder in an Active Directory network?

A. It can be used to set up drives for users

B. It stores user’s files in their own home folder on a remote server

C. It stores files in each computer’s Documents folder

D. It allows users to log in to different computers in a domain

229 / 251

Which device in a video surveillance system allows the security personnel to observe the areas covered by the cameras?

A. Surveillance system server

B. Video cameras

C. Disk storage device

D. Display monitors

230 / 251

What is the purpose of using a degausser on a storage device?

A. To physically destroy the device

B. To make the device appear intact but not readable

C. To incinerate the device

D. To create multiple holes in the device

231 / 251

Which three user account types are created by default when the Windows OS is installed?

A. Administrator, Standard & Guest

B. Local, Microsoft & Power

C. Administrator, Local & Microsoft

D. Power, Standard & Microsoft

232 / 251

What is a PIN code as it pertains to user authentication, and what are its typical characteristics?

A. It is a one-time code generated by the system for each login, usually comprising of six to eight digits.

B. It is a long character string that serves in place of a password, compatible with all devices.

C. It is a short series of numbers serving instead of a password, commonly four digits long.

D. It is a graphical pattern drawn on the screen to access a user’s account.

233 / 251

How can you block pop-up windows in Firefox?

A. Click the three-dot icon in the top-right corner of the page and select ’block pop-ups’

B. Click the three-bar icon in the top-right corner of the page, click Settings, click Privacy & Security, on the Browser Privacy page, check the box for Block Pop-up Windows.

C. Click the three-bar icon, go to security settings and select ’no pop-ups’

D. Click the three-dot symbol, select the settings option and turn on the pop-up blocker.

234 / 251

What is the role of User Training in defending against email attacks?

A. It trains users to create stronger passwords for email accounts

B. It trains users to detect social engineering attacks and report them

C. It trains users to install anti-malware software on their devices

D. It trains users to use public key infrastructure for email encryption

235 / 251

What function do password manager tools typically provide?

A. They connect only to trusted source websites.

B. They only generate strong passwords.

C. They store credentials and offer other protective features.

D. They monitor and control web content.

236 / 251

Why is it important to change the default Service Set Identifier (SSID) on an Access Point (AP)?

A. Because the SSID can reveal the manufacturer and model of the AP to potential attackers

B. Because default SSIDs are difficult to remember

C. Because multiple APs cannot have the same SSID

D. Because the default SSID can interfere with network connections

237 / 251

What is an example of ’Something you know’ in a multifactor authentication (MFA) scheme?

A. A key fob

B. A fingerprint

C. A GPS reading

D. A passcode

238 / 251

Which of the following technologies does a badge reader use to read ID badges?

A. Biometrics

B. WiFi

C. NFC

D. RFID, Magnetic strip, barcode, QR code

239 / 251

What is the function of a Magnetic sensor in a home or small office setup?

A. It emits ultrasonic waves and an alarm is triggered when the wave pattern is disturbed.

B. It absorbs heat emitted by bodies entering its monitored range.

C. It breaks a magnetic connection to trigger an event.

D. It uses a light beam and triggers an event if the beam is interrupted.

240 / 251

What are two primary methods to use software in order to completely wipe all data from a storage device?

A. Data mining and Data encryption

B. Data destruction software and Low-Level formatting

C. Disk defragmentation and Disk cleanup

D. File compression and File decompression

241 / 251

What is the first step to activate or deactivate Windows Defender Firewall?

A. Select the Firewall & Network Protection option.

B. Select the Update & Security link from the Settings app and choose Windows Security.

C. Toggle the slide switch to On or Off under the Microsoft Defender Firewall heading.

D. Select the desired location profile.

242 / 251

What is a ’Site survey’ in the context of setting up a wireless LAN in a larger organization’s office space?

A. It is a survey involving the review of a specific site’s physical location details to decide where to place a router.

B. It is a survey to check the type of wireless devices used by the employees.

C. It is an exercise, performed by employees or a thirdparty consultant, to identify any potential obstruction, interference, and range issues before the network is installed.

D. It is a survey to select the appropriate frequency or channel for the wireless network.

243 / 251

What is the recommended method for disposing of medium-to-large volumes of paper, magnetic tape, and optical media?

A. Drilling

B. Shredding

C. Degaussing

D. Incinerating

244 / 251

What is the purpose of the ’Relax minimum length limits’ setting in a Windows 10/11 system’s security policy?

A. It removes the requirement for a minimum password length.

B. It allows the minimum password length to be set below 14 characters.

C. It allows or disallows the minimum password length to be greater than 14 characters.

D. It sets the minimum password length to be exactly 14 characters.

245 / 251

What is the purpose of port forwarding in the context of Network Address Translation (NAT)?

A. To hide the true IP address of internal systems

B. To open a port in the firewall and direct incoming traffic on that port to a specific IP address on your LAN

C. To enable devices inside your LAN to reach a server outside it

D. To block all incoming traffic on a specific port of your LAN

246 / 251

What is the primary function of Ransomware?

A. It spreads spam emails

B. It encrypts system data and demands a ransom, often in Bitcoin

C. It slows down the system performance

D. It copies all the system files and sends them to the attacker

247 / 251

Which group in Windows has the capability to back up and restore files, but cannot change security settings?

A. Administrators

B. Backup Operators

C. Power Users

D. Remote Desktop Users

248 / 251

What is one of the purposes of a software firewall like Windows Defender Firewall?

A. To speed up your computer’s boot time

B. To prevent malware attacks originating from the network or the internet

C. To manage your computer’s power supply

D. To optimize your hard drive space

249 / 251

What are the two types of security accounts provided by Active Directory?

A. User accounts and Group accounts

B. User accounts and Computer accounts

C. Computer accounts and Service accounts

D. User accounts and System accounts

250 / 251

What is the purpose of security lighting?

A. To provide a safe environment

B. To offer aesthetic enhancement

C. To heat the premises

D. To attract insects

251 / 251

Which of the following is NOT a requirement for the security aspect of a key policy?

A. All individuals issued with keys must be trained on key and lock handling.

B. All keys must be accessible to everyone.

C. Codes used in lock entries should be treated as physical keys.

D. All keys need to be inspected and inventoried regularly.

Your score is

Boost Your Skills with Free Anki Flashcards

Click the download button to get the CompTIA A+ 220-1102 Anki deck.

Free CompTIA A+ 220-1102 Security Practice Test

The Ultimate Free Practice Test for CompTIA A+ Exam Preparation

Are you aiming to transition into the IT industry or enhance your cybersecurity skills? Our free CompTIA A+ 220-1102 Security practice test is designed to help you succeed. This practice test supports your CompTIA A+ exam preparation, skill enhancement, and career advancement in the IT industry.

Features of Our Practice Test

Realistic CompTIA Exam Simulation: Familiarize yourself with the format and types of questions on the actual exam.
Skill Enhancement: Strengthen your knowledge in critical areas such as vulnerability management, security, and cybersecurity.
Career Change Support: Ideal for those considering a career change or seeking to enter the IT field.
Cybersecurity Understanding: Deepen your understanding of essential cybersecurity principles.

Why Choose Our Practice Test?

Our free CompTIA A+ 220-1102 Security practice test is perfect for individuals aiming to enhance their skills and effectively prepare for the CompTIA A+ exam. Whether you’re looking for a job change or wanting to gain more experience in the IT industry, our practice test is your ideal solution.

Start Your Practice Test Today

Begin your journey to CompTIA A+ certification and unlock new opportunities in the IT industry. Access our free practice test and start your preparation now! Improve your IT skills, gain valuable experience, and pave the way for a successful career in cybersecurity and vulnerability management.

Official CompTIA A+ Website

CompTIA A+ 220-1102 2.0 Security

Boost Your Skills with Free Anki Flashcards

Free CompTIA A+ 220-1102 Security Practice Test

The Ultimate Free Practice Test for CompTIA A+ Exam Preparation

Features of Our Practice Test

Why Choose Our Practice Test?

Start Your Practice Test Today

Explore our other free practice tests:

Related Posts

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

The Affordable, Hands-On Cyber Security that gets Results!

JOIN OUR

NEWSLETTER