CompTIA 220-1102 Practice Test - Questions Answers, Page 68

Phishing involves tricking individuals into disclosing sensitive information or installing malware through deceptive emails.

Whaling: A specific type of phishing targeting high-profile individuals.

Insider threat: Malicious activities by someone within the organization.

Phishing: General deceptive emails to trick users into compromising information or installing malware.

Vishing: Voice phishing, conducted over the phone.

Evil twin: A rogue Wi-Fi access point mimicking a legitimate one to intercept data.

In the event of a security breach, documenting the incident is crucial for tracking, analysis, and resolution. The appropriate steps should ensure thorough documentation and communication:

Option A: Record the details in the ticketing system. Correct Answer. The ticketing system is the primary tool for IT support to track incidents. Recording the details in the ticketing system ensures that all relevant information is documented systematically, can be easily accessed, and tracked through the resolution process.

This aligns with best practices in incident documentation and support systems information management as outlined in the CompTIA A+ Core 2 (220-1102) Exam Objectives, Section 4.1.

Option B: Take screenshots and attach them to the root cause analysis. While screenshots can be useful, the first step should be to record the details in the ticketing system. Screenshots may be added later as supplementary information.

Option C: Discuss the incident with the company's legal team. Involving the legal team is important for certain aspects of a security breach, but the initial step should still be to document the incident in the ticketing system.

When troubleshooting a printer that was previously working but is no longer recognized by a workstation, Event Viewer is the most appropriate tool to check for historical logs and events related to the printer and the system.

Option A: Performance Monitor Performance Monitor is used for monitoring system performance and resources in real-time and does not provide specific historical event logs related to device failures.

Option B: Devices and Printers Devices and Printers show the status and properties of connected devices but do not provide a historical log of events or errors.

Option C: Task Scheduler Task Scheduler manages and monitors scheduled tasks but does not log hardware events or errors.

Option D: Event Viewer Event Viewer logs system events, including errors, warnings, and information related to hardware and software. It is ideal for checking what happened prior to the printer failure.

CompTIA A+ 220-1102 Objective 3.1 (Troubleshoot common Windows OS problems), particularly using Event Viewer for diagnosing issues.

For managing permissions where a specific folder needs to have different access controls than its parent, turning off inheritance for that specific folder is the correct approach.

Option A: Turn off inheritance on the requested folder only and set the requested permissions to each file manually This is partially correct, but setting permissions manually for each file is inefficient and error-prone.

Option B: Turn off inheritance at the top-level folder and remove all inherited permissions This action would disrupt permissions for all other folders and files, not just the confidential folder.

Option C: Turn off inheritance at the top-level folder and set permissions to each file and subfolder manually This approach is overly broad and inefficient, impacting more than just the specific folder that needs restricted access.

Option D: Turn off inheritance on the requested folder only, set the requested permissions, and then turn on inheritance under the child folders This ensures the specific folder has unique permissions while allowing those permissions to propagate to its children, maintaining security and ease of management.

CompTIA A+ 220-1102 Objective 2.5 (Manage and configure basic security settings in the Windows OS), particularly file and folder permissions and inheritance settings.

BitLocker is a full-disk encryption feature included with certain editions of Windows, designed to protect data by providing encryption for entire volumes.

Option A: FileVault FileVault is a disk encryption program in macOS, not Windows.

Option B: BitLocker BitLocker is the correct tool for disk encryption on Windows operating systems, providing full disk encryption.

Option C: Private Key A private key is part of public key infrastructure (PKI) used in encryption, but it is not a tool for disk encryption by itself.

Option D: PowerShell PowerShell is a task automation and configuration management framework from Microsoft, not a tool for disk encryption.

CompTIA A+ 220-1102 Objective 2.5 (Manage and configure basic security settings in the Windows OS), particularly BitLocker for disk encryption.

Journaling is a feature that helps maintain the integrity of the filesystem by keeping a record of changes not yet committed to the main file system. This feature is supported by various filesystems, but not all.

Option A: NTFS NTFS (New Technology File System) is a filesystem used by Windows that supports journaling. This makes it resilient to corruption from unexpected shutdowns or crashes by keeping a log of file changes.

Option B: exFAT exFAT (Extended File Allocation Table) does not support journaling. It is optimized for flash drives and large files but lacks advanced features like journaling.

Option C: HFS HFS (Hierarchical File System) is an older filesystem used by Apple. HFS+ (also known as Mac OS Extended) supports journaling, but HFS itself does not.

Option D: ext2 ext2 (Second Extended File System) is a filesystem for Linux that does not support journaling. Its successor, ext3, introduced journaling.

CompTIA A+ 220-1102 Objective 1.8 (Explain common OS types and their purposes), particularly filesystems and their features.

When a workstation has not received the latest policy changes, the gpupdate command is used to manually apply the latest group policies from the domain controller.

Option A: sfc /scannow This command is used to scan and repair corrupted system files, not to update group policies.

Option B: gpupdate /force This command forces the workstation to reapply all group policies, ensuring that the latest policies are applied immediately.

Option C: chkdsk /y This command checks the integrity of the file system and fixes logical file system errors, not to update group policies.

Option D: xcopy /Zp This command is used for copying files and directories, not for updating group policies.

CompTIA A+ 220-1102 Objective 1.6 (Configure Microsoft Windows networking features on a client/desktop), particularly managing and applying group policies.

For a single user who needs to access their computer remotely, the Windows 10 Pro edition is the most cost-effective and appropriate choice. It includes features such as Remote Desktop, which are essential for remote access.

Option A: Education This edition is designed for academic institutions and includes educational features. It is not the most cost-effective for a single user.

Option B: Pro Windows 10 Pro includes Remote Desktop and other business features. It is suitable and cost-effective for single users needing remote access.

Option C: Enterprise This edition includes advanced features for large organizations and is more expensive, making it less cost-effective for a single user.

Option D: Home While cost-effective, Windows 10 Home does not include the Remote Desktop feature, making it unsuitable for this requirement.

CompTIA A+ 220-1102 Objective 1.1 (Identify basic features of Microsoft Windows editions), particularly comparing editions based on features and cost.

In this scenario, the user cannot access a separate subnet, and all other checks (credentials, network stability, and permissions) have been verified. The next logical step is to check if the user's IP address is being blocked by a firewall.

Option A: Consult with the firewall team to see if the user's IP address is blocked Firewalls can block specific IP addresses, preventing access to certain network segments. Given the problem's nature and the steps already taken, this is the most logical next step to ensure the user's IP is not inadvertently blocked.

Option B: Delete the user's credentials and create new ones This step is unnecessary since the credentials have already been verified as correct.

Option C: Run a virus scan on the user's workstation While important for overall security, a virus scan is unlikely to resolve an issue specific to accessing a subnet if the problem does not affect other users.

Option D: Update the network drivers on the user's workstation If the network connection is stable and the issue is isolated to accessing a specific subnet, network drivers are unlikely to be the cause.

CompTIA A+ 220-1102 Objective 2.0 (Security), particularly firewall settings.