CompTIA A+ Practice Test (220-1202)

The correct answer is TACACS+ because it provides centralized authentication for users attempting to access network resources. It allows for fine-grained control over access rights and can handle remote authentication efficiently.

The other options do not focus primarily on network device access management or lack effective centralized control features.

The correct answer is to check the service's status in the Services management console, as this allows you to see if the service is disabled or stopped. If the service is stopped, you can attempt to start it from this interface. This is the initial step in diagnosing why a service won't start.

Other options, like uninstalling an application or rebooting the system, are broader and may not directly address the specific issue of a service failing to start.

It generates a unique encryption key for each data packet sent over the network - This is correct. Temporal Key Integrity Protocol (TKIP) was designed as an improvement over WEP (Wired Equivalent Privacy) and addresses its vulnerabilities by generating a new encryption key for each data packet. This ensures greater security by making it harder for attackers to decrypt wireless communication.

It uses a fixed encryption key for the entire duration of a session - This describes WEP, which uses static encryption keys, a major vulnerability that TKIP was designed to overcome.

It applies a more robust encryption algorithm than AES - TKIP does not use AES (Advanced Encryption Standard) and is considered less secure than AES. TKIP was introduced as a temporary solution to improve WEP's security but was eventually replaced by the stronger WPA2 and AES-based encryption.

It is implemented in Bluetooth networks for secure communication - TKIP is used in wireless LANs (Wi-Fi networks) and is not implemented in Bluetooth networks. Bluetooth uses its own security protocols.

Security guards add a human element that passive devices cannot: they deter unauthorized activity through visible presence, make real-time decisions, and physically intervene or call authorities during security incidents. Bollards, upgraded badge readers, and additional cameras enhance perimeter or detection controls but do not provide immediate human response.

The answer is MFA. Multi-factor authentication is a logical security method that requires the user to present at least two forms of authentication before being granted access. This is in the form of something the user knows (i.e.password), something they have (i.e. smart card) or something they are (i.e. fingerprint). The other choices are forms of security that would not satisfy the requirement.

Using clear, concise language that avoids unnecessary jargon while listing the problem, the steps taken, and the current status gives any technician enough context to continue work or close the ticket. Copy-pasting logs without explanation, relying on personal shorthand, or providing only minimal details forces later readers to guess what happened, slowing resolution.

The System File Checker (SFC) tool is a built-in utility in Windows that scans and replaces corrupted or missing system files with healthy ones. It is a common troubleshooting step to run SFC when experiencing system instability, BSOD, or other system file-related issues. It is not a tool for updating drivers or applications, nor is it a tool for scanning for malware.

Virus - This is correct. A virus is a type of malicious software designed to replicate itself and spread to other systems by attaching itself to files or programs. When an infected file or program is executed, the virus spreads to other files, potentially causing damage or disruption to the system.

Spyware - Spyware is designed to secretly collect information about a user or system, such as browsing habits or sensitive data, without the user’s knowledge. It does not replicate or spread like a virus.

Ransomware - Ransomware encrypts a user's data and demands payment for decryption. While it can spread to other systems in some cases, its primary goal is extortion, not replication.

Trojan - A Trojan disguises itself as legitimate software to trick users into installing it. While it may cause harm or serve as a backdoor for other malicious activities, it does not replicate itself like a virus.

Standard operating procedures (SOPs) help establish a systematic process for the consistent execution of tasks. They provide a clear, detailed framework that outlines how specific activities should be performed, ensuring all team members follow the same steps. This uniformity reduces errors, increases efficiency, and maintains consistent quality.

Incorrect answers describe approaches that lack the structure and consistency that SOPs are intended to deliver.

The very first step in any in-place upgrade should be to create a complete backup of user data (and preferably a system image). If something goes wrong-power failure, incompatible driver, corrupted installer-the technician can restore the devices to their previous working state. Disabling antivirus, updating drivers, or running disk-defragmentation utilities may be useful later, but they do not protect user files. Microsoft's Windows 11 upgrade guidance explicitly recommends backing up files before installation.

When dealing with a corrupt user profile in Windows, the most effective step is to recreate the user's profile. The old profile can be renamed, and a new profile created when the user logs in again. Transferring the user's data from the old profile to the new one can resolve issues related to a corrupt profile without affecting the user's personal settings and files.

An Acceptable Use Policy (AUP) clearly outlines acceptable and unacceptable actions when using company resources, including email accounts. An AUP would specify that employees should use their company email only for work-related purposes, thus preventing misuse for personal activities that could compromise security. While monitoring helps identify misuse, it does not prevent it, training is supportive but not binding, and software solutions may be part of the strategy, they aren't substitutional for policy.

Dumpster diving is a social engineering technique that involves searching through trash cans to find disposed of documents that could potentially be used to gain access to sensitive information. The act of dumpster diving is actually not illegal but the use of information gained using this method can be.

A privacy screen is a thin piece of plastic that goes over a device's screen. The privacy screen is transparent for users sitting directly in front of the devices screen, but for anyone looking at the screen from an angle the screen is blocked, blurred or heavily darkened. This protects against confidential data on a screen from being easily visible to others in the area.

• Correct: Time-stamped audit logs allow administrators to see exactly which fob unlocked which door at what time, providing accountability and forensic evidence.
• Incorrect options:
  • One-time passwords sent by SMS are associated with multifactor authentication for logical access, not physical key-fob readers.
  • File encryption is a workstation security measure unrelated to door controllers.
  • Rogue wireless-access-point detection is a network security task, not a standard feature of door-access systems.

The System File Checker command (sfc) with the /scannow switch scans every protected Windows system file and replaces corrupted or missing files with known-good copies stored in the WinSxS cache. CHKDSK checks disk integrity, GPUPDATE refreshes Group Policy, and NSLOOKUP queries DNS records-they do not repair system files.

To make extensions visible, open File Explorer Options, select the View tab, and clear (uncheck) the "Hide extensions for known file types" checkbox. When this option is unchecked, Windows shows the full file name, including its extension, in every folder.

The other options do not affect extension visibility:

• "Hide protected operating system files (Recommended)" only hides critical system files.
• "Always show icons, never thumbnails" forces icons instead of thumbnail previews.
• Changing the "Open File Explorer to" setting on the General tab merely controls the default start location.

[Citation: How-To Geek - "Disable the 'Hide extensions for known file types' checkbox" https://www.howtogeek.com/205086/beginner-how-to-make-windows-show-file-extensions/]

Spyware is a type of malware that is specifically designed to collect information about a user's activities, including browsing habits and personal data, without their consent. This differentiates it from other malware types such as viruses, which are designed to replicate and spread, or ransomware, which encrypts files to demand a ransom.

Many malware families attempt to weaken host defenses by disabling the operating-system firewall, antivirus, or other protective services. This lets the malicious code communicate freely with command-and-control servers and reduces the chance of detection. Battery-saver settings, driver crashes, and routine Windows Updates do not normally turn off the Windows firewall.

• MITRE ATT&CK technique T1562.004 (Disable or Modify System Firewall) documents adversaries disabling firewalls as a defense-evasion tactic.
• A CISA advisory on the Kimsuky APT describes malware that zeros Windows firewall registry keys to prevent security alerts.

Therefore, the unexpected firewall-off notification is most likely caused by malware on the system.

A splash screen in the context of corporate computer systems often displays regulatory compliance requirements or important announcements. These can include legal disclaimers, privacy policies, or user agreement policies to which the user must adhere. Ensuring employees are aware of these terms is an integral part of compliance with various laws and regulations. It serves as a reminder or warning about the proper use of the system and any legal implications of their actions. This differentiates it from product branding or system loading indicators, which are not primarily for legal or compliance purposes.