Try our new practice tests feature: configure your own test including the number of questions, objectives and time limits
The CompTIA 220-902 exam is one of two exams requires to obtain the CompTIA A+ (900 series). This exam will cover operating systems like Windows, Macintosh OSX and Linux as well as topics like security, software troubleshooting and operational procedures.
Toner cartridges are especially important to recycle as they can be reused with almost no effort and are generally consumed in very large numbers.
A user calls and explains that they were visiting a website and received a pop-up on their computer alerting about a virus infection. The pop-up included a alarm sound and flashing colors. The alert prompted them to download an anti-virus tool to clean their computer. What should you recommend?
Closing the browser and running your own anti-malware scan is likely the best option. This is a social engineering trick and the web page is attempting to trick the user into downloading malicious software.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.Rogue_security_software - Wikipedia, the free encyclopedia
You are ordering external HDDs for use in your office, they are likely to be used for storing sensitive information such as PII and intellectual property. What is a good way to ensure the confidentiality of these external HDDs?
Only full disk encryption will ensure the data is not readable by malicious users. The file system will not matter as their security features can be easily bypassed by using an operating system that ignores them. For example Linux operating systems can be configured to ignore NTFS permissions which would allow access to any data on the disk.
Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.The expression full disk encryption (FDE) (or whole disk encryption) signifies that everything on the disk is encrypted, but the master boot record (MBR), or similar area of a bootable disk, with code that starts the operating system loading sequence, is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR.Disk_encryption - Wikipedia, the free encyclopedia
Finder is the GUI based file and folder manager in Mac OSX. Nautilus is a file and folder management application in Linux. Explorer is for Windows.
The Finder is the default file manager and graphical user interface shell used on all Macintosh operating systems. Described in its "About" window as "The Macintosh Desktop Experience", it is responsible for the launching of other applications, and for the overall user management of files, disks, and network volumes. It was introduced with the first Macintosh computer, and also exists as part of GS/OS on the Apple IIGS. It was rewritten completely with the release of Mac OS X in 2001. In a tradition dating back to the Classic Mac OS of the 1980s and 1990s, the Finder icon is the smiling screen of a computer, known as the Happy Mac logo.Finder_(software) - Wikipedia, the free encyclopedia
An employee has contacted the IT Support call center where you work. They are complaining that they are unable to access any web pages other than the internal intranet site. Which option is the least likely to cause this issue?
Remember the question says LEAST LIKELY. The questions states that internal web servers work but external ones do not. If wireless were the issue nothing would work at all. The issue is more likely to be related to external DNS, a firewall or an issue with the proxy used to connect outside the local network.
A Material Safety Data Sheet (MSDS) contains health & hazard information.
A safety data sheet (SDS), material safety data sheet (MSDS), or product safety data sheet (PSDS) is a document that lists information relating to occupational safety and health for the use of various substances and products. SDSs are a widely used system for cataloguing information on chemicals, chemical compounds, and chemical mixtures. SDS information may include instructions for the safe use and potential hazards associated with a particular material or product, along with spill-handling procedures. The older MSDS formats could vary from source to source within a country depending on national requirements; however, the newer SDS format is internationally standardized. An SDS for a substance is not primarily intended for use by the general consumer, focusing instead on the hazards of working with the material in an occupational setting. There is also a duty to properly label substances on the basis of physico-chemical, health, or environmental risk. Labels can include hazard symbols such as the European Union standard symbols. The same product (e.g. paints sold under identical brand names by the same company) can have different formulations in different countries. The formulation and hazards of a product using a generic name may vary between manufacturers in the same country.Safety_data_sheet - Wikipedia, the free encyclopedia
You are concerned about users installing unauthorized software and making unauthorized changes to their Windows 8 workstations. Which tool is best for limiting this type of behavior?
User Account Control (UAC) is a feature in Windows 7, 8 and 10 that prompts users to confirm changes initiated by software. Until the changes are confirmed by UAC the change will not be made. This helps users understand when they are making system level changes like installing a new application. Sudo is a similar feature in Linux operating systems. NTFS is a file system and Windows Defender is an anti-malware application.
User Account Control (UAC) is a mandatory access control enforcement feature introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems, with a more relaxed version also present in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10, and Windows 11. It aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorises an increase or elevation. In this way, only applications trusted by the user may receive administrative privileges and malware are kept from compromising the operating system. In other words, a user account may have administrator privileges assigned to it, but applications that the user runs do not inherit those privileges unless they are approved beforehand or the user explicitly authorises it. UAC uses Mandatory Integrity Control to isolate running processes with different privileges. To reduce the possibility of lower-privilege applications communicating with higher-privilege ones, another new technology, User Interface Privilege Isolation, is used in conjunction with User Account Control to isolate these processes from each other. One prominent use of this is Internet Explorer 7's "Protected Mode".Operating systems on mainframes and on servers have differentiated between superusers and userland for decades. This had an obvious security component, but also an administrative component, in that it prevented users from accidentally changing system settings. Early Microsoft home operating-systems (such as MS-DOS, Windows 95-98 and Windows Me) did not have a concept of different user-accounts on the same machine. Subsequent versions ofUser_Account_Control - Wikipedia, the free encyclopedia
You work in the IT Department for a medium sized company. A non-technical user consistently has their credentials compromised. You have investigated and found no evidence of viruses or other malicious software. What is the best option to prevent this from happening again?
No level of security can protect against an inexperienced user. The best option is to provide relevant user training to ensure they are not being socially engineered into providing their network credentials.
Internet Security Awareness Training (ISAT) is the training given to members of an organization regarding the protection of various information assets of that organization. ISAT is a subset of general security awareness training (SAT). Even small and medium enterprises are generally recommended to provide such training, but organizations that need to comply with government regulations (e.g., the Gramm–Leach–Bliley Act, the Payment Card Industry Data Security Standard, Health Insurance Portability and Accountability Act, Sarbox) normally require formal ISAT for annually for all employees. Often such training is provided in the form of online courses. ISAT, also referred to as Security Education, Training, and Awareness (SETA), organizations train and create awareness of information security management within their environment. It is beneficial to organizations when employees are well trained and feel empowered to take important actions to protect themselves and organizational data. The SETA program target must be based on user roles within organizations and for positions that expose the organizations to increased risk levels, specialized courses must be required.Internet_Security_Awareness_Training - Wikipedia, the free encyclopedia
While working as a desktop administrator you frequently install the same image of Windows 7 on employee workstations and are careful to always select the same options. Which tool can help automate this process?
Unattended install is the correct option, you can minimize user interaction with an install by pre-selecting configuration options in a script. Clean install overwrites other content on the disk, MSCONFIG Startup is for configuring applications that launch at startup, and General Folder options is for changing folder viewing options (double click to open, open folders in new window, etc.).
The Users tab in Task Manager will show you the logged in users. The "who" command is for Linux, not Windows. MSINFO32 provides system information, Local Users and Groups shows user accounts on the system - not ones in use.
Task Manager, previously known as Windows Task Manager, is a task manager, system monitor, and startup manager included with Microsoft Windows systems. It provides information about computer performance and running software, including name of running processes, CPU and GPU load, commit charge, I/O details, logged-in users, and Windows services. Task Manager can also be used to set process priorities, processor affinity, start and stop services, and forcibly terminate processes. The program can be started in recent versions of Windows by pressing ⊞ Win+R and then typing in taskmgr.exe, by pressing Ctrl+Alt+Delete and clicking Start Task Manager, by pressing Ctrl+⇧ Shift+Esc, by using Windows Search in the Start Menu and typing taskmgr, by right-clicking on the Windows taskbar and selecting "Task Manager", by typing taskmgr in the File Explorer address bar, or by typing taskmgr in Command Prompt or Windows PowerShell. Task Manager was introduced in its current form with Windows NT 4.0. Prior versions of Windows NT, as well as Windows 3.x, include the Task List application, are capable of listing currently running processes and killing them, or creating new processes. Windows 9x has a program known as Close Program which lists the programs currently running and offers options to close programs as well shut down the computer.Task_Manager_(Windows) - Wikipedia, the free encyclopedia
Which Windows 7 tool will allow a system administrator to change the default install folder for applications?
REGEDIT is a Windows tool that allows administrators to change in-depth configuration options found in the Windows Registry. REGSRV32 is used for registering DLLs and ActiveX controls. REGEX is short for regular expressions and MSCONFIG is for configuring startup options in Windows.
The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and user interfaces can all use the registry. The registry also allows access to counters for profiling system performance. In other words, the registry or Windows Registry contains information, settings, options, and other values for programs and hardware installed on all versions of Microsoft Windows operating systems. For example, when a program is installed, a new subkey containing settings such as a program's location, its version, and how to start the program, are all added to the Windows Registry. When introduced with Windows 3.1, the Windows Registry primarily stored configuration information for COM-based components. Windows 95 and Windows NT extended its use to rationalize and centralize the information in the profusion of INI files, which held the configurations for individual programs, and were stored at various locations. It is not a requirement for Windows applications to use the Windows Registry. For example, .NET Framework applications use XML files for configuration, while portable applications usually keep their configuration files with their executables.Windows_Registry - Wikipedia, the free encyclopedia
IDE hard drives are internal components and are not hot swap-able (removable when powered on). You should power off the workstation before making any changes.
Cron is a time-based scheduling service on Linux operating systems. The Windows equivalent is task scheduler. A service and a daemon could also achieve this but will require an entire application to be developed, compiled and installed onto the host OS.
The cron command-line utility is a job scheduler on Unix-like operating systems. Users who set up and maintain software environments use cron to schedule jobs (commands or shell scripts), also known as cron jobs, to run periodically at fixed times, dates, or intervals. It typically automates system maintenance or administration—though its general-purpose nature makes it useful for things like downloading files from the Internet and downloading email at regular intervals.Cron is most suitable for scheduling repetitive tasks. Scheduling one-time tasks can be accomplished using the associated at utility. Cron's name originates from chronos, the Greek word for time.Cron - Wikipedia, the free encyclopedia
Which of these tools provides a a solution that allows a user to have their calendar on both their smart phone, desktop, and be accessible through a web portal (such as outlook web access) all in real time?
Cloud synchronization is the correct answer, it allows a user to share information (contacts, calendars, photos, etc.) between devices with an internet connection. POP3 is a protocol for email, tethering is for sharing an internet connection from your mobile device to another device and VPN is for a way to remotely connect to a network.
Which option is a Windows power management mode that draws a small amount of power on resume by saving system state in RAM?
The Sleep power management option saves the computer state in RAM and powering off uneeded components until the computer awakes. Hibernate is similar but saves system state to the hard disk, which saves more power but is slower to resume when waking.
Sleep mode (or suspend to RAM) is a low power mode for electronic devices such as computers, televisions, and remote controlled devices. These modes save significantly on electrical consumption compared to leaving a device fully on and, upon resume, allow the user to avoid having to reissue instructions or to wait for a machine to reboot. Many devices signify this power mode with a pulsed or red colored LED power light.Sleep_mode - Wikipedia, the free encyclopedia
Employee workstations are configured to only boot from the internal disk. You are tasked with verifying that this security configuration cannot be changed. What option will help ensure the default boot device cannot be changed?
Setting up a BIOS/UEFI password is the only option that would mitigate the threat from a user booting from another device (though it can often be reset by removing the CMOS battery). Data encryption, disabling admin accounts and only allowing trusted sources are all operating system level configurations and would not apply prior to booting to an OS.
In computing, BIOS (, BY-oss, -ohss; Basic Input/Output System, also known as the System BIOS, ROM BIOS, BIOS ROM or PC BIOS) is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process (power-on startup). The BIOS firmware comes pre-installed on an IBM PC or IBM PC compatible's system board and exists in some UEFI-based systems to maintain compatibility with operating systems that do not support UEFI native operation. The name originates from the Basic Input/Output System used in the CP/M operating system in 1975. The BIOS originally proprietary to the IBM PC has been reverse engineered by some companies (such as Phoenix Technologies) looking to create compatible systems. The interface of that original system serves as a de facto standard. The BIOS in modern PCs initializes and tests the system hardware components (Power-on self-test), and loads a boot loader from a mass storage device which then initializes a kernel. In the era of DOS, the BIOS provided BIOS interrupt calls for the keyboard, display, storage, and other input/output (I/O) devices that standardized an interface to application programs and the operating system. More recent operating systems do not use the BIOS interrupt calls after startup.Most BIOS implementations are specifically designed to work with a particular computer or motherboard model, by interfacing with various devices especially system chipset. Originally, BIOS firmware was stored in a ROM chip on the PC motherboard. In later computer systems, the BIOS contents are stored on flashBIOS - Wikipedia, the free encyclopedia
You are trying to identify which running application is causing a Ubuntu Linux server to run slowly. Which tool will identify running applications and their allocated resources?
The System Monitor in Ubuntu Linux is similar to Task Manager in Windows operating systems. System Monitor will show allocated resources and running applications.
You work for an IT Help Desk call center and a customer has contacted you complaining that their text and icons seem very big leaving little space for anything else on the screen. What setting can you instruct the user to change?
The user is complaining that their screen resolution is too low. To increase this you should select Display Settings then resolution.
When diagnosing a network issue on a Linux machine (without a GUI) you find that the network settings in /etc/network/interfaces (a text-based config file) are not correct. What is an appropriate tool for editing this file?
Vi is the only option available that is a Linux text editor. Other common Linux text editors are Vim and Nano. Cat will display the contents of the file but not allow you to edit it, ifconfig will show you the interface (e.g., wireless lan, ethernet) settings or allow you to temporarily change the settings (but not permanently), and notepad is a Windows-based text editor.
vi (pronounced as distinct letters, ) is a screen-oriented text editor originally created for the Unix operating system. The portable subset of the behavior of vi and programs based on it, and the ex editor language supported within these programs, is described by (and thus standardized by) the Single Unix Specification and POSIX.The original code for vi was written by Bill Joy in 1976, as the visual mode for a line editor called ex that Joy had written with Chuck Haley. Bill Joy's ex 1.1 was released as part of the first Berkeley Software Distribution (BSD) Unix release in March 1978. It was not until version 2.0 of ex, released as part of Second BSD in May 1979 that the editor was installed under the name "vi" (which took users straight into ex's visual mode), and the name by which it is known today. Some current implementations of vi can trace their source code ancestry to Bill Joy; others are completely new, largely compatible reimplementations.The name "vi" is derived from the shortest unambiguous abbreviation for the ex command visual, which switches the ex line editor to its full-screen mode. The name is pronounced (the English letters v and i).In addition to various non–free software variants of vi distributed with proprietary implementations of Unix, vi was opensourced with OpenSolaris, and several free and open source software vi clones exist. A 2009 survey of Linux Journal readers found that vi was the most widely used text editor among respondents, beating gedit,Vi - Wikipedia, the free encyclopedia
What is the best method for ensuring the destruction of sensitive data on a HDD that is issued to employees on an as-needed basis?
When data is deleted or a disk is formatted the location of the data is tagged as empty and available for use but is not actually physically removed from the disk. This means after deleting it is still possible to read the data. Overwriting is a method that deletes the data and overwrites the physical location with random information to ensure it can never be recovered.
Data erasure (sometimes referred to as data clearing, data wiping, or data destruction) is a software-based method of data sanitization that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by overwriting data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable. Ideally, software designed for data erasure should: Allow for selection of a specific standard, based on unique needs, and Verify the overwriting method has been successful and removed data across the entire device. Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to the data disk sectors and make the data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, data erasure removes all information while leaving the disk operable. New flash memory-based media implementations, such as solid-state drives or USB flash drives, can cause data erasure techniques to fail allowing remnant data to be recoverable.Software-based overwriting uses a software application to write a stream of zeros, ones or meaningless pseudorandom data onto all sectors of a hard disk drive. There are key differentiators between data erasure and other overwriting methods, which can leave data intact and raise the risk of data breach, identity theft or failure to achieve regulatory compliance. Many data eradication programs also provide multiple overwrites so that they support recognized government and industry standards, though a single-pass overwrite is widely considered to beData_erasure - Wikipedia, the free encyclopedia
Looks like thats it! You can go back and review your answers or click the button below to grade your test.