Try our new practice tests feature: configure your own test including the number of questions, objectives and time limits
The CompTIA 220-902 exam is one of two exams requires to obtain the CompTIA A+ (900 series). This exam will cover operating systems like Windows, Macintosh OSX and Linux as well as topics like security, software troubleshooting and operational procedures.
You receive an email from an outside party stating that clients on your network have been encrypted and the only way to decrypt them is to send Bitcoins to a man named "The Jackal". Your company has fallen victim to a/an:
A ransomware attack involves encrypting user's data and witholding the encryption key until a ransom is paid. Darn it, Jackal!
Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction.Starting as early as 1989 with the first documented ransomware known as the AIDS trojan, the use of ransomware scams has grown internationally. There were 181.5 million ransomware attacks in the first six months of 2018. This record marks a 229% increase over this same time frame in 2017. In June 2014, vendor McAfee released data showing that it had collected more than double the number of ransomware samples that quarter than it had in the same quarter of the previous year. CryptoLocker was particularly successful, procuring an estimated US$3 million before it was taken down by authorities, and
Ransomware - Wikipedia, the free encyclopediaA user is reporting that their phone is not adjusting its screen correctly based on orientation when viewing web pages. What is the most likely cause?
Screen orientation is controlled by the phone's accelerometer, but this behavior can be controlled by utilizing the phone's screen orientation lock option in the OS.
The iPhone is a line of smartphones designed and marketed by Apple Inc. These devices use Apple's iOS mobile operating system. The first-generation iPhone was announced by then-Apple CEO Steve Jobs on January 9, 2007. Since then, Apple has annually released new iPhone models and iOS updates. As of November 1, 2018, more than 2.2 billion iPhones had been sold. The iPhone has a user interface built around a multi-touch screen. It connects to cellular networks or Wi-Fi, and can make calls, browse the web, take pictures, play music and send and receive emails and text messages. Since the iPhone's launch further features have been added, including larger screen sizes, shooting video, waterproofing, the ability to install third-party mobile apps through an app store, and many accessibility features. Up to iPhone 8 and 8 Plus, iPhones used a layout with a single button on the front panel that returns the user to the home screen. Since iPhone X, iPhone models have switched to a nearly bezel-less front screen design with app switching activated by gesture recognition. The iPhone is one of the two largest smartphone platforms in the world alongside Android, forming a large part of the luxury market. The iPhone has generated large profits for Apple, making it one of the world's most valuable publicly traded companies. The first-generation iPhone was described as "revolutionary" and a "game-changer" for the mobile phone industry and subsequent models have also garnered praise. The iPhone has been credited with popularizing the smartphone and slate form
IPhone - Wikipedia, the free encyclopediaIn conjunction with a password, all of the below are examples of multifactor authentication except for which?
While all answers are methods of authentication, a shared secret would not count in this instance. This is due to the fact that the knowledge portion of multifactor authentication is already covered by the use of a password and would not count towards being an MFA mechanism. MFA is requires at least two of the following: something you know, something you have or something you are.
Multi-factor authentication (MFA; encompassing authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). MFA protects user data—which may include personal identification or financial assets—from being accessed by an unauthorised third party that may have been able to discover, for example, a single password. A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly generated and frequently changing code to use for authentication.
Multi-factor_authentication - Wikipedia, the free encyclopediaYour boss has requested that you image a large number of Windows PC's for a new office. The image is standard for all PC's. You know that _________ is the best choice for imaging many clients at once.
Preboot Execution Environment, or PXE, allows you to image PC's from a central server containing a client image.
In computing, the Preboot eXecution Environment, PXE (most often pronounced as pixie, often called PXE Boot/pixie boot.) specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as DHCP and TFTP. The concept behind the PXE originated in the early days of protocols like BOOTP/DHCP/TFTP, and as of 2015 it forms part of the Unified Extensible Firmware Interface (UEFI) standard. In modern data centers, PXE is the most frequent choice for operating system booting, installation and deployment.
Preboot_Execution_Environment - Wikipedia, the free encyclopediaA user has contacted you with a computer problem and cannot provide much information on what happened. The user seems like this may be their first time using a computer. Your first action in responding to the issue should be:
The Event Viewer typically is a good place to start troubleshooting issues, as many errors are listed here.
Event Viewer is a component of Microsoft's Windows NT operating system that lets administrators and users view the event logs on a local or remote machine. Applications and operating-system components can use this centralized log service to report events that have taken place, such as a failure to start a component or to complete an action. In Windows Vista, Microsoft overhauled the event system.Due to the Event Viewer's routine reporting of minor start-up and processing errors (which do not, in fact, harm or damage the computer), the software is frequently used by technical support scammers to trick the victim into thinking that their computer contains critical errors requiring immediate technical support. An example is the "Administrative Events" field under "Custom Views" which can have over a thousand errors or warnings logged over a month's time.
Event_Viewer - Wikipedia, the free encyclopediaFalse. The answer is false. You should not disclose that the server room blew up via social media. Believe it or not, this is an objective of this exam.
The Computing Technology Industry Association (CompTIA) is an American non-profit trade association, issuing professional certifications for the information technology (IT) industry. It is considered one of the IT industry's top trade associations. Based in Downers Grove, Illinois, CompTIA issues vendor-neutral professional certifications in over 120 countries. The organization releases over 50 industry studies annually to track industry trends and changes. Over 2.2 million people have earned CompTIA certifications since the association was established.
CompTIA#A.2B_certification - Wikipedia, the free encyclopediaAll but one of the answers below are true of domain setups. The incorrect answer refers to a workgroup setup. Identify the incorrect answer.
Domains allow for users to authenticate even if they are on different networks. Workgroups require that all users be on the same network.
A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database located on one or more clusters of central computers known as domain controllers. Authentication takes place on domain controllers. Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain. Starting with Windows Server 2000, Active Directory is the Windows component in charge of maintaining that central database. The concept of Windows domain is in contrast with that of a workgroup in which each computer maintains its own database of security principals.
Windows_domain - Wikipedia, the free encyclopediaYou are working on a PC that will be deployed in the office. You've forgotten to ground yourself by utilizing an ESD strap, an ESD mat or by touching bare metal on the PC case. While installing a RAM module you feel a static shock and a pop in the case. What is the best course of action to proceed?
In a business environment the safest course of action is to replace the motherboard and RAM module. This reduces the risk that a user will experience a client failure due to damaged hardware.
Electrostatic discharge (ESD) is a sudden and momentary flow of electric current between two electrically charged objects caused by contact, an electrical short or dielectric breakdown. A buildup of static electricity can be caused by tribocharging or by electrostatic induction. The ESD occurs when differently-charged objects are brought close together or when the dielectric between them breaks down, often creating a visible spark. ESD can create spectacular electric sparks (lightning, with the accompanying sound of thunder, is a large-scale ESD event), but also less dramatic forms which may be neither seen nor heard, yet still be large enough to cause damage to sensitive electronic devices. Electric sparks require a field strength above approximately 40 kV/cm in air, as notably occurs in lightning strikes. Other forms of ESD include corona discharge from sharp electrodes and brush discharge from blunt electrodes. ESD can cause harmful effects of importance in industry, including explosions in gas, fuel vapor and coal dust, as well as failure of solid state electronics components such as integrated circuits. These can suffer permanent damage when subjected to high voltages. Electronics manufacturers therefore establish electrostatic protective areas free of static, using measures to prevent charging, such as avoiding highly charging materials and measures to remove static such as grounding human workers, providing antistatic devices, and controlling humidity. ESD simulators may be used to test electronic devices, for example with a human body model or a charged device model.
Electrostatic_discharge - Wikipedia, the free encyclopediaThe Principle of Least Privilege states that users should have no more access than necessary to do their job. Administrators should have their administrative rights segregated from their user accounts by implementing a separate account for administrative actions.
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
Principle_of_least_privilege - Wikipedia, the free encyclopediaBrownouts, or temporary power drops in voltage, are as dangerous to systems as blackouts. Any interruption of voltage to a computer can cause damage or loss of data.
A brownout is an intentional or unintentional drop in voltage in an electrical power supply system. Intentional brownouts are used for load reduction in an emergency. The term brownout comes from the dimming of incandescent lighting when the voltage reduces. A voltage reduction may be an effect of disruption of an electrical grid, or may occasionally be imposed in an effort to reduce load and prevent a power outage, known as a blackout. Brownouts can also stem from an excessive demand in electricity or when severe weather events occur.In some countries, the term brownout refers not to a drop in voltage but to an intentional or unintentional power outage (or blackout).
Brownout_(electricity) - Wikipedia, the free encyclopediaLaptop batteries contain chemicals that are considered toxic and should always be disposed of in conjunction with a materials recycler.
A lithium-ion battery or Li-ion battery is a type of rechargeable battery composed of cells in which lithium ions move from the negative electrode through an electrolyte to the positive electrode during discharge and back when charging. Li-ion cells use an intercalated lithium compound as the material at the positive electrode and typically graphite at the negative electrode. Li-ion batteries have a high energy density, no memory effect (other than LFP cells) and low self-discharge. Cells can be manufactured to prioritize either energy or power density. They can however be a safety hazard since they contain flammable electrolytes and if damaged or incorrectly charged can lead to explosions and fires. M. Stanley Whittingham discovered the concept of intercalation electrodes in the 1970s, and invented the first rechargeable lithium-ion battery, which was based on a titanium disulfide cathode and a lithium-aluminum anode, patented in 1977, and assigned to Exxon. John Goodenough expanded on this work in 1980 by using lithium cobalt oxide as a cathode. A prototype Li-ion battery was developed by Akira Yoshino in 1985, based on the earlier research by John Goodenough, M. Stanley Whittingham, Rachid Yazami and Koichi Mizushima during the 1970s–1980s, and then a commercial Li-ion battery was developed by a Sony and Asahi Kasei team led by Yoshio Nishi in 1991. Lithium-ion batteries are commonly used for portable electronics and electric vehicles and are growing in popularity for military and aerospace applications.Chemistry, performance, cost and safety characteristics vary across types of lithium-ion batteries. Handheld electronics mostly use
Lithium-ion_battery - Wikipedia, the free encyclopediaYou have identified that a user's PC has been infected with a virus. Your first step after identifying the issue should be:
The first step after identifying malware should be to quarantine the system. This limits the ability of the PC to infect others or send data to outside parties.
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses. Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. A computer worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks.Virus writers use social engineering deceptions and exploit detailed knowledge of security vulnerabilities to initially infect systems and to spread the virus. The vast majority of viruses target systems running Microsoft Windows, employing a variety of mechanisms to infect new hosts, and often using complex anti-detection/stealth strategies to evade antivirus software. Motives for creating viruses can include seeking profit (e.g., with ransomware), desire to send a political message, personal amusement, to demonstrate that a vulnerability exists in software, for sabotage and denial of service, or simply because they wish to explore cybersecurity issues, artificial life and evolutionary algorithms.Computer viruses cause billions of dollars' worth of economic damage each year.In response, an industry of antivirus software has cropped up, selling or freely distributing virus protection to users of various operating systems.
Computer_virus - Wikipedia, the free encyclopediaYou have been placed in charge of client patch management for your organization. I am so, so sorry for you. As part of your new responsibility you have been charged with developing a new patching process. Assume that patching has been best effort in the past and that any existing processes will be discarded. Automatic Windows Update patching is enabled in your office. Choose the best first step to developing a patching process:
All of your best laid efforts in controlling the patching process will be for naught if you leave automatic Windows Update on! Disabling this will allow for you to control when patches are released to clients and enable you to test patches in your representative sample of clients in the organization prior to overall roll-out.
A patch is a set of changes to a computer program or its supporting data designed to update, fix, or improve it. This includes fixing security vulnerabilities and other bugs, with such patches usually being called bugfixes or bug fixes. Patches are often written to improve the functionality, usability, or performance of a program. The majority of patches are provided by software vendors for operating system and application updates. Patches may be installed either under programmed control or by a human programmer using an editing tool or a debugger. They may be applied to program files on a storage device, or in computer memory. Patches may be permanent (until patched again) or temporary. Patching makes possible the modification of compiled and machine language object programs when the source code is unavailable. This demands a thorough understanding of the inner workings of the object code by the person creating the patch, which is difficult without close study of the source code. Someone unfamiliar with the program being patched may install a patch using a patch utility created by another person who is the Admin. Even when the source code is available, patching makes possible the installation of small changes to the object program without the need to recompile or reassemble. For minor changes to software, it is often easier and more economical to distribute patches to users rather than redistributing a newly recompiled or reassembled program. Although meant to fix problems, poorly designed patches can sometimes introduce new problems (see software regressions). In
Patch_(computing) - Wikipedia, the free encyclopediaLocal users should not be utilized whenever possible. Domain environments should authenticate users via the domain controller whenever possible. This eliminates numerous security vulnerabilities, such as controlling access to the PC if it is stolen and ensuring deactivated users cannot access a PC with non-domain credentials.
Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.
Network_security - Wikipedia, the free encyclopediaCommonly associated with a domain controller, the following server role allows for you to enter an easily remembered web address, rather than requiring an IP address.
Domain Name System, or DNS, allows for IP addresses to be masked as a web address.
The Domain Name System (DNS) is the hierarchical and decentralized naming system used to identify computers reachable through the Internet or other Internet Protocol (IP) networks. The resource records contained in the DNS associate domain names with other forms of information. These are most commonly used to map human-friendly domain names to the numerical IP addresses computers need to locate services and devices using the underlying network protocols, but have been extended over time to perform many other functions as well. The Domain Name System has been an essential component of the functionality of the Internet since 1985.
Domain_Name_System - Wikipedia, the free encyclopediaThe "CD" command changes the directory where the command prompt is currently pointed. This can be used to navigate the file system.
The cd command, also known as chdir (change directory), is a command-line shell command used to change the current working directory in various operating systems. It can be used in shell scripts and batch files.
Cd_(command) - Wikipedia, the free encyclopediaYou are assisting a user in trying to find a file in their C:\Users folder. You see that some of the folders appear differently than the others, appearing to be faded in, rather than full color. What do these icons refer to?
Folders that are grey and "ghosted" are hidden folders. These typically hold back-end information or files that the user does not need to access.
In computing, a hidden folder (sometimes hidden directory) or hidden file is a folder or file which filesystem utilities do not display by default when showing a directory listing. They are commonly used for storing user preferences or preserving the state of a utility and are frequently created implicitly by using various utilities. They are not a security mechanism because access is not restricted – usually the intent is simply to not "clutter" the display of the contents of a directory listing with files the user did not directly create.
Hidden_file_and_hidden_directory - Wikipedia, the free encyclopediaA user is attempting to access a business resource through Internet Explorer and are unable to load the page correctly. The page is loading oddly with assets in places from previous versions. You have checked with other users of the resource and they are not experiencing an issue. You should:
Clearing the browser cache will remove assets that may have been in place and are cached from previous versions. This is the best first step.
Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a discontinued series of graphical web browsers developed by Microsoft and included in the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year. Later versions were available as free downloads, or in-service packs, and included in the original equipment manufacturer (OEM) service releases of Windows 95 and later versions of Windows. New feature development for the browser was discontinued in 2016 in favor of new browser Microsoft Edge. Since Internet Explorer is a Windows component and is included in long-term lifecycle versions of Windows such as Windows Server 2019, it will continue to receive security updates until at least 2029. Microsoft 365 ended support for Internet Explorer on August 17, 2021, and Microsoft Teams ended support for IE on November 30, 2020. Internet Explorer is set for discontinuation on June 15, 2022, after which the alternative will be Microsoft Edge with IE mode for legacy sites.Internet Explorer was once the most widely used web browser, attaining a peak of about 95% usage share by 2003. This came after Microsoft used bundling to win the first browser war against Netscape, which was the dominant browser in the 1990s. Its usage share has since declined with the launch of Firefox (2004) and Google Chrome (2008), and with the growing popularity of mobile operating systems such as Android and iOS that
Internet_Explorer - Wikipedia, the free encyclopediaA user has contacted you with a computer problem and cannot provide much information on what happened. The user seems like this may be their first time using a computer. Your first action in responding to the issue should be:
The Event Viewer typically is a good place to start troubleshooting issues, as many errors are listed here.
Event Viewer is a component of Microsoft's Windows NT operating system that lets administrators and users view the event logs on a local or remote machine. Applications and operating-system components can use this centralized log service to report events that have taken place, such as a failure to start a component or to complete an action. In Windows Vista, Microsoft overhauled the event system.Due to the Event Viewer's routine reporting of minor start-up and processing errors (which do not, in fact, harm or damage the computer), the software is frequently used by technical support scammers to trick the victim into thinking that their computer contains critical errors requiring immediate technical support. An example is the "Administrative Events" field under "Custom Views" which can have over a thousand errors or warnings logged over a month's time.
Event_Viewer - Wikipedia, the free encyclopediaBackups and snapshots are different methods of attaining data redundancy. A snapshot is an "image" of a server at a point in time, stored locally to the virtual host. This is important to note, as a backup is stored off of the host. While they both accomplish similar tasks, snapshots are typically used to revert changes made to a virtual machine when attempting new configurations. Backups are intended to preserve information stored on a server or database for future restoration if needed.
In computer systems, a snapshot is the state of a system at a particular point in time. The term was coined as an analogy to that in photography. It can refer to an actual copy of the state of a system or to a capability provided by certain systems.
Snapshot_(computer_storage) - Wikipedia, the free encyclopediaLooks like thats it! You can go back and review your answers or click the button below to grade your test.