Try our new practice tests feature: configure your own test including the number of questions, objectives and time limits
The CompTIA 220-902 exam is one of two exams requires to obtain the CompTIA A+ (900 series). This exam will cover operating systems like Windows, Macintosh OSX and Linux as well as topics like security, software troubleshooting and operational procedures.
The Principle of Least Privilege states that users should have no more access than necessary to do their job. Administrators should have their administrative rights segregated from their user accounts by implementing a separate account for administrative actions.
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose.
Principle_of_least_privilege - Wikipedia, the free encyclopediaYou have identified that a user's PC has been infected with a virus. Your first step after identifying the issue should be:
The first step after identifying malware should be to quarantine the system. This limits the ability of the PC to infect others or send data to outside parties.
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. By contrast, a computer worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks.Virus writers use social engineering deceptions and exploit detailed knowledge of security vulnerabilities to initially infect systems and to spread the virus. Viruses use complex anti-detection/stealth strategies to evade antivirus software. Motives for creating viruses can include seeking profit (e.g., with ransomware), desire to send a political message, personal amusement, to demonstrate that a vulnerability exists in software, for sabotage and denial of service, or simply because they wish to explore cybersecurity issues, artificial life and evolutionary algorithms.Computer viruses cause billions of dollars' worth of economic damage each year. In response, an industry of antivirus software has cropped up, selling or freely distributing virus protection to users of various operating systems.
Computer_virus - Wikipedia, the free encyclopediaBrownouts, or temporary power drops in voltage, are as dangerous to systems as blackouts. Any interruption of voltage to a computer can cause damage or loss of data.
A brownout is a drop in voltage in an electrical power supply system. Unintentional brownouts can be caused by excessive electricity demand, severe weather events, or a malfunction or error affecting electrical grid control or monitoring systems. Intentional brownouts are used for load reduction in an emergency, or to prevent a total grid power outage due to high demand. The term brownout comes from the dimming of incandescent lighting when voltage reduces. In some countries, the term brownout refers not to a drop in voltage but to an intentional or unintentional power outage (or blackout).
Brownout_(electricity) - Wikipedia, the free encyclopediaA user is reporting that their phone is not adjusting its screen correctly based on orientation when viewing web pages. What is the most likely cause?
Screen orientation is controlled by the phone's accelerometer, but this behavior can be controlled by utilizing the phone's screen orientation lock option in the OS.
iPhone is a line of smartphones produced by Apple Inc. that use Apple's own iOS mobile operating system. The first-generation iPhone was announced by then-Apple CEO Steve Jobs on January 9, 2007. Since then, Apple has annually released new iPhone models and iOS updates. As of November 1, 2018, more than 2.2 billion iPhones had been sold. As of 2022, the iPhone accounts for 15.6% of global smartphone market share.The iPhone was the first mobile phone to use multi-touch technology. Since the iPhone's launch, it gained larger screen sizes, video-recording, waterproofing, and many accessibility features. Up to iPhone 8 and 8 Plus, iPhones had a single button on the front panel with the Touch ID fingerprint sensor. Since iPhone X, iPhone models have switched to a nearly bezel-less front screen design with Face ID facial recognition, and app switching activated by gestures. Touch ID is still used for the budget iPhone SE series. The iPhone is one of the two largest smartphone platforms in the world alongside Android, and is a large part of the luxury market. The iPhone has generated large profits for Apple, making it one of the world's most valuable publicly traded companies. The first-generation iPhone was described as a "revolution" for the mobile phone industry and subsequent models have also garnered praise. The iPhone has been credited with popularizing the smartphone and slate form factor, and with creating a large market for smartphone apps, or "app economy". As of January 2017, Apple's App Store contained more than 2.2 million applications
IPhone - Wikipedia, the free encyclopediaCommonly associated with a domain controller, the following server role allows for you to enter an easily remembered web address, rather than requiring an IP address.
Domain Name System, or DNS, allows for IP addresses to be masked as a web address.
The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet resources by designating authoritative name servers for each domain. Network administrators may delegate authority over sub-domains of their allocated name space to other name servers. This mechanism provides distributed and fault-tolerant service and was designed to avoid a single large central database. The Domain Name System also specifies the technical functionality of the database service that is at its core. It defines the DNS protocol, a detailed specification of the data structures and data communication exchanges used in the DNS, as part of the Internet protocol suite. The Internet maintains two principal namespaces, the domain name hierarchy and the IP address spaces. The Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces. Internet name servers and a communication protocol implement the Domain Name System. A DNS name server is a server that stores the DNS records for a domain; a DNS name
Domain_Name_System - Wikipedia, the free encyclopediaFalse. The answer is false. You should not disclose that the server room blew up via social media. Believe it or not, this is an objective of this exam.
The Computing Technology Industry Association, more commonly known as CompTIA, is an American non-profit trade association that issues professional certifications for the information technology (IT) industry. It is considered one of the IT industry's top trade associations.Based in Downers Grove, Illinois, CompTIA issues vendor-neutral professional certifications in over 120 countries. The organization releases industry studies to track industry trends and changes. Over 2.2 million people have earned CompTIA certifications since the association was established.
CompTIA#A.2B_certification - Wikipedia, the free encyclopediaA user is attempting to access a business resource through Internet Explorer and are unable to load the page correctly. The page is loading oddly with assets in places from previous versions. You have checked with other users of the resource and they are not experiencing an issue. You should:
Clearing the browser cache will remove assets that may have been in place and are cached from previous versions. This is the best first step.
Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated as IE or MSIE) is a deprecated (or discontinued for most Windows editions) series of graphical web browsers developed by Microsoft that were used in the Windows line of operating systems. While IE has been discontinued on most Windows editions, it remains supported on certain editions of Windows, such as Windows 10 LTSB/LTSC. Starting in 1995, it was first released as part of the add-on package Plus! for Windows 95 that year. Later versions were available as free downloads or in-service packs and included in the original equipment manufacturer (OEM) service releases of Windows 95 and later versions of Windows. Microsoft spent over US$100 million per year on Internet Explorer in the late 1990s, with over 1,000 people involved in the project by 1999. New feature development for the browser was discontinued in 2016 in favor of its successor, Microsoft Edge. Internet Explorer was once the most widely used web browser, attaining a peak of 95% usage share by 2003. This came after Microsoft used bundling to win the first browser war against Netscape, which was the dominant browser in the 1990s. Its usage share has since declined with the launches of Firefox (2004) and Google Chrome (2008) and with the growing popularity of mobile operating systems such as Android and iOS that do not support Internet Explorer. Estimates for Internet Explorer's market share in 2023 are about 0.25% across all platforms, or, by StatCounter's numbers, ranked 10th after
Internet_Explorer - Wikipedia, the free encyclopediaLocal users should not be utilized whenever possible. Domain environments should authenticate users via the domain controller whenever possible. This eliminates numerous security vulnerabilities, such as controlling access to the PC if it is stolen and ensuring deactivated users cannot access a PC with non-domain credentials.
Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.
Network_security - Wikipedia, the free encyclopediaYou are working on a PC that will be deployed in the office. You've forgotten to ground yourself by utilizing an ESD strap, an ESD mat or by touching bare metal on the PC case. While installing a RAM module you feel a static shock and a pop in the case. What is the best course of action to proceed?
In a business environment the safest course of action is to replace the motherboard and RAM module. This reduces the risk that a user will experience a client failure due to damaged hardware.
Electrostatic discharge (ESD) is a sudden and momentary flow of electric current between two electrically charged objects caused by contact, an electrical short or dielectric breakdown. A buildup of static electricity can be caused by tribocharging or by electrostatic induction. The ESD occurs when differently-charged objects are brought close together or when the dielectric between them breaks down, often creating a visible spark. ESD can create spectacular electric sparks (lightning, with the accompanying sound of thunder, is a large-scale ESD event), but also less dramatic forms which may be neither seen nor heard, yet still be large enough to cause damage to sensitive electronic devices. Electric sparks require a field strength above approximately 40 kV/cm in air, as notably occurs in lightning strikes. Other forms of ESD include corona discharge from sharp electrodes and brush discharge from blunt electrodes. ESD can cause harmful effects of importance in industry, including explosions in gas, fuel vapor and coal dust, as well as failure of solid state electronics components such as integrated circuits. These can suffer permanent damage when subjected to high voltages. Electronics manufacturers therefore establish electrostatic protective areas free of static, using measures to prevent charging, such as avoiding highly charging materials and measures to remove static such as grounding human workers, providing antistatic devices, and controlling humidity. ESD simulators may be used to test electronic devices, for example with a human body model or a charged device model.
Electrostatic_discharge - Wikipedia, the free encyclopediaAll but one of the answers below are true of domain setups. The incorrect answer refers to a workgroup setup. Identify the incorrect answer.
Domains allow for users to authenticate even if they are on different networks. Workgroups require that all users be on the same network.
A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database located on one or more clusters of central computers known as domain controllers. Authentication takes place on domain controllers. Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain. Starting with Windows Server 2000, Active Directory is the Windows component in charge of maintaining that central database. The concept of Windows domain is in contrast with that of a workgroup in which each computer maintains its own database of security principals.
Windows_domain - Wikipedia, the free encyclopediaA user has contacted you with a computer problem and cannot provide much information on what happened. The user seems like this may be their first time using a computer. Your first action in responding to the issue should be:
The Event Viewer typically is a good place to start troubleshooting issues, as many errors are listed here.
Event Viewer is a component of Microsoft's Windows NT operating system that lets administrators and users view the event logs on a local or remote machine. Applications and operating-system components can use this centralized log service to report events that have taken place, such as a failure to start a component or to complete an action. In Windows Vista, Microsoft overhauled the event system.Due to the Event Viewer's routine reporting of minor start-up and processing errors (which do not, in fact, harm or damage the computer), the software is frequently used by technical support scammers to trick the victim into thinking that their computer contains critical errors requiring immediate technical support. An example is the "Administrative Events" field under "Custom Views" which can have over a thousand errors or warnings logged over a month's time.
Event_Viewer - Wikipedia, the free encyclopediaBackups and snapshots are different methods of attaining data redundancy. A snapshot is an "image" of a server at a point in time, stored locally to the virtual host. This is important to note, as a backup is stored off of the host. While they both accomplish similar tasks, snapshots are typically used to revert changes made to a virtual machine when attempting new configurations. Backups are intended to preserve information stored on a server or database for future restoration if needed.
In computer systems, a snapshot is the state of a system at a particular point in time. The term was coined as an analogy to that in photography.
Snapshot_(computer_storage) - Wikipedia, the free encyclopediaIn conjunction with a password, all of the below are examples of multifactor authentication except for which?
While all answers are methods of authentication, a shared secret would not count in this instance. This is due to the fact that the knowledge portion of multifactor authentication is already covered by the use of a password and would not count towards being an MFA mechanism. MFA is requires at least two of the following: something you know, something you have or something you are.
Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). MFA protects user data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password. A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly generated and frequently changing code to use for authentication.
Multi-factor_authentication - Wikipedia, the free encyclopediaThe "CD" command changes the directory where the command prompt is currently pointed. This can be used to navigate the file system.
The cd command, also known as chdir (change directory), is a command-line shell command used to change the current working directory in various operating systems. It can be used in shell scripts and batch files.
Cd_(command) - Wikipedia, the free encyclopediaA user has contacted you with a computer problem and cannot provide much information on what happened. The user seems like this may be their first time using a computer. Your first action in responding to the issue should be:
The Event Viewer typically is a good place to start troubleshooting issues, as many errors are listed here.
Event Viewer is a component of Microsoft's Windows NT operating system that lets administrators and users view the event logs on a local or remote machine. Applications and operating-system components can use this centralized log service to report events that have taken place, such as a failure to start a component or to complete an action. In Windows Vista, Microsoft overhauled the event system.Due to the Event Viewer's routine reporting of minor start-up and processing errors (which do not, in fact, harm or damage the computer), the software is frequently used by technical support scammers to trick the victim into thinking that their computer contains critical errors requiring immediate technical support. An example is the "Administrative Events" field under "Custom Views" which can have over a thousand errors or warnings logged over a month's time.
Event_Viewer - Wikipedia, the free encyclopediaYou have been placed in charge of client patch management for your organization. I am so, so sorry for you. As part of your new responsibility you have been charged with developing a new patching process. Assume that patching has been best effort in the past and that any existing processes will be discarded. Automatic Windows Update patching is enabled in your office. Choose the best first step to developing a patching process:
All of your best laid efforts in controlling the patching process will be for naught if you leave automatic Windows Update on! Disabling this will allow for you to control when patches are released to clients and enable you to test patches in your representative sample of clients in the organization prior to overall roll-out.
A patch is a set of changes to a computer program or its supporting data designed to update, fix, or improve it. This includes fixing security vulnerabilities and other bugs, with such patches usually being called bugfixes or bug fixes. Patches are often written to improve the functionality, usability, or performance of a program. The majority of patches are provided by software vendors for operating system and application updates. Patches may be installed either under programmed control or by a human programmer using an editing tool or a debugger. They may be applied to program files on a storage device, or in computer memory. Patches may be permanent (until patched again) or temporary. Patching makes possible the modification of compiled and machine language object programs when the source code is unavailable. This demands a thorough understanding of the inner workings of the object code by the person creating the patch, which is difficult without close study of the source code. Someone unfamiliar with the program being patched may install a patch using a patch utility created by another person who is the Admin. Even when the source code is available, patching makes possible the installation of small changes to the object program without the need to recompile or reassemble. For minor changes to software, it is often easier and more economical to distribute patches to users rather than redistributing a newly recompiled or reassembled program. Although meant to fix problems, poorly designed patches can sometimes introduce new problems (see software regressions). In
Patch_(computing) - Wikipedia, the free encyclopediaYou are assisting a user in trying to find a file in their C:\Users folder. You see that some of the folders appear differently than the others, appearing to be faded in, rather than full color. What do these icons refer to?
Folders that are grey and "ghosted" are hidden folders. These typically hold back-end information or files that the user does not need to access.
In computing, a hidden folder (sometimes hidden directory) or hidden file is a folder or file which filesystem utilities do not display by default when showing a directory listing. They are commonly used for storing user preferences or preserving the state of a utility and are frequently created implicitly by using various utilities. They are not a security mechanism because access is not restricted – usually the intent is simply to not "clutter" the display of the contents of a directory listing with files the user did not directly create.
Hidden_file_and_hidden_directory - Wikipedia, the free encyclopediaYou receive an email from an outside party stating that clients on your network have been encrypted and the only way to decrypt them is to send Bitcoins to a man named "The Jackal". Your company has fallen victim to a/an:
A ransomware attack involves encrypting user's data and witholding the encryption key until a ransom is paid. Darn it, Jackal!
Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction.Starting as early as 1989 with the first documented ransomware known as the AIDS trojan, the use of ransomware scams has grown internationally. There were 181.5 million ransomware attacks in the first six months of 2018. This record marks a 229% increase over this same time frame in 2017. In June 2014, vendor McAfee released data showing that it had collected more than double the number of ransomware samples that quarter than it had in the same quarter of the previous year. CryptoLocker was particularly successful, procuring an estimated US$3 million before it was taken down by authorities,
Ransomware - Wikipedia, the free encyclopediaLaptop batteries contain chemicals that are considered toxic and should always be disposed of in conjunction with a materials recycler.
A lithium-ion or Li-ion battery is a type of rechargeable battery which uses the reversible reduction of lithium ions to store energy. The anode (negative electrode) of a conventional lithium-ion cell is typically graphite made from carbon. The cathode (positive electrode) is typically a metal oxide. The electrolyte is typically a lithium salt in an organic solvent.It is the predominant battery type used in portable consumer electronics and electric vehicles. It also sees significant use for grid-scale energy storage and military and aerospace applications. Compared to other rechargeable battery technologies, Li-ion batteries have high energy densities, low self-discharge, and no memory effect (although a small memory effect reported in LFP cells has been traced to poorly made cells).Chemistry, performance, cost, and safety characteristics vary across types of lithium-ion batteries. Most commercial Li-ion cells use intercalation compounds as active materials. The anode or negative electrode is usually graphite, although silicon-carbon is also being increasingly used. Cells can be manufactured to prioritize either energy or power density. Handheld electronics mostly use lithium polymer batteries (with a polymer gel as electrolyte), a lithium cobalt oxide (LiCoO2) cathode material, and a graphite anode, which together offer a high energy density. Lithium iron phosphate (LiFePO4), lithium manganese oxide (LiMn2O4 spinel, or Li2MnO3-based lithium rich layered materials, LMR-NMC), and lithium nickel manganese cobalt oxide (LiNiMnCoO2 or NMC) may offer longer lives and may have better rate capability. NMC and its derivatives are widely used in the electrification of transport, one of the main technologies (combined with renewable
Lithium-ion_battery - Wikipedia, the free encyclopediaYour boss has requested that you image a large number of Windows PC's for a new office. The image is standard for all PC's. You know that _________ is the best choice for imaging many clients at once.
Preboot Execution Environment, or PXE, allows you to image PC's from a central server containing a client image.
In computing, the Preboot eXecution Environment, PXE (most often pronounced as pixie, often called PXE Boot/pixie boot.) specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as DHCP and TFTP. The concept behind the PXE originated in the early days of protocols like BOOTP/DHCP/TFTP, and as of 2015 it forms part of the Unified Extensible Firmware Interface (UEFI) standard. In modern data centers, PXE is the most frequent choice for operating system booting, installation and deployment.
Preboot_Execution_Environment - Wikipedia, the free encyclopediaLooks like thats it! You can go back and review your answers or click the button below to grade your test.