The CompTIA 220-902 exam is one of two exams requires to obtain the CompTIA A+ (900 series). This exam will cover operating systems like Windows, Macintosh OSX and Linux as well as topics like security, software troubleshooting and operational procedures.
1) You have been placed in charge of client patch management for your organization. I am so, so sorry for you. As part of your new responsibility you have been charged with developing a new patching process. Assume that patching has been best effort in the past and that any existing processes will be discarded. Automatic Windows Update patching is enabled in your office. Choose the best first step to developing a patching process:
All of your best laid efforts in controlling the patching process will be for naught if you leave automatic Windows Update on! Disabling this will allow for you to control when patches are released to clients and enable you to test patches in your representative sample of clients in the organization prior to overall roll-out.
This question is filed under objective 2, Other Operating Systems & Technologies
A patch is a set of changes to a computer program or its supporting data designed to update, fix, or improve it This includes fixing security vulnerabilities and other bugs, with such patches usually being called bugfixes or bug fixes Patches are often written to improve the functionality, usability, or performance of a program Patches may be installed either under programmed control or by a human programmer using an editing tool or a debugger They may be applied to program files on a storage device, or in computer memory Patches may be permanent (until patched again) or temporary Patching makes possible the modification of compiled and machine language object programs when the source code is unavailable… Read More
2) A user is attempting to access a business resource through Internet Explorer and are unable to load the page correctly. The page is loading oddly with assets in places from previous versions. You have checked with other users of the resource and they are not experiencing an issue. You should:
Clearing the browser cache will remove assets that may have been in place and are cached from previous versions. This is the best first step.
This question is filed under objective 4, Software Troubleshooting
Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a discontinued series of graphical web browsers developed by Microsoft and included in the Microsoft Windows line of operating systems, starting in 1995 It was first released as part of the add-on package Plus for Windows 95 that year Later versions were available as free downloads, or in-service packs, and included in the original equipment manufacturer (OEM) service releases of Windows 95 and later versions of Windows New feature development for the browser was discontinued in 2016 in favor of new browser Microsoft Edge… Read More
3) A user is reporting that their phone is not adjusting its screen correctly based on orientation when viewing web pages. What is the most likely cause?
Screen orientation is controlled by the phone's accelerometer, but this behavior can be controlled by utilizing the phone's screen orientation lock option in the OS.
This question is filed under objective 2, Other Operating Systems & Technologies
The iPhone is a line of smartphones designed and marketed by Apple Inc that use Apple's iOS mobile operating system The first-generation iPhone was announced by former Apple CEO Steve Jobs on January 9, 2007 Since then Apple has annually released new iPhone models and iOS updates As of November 1, 2018, more than 22 billion iPhones had been sold The iPhone has a user interface built around a multi-touch screen It connects to cellular networks or Wi-Fi, and can make calls, browse the web, take pictures, play music and send and receive emails and text messages Since the iPhone's launch further features have been added, including larger screen sizes, shooting video, waterproofing, the ability to install third-party mobile apps through an… Read More
4) In conjunction with a password, all of the below are examples of multifactor authentication except for which?
While all answers are methods of authentication, a shared secret would not count in this instance. This is due to the fact that the knowledge portion of multifactor authentication is already covered by the use of a password and would not count towards being an MFA mechanism. MFA is requires at least two of the following: something you know, something you have or something you are.
This question is filed under objective 3, Security
Multi-factor authentication (MFA encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is) MFA protects the user from an unknown person trying to access their data such as personal ID details or financial assets A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly generated and constantly refreshing code to use for authentication… Read More
5) You are working on a PC that will be deployed in the office. You've forgotten to ground yourself by utilizing an ESD strap, an ESD mat or by touching bare metal on the PC case. While installing a RAM module you feel a static shock and a pop in the case. What is the best course of action to proceed?
In a business environment the safest course of action is to replace the motherboard and RAM module. This reduces the risk that a user will experience a client failure due to damaged hardware.
This question is filed under objective 5, Operational Procedures
Electrostatic discharge (ESD) is the sudden flow of electricity between two electrically charged objects caused by contact, an electrical short or dielectric breakdown A buildup of static electricity can be caused by tribocharging or by electrostatic induction The ESD occurs when differently-charged objects are brought close together or when the dielectric between them breaks down, often creating a visible spark ESD can create spectacular electric sparks (lightning, with the accompanying sound of thunder, is a large-scale ESD event), but also less dramatic forms which may be neither seen nor heard, yet still be large enough to cause damage to sensitive electronic devices… Read More
6) You have identified that a user's PC has been infected with a virus. Your first step after identifying the issue should be:
The first step after identifying malware should be to quarantine the system. This limits the ability of the PC to infect others or send data to outside parties.
This question is filed under objective 4, Software Troubleshooting
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code If this replication succeeds, the affected areas are then said to be "infected" with a computer virusComputer viruses generally require a host program The virus writes its own code into the host program When the program runs, the written virus program is executed first, causing infection and damage A computer worm does not need a host program, as it is an independent program or code chunk Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks… Read More
7) True or false: Brownouts are less dangerous to systems and hardware than blackouts.
Brownouts, or temporary power drops in voltage, are as dangerous to systems as blackouts. Any interruption of voltage to a computer can cause damage or loss of data.
This question is filed under objective 5, Operational Procedures
A brownout is an intentional or unintentional drop in voltage in an electrical power supply system Intentional brownouts are used for load reduction in an emergency The term brownout comes from the dimming of incandescent lighting when the voltage reduces A voltage reduction may be an effect of disruption of an electrical grid, or may occasionally be imposed in an effort to reduce load and prevent a power outage, known as a blackoutIn some countries, the term brownout refers not to a drop in voltage but to an intentional or unintentional power outage (or blackout) … Read More
8) You are assisting a user in trying to find a file in their C:\Users folder. You see that some of the folders appear differently than the others, appearing to be faded in, rather than full color. What do these icons refer to?
Folders that are grey and "ghosted" are hidden folders. These typically hold back-end information or files that the user does not need to access.
This question is filed under objective 1, Windows Operating Systems
In computing, a hidden folder (sometimes hidden directory) or hidden file is a folder or file which filesystem utilities do not display by default when showing a directory listing They are commonly used for storing user preferences or preserving the state of a utility, and are frequently created implicitly by using various utilities They are not a security mechanism because access is not restricted - usually the intent is simply to not "clutter" the display of the contents of a directory listing with files the user did not directly create … Read More
9) A user has contacted you with a computer problem and cannot provide much information on what happened. The user seems like this may be their first time using a computer. Your first action in responding to the issue should be:
The Event Viewer typically is a good place to start troubleshooting issues, as many errors are listed here.
This question is filed under objective 4, Software Troubleshooting
Event Viewer is a component of Microsoft's Windows NT operating system that lets administrators and users view the event logs on a local or remote machine Applications and operating-system components can use this centralized log service to report events that have taken place, such as a failure to start a component or to complete an action In Windows Vista, Microsoft overhauled the event systemDue to the Event Viewer's routine reporting of minor start-up and processing errors (which do not, in fact, harm or damage the computer), the software is frequently used by technical support scammers to trick the victim into thinking that their computer contains critical errors requiring immediate technical support… Read More
10) True or False: Administrators should have administrative rights granted to their user account.
The Principle of Least Privilege states that users should have no more access than necessary to do their job. Administrators should have their administrative rights segregated from their user accounts by implementing a separate account for administrative actions.
This question is filed under objective 3, Security
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose … Read More
11) Commonly associated with a domain controller, the following server role allows for you to enter an easily remembered web address, rather than requiring an IP address.
Domain Name System, or DNS, allows for IP addresses to be masked as a web address.
This question is filed under objective 2, Other Operating Systems & Technologies
The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network It associates various information with domain names assigned to each of the participating entities Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols By providing a worldwide, distributed directory service, the Domain Name System has been an essential component of the functionality of the Internet since 1985 The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet… Read More
12) Utilized in the Windows Command Prompt, the "CD" command executes what process?
The "CD" command changes the directory where the command prompt is currently pointed. This can be used to navigate the file system.
This question is filed under objective 1, Windows Operating Systems
The cd command, also known as chdir (change directory), is a command-line shell command used to change the current working directory in various operating systems It can be used in shell scripts and batch files … Read More
13) All but one of the answers below are true of domain setups. The incorrect answer refers to a workgroup setup. Identify the incorrect answer.
Domains allow for users to authenticate even if they are on different networks. Workgroups require that all users be on the same network.
This question is filed under objective 1, Windows Operating Systems
A Windows domain is a form of a computer network in which all user accounts, computers, printers and other security principals, are registered with a central database located on one or more clusters of central computers known as domain controllers Authentication takes place on domain controllers Each person who uses computers within a domain receives a unique user account that can then be assigned access to resources within the domain Starting with Windows Server 2000, Active Directory is the Windows component in charge of maintaining that central database The concept of Windows domain is in contrast with that of a workgroup in which each computer maintains its own database of security principals… Read More
14) Your boss has requested that you image a large number of Windows PC's for a new office. The image is standard for all PC's. You know that _________ is the best choice for imaging many clients at once.
Preboot Execution Environment, or PXE, allows you to image PC's from a central server containing a client image.
This question is filed under objective 1, Windows Operating Systems
In computing, the Preboot eXecution Environment, PXE (most often pronounced as pixie) specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled client (NIC), and uses a small set of Extensible Firmware Interface industry-standard network protocols such as DHCP and TFTP The concept behind the PXE originated in the early days of protocols like BOOTP/DHCP/TFTP, and as of 2015 it forms part of the Unified Extensible Firmware Interface (UEFI) standard In modern data centers, PXE is the most frequent choice for operating system booting, installation and deployment … Read More
15) True or false: Laptop batteries can be disposed of along with normal items thrown in the garbage.
Laptop batteries contain chemicals that are considered toxic and should always be disposed of in conjunction with a materials recycler.
This question is filed under objective 5, Operational Procedures
A lithium-ion battery or Li-ion battery is a type of rechargeable battery Lithium-ion batteries are commonly used for portable electronics and electric vehicles and are growing in popularity for military and aerospace applications A prototype Li-ion battery was developed by Akira Yoshino in 1985, based on earlier research by John Goodenough, M Stanley Whittingham, Rachid Yazami and Koichi Mizushima during the 1970s–1980s, and then a commercial Li-ion battery was developed by a Sony and Asahi Kasei team led by Yoshio Nishi in 1991In the batteries, lithium ions move from the negative electrode through an electrolyte to the positive electrode during discharge, and back when charging… Read More
16) You receive an email from an outside party stating that clients on your network have been encrypted and the only way to decrypt them is to send Bitcoins to a man named "The Jackal". Your company has fallen victim to a/an:
A ransomware attack involves encrypting user's data and witholding the encryption key until a ransom is paid. Darn it, Jackal!
This question is filed under objective 3, Security
Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the… Read More
17) Local users on a server or desktop computer, in a domain environment, should be:
Local users should not be utilized whenever possible. Domain environments should authenticate users via the domain controller whenever possible. This eliminates numerous security vulnerabilities, such as controlling access to the PC if it is stolen and ensuring deactivated users cannot access a PC with non-domain credentials.
This question is filed under objective 3, Security
Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources Network security involves the authorization of access to data in a network, which is controlled by the network administrator Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals Networks can be private, such as within a… Read More
18) A user has contacted you with a computer problem and cannot provide much information on what happened. The user seems like this may be their first time using a computer. Your first action in responding to the issue should be:
The Event Viewer typically is a good place to start troubleshooting issues, as many errors are listed here.
This question is filed under objective 4, Software Troubleshooting
Event Viewer is a component of Microsoft's Windows NT operating system that lets administrators and users view the event logs on a local or remote machine Applications and operating-system components can use this centralized log service to report events that have taken place, such as a failure to start a component or to complete an action In Windows Vista, Microsoft overhauled the event systemDue to the Event Viewer's routine reporting of minor start-up and processing errors (which do not, in fact, harm or damage the computer), the software is frequently used by technical support scammers to trick the victim into thinking that their computer contains critical errors requiring immediate technical support… Read More
19) The server room blew up! True or false: You should tell everyone on social media.
False. The answer is false. You should not disclose that the server room blew up via social media. Believe it or not, this is an objective of this exam.
This question is filed under objective 5, Operational Procedures
The Computing Technology Industry Association (CompTIA) is an American non-profit trade association, issuing professional certifications for the information technology (IT) industry It is considered one of the IT industry's top trade associations Based in Downers Grove, Illinois, CompTIA issues vendor-neutral professional certifications in over 120 countries The organization releases over 50 industry studies annually to track industry trends and changes Over 22 million people have earned CompTIA certifications since the association was established … Read More
20) True or false: Backups and snapshots can be used interchangeably to ensure data redundancy.
Backups and snapshots are different methods of attaining data redundancy. A snapshot is an "image" of a server at a point in time, stored locally to the virtual host. This is important to note, as a backup is stored off of the host. While they both accomplish similar tasks, snapshots are typically used to revert changes made to a virtual machine when attempting new configurations. Backups are intended to preserve information stored on a server or database for future restoration if needed.
This question is filed under objective 2, Other Operating Systems & Technologies
In computer systems, a snapshot is the state of a system at a particular point in time The term was coined as an analogy to that in photography It can refer to an actual copy of the state of a system or to a capability provided by certain systems … Read More
You can go back and review your answers or grade your test.