Text preview & study summary

CompTIA A+ Core 2 220-1202 - Domain 2 Security

A free sample of 5 questions from this quiz, shown in full with answer choices and explanations. No interactivity — everything is visible on this page for study and review.

Want to test your knowledge? Launch the Interactive Exam Simulator

Question 1

A user complains that their browser is being redirected to a different website when they type specific URLs. DNS queries work correctly on other devices. What should the technician check on this specific workstation?

Answer choices

  • A. The router's DNS settings

  • B. The Windows hosts file (C:\Windows\System32\drivers\etc\hosts) for malicious entries (Correct)

  • C. The ISP's DNS servers

  • D. Windows Update settings

Explanation

Redirect attacks specific to one machine (while DNS works on others) typically involve the local hosts file, which overrides DNS. Malware commonly adds entries to the hosts file to redirect traffic to malicious sites. The hosts file should be checked for unauthorized entries.

Question 2

A technician needs to secure a Windows 10 workstation. Which built-in feature acts as a host-based firewall to filter inbound and outbound traffic?

Answer choices

  • A. Windows Defender Antivirus

  • B. BitLocker

  • C. Windows Defender Firewall (Correct)

  • D. UAC (User Account Control)

Explanation

Windows Defender Firewall is the built-in host-based stateful packet filtering firewall. It filters inbound and outbound traffic based on rules, ports, programs, and IP addresses. It is separate from Windows Defender Antivirus.

Question 3

A user's account has been used to access the system at 3:00 AM when the user is known to be asleep. Which type of attack is MOST likely responsible?

Answer choices

  • A. Man-in-the-middle attack

  • B. Credential theft (stolen credentials used for unauthorized access) (Correct)

  • C. Physical intrusion

  • D. SQL injection

Explanation

Unauthorized access during hours when the user couldn't be present suggests stolen credentials — obtained through phishing, keylogging, password spraying, or credential dumps. The account credentials were stolen and used by an attacker.

Question 4

A technician needs to verify the integrity of a downloaded ISO file before installing it. They compare the file's SHA-256 hash to the hash published on the vendor's website. They match. What does this confirm?

Answer choices

  • A. The file is free of malware

  • B. The file is authentic and has not been tampered with or corrupted during download (Correct)

  • C. The file is licensed for commercial use

  • D. The file was downloaded over HTTPS

Explanation

Hash verification confirms file integrity and authenticity — if the SHA-256 hash matches, the file is bit-for-bit identical to the original published by the vendor. It doesn't scan for malware — a genuine file could theoretically contain malware if the vendor was compromised.

Question 5

A technician is setting up a new employee workstation. Per company policy, the standard user account should not be able to install software. How should the account be configured?

Answer choices

  • A. As a local Administrator account

  • B. As a Standard User account (not in the local Administrators group) (Correct)

  • C. As a Power Users account

  • D. As a Guest account

Explanation

Standard User accounts cannot install software that requires system-level changes (they'd need admin elevation via UAC). This principle of least privilege limits the damage malware can do if the user's account is compromised, since the malware also runs with standard user privileges.