Text preview & study summary
CompTIA A+ Core 2 220-1202 - Domain 2 Security
A free sample of 5 questions from this quiz, shown in full with answer choices and explanations. No interactivity — everything is visible on this page for study and review.
Want to test your knowledge? Launch the Interactive Exam Simulator
Question 1
A user complains that their browser is being redirected to a different website when they type specific URLs. DNS queries work correctly on other devices. What should the technician check on this specific workstation?
Explanation
Redirect attacks specific to one machine (while DNS works on others) typically involve the local hosts file, which overrides DNS. Malware commonly adds entries to the hosts file to redirect traffic to malicious sites. The hosts file should be checked for unauthorized entries.
Question 2
A technician needs to secure a Windows 10 workstation. Which built-in feature acts as a host-based firewall to filter inbound and outbound traffic?
Explanation
Windows Defender Firewall is the built-in host-based stateful packet filtering firewall. It filters inbound and outbound traffic based on rules, ports, programs, and IP addresses. It is separate from Windows Defender Antivirus.
Question 3
A user's account has been used to access the system at 3:00 AM when the user is known to be asleep. Which type of attack is MOST likely responsible?
Explanation
Unauthorized access during hours when the user couldn't be present suggests stolen credentials — obtained through phishing, keylogging, password spraying, or credential dumps. The account credentials were stolen and used by an attacker.
Question 4
A technician needs to verify the integrity of a downloaded ISO file before installing it. They compare the file's SHA-256 hash to the hash published on the vendor's website. They match. What does this confirm?
Explanation
Hash verification confirms file integrity and authenticity — if the SHA-256 hash matches, the file is bit-for-bit identical to the original published by the vendor. It doesn't scan for malware — a genuine file could theoretically contain malware if the vendor was compromised.
Question 5
A technician is setting up a new employee workstation. Per company policy, the standard user account should not be able to install software. How should the account be configured?
Explanation
Standard User accounts cannot install software that requires system-level changes (they'd need admin elevation via UAC). This principle of least privilege limits the damage malware can do if the user's account is compromised, since the malware also runs with standard user privileges.
