220-1102 CompTIA A+ Certification Core 2 Exam Free Practice Exam Questions (2025 Updated)

Enabling an allow list (Option D) will limit access to the wireless network by only allowing devices with specified MAC addresses to connect. This is an effective method for minimizing Wi-Fi access in a crowded environment.

Port forwarding (Option A) controls traffic through specific ports but doesn't minimize wireless access.

Unused ports (Option B) could refer to physical network ports or firewall settings, unrelated to controlling Wi-Fi access.

Disabling SSID broadcast (Option C) might hide the network name but doesn't secure access.

CompTIA A+ Core 2 References:

2.9 - Configure security settings for SOHO networks, including MAC filtering .

Comprehensive and Detailed In-Depth Explanation:

A rogue wireless access point is an unauthorized wireless network set up by an attacker or mistakenly by an employee. If the rogue AP has the same SSID as the legitimate network, users may unknowingly connect to it, causing security risks and preventing access to internal network resources.

A. Unreachable DNS server – Incorrect. A DNS issue would prevent access to websites, not just file share servers.

B. Virtual local area network (VLAN) misconfiguration – Incorrect. VLAN misconfiguration could restrict network access, but it would not involve an unsecured network with the same name.

C. Incorrect IP address – Incorrect. An incorrect IP could prevent network access but would not explain the presence of an unsecured network.

WEP (Wired Equivalent Privacy) is known to be the weakest wireless security protocol due to its vulnerabilities and ease of being compromised.

WEP: The oldest and weakest protocol, susceptible to various attacks and easily cracked.

WPA2: Much stronger security with AES encryption, currently one of the most secure standards.

TKIP: Used with WPA, stronger than WEP but weaker than WPA2 with AES.

AES: Advanced Encryption Standard, used in WPA2 and known for strong security.

EFS (Encrypting File System) is a feature of Windows that provides filesystem-level encryption. It is designed to encrypt files and folders to protect them from unauthorized access, even if an attacker has physical access to the computer.

ext: A filesystem type used primarily in Linux, without native encryption features for Windows.

APFS: Apple's filesystem, used in macOS and iOS.

FAT: A simple filesystem type with no encryption features.

EFS: The correct choice for a Windows user needing to encrypt data at the filesystem level to protect against unauthorized physical access.

Multifactor authentication (MFA) requires two or more independent credentials from different categories: something you know, something you have, and something you are. Mobile applications (such as authenticator apps) and Short Message Service (SMS) text codes are common second factors, representing "something you have." Video surveillance, access control lists, door locks, and login scripts are security controls but not authentication factors for logging into a system. The official CompTIA Core 2 content highlights mobile authenticators and SMS as standard MFA methods to secure systems against unauthorized access.

The correct answer is B. Put the phone on silent.

IT professionals must maintain professionalism and minimize distractions while on the job.

Putting the phone on silent ensures that the technician stays focused without causing disruptions to their work environment.

If necessary, the technician can check and respond during an appropriate break.

Why Other Options Are Incorrect:

A. Step aside and answer – This is unprofessional unless it is an emergency. Taking personal calls in front of a client can give a bad impression.

C. Text a reply – While this may seem reasonable, texting in front of a client still creates an unprofessional image.

D. Ignore the phone and continue working – While ignoring calls prevents distractions, a silent mode ensures that notifications do not cause disturbances (e.g., vibrations or sounds).

CompTIA A+ 220-1102 Exam Reference:

Objective 5.1 – Given a scenario, use the best practice procedures for documentation, privacy, and professionalism.

Time Machine is the built-in backup feature for macOS that allows users to back up their system automatically. It continuously backs up everything on the Mac, including files, applications, system files, and settings, allowing users to restore their system to a previous state if needed. Time Machine operates by creating hourly backups for the past 24 hours, daily backups for the past month, and weekly backups for all previous months. Other options like "Mission Control" help in organizing windows, while "System Restore" is a feature more common in Windows operating systems, not macOS.

When a legacy application is not fully functional after upgrading the Windows operating system, the first step to troubleshoot the issue is to:

Run the application as Administrator: Legacy applications often require administrative privileges to run correctly. Running the application with these privileges can resolve issues related to permissions and access to certain system resources.

Raise the User Account Control level: This increases security prompts but does not resolve compatibility issues.

Turn off Windows Defender Firewall: This can expose the system to security risks and is unlikely to resolve application functionality issues.

Disable compatibility mode for the application: Compatibility mode should generally be enabled for legacy applications to ensure they run properly on newer OS versions.

Comprehensive and Detailed In-Depth Explanation:

When a mobile OS is updated, some applications may become incompatible or corrupted due to changes in system files. The best solution is to update the failed software, as the app developer may have released a patch to resolve compatibility issues.

B. Registering the smartphone with an MDM solution – Incorrect. MDM (Mobile Device Management) helps with security policies but does not fix application compatibility issues.

C. Installing a third-party client – Incorrect. Using a different app may work but does not resolve the root cause of the issue.

D. Clearing the cache partition – While clearing the cache can help with performance, it is unlikely to resolve an application not opening due to an OS update.

Detailed Explanation with Core 2 References:BitLocker To Go is a feature in Windows that allows for encryption of removable drives to protect sensitive information. Training staff on BitLocker To Go ensures that if a removable drive is lost or stolen, it will be password-protected and encrypted, making the data inaccessible to unauthorized individuals. This aligns with Core 2 objectives related to security measures for data-at-rest encryption and best practices for safeguarding information (CompTIA A+ Core 2 Objective 2.6)​.

Comprehensive and Detailed In-Depth Explanation:

Cloud storage ensures that data is backed up off-site, protecting against physical disasters like fires or floods.

A. Test environment – Incorrect. This is for software testing, not data recovery.

B. Local backups – Incorrect. These could also be destroyed in a disaster.

C. Cold site – Useful for disaster recovery but does not automatically back up data.

When a smartphone is lost, especially one that might contain sensitive or private data, the primary concern is to ensure that any data on the device cannot be accessed by unauthorized persons. Among the options provided:

Remote lock: This option will lock the device remotely, preventing access. However, it does not remove the data and might not be effective if the device is powered off or reset.

Remote wipe: This is the best option as it allows the technician to erase all data from the device remotely, ensuring that sensitive information is not accessible to anyone who finds or steals the device.

Remote access: This option would allow a technician to access the device remotely, but it would not directly prevent unauthorized access or data breaches.

Remote encrypt: Encrypting the device remotely might not be possible if the device is not accessible or turned on, and it does not remove existing data which could be at risk.

Once a change has been approved by the change management review board, the next step is to:

Implement the change: This involves carrying out the approved change in the system or environment according to the change plan.

Perform risk analysis: This should be done before the change is approved to assess potential impacts.

Assign a change coordinator: This role should be designated earlier in the process to oversee the change implementation.

Verify testing results: This should have been done before seeking approval from the review board.

The most likely reason for the installation failure of a 64-bit software is that the operating system is incompatible, specifically if the system is running a 32-bit version of the OS. A 64-bit program requires a 64-bit operating system to run, and if the user’s OS is a 32-bit version, the software will fail to install. Other reasons, like needing administrator privileges or updating .NET, are valid but less likely since the error message would be different.

Comprehensive and Detailed In-Depth Explanation:

Checking the hash value (such as MD5, SHA-1, or SHA-256) is the best way to verify file integrity after downloading. A hash function generates a unique string for a file. If even a single bit in the file is changed, the hash value will be different. Many software vendors provide hash values (checksums) on their websites to help users confirm that the files were downloaded without corruption or tampering.

A. Clear browsing data – Incorrect. Clearing browsing data does not affect downloaded files or their integrity.

B. Install SSL certificates – Incorrect. SSL certificates encrypt data transmission but do not verify the integrity of downloaded files.

D. Use trusted sources – While downloading files from trusted sources reduces the risk of corruption, it does not verify file integrity.

Comprehensive and Detailed In-Depth Explanation:

Device encryption ensures that even if someone gains physical access to the smartphone, they cannot access its contents without the encryption key.

A. Remote backups – Useful for data recovery but does not prevent unauthorized access.

B. Location tracking – Helps locate the device but does not protect its data.

C. PIN code screen lock – Adds security but is less effective than full encryption.

Slow loading of web pages on a mobile device while in an office environment is often related to network issues rather than device storage or data limits. The most accurate explanation is degraded network service, which means the quality or bandwidth of the network connection is poor, resulting in slow or unreliable internet access. This can be caused by network congestion, poor Wi-Fi signal strength, interference, or configuration issues with network infrastructure. Unlike exceeding data limits which typically results in throttling or no service, degraded service implies the network is active but performing poorly. Low storage space generally impacts device performance and app functionality but does not directly cause slow page loads. Sluggish response time is a vague term but could be related to degraded network service. Therefore, degraded network service is the best choice. This aligns with Core 2 objectives focusing on troubleshooting connectivity issues and network performance degradation.

Random restarting of an Android phone and the presence of applications not from the standard marketplace strongly suggest the possibility of malware.

Option A: The OS update failedWhile an OS update failure can cause issues, it is less likely to result in random restarts compared to malware.

Option B: The user downloaded malwareMalware is a common cause of erratic behavior, including random restarts, especially when applications are installed from unofficial sources.

Option C: The device is in developer modeDeveloper mode alone does not typically cause random restarts. It may make the device more susceptible to issues if improper apps are installed.

Option D: The over-the-air carrier update failedSimilar to the OS update, this would more likely cause consistent issues rather than random restarts.

The correct answers are B. .pkg and F. .dmg.

pkg (Package Installer) – This is the standard macOS package format for software installations. It often includes installation scripts and can be used for software distribution.

dmg (Disk Image File) – A macOS disk image file that contains software installers. Users typically mount the file and drag the application into the Applications folder to install it.

Why Other Options Are Incorrect:

A. .yum – This is used for Linux package management and is not compatible with macOS.

C. .msi – This is the Windows Installer package format, not used on macOS.

D. .ps1 – This is a PowerShell script file used in Windows, not for installing macOS applications.

E. .exe – This is an executable file format for Windows applications and does not run on macOS without third-party emulation (e.g., Wine).

CompTIA A+ 220-1102 Exam Reference:

Objective 1.7 – Identify common features and tools of the macOS/Linux client operating systems.

The technician should configure "Group Policy" (Option B) to enforce password complexity across the enterprise. Group Policy in a Windows environment allows administrators to manage various settings, including password policies, at a domain level. This can include enforcing complexity requirements (such as minimum length, use of uppercase, lowercase, and special characters), expiration times, and other security measures.

Account lockout policy (Option A) controls how many failed login attempts trigger a lockout but does not handle password complexity.

Two-factor authentication (Option C) is an additional security measure requiring a second form of authentication, but it does not enforce password policies.

Access control lists (Option D) define which users or systems have access to resources, not how passwords are managed.

CompTIA A+ Core 2 References:

2.6 - Configure workstation security best practices, including password complexity and group policies​.

When a user needs to install optional features for a program that is already installed, the technician should:

Go to Programs and Features: Access this via the Control Panel.

Select the program: Find the installed program in the list.

Click on Change: The "Change" option allows modifications to the installed program, such as adding or removing features, without completely uninstalling and reinstalling the program.

This method is the most efficient and avoids unnecessary reinstallation of the software, which could lead to data loss or require reconfiguration.

For managing permissions where a specific folder needs to have different access controls than its parent, turning off inheritance for that specific folder is the correct approach.

Option A: Turn off inheritance on the requested folder only and set the requested permissions to each file manuallyThis is partially correct, but setting permissions manually for each file is inefficient and error-prone.

Option B: Turn off inheritance at the top-level folder and remove all inherited permissionsThis action would disrupt permissions for all other folders and files, not just the confidential folder.

Option C: Turn off inheritance at the top-level folder and set permissions to each file and subfolder manuallyThis approach is overly broad and inefficient, impacting more than just the specific folder that needs restricted access.

Option D: Turn off inheritance on the requested folder only, set the requested permissions, and then turn on inheritance under the child foldersThis ensures the specific folder has unique permissions while allowing those permissions to propagate to its children, maintaining security and ease of management.

Comprehensive and Detailed In-Depth Explanation:

If a new security policy disrupts an essential application, the best course of action is to request a policy exception while a permanent solution is developed. This allows the application to function while ensuring compliance with company security policies.

B. Reinstall the affected software using local administrative rights for each computer – Incorrect. If the security policy is blocking the application, reinstalling it will not resolve the issue.

C. Remove the new security settings and change administrative accounts – Incorrect. Altering security settings without approval could violate company policies and create security risks.

D. Research and procure a replacement application – Incorrect. While replacing the application may be an option, it is not an immediate solution to restoring functionality.

Detailed Explanation with Core 2 References:Intrusion Detection Systems (IDS) monitor network traffic for malicious activities and alert administrators, helping to prevent malware infections before they can impact the network significantly. CompTIA Core 2 emphasizes the importance of implementing preventive measures like IDS to proactively detect and respond to potential threats (Core 2 Objective 2.3)​.

Erasing/wiping the hard drives is the best method to dispose of the drives containing PII