Master the CompTIA A+ Certification Core 2 Exam 220-1102 Exam with Confidence!

The correct answers are E and F. Disabling AutoRun and updating the antivirus definitions are two actions that should be taken to prevent the incident from happening again.

AutoRun is a feature of Windows that automatically executes a predetermined action when a removable media such as a USB drive is inserted in a computer. For example, AutoRun can launch or install a new program on the media, or open the file in File Explorer. However, this feature can also be exploited by malicious software that can run without the user’s consent or knowledge. Therefore, disabling AutoRun can help prevent accidental installation of viruses and other malware from USB drives123.

Updating the antivirus definitions is another important action that can help prevent malware infections from USB drives. Antivirus definitions are files that contain information about the latest known threats and how to detect and remove them. By updating the antivirus definitions regularly, you can ensure that your antivirus software can recognize and block any malicious software that may be on the USB drive before it can harm your computer45.

A host-based IDS is a system that monitors and analyzes the activity on a single computer or device for any signs of intrusion or malicious behavior. A host-based IDS can help detect and prevent malware infections from USB drives, but it is not a sufficient action by itself. A host-based IDS needs to be complemented by other security measures, such as disabling AutoRun and updating the antivirus definitions6.

Restricting login times, enabling a BIOS password, and updating the password complexity are all actions that can help improve the security of a computer or device, but they are not directly related to preventing malware infections from USB drives. These actions can help prevent unauthorized access to the computer or device, but they do not affect how the computer or device interacts with the USB drive or its contents.

Restricting user permissions is an action that can help limit the damage that malware can cause on a computer or device, but it does not prevent the malware from being installed in the first place. Restricting user permissions means limiting what actions a user can perform on the computer or device, such as installing or deleting programs, modifying system settings, or accessing certain files or folders. By restricting user permissions, you can reduce the impact of malware infections by preventing them from affecting other users or system components7.

 The best way to address the security and privacy concerns caused by a malware infection on a smartphone is to uninstall all recently installed applications and schedule an antivirus scan. Uninstalling the applications that may have introduced the malware can help remove the source of infection and prevent further damage. Scheduling an antivirus scan can help detect and remove any remaining traces of malware and restore the device’s functionality.

References: CompTIA A+ Core 2 (220-1102) Certification Study Guide, Chapter 5: Mobile Devices, Section 5.3: Mobile Device Security1

Proxy server

Explore

The correct answer is D. Internet Options. The Internet Options utility in Windows allows you to configure various settings related to your internet connection, including the proxy server settings. To access the Internet Options utility, you can either open the Control Panel and click on Internet Options, or open any web browser and click on the Tools menu and then on Internet Options. In the Internet Options window, go to the Connections tab and click on the LAN settings button. Here, you can enable or disable the use of a proxy server, as well as enter the address and port number of the proxy server you want to use12.

Security and Maintenance is a utility in Windows that allows you to view and manage the security and maintenance status of your computer, such as firewall, antivirus, backup, troubleshooting, and recovery settings. It does not have any option to configure proxy server settings.

Network and Sharing Center is a utility in Windows that allows you to view and manage your network connections, such as Wi-Fi, Ethernet, VPN, or dial-up. It also allows you to change network settings, such as network discovery, file and printer sharing, homegroup, and adapter settings. It does not have any option to configure proxy server settings.

Windows Defender Firewall is a utility in Windows that allows you to enable or disable the firewall protection for your computer, as well as configure firewall rules for inbound and outbound traffic. It does not have any option to configure proxy server settings.

The correct answers are D. Restricting log-in times and E. Enabling a screen lock. These are the security measures that can be used to prevent the computers from being accessed by unsupervised contractors in the building.

• Restricting log-in times means setting a policy that allows users to log in only during certain hours, such as the regular working hours of the company. This will prevent unauthorized access by contractors who work at night1.
• Enabling a screen lock means setting a policy that requires users to enter a password or a PIN to unlock their screens after a period of inactivity. This will prevent unauthorized access by contractors who might try to use the computers when the users are away2.

1: CompTIA A+ Certification Exam: Core 2 Objectives, page 19, section 2.3. 2: CompTIA A+ Certification Exam: Core 2 Objectives, page 20, section 2.4.

This will ensure that the user is the only one who knows their password, and that the new password is secure. 

The CompTIA A+ Core 2 220-1002 exam covers this topic in the domain 1.4 Given a scenario, use appropriate data destruction and disposal methods.

The correct answer is B. Swapping the cables for the monitors. When the second monitor is connected with the HDMI port, it is necessary to swap the cables for the monitors so that the mouse can move from the original monitor to the new monitor. This is because the HDMI port is designed to only support one monitor, and the mouse will not be able to move from one to the other without the cables being swapped.

According to CompTIA A+ Core 2 documents, "When connecting multiple displays to a system, the cables used to connect the displays must be swapped between the displays. For example, if a monitor is connected to a system using a VGA cable, the VGA cable must be moved to the next display to allow the mouse to move between the two displays."

 If a technician suspects high disk I/O, the technician should use the Resource Monitor (resmon.exe) to identify the process that is causing the high disk I/O1. Resource Monitor provides detailed information about the system’s resource usage, including disk I/O1. The technician can use this information to identify the process that is causing the high disk I/O and take appropriate action1.

The technician should disable the user’s access to the device’s command shell. This will prevent the user from accessing sensitive data and will help to prevent further data leaks. The technician should then investigate the unapproved application to determine if it is the cause of the data leak. If the application is found to be the cause of the leak, the technician should uninstall the application and restore the device to factory settings. If the application is not the cause of the leak, the technician should investigate further to determine the cause of the leak. Disabling the ability to install applications from unknown sources can help to prevent future data leaks, but it is not the next step the technician should take in this scenario. Ensuring the device is connected to the corporate WiFi network is not relevant to this scenario1

 If customers are unable to access the company-hosted public website after installing a new SOHO router, the company should check for firmware updates1. Firmware updates can fix bugs and compatibility issues that may be preventing customers from accessing the website1. The company should also ensure that the router is properly configured to allow traffic to the website1. If the router is blocking traffic to the website, the company should configure the router to allow traffic to the website1.

The most effective method for dealing with spam messages in a small business is to provide user training1. Users should be trained to recognize spam messages and avoid opening them1. They should also be trained to report spam messages to the IT department so that appropriate action can be taken1. In addition, users should be trained to avoid clicking on links or downloading attachments from unknown sources1. By providing user training, the management team can reduce the risk of users opening spam messages and potentially infecting the network systems1.

System File Checker to check for modified Windows files. System File Checker (SFC) is a Windows utility that can be used to scan for and restore corrupt Windows system files. SFC can be used to detect and fix any modified or corrupted system files on a computer, and thus should be checked first when a user reports that their computer has been running slowly since the installation of security applications [1][2]. By checking SFC, any modified or corrupted system files can be identified and fixed, potentially improving the overall performance of the computer.

According to CompTIA A+ Core 2 objectives, a full backup stored off-site provides the greatest protection against data loss in the event of a ransomware attack or other data disaster. By storing the backup in a separate physical location, it is less likely to be affected by the same event that could cause data loss on the original system. Cold storage is a term used for data archiving, which typically refers to a long-term storage solution that is used for retaining data that is infrequently accessed, but still needs to be kept for regulatory or compliance reasons.

https://support.microsoft.com/en-us/windows/common-file-name-extensions-in-windows-da4a4430-8e76-89c5-59f7-1cdbbc75cb01

 .pkg and .dmg are files used to distribute and install applications on macOS. .pkg files are installer packages that may contain multiple files and executable code, while .dmg files are disk images that can contain a single bundled application or multiple applications. .app files are typically the main executable files for macOS applications. The other options listed are file extensions for applications or installers on other platforms (such as .deb for Debian-based Linux systems, .msi for Windows, and .apk for Android). This information is covered in the Comptia A+ Core2 documents/guide under the Mac OS section.

Vishing, also known as voice phishing, is a type of social engineering attack where the attacker tricks the victim into divulging sensitive information over the phone. In this case, the attacker tricked the user into providing login credentials for a website.

EAP-TLS is a method of authentication that uses certificates to establish a secure tunnel between the client and the server3. The certificates have a validity period and must be renewed before they expire1. If the user has been on an extended leave and has not logged in to the computer in several months, it is possible that the certificate on the client or the server has expired and needs to be renewed2. The other options are not directly related to EAP-TLS authentication or 802.1X network access.