220-1102 Exam Dumps - CompTIA A+ Certification Core 2 Exam

A recovery key is a code that can be used to unlock a BitLocker-encrypted drive when the normal authentication methods (such as password or PIN) are not available or have been forgotten. BitLocker is a feature of Windows that encrypts the entire drive to protect data from unauthorized access. If a technician is trying to repair a Windows 10 OS that has BitLocker enabled, they will need the recovery key to access the drive and continue the OS repair. SSL key, preshared key, and WPA2 key are not keys that are related to BitLocker or OS repair.

 Badge reader and motion sensor are devices that can be deployed to enhance physical security for a building. A badge reader is a device that scans and verifies an identification card or tag that grants access to authorized personnel only. A badge reader can help prevent unauthorized entry or intrusion into a building or a restricted area. A motion sensor is a device that detects movement and triggers an alarm or an action when motion is detected. A motion sensor can help deter or alert potential intruders or trespassers in a building or an area. Multifactor authentication is a method of verifying identity using two or more factors, such as something you know, something you have or something you are. Multifactor authentication is not a device that can be deployed to enhance physical security for a building but a technique that can be used to enhance logical security for systems or services. Personal identification number is a numeric code that can be used as part of authentication or access control. Personal identification number is not a device that can be deployed to enhance physical security for a building but an example of something you know factor in multifactor authentication. Firewall is a device or software that filters network traffic based on rules and policies. Firewall is not a device that can be deployed to enhance physical security for a building but a device that can be used to enhance network security for systems or services. Soft token is an application or software that generates one-time passwords or codes for authentication purposes. Soft token is not a device that can be deployed to enhance physical security for a building but an example of something you have factor in multifactor authentication. References: CompTIA A+ Core 2 (220-1002) Certification Exam Objectives Version 4.0, Domain 3.3

Least privilege is the principle that is used to ensure users have the appropriate level of access to perform their job functions. Least privilege means granting users only the minimum amount of access rights and permissions they need to perform their tasks, and nothing more. Least privilege reduces the risk of unauthorized access, data leakage, malware infection, or accidental damage by limiting what users can do on the system or network. Access control list, multifactor authentication, and mobile device management are not principles, but rather mechanisms or methods that can implement least privilege. Access control list is a list that specifies the users or groups that are allowed or denied access to a resource, such as a file, folder, or printer. Multifactor authentication is a method that requires users to provide two or more pieces of evidence to prove their identity, such as a password, a token, or a biometric factor. Mobile device management is a tool that allows managing and securing mobile devices, such as smartphones or tablets, that are used by employees to access corporate data or applications. References:

Official CompTIA learning resources CompTIA A+ Core 1 and Core 2, page 25

[CompTIA Security+ SY0-601 Certification Study Guide], page 1003

FileVault is a macOS utility that uses AES-128 (Advanced Encryption Standard) to encrypt the startup disk of a Mac computer. It protects the data from unauthorized access if the computer is lost or stolen. fdisk and Diskpart are disk partitioning utilities for Linux and Windows, respectively. Disk Utility is another macOS utility that can perform disk management tasks, such as formatting, resizing, repairing, etc. Verified References: https://www.comptia.org/blog/what-is-filevault https://www.comptia.org/certifications/a

Risk analysis is the process of identifying and evaluating the potential threats and impacts of a change on the system, network, or service. It is an essential step before approving a change request, as it helps to determine the level of risk, the mitigation strategies, and the contingency plans. Risk analysis also helps to prioritize the change requests based on their urgency and importance12.

References: 1 The Change Request Process and Best Practices(https://www.processmaker.com/blog/it-change-request-process-best-practices/)2 Risk Assessment and Analysis Methods: Qualitative and Quantitative(https://www.isaca.org/resources/isaca-journal/issues/2021/volume-2/risk-assessment-and-analysis-methods).

Classification: a) Phishing

This email is a phishing attempt, as it tries to trick the user into clicking on a malicious link that could compromise their account or personal information. Some suspicious items in this email are:

The email has a generic greeting and does not address the user by name.

The email has spelling errors, such as “unusal” and “Locaked”.

The email uses a sense of urgency and fear to pressure the user into clicking on the link.

The email does not match the official format or domain of the IT Help Desk at CompTIA.

The email has two black bat icons, which are not related to CompTIA or IT support.

The appropriate resolution for this email is A. Report email to Information Security. The user should not click on the link, reply to the email, or provide any personal or account information. The user should forward the email to the Information Security team or use a professional email form to report the phishing attempt. The user should also delete the email from their inbox and trash folder.

The suspicious items to select are:

b) From address

d) Hyperlinks

These items indicate that the email is not from a legitimate source and that the link is potentially malicious. The other items are not suspicious in this case, as the to address is the user’s own email and there are no attachments.

Classification: b) Spam

This email is a spam email, as it is an unsolicited and unwanted message that tries to persuade the user to participate in a survey and claim a reward. Some suspicious items in this email are:

The email offers a free wireless headphone as an incentive, which is too good to be true.

The email does not provide any details about the survey company, such as its name, address, or contact information.

The email contains an external survey link, which may lead to a malicious or fraudulent website.

The email does not have an unsubscribe option, which is required by law for commercial emails.

The appropriate resolution for this email is C. Unsubscribe. The user should look for an unsubscribe link or button at the bottom of the email and follow the instructions to opt out of receiving future emails from the sender. The user should also mark the email as spam or junk in their email client, which will help filter out similar emails in the future. The user should not click on the survey link, reply to the email, or provide any personal or financial information.

Classification: c) Legitimate

This email is a legitimate email, as it is from a trusted source and has a valid purpose. There are no suspicious items in this email, as the from address, the to address, the attachment, and the email body are all consistent and relevant. The appropriate resolution for this email is B. Perform no additional actions. The user can open the attachment and review the orientation material as instructed. The user does not need to report, unsubscribe, or delete this email.

Classification: a) Phishing

This email is a phishing attempt, as it tries to deceive the user into downloading and running a malicious attachment that could compromise their system or data. Some suspicious items in this email are:

The email has a generic greeting and does not address the user by name or username.

The email has an urgent tone and claims that a security patch needs to be installed immediately.

The email has an attachment named “patch1.exe”, which is an executable file that could contain malware or ransomware.

The email does not match the official format or domain of CompTIA Information Security.

The appropriate resolution for this email is A. Report email to Information Security. The user should not open the attachment, reply to the email, or provide any personal or account information. The user should forward the email to the Information Security team or use a professional email form to report the phishing attempt. The user should also delete the email from their inbox and trash folder.

Classification: c) Legitimate

This email is a legitimate email, as it is from a trusted source and has a valid purpose. There are no suspicious items in this email, as the from address, the to address, and the email body are all consistent and relevant. The appropriate resolution for this email is B. Perform no additional actions. The user can reply to the email and thank the sender for the interview opportunity. The user does not need to report, unsubscribe, or delete this email.

Setting the connection to be metered is the best solution for limiting the amount of cellular data a user’s Windows 10 tablet can utilize when traveling. A metered connection is a network connection that has a data limit or charges fees based on the amount of data used. Windows 10 allows users to set any network connection as metered, which reduces the amount of data that Windows and some apps use in the background. For example, setting a connection as metered will prevent Windows from downloading updates automatically, stop some apps from syncing data online, and disable some live tiles on the Start menu. Setting a connection as metered can help users save cellular data and avoid extra charges when traveling. Turning on airplane mode, configuring the device to use a static IP address, and enabling the Windows Defender Firewall are not effective solutions for limiting the amount of cellular data a user’s Windows 10 tablet can utilize when traveling. Turning on airplane mode will disable all wireless connections on the device, including Wi-Fi, Bluetooth, and cellular data. This will prevent the user from accessing any online services or applications on the tablet. Configuring the device to use a static IP address will assign a fixed IP address to the device instead of obtaining one dynamically from a DHCP server. This will not affect the amount of cellular data the device uses, and it may cause IP conflicts or connectivity issues on some networks. Enabling the Windows Defender Firewall will block or allow incoming and outgoing network traffic based on predefined or custom rules. This will not reduce the amount of cellular data the device uses, and it may interfere with some apps or services that require network access. References:

Official CompTIA learning resources CompTIA A+ Core 1 and Core 2, page 19

CompTIA A+ Complete Study Guide: Core 1 Exam 220-1101 and Core 2 Exam …, page 108

NTFS stands for New Technology File System, which is a proprietary file system developed by Microsoft4. NTFS is the default file system for the Windows NT family of operating systems, which includes Windows 10, Windows Server 2019, and other versions5. NTFS provides features such as security, encryption, compression, journaling, and large volume support45. NTFS is not the native file system for other operating systems, such as macOS, Linux, or Android, although some of them can read or write to NTFS volumes with third-party drivers or tools