CompTIA A+ 220-1102 Core 2 – Practice Flashcards

120 question-and-answer style flashcards covering key concepts from Professor Messer’s CompTIA A+ 220-1102 Core 2 course notes, including Windows features, command-line tools, security, mobile, macOS, Linux, networking, backups, scripting, and professionalism.

What Windows editions are testable on the 220-1102 exam?

Windows 10 and Windows 11 (all versions still in mainstream support).

Which Windows 10 edition includes BitLocker and the ability to join a domain?

Windows 10 Pro.

Name two features unique to Windows 10 Enterprise over Pro.

AppLocker and BranchCache (also granular UX control).

What is the main purpose of Active Directory Domain Services (AD DS)?

Centralized authentication and management of users, computers, and resources.

In Windows, what tool do you open with gpedit.msc?

The Local Group Policy Editor.

Which Windows 10 editions can act as an RDP host?

Windows 10 Pro and Windows 10 Enterprise (not Home).

What Windows feature provides Full Disk Encryption?

BitLocker.

What command shows TCP/IP configuration details in Windows?

ipconfig.

Which command repairs logical NTFS errors?

chkdsk /f.

What does the command sfc /scannow do?

Runs System File Checker to verify and repair protected system files.

How do you force a Group Policy refresh from the command line?

gpupdate /force.

Which Windows CLI tool copies entire directory trees and is newer than xcopy?

robocopy.

Where can you quickly view CPU, memory, disk, and network usage in real-time?

Task Manager Performance tab.

Which MMC snap-in lets you schedule scripts or programs in Windows?

Task Scheduler (taskschd.msc).

What Control Panel applet allows enabling or disabling Windows features?

Programs and Features > Turn Windows features on or off.

Which Windows Settings category lets you configure Night Light and display scaling?

System.

What Windows tool indexes files to speed up searches?

Indexing Options.

Describe ‘metered connection’ in Windows networking.

A setting that limits background data usage on slow or limited networks.

What does APIPA assign when DHCP is unavailable?

A link-local address in the 169.254.0.0/16 range.

Name two VPN authentication factors that satisfy multi-factor requirements.

Examples: Something you know (password) + something you have (smart card) OR fingerprint plus PIN.

Which partition style supports up to 128 partitions and requires UEFI?

GPT (GUID Partition Table).

What is the default quick-format behavior during Windows setup?

Creates a new file table without overwriting existing data.

What file system is optimized for USB flash drives and supports files larger than 4 GB?

exFAT.

In a 64-bit Windows OS, where are 32-bit applications stored by default?

C:\Program Files (x86).

Which macOS feature provides automated hourly, daily, and weekly backups?

Time Machine.

What macOS utility displays logs like ‘Application’ and ‘System’ similar to Windows Event Viewer?

Console or the built-in log viewer within macOS (note: Event Viewer is Windows).

Name two advantages of Linux as an OS.

Free cost and support for a wide variety of hardware (also active community).

Which mobile OS feature allows wiping a lost phone remotely?

Remote wipe via locator services (Find My Device / Find My iPhone).

What Windows security component prompts for elevation on administrative tasks?

User Account Control (UAC).

Define least privilege.

Giving users and applications the minimum rights necessary to perform tasks.

What type of malware encrypts user data and demands payment?

Ransomware.

Give one method to prevent phishing success.

End-user awareness training (anti-phishing education).

What is a zero-day exploit?

An attack using a vulnerability unknown to vendors or unpatched in the wild.

Describe shoulder surfing.

Watching someone’s screen or keyboard to obtain confidential information.

What social-engineering attack targets high-value executives?

Whaling (a form of spear phishing).

Which Windows tool resets a PC while keeping user data?

‘Reset this PC’ in Recovery options with ‘Keep my files’.

After malware removal, why re-enable System Restore?

To allow creation of clean restore points moving forward.

What command shows current Linux directory?

pwd.

Which Linux command changes file permissions?

chmod.

What is the purpose of the Linux ‘sudo’ command?

Execute a command with elevated (superuser) privileges.

Define TACACS+.

An authentication protocol (enhanced TACACS) that separates AAA functions; often used on Cisco devices.

Which wireless security mode authenticates each user via RADIUS?

WPA2-Enterprise or WPA3-Enterprise (802.1X).

What replaces the WPA2 PSK four-way handshake in WPA3?

SAE (Simultaneous Authentication of Equals).

What Windows feature scans for malware real-time without third-party software?

Microsoft Defender Antivirus (built-in).

How do you create a firewall rule for an application in Windows?

Windows Defender Firewall > Allow an app or feature through Firewall (add exception).

Name one Windows logon option besides password.

PIN, fingerprint (Windows Hello), facial recognition, security key, etc.

Why disable AutoRun / AutoPlay for security?

Prevents automatic execution of potentially malicious media.

What mobile security feature restricts device access attempts?

Screen lock with PIN/passcode/fingerprint and lockout after failed attempts.

Define BYOD and state one security concern.

Bring Your Own Device; challenge: separating corporate data from personal data and enforcing policies.

What is the first step in malware removal per CompTIA?

Identify and verify malware symptoms.

During incident response, why maintain chain of custody?

To preserve evidence integrity for potential legal proceedings.

What does an Acceptable Use Policy define?

Appropriate ways employees may use company IT assets and services.

Which backup type copies only data changed since the last full backup?

Differential backup (if since last full) or Incremental (since last backup of any type); know distinction.

Explain the 3-2-1 backup rule.

Keep 3 copies of data on 2 different media types, with 1 copy stored off-site.

What is the purpose of a surge suppressor’s joule rating?

Indicates how much energy it can absorb before failing; higher is better.

Why wear an ESD wrist strap when working inside PCs?

To equalize potential and prevent electrostatic discharge damaging components.

What Windows utility shows OS version quickly?

winver.

Which Windows edition includes ReFS support on desktops?

Windows 10 Pro for Workstations.

Define BitLocker To Go.

BitLocker encryption applied to removable USB drives.

What command formats a disk in Windows (use caution)?

format.

What does the Linux ‘grep failed auth.log’ command do?

Searches the auth.log file for lines containing the word ‘failed’.

What is APFS and where is it used?

Apple File System; default on macOS High Sierra and later, iOS/iPadOS.

Which tool in Windows displays long-term performance statistics?

Performance Monitor (perfmon.msc).

How can you disable a startup program in Windows 10?

Task Manager > Startup tab (toggle enable/disable).

What Control Panel app lets you adjust virtual memory?

System > Advanced system settings > Performance Settings.

Name two physical security devices that control building entry.

Badge reader, mantrap/vestibule (also bollards, biometric scanners).

Why use fencing around a data center?

To create a physical perimeter and deter unauthorized access.

Define Mobile Device Management (MDM).

Centralized administration of mobile devices enforcing policies, security, and configurations.

What is a screened subnet formerly known as?

DMZ (Demilitarized Zone).

What does disabling SSID broadcast actually provide?

Very little security; obscures but does not secure the wireless network.

What Windows command shuts down and restarts in 20 seconds?

shutdown /r /t 20.

Explain ‘Quick Assist’.

Windows 10/11 built-in tool for remote support replacing Remote Assistance.

Why hash a forensic disk image?

To verify integrity; ensures the image matches the original data without alteration.

What is the default port for SSH and why is it preferred over Telnet?

TCP 22; SSH encrypts traffic, Telnet sends in plaintext.

Describe a spear-phishing attack.

Targeted phishing using specific personal or organizational details to appear legitimate.

What is an evil-twin access point?

A rogue AP mimicking a legitimate SSID to intercept wireless traffic.

Name one symptom of a keylogger infection.

Unusual or hidden processes, unexpected log files, or stolen credentials.

What utility clears temporary files to free space in Windows?

Disk Cleanup (cleanmgr.exe).

Which macOS feature stores passwords and certificates securely?

Keychain Access.

How can you view hidden files in Windows File Explorer?

File Explorer Options > View tab > Show hidden files, folders, and drives.

What does the Linux ‘apt-get update && apt-get upgrade’ sequence do?

Refreshes package lists and installs available updates on Debian-based systems.

Why use VLANs and ACLs together?

Segment network traffic (VLAN) and control access (ACL) for security.

What is the purpose of a rollback plan in change management?

Provide a predefined method to revert systems if a change fails.

Define synthetic full backup.

A full backup constructed on backup storage by combining a previous full with subsequent incrementals, avoiding full data transfer.

Which Windows command lists all active network connections?

netstat -a (additional switches: ‑n, ‑b).

What two commands might you run to diagnose DNS issues in Windows?

nslookup and ipconfig /flushdns or ipconfig /displaydns.

What does the acronym SOE stand for in system deployment?

Standard Operating Environment.

Why is the ‘Run as Administrator’ option sometimes required?

To execute with elevated privileges needed for system changes or software installs.

Which Windows Defender setting temporarily disables real-time protection?

Virus & threat protection settings > Real-time protection toggle.

Give one reason to perform a clean OS install instead of an in-place upgrade.

Removes old files/configurations, eliminates malware, starts with fresh settings, or required when changing architecture (x86→x64).

How does SIM hijacking threaten SMS-based MFA?

Attackers transfer victim’s phone number to their SIM, receiving MFA codes.

What is the primary advantage of WPA3 over WPA2?

Stronger encryption (GCMP) and protection against brute-forcing pre-shared keys via SAE.

Explain ‘boot sector virus’.

Malware that infects the boot loader area, running before the OS starts.

Which tool in Windows 11 resets network settings to defaults?

Settings > Network & Internet > Advanced network settings > Network reset.

What is FileVault’s purpose on macOS?

Provide full-disk encryption.

Define ‘hash collision’.

Two different inputs producing the same hash value (should be computationally infeasible).

Which Linux utility installs, deletes, or updates RPM packages?

yum (or dnf newer Fedora).

Why use sandbox testing before production changes?

To see effects safely and verify rollback without impacting live systems.

What is the function of a magnetometer at security checkpoints?

Detect concealed metal objects.

What does the Windows ‘defrag’ utility do on spinning drives?

Rearranges file fragments to be contiguous, improving read/write speed.