CompTIA Updated 220-1102 Exam Questions and Answers by tyson

Classification: a) Phishing

This email is a phishing attempt, as it tries to trick the user into clicking on a malicious link that could compromise their account or personal information. Some suspicious items in this email are:

• The email has a generic greeting and does not address the user by name.
• The email has spelling errors, such as “unusal” and “Locaked”.
• The email uses a sense of urgency and fear to pressure the user into clicking on the link.
• The email does not match the official format or domain of the IT Help Desk at CompTIA.
• The email has two black bat icons, which are not related to CompTIA or IT support.

The appropriate resolution for this email is A. Report email to Information Security. The user should not click on the link, reply to the email, or provide any personal or account information. The user should forward the email to the Information Security team or use a professional email form to report the phishing attempt. The user should also delete the email from their inbox and trash folder.

The suspicious items to select are:

• b) From address
• d) Hyperlinks

These items indicate that the email is not from a legitimate source and that the link is potentially malicious. The other items are not suspicious in this case, as the to address is the user’s own email and there are no attachments.

Classification: b) Spam

This email is a spam email, as it is an unsolicited and unwanted message that tries to persuade the user to participate in a survey and claim a reward. Some suspicious items in this email are:

• The email offers a free wireless headphone as an incentive, which is too good to be true.
• The email does not provide any details about the survey company, such as its name, address, or contact information.
• The email contains an external survey link, which may lead to a malicious or fraudulent website.
• The email does not have an unsubscribe option, which is required by law for commercial emails.

The appropriate resolution for this email is C. Unsubscribe. The user should look for an unsubscribe link or button at the bottom of the email and follow the instructions to opt out of receiving future emails from the sender. The user should also mark the email as spam or junk in their email client, which will help filter out similar emails in the future. The user should not click on the survey link, reply to the email, or provide any personal or financial information.

Classification: c) Legitimate

This email is a legitimate email, as it is from a trusted source and has a valid purpose. There are no suspicious items in this email, as the from address, the to address, the attachment, and the email body are all consistent and relevant. The appropriate resolution for this email is B. Perform no additional actions. The user can open the attachment and review the orientation material as instructed. The user does not need to report, unsubscribe, or delete this email.

A screenshot of a computer Description automatically generated

Classification: a) Phishing

This email is a phishing attempt, as it tries to deceive the user into downloading and running a malicious attachment that could compromise their system or data. Some suspicious items in this email are:

• The email has a generic greeting and does not address the user by name or username.
• The email has an urgent tone and claims that a security patch needs to be installed immediately.
• The email has an attachment named “patch1.exe”, which is an executable file that could contain malware or ransomware.
• The email does not match the official format or domain of CompTIA Information Security.

The appropriate resolution for this email is A. Report email to Information Security. The user should not open the attachment, reply to the email, or provide any personal or account information. The user should forward the email to the Information Security team or use a professional email form to report the phishing attempt. The user should also delete the email from their inbox and trash folder.

A screenshot of a computer Description automatically generated

Classification: c) Legitimate

This email is a legitimate email, as it is from a trusted source and has a valid purpose. There are no suspicious items in this email, as the from address, the to address, and the email body are all consistent and relevant. The appropriate resolution for this email is B. Perform no additional actions. The user can reply to the email and thank the sender for the interview opportunity. The user does not need to report, unsubscribe, or delete this email.

A screenshot of a computer Description automatically generated

BitLocker is a Windows security feature that provides encryption for entire volumes, addressing the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned devices1. BitLocker helps mitigate unauthorized data access by enhancing file and system protections, rendering data inaccessible when BitLocker-protected devices are decommissioned or recycled1. Network share, Group Policy, and Static IP are not features that can prevent unauthorized data access if a computer is lost or stolen.

References:

• BitLocker overview - Windows Security | Microsoft Learn1
• The Official CompTIA A+ Core 2 Study Guide2, page 315.

Malware is malicious software that can cause damage or harm to a computer system or network4. A technician has verified a computer is infected with malware by observing unusual behavior, such as slow performance, pop-ups, or unwanted ads. The technician isolates the system and updates the anti-malware software to prevent further infection or spread of the malware. The next step is to run repeated remediation scans until the malware is removed. A remediation scan is a scan that detects and removes malware from the system. Running one scan may not be enough to remove all traces of malware, as some malware may hide or regenerate itself.

PowerShell is a scripting language that can interact with Active Directory and other Windows components. It has a built-in cmdlet called New-ADUser that can create user accounts in Active Directory. PowerShell can also use the Active Directory module to access other AD-related functions and attributes. Other languages, such as Bash, SQL, and PHP, are not designed for creating Active Directory accounts and would require additional tools or libraries to do so.