CompTIA 220-1102 - CompTIA A+ Certification Core 2 Exam

The correct answer is B. Scripted Deployment.

Scripted deployment is the most effective method for remotely installing software across multiple devices, including remote employees’ machines.

IT departments commonly use scripting tools like PowerShell, Bash, or batch scripts, along with software deployment solutions like Microsoft SCCM, Intune, or Group Policy.

This method ensures automation, consistency, and remote execution without requiring physical access to each device.

Why Other Options Are Incorrect:

A. Clone – Cloning is used to replicate entire system images but is not practical for deploying individual software programs remotely.

C. In-place – This term typically refers to in-place upgrades or updates to existing software, not new software deployment across multiple machines.

D. Image – Imaging refers to creating a full system image, including the OS and applications. While useful for deploying new computers, it is not ideal for remotely installing software on existing systems.

CompTIA A+ 220-1102 Exam Reference:

Objective 3.3 – Given a scenario, use remote access technologies.

Objective 4.2 – Given a scenario, implement cybersecurity best practices.

Rebooting the computer into safe mode (Option B) limits the processes and services that run, which can help in isolating and removing persistent malware that might be hiding in normal mode. Safe mode provides a cleaner environment to troubleshoot and remove malware.

Restoring from a backup (Option A) may work but should be considered after attempts to clean the infection.

Purchasing a new endpoint protection tool (Option C) is unnecessary at this stage since existing tools can be run in safe mode.

Using system recovery (Option D) could potentially remove the infection, but it's a more drastic step that may not be necessary yet.

CompTIA A+ Core 2 References:

3.3 - Best practices for malware removal, including booting into safe mode

Disk encryption is the best method for securing a workstation used in financial transactions, such as point-of-sale systems. It ensures that if the workstation is stolen, all data on the disk is encrypted and cannot be accessed without proper credentials. File encryption (B) only encrypts individual files, and USB drive encryption (C) only applies to removable storage. Data-in-transit encryption (A) is not relevant for physical security.

In this case, abnormal behavior after opening a suspicious email suggests malware might have infected the device. A full factory reset is recommended to remove any persistent malware, especially when a restart does not resolve the issue. Deleting the email or reinstalling the browser will not remove the malware already on the device.

A rootkit (Option A) is a type of malware designed to gain administrative (root) access to a system while hiding its presence. Rootkits can manipulate system processes and files to remain undetected, making them particularly dangerous.

Trojan (Option B) is malware disguised as legitimate software but doesn't necessarily provide administrative access.

Worm (Option C) spreads across networks but doesn't grant administrative access.

Ransomware (Option D) encrypts data and demands a ransom but doesn't typically provide ongoing administrative access.

CompTIA A+ Core 2 References:

2.3 - Explain malware types, including rootkits and their purpose .

Detailed Explanation with Core 2 References:The PC is likely infected with ransomware. The immediate step should be to disconnect from the network to prevent the malware from spreading to other devices. Core 2 highlights steps to respond to malware incidents, such as disconnecting from the network as part of containment measures (Core 2 Objective 2.3)​.

In the event of a security breach, documenting the incident is crucial for tracking, analysis, and resolution. The appropriate steps should ensure thorough documentation and communication:

Option A: Record the details in the ticketing system.Correct Answer. The ticketing system is the primary tool for IT support to track incidents. Recording the details in the ticketing system ensures that all relevant information is documented systematically, can be easily accessed, and tracked through the resolution process.

This aligns with best practices in incident documentation and support systems information management as outlined in the CompTIA A+ Core 2 (220-1102) Exam Objectives, Section 4.1​​.

Option B: Take screenshots and attach them to the root cause analysis.While screenshots can be useful, the first step should be to record the details in the ticketing system. Screenshots may be added later as supplementary information.

Option C: Discuss the incident with the company’s legal team.Involving the legal team is important for certain aspects of a security breach, but the initial step should still be to document the incident in the ticketing system.

Pop-up blockers can sometimes prevent essential pop-up windows required by websites to display transaction details.

Clear the browser cache: Helps with loading issues but not specific to pop-ups.

Disable the pop-up blocker: The correct solution, as it allows the blocked pop-up to be displayed.

Configure private browsing: Prevents storing browsing data but does not affect pop-ups.

Verify valid certificates: Ensures secure connections but does not resolve pop-up issues.

To ensure device security on the network while adhering to industry best practices, the technician should:

Automate the patching process: This ensures that all devices receive the latest security updates in a timely manner without manual intervention, reducing the risk of vulnerabilities.

Monitor the firewall configuration: Important for network security but does not directly ensure all devices are patched.

Implement access control lists: Controls access to resources but does not ensure devices are patched.

Document all changes: Important for change management but does not directly impact the patching process.

Badge readers are devices that scan employee or visitor credentials, logging entries and exits from restricted areas. Video surveillance (B) provides a visual record but does not directly control access. Bollards (A) and fences (D) provide physical security but cannot detect or record access events.

NFC stands for Near Field Communication, and it is a wireless technology that allows your phone to act as a contactless payment device, among other things2. Payment applications that allow payments to be made with a mobile device usually rely on NFC to communicate with the payment terminal1. Therefore, if NFC is disabled on the phone, the payment will not work. To enable NFC on an Android phone, you need to follow these steps3:

On your Android device, open the Settings app.

Select Connected devices.

Tap on Connection preferences.

You should see the NFC option. Toggle it on.

The other options are not directly related to using a payment application with a mobile device. Airplane mode is a setting that disables all wireless communication on the phone, including NFC4, but it also affects calls, texts, and internet access. Bluetooth is a wireless technology that allows you to connect your phone with other devices such as headphones or speakers, but it is not used for contactless payments. Wi-Fi is a wireless technology that allows you to access the internet or a local network, but it is also not used for contactless payments. Location services are a feature that allows your phone to determine your geographic location using GPS or other methods, but they are not required for contactless payments.

https://www.educba.com/shell-scripting-in-linux/

The user can use the following commands to give the technician the correct information: ipconfig /all and hostname 1. The ipconfig /all command displays the IP address, subnet mask, and default gateway for all adapters on the computer 1. The hostname command displays the name of the computer 1.

Saving software to an external hard drive and installing it on each individual PC is the most inefficient method for the small business owner. This method requires manual intervention on each PC, and there is a higher risk of error or inconsistencies between PCs. Additionally, if the software needs to be updated or reinstalled in the future, this process would need to be repeated on each PC.

To delete an empty directory, enter rd Directory or rmdir Directory . If the directory is not empty, you can remove files and subdirectories from it using the /s switch. You can also use the /q switch to suppress confirmation messages (quiet mode).