CompTIA A+ Certification - Core 2 (V15) - (220-1202) Exam Questions

Run the application as Administrator.

✅ Explanation:

Some older applications, especially legacy or enterprise software, were designed to run with administrator privileges. After a system upgrade, new permission models might block certain parts of the app from functioning correctly unless it is explicitly granted elevated rights.

Example:
An old inventory management system might need access to certain system files or registry entries. Running it as Administrator can bypass the restrictions and restore full functionality.

❌ Option: Raise the User Account Control level

This does the opposite of what is needed. Raising UAC level increases restrictions and prompts for more confirmations when apps try to run with admin privileges. It won’t solve compatibility or functionality issues for legacy applications.

Example:
If the app is already being blocked due to permission restrictions, raising the UAC level will make it harder, not easier, to run.

❌ Option: Turn off Windows Defender Firewall

This is a security risk and unrelated to the issue described. A local legacy app that’s only “partially functional” is likely not being blocked by the firewall, which is designed to manage network traffic.

Example:
Firewall settings affect incoming or outgoing connections — not whether a window opens or not inside an application.

❌ Option: Disable compatibility mode for the application

Disabling compatibility mode might actually worsen the issue. If the legacy app worked before because compatibility mode was enabled, turning it off could break even more features.

Example:
A Windows XP-era tool might need to run in "Windows XP SP3 Compatibility Mode" to display correctly in Windows 11.

Reimage the computer.

Reimage the computer

Explanation:
If malware-like behavior continues despite a full antivirus scan showing no threats, the system may be compromised by persistent or hidden malware. Reimaging the computer ensures that the operating system is restored to a clean, original state, removing all malicious code.

❌ Check for Windows updates

While updates can fix security vulnerabilities, they do not remove malware or correct the effects of malicious software already on the system. This step won't stop fake messages or persistent infections.

❌ Enable Windows Firewall

The firewall helps control network access but does not remove malware that is already running locally on the device. It won’t prevent fake popups or restore system functionality.

❌ Run System File Checker

SFC is designed to repair corrupted or missing system files, not to detect or remove malware. It may help if malware damaged Windows files, but it will not stop a recurring infection or fake security messages.

The user downloaded malware

Explanation:
Installing apps from outside the official app store (also known as sideloading) increases the risk of malware. Malicious applications can cause instability in the operating system, including random restarts, crashes, and performance issues. This is the most probable cause in this scenario since the apps were not verified by the marketplace.

❌ The OS update failed

If an OS update failed, the phone might not boot properly or could get stuck during startup, but it’s less likely to cause random restarts after booting normally.

❌ The device is in developer mode

Developer mode allows advanced settings and debugging options. While it's less secure if misused, just being in developer mode does not usually cause restarts by itself.

❌ The over-the-air carrier update failed

A failed OTA update could cause issues, but usually, it would affect system performance consistently — not just random restarts — and it’s not directly related to unauthorized app installations.

EFS (Encrypting File System)

Explanation:
EFS (Encrypting File System) is a feature built into Windows NTFS that allows users to encrypt individual files or folders. This encryption is user-specific and helps protect sensitive data even if an attacker has physical access to the computer, such as by removing the drive. Without the correct user credentials or encryption keys, the data remains inaccessible.

❌ ext

This is a Linux-based file system (e.g., ext3, ext4). It does not natively support file-level encryption on Windows and is not suitable for a Windows user.

❌ APFS

Apple File System (APFS) is designed for macOS and iOS devices. It includes features like encryption but is not compatible with Windows.

❌ FAT

File Allocation Table (FAT) is an older file system (like FAT32, exFAT) that does not support encryption or modern security features. It’s mostly used for USB drives and SD cards due to compatibility.

❌ ReFS

Resilient File System (ReFS) is designed for data integrity and fault tolerance, especially in server environments. It does not support EFS, so it can't be used for file-level encryption.

❌ XFS

XFS is another Linux-based file system and is not supported by Windows. It does not offer file-level encryption natively and is irrelevant to a Windows setup.

High network traffic

Explanation:
High network traffic occurs when many devices or users are trying to use the network at the same time, which can slow down internet speeds. In an office environment, multiple users may be connected to the same Wi-Fi network, streaming videos, downloading files, or using cloud apps, which leads to congestion and slow page loading on phones and other devices.

❌ Exceeded the data usage limit

This applies to mobile data plans. If the phone is connected to Wi-Fi at the office, this wouldn’t affect speed unless the phone is using mobile data instead.

❌ Sluggish response time

This is a symptom, not a cause. It describes what’s happening (slow loading), not why it’s happening.

❌ Degraded network service

This refers to a technical issue with the service provider or hardware like faulty cables or router problems. It's a possibility, but in this case, high usage by many people is more likely in an office setting.

gpupdate /force

Explanation:
The gpupdate /force command manually refreshes Group Policy settings, ensuring that the latest domain-level policies are applied to the local machine immediately. This is helpful when a workstation is not receiving updated policies automatically or you want to test policy changes.

❌ sfc /scannow

This command is used to scan and repair system files on Windows. It doesn’t update Group Policy and wouldn’t help with domain policy changes.

❌ chkdsk /y

This is related to checking and repairing disk errors, not managing or applying Group Policy.

❌ xcopy Zp

This command is used for copying files or directories, often in scripts. It has no effect on domain policies.

Restart services

Explanation:
Restarting services is a non-disruptive way to attempt to restore functionality without rebooting the entire server. Many web applications rely on background services (like IIS, Apache, MySQL, etc.) that can be restarted individually. This approach aligns with the company’s policy to avoid full reboots during business hours.

❌ Roll back Windows updates

Rolling back updates is time-consuming, requires administrative approval, and may require a reboot — which violates the business hour restriction.

❌ Perform a Windows repair

Windows repair is a major operation that typically involves reboots and potential downtime. It’s not suitable for quick fixes during business hours.

❌ Add RAM to the server

Physically adding RAM requires powering down the server, which directly violates the policy against rebooting during business hours. It also doesn’t address the immediate issue.

Internet Options

Explanation:
In Windows 11, although the Settings app is more prominent, Internet Options is still accessible (usually by searching for it in the Start menu or Control Panel). From the Content tab, the technician can manage certificates, including importing, exporting, and removing digital certificates. This tool remains the standard method for handling certificates, especially for secure browsing and client authentication.

In Windows 11, to import a digital certificate, the technician should use the Internet Options utility or the Microsoft Management Console (MMC) with the Certificates snap-in, depending on the level (user or system-wide) at which the certificate needs to be imported.

✅ Correct feature to use: Internet Options (for personal certificates)

• Path:
  Control Panel > Network and Internet > Internet Options > Content tab > Certificates

• From here, click Import to start the Certificate Import Wizard.

✔️ This method is most commonly used for:

• Web browser certificates

• Client authentication certificates

• Personal certificates for applications

🛠️ Advanced (System-Level) Method: MMC with Certificates Snap-in

• Press Win + R, type mmc, and press Enter

• Go to File > Add/Remove Snap-in

• Select Certificates, click Add, and choose the appropriate scope (e.g., Computer account or My user account)

• Navigate to the relevant certificate store (e.g., Trusted Root Certification Authorities)

• Right-click the store > All Tasks > Import

✔️ This method gives full control over all certificate stores and is ideal for IT administrators managing enterprise certificates.

❌ Network & Internet settings

This section in Windows 11 Settings is for managing Wi-Fi, Ethernet, and VPN configurations. It does not provide access to certificate management.

❌ Credential Manager

Used to manage stored usernames and passwords for websites and apps, but not for importing digital certificates.

❌ Windows Security Center

This area is part of Windows Security and is used to monitor virus protection, firewall, and device security—not for certificate management.

The switch has port security enabled.

Explanation:
Port security on a switch limits which devices (identified by MAC address) can connect to specific switch ports. After the computer upgrade, the network interface cards (NICs) likely have new MAC addresses. If port security is enabled, and those MACs aren’t allowed, the switch will block them from connecting—preventing them from getting an IP address from the DHCP server.

❌ Explanation of the incorrect options:

• The switch is only providing IPv6 addresses
  Even if IPv6 is active, DHCPv4 should still work in a dual-stack network unless explicitly disabled. Not getting an IP at all suggests a connectivity issue, not protocol mismatch.

• The OS must be updated to be compatible with the imaging software
  This would affect the imaging software, not IP address assignment. The OS being outdated might cause app issues, but not network address failures.

• The switch does not support multicast traffic
  Multicast is used for group communications (e.g., video streaming, some discovery protocols), not DHCP address assignment. This would not block the computers from obtaining an IP.

Go to Settings > Apps > Installed apps, click the app's three-dot menu, and select Modify.

Explanation:
In Windows 11, installed apps can be managed from Settings > Apps > Installed apps. Many desktop apps support a Modify option in the three-dot menu (…) next to the app name. This lets you add/remove optional features without uninstalling the whole app.

❌ Explanation of the incorrect options:

• Uninstall and reinstall the app
  Unnecessary if the Modify option is available. Reinstallation is more disruptive.

• Use System Configuration
  System Configuration (msconfig) is unrelated to app feature management; it's used for boot and startup settings.

• Run Storage Sense
  Storage Sense is for cleaning up temporary or unused files, not for managing app features.