CompTIA 220-1202 Free Practice Questions — Page 3

CompTIA A+ Core 2 (2025) • 5 questions • Answers & explanations included

Question 11

Which of the following types of social engineering attacks sends an unsolicited text message to a user's mobile device?

A. Impersonation
B. Vishing
C. Spear phishing
D. Smishing
Show Answer & Explanation

Correct Answer: D. Smishing

Smishing is SMS-based phishing — sending malicious or deceptive text messages to mobile users. Vishing uses voice calls. Spear phishing is targeted email-based phishing. Impersonation involves pretending to be someone else, usually in person or via email. The key word in this question is "text message."

Question 12

A user reports some single sign-on errors to a help desk technician. Currently, the user is able to sign in to the company's application portal but cannot access a specific SaaS-based tool. Which of the following would the technician most likely suggest as a next step?

A. Reenroll the user's mobile device to be used as an MFA token.
B. Use a private browsing window to avoid local session conflicts.
C. Bypass single sign-on by directly authenticating to the application.
D. Reset the device being used to factory defaults.
Show Answer & Explanation

Correct Answer: B. Use a private browsing window to avoid local session conflicts.

The user can log into the portal but not a specific SaaS tool, which suggests a cached session or cookie conflict. A private/incognito window isolates the session and avoids cached credential issues. Re-enrolling MFA is unrelated to SSO app access. Bypassing SSO is a security concern and not a recommended fix. Factory reset is far too extreme for this issue.

Question 13

A technician verifies that a malware incident occurred on some computers in a small office. Which of the following should the technician do next?

A. Quarantine the infected systems.
B. Educate the end users.
C. Disable System Restore.
D. Update the anti-malware and scan the computers.
Show Answer & Explanation

Correct Answer: A. Quarantine the infected systems.

After verifying a malware infection, the immediate next step is containment — isolating infected systems to prevent spread. This follows the malware removal process: identify → quarantine → disable System Restore → remediate → educate. Educating users comes after remediation. Updating and scanning happens after quarantine. Disabling System Restore also comes after quarantine.

Question 14

Which of the following is a Linux command that is used for administrative purposes?

A. runas
B. cmcl
C. net user
D. su
Show Answer & Explanation

Correct Answer: D. su

su (substitute user) is a Linux command used to switch to another user account, typically root, for administrative tasks. runas is a Windows command. cmcl is not a real command. net user is a Windows command for managing user accounts. Only su is a valid Linux administrative command.

Question 15

A user recently installed an application that accesses a database from a local server. When launching the application, it does not populate any information. Which of the following command-line tools is the best to troubleshoot the issue?

A. ipconfig
B. nslookup
C. netstat
D. curl
Show Answer & Explanation

Correct Answer: C. netstat

The application connects to a local database server but returns no data, suggesting a connection or port issue. netstat shows active network connections and listening ports, helping identify whether the app is connecting to the database. ipconfig shows IP configuration only. nslookup resolves DNS names. curl tests HTTP endpoints, not database connections.

Ready for the Full 220-1202 Experience?

Access all 69 pages of practice questions and simulate the real exam with timed mode.

Start Interactive Quiz →