Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Malware Types and Removal practice sets

220-1202 Malware Types and Removal • Complete Question Bank

220-1202 Malware Types and Removal — All Questions With Answers

Complete 220-1202 Malware Types and Removal question bank — all 0 questions with answers and detailed explanations.

30
Questions
Free
No signup
Certifications/220-1202/Practice Test/Malware Types and Removal/All Questions
Question 1easymultiple choice
Read the full Malware Types and Removal explanation →

During a routine security audit, a technician discovers that a user's workstation has a program that records keystrokes and periodically sends the data to an external server. The user denies installing any software recently. Which type of malware is this?

Question 2hardmultiple choice
Read the full Malware Types and Removal explanation →

A technician is investigating a security incident where multiple workstations on the same network are showing signs of infection: slow performance, unusual network traffic, and the presence of a file named 'svch0st.exe' in the Startup folder. The technician suspects a worm that spreads through network shares. What is the most effective containment strategy?

Question 3mediummultiple choice
Read the full Malware Types and Removal explanation →

A technician is tasked with removing a persistent malware infection that survives reboots and re-infects the system even after a full antivirus scan in Safe Mode. The malware appears to hide in the Master Boot Record (MBR). Which removal method should the technician use?

Question 4easymultiple choice
Read the full Malware Types and Removal explanation →

A small business owner calls for support because all of their files on the server have been renamed with a .encrypted extension, and a text file named 'README_TO_DECRYPT.txt' appears on the desktop demanding a Bitcoin payment. What is the first step the technician should take?

Question 5hardmultiple choice
Read the full NAT/PAT explanation →

A technician is dealing with a zero-day malware infection that has evaded all signature-based antivirus scans. The malware is polymorphic, changing its code each time it infects a new system. Which approach is most likely to detect and remove this type of malware?

Question 6easymultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their computer is infected with a virus and they have been trying to remove it using a free online scanner, but the problem persists. The technician suspects the malware may have disabled the antivirus software. Which safe mode should the technician use to run a full system scan?

Question 7easymultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their system is running very slowly, and they see frequent pop-up ads even when no browser is open. They also notice that their default search engine has changed without their permission. Which type of malware is most likely causing these symptoms?

Question 8mediummultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their computer has been acting strangely: files are missing, and the mouse cursor moves on its own, opening programs and typing messages. The technician suspects a remote access Trojan (RAT). What is the most effective immediate action to stop the unauthorized access?

Question 9mediummultiple choice
Read the full Malware Types and Removal explanation →

A technician is troubleshooting a Windows 10 workstation that displays a fake security alert claiming the system is infected and prompting the user to call a toll-free number. The user cannot close the alert window or open Task Manager. Which type of malware is causing this behavior, and what is the best removal approach?

Question 10mediummultiple choice
Read the full Malware Types and Removal explanation →

A technician is removing malware from a Windows 10 PC and wants to ensure that no remnants remain in the registry or startup folders. After running an antivirus scan and deleting infected files, which additional step should the technician perform?

Question 11mediummultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their web browser's homepage has changed to an unfamiliar search engine, and new toolbars have appeared without their consent. They have not installed any new software recently. Which type of malware is most likely responsible?

Question 12easymultiple choice
Read the full Malware Types and Removal explanation →

A customer reports that their desktop computer is running extremely slowly, and they see frequent pop-up advertisements even when no browser is open. Task Manager shows a process named 'svch0st.exe' consuming 95% CPU. Which type of malware is most likely causing these symptoms?

Question 13mediummultiple choice
Read the full Malware Types and Removal explanation →

A small business owner reports that all their Microsoft Office documents are now encrypted with a '.crypt' extension and a ransom note demands payment in cryptocurrency. They have a backup from last week stored on an external drive that was disconnected after the backup. What is the best recovery strategy?

Question 14hardmultiple choice
Read the full Malware Types and Removal explanation →

A technician is investigating a security breach where sensitive customer data was exfiltrated. The only malware found is a hidden driver that intercepts keystrokes and sends them to a remote server. Which malware type is responsible, and what is the best removal strategy?

Question 15hardmultiple choice
Read the full Malware Types and Removal explanation →

During a routine security audit, a technician discovers that a user's computer has a program that opens a backdoor on port 4444 and allows remote control. The program was installed alongside a free PDF converter the user downloaded last week. Which malware type is this, and what is the most effective removal method?

Question 16easymultiple choice
Read the full Malware Types and Removal explanation →

A technician is configuring a new Windows 11 workstation for a user who frequently downloads free software. To reduce the risk of malware infections from bundled applications, which security setting should be enabled?

Question 17hardmultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their computer is sending out a large amount of network traffic even when they are not using the internet. The antivirus detects a file named 'expl0rer.exe' in the startup folder. What type of malware is most likely causing this behavior?

Question 18mediummultiple choice
Read the full Malware Types and Removal explanation →

A technician is troubleshooting a computer that displays a fake security alert claiming the system is infected and urging the user to call a toll-free number. The alert cannot be closed and appears on top of all other windows. What is the best removal approach?

Question 19mediummultiple choice
Read the full Malware Types and Removal explanation →

A technician is cleaning a computer that has been infected with a rootkit. After running a standard antivirus scan, the malware is still detected on reboot. Which step should the technician take next to ensure complete removal?

Question 20easymultiple choice
Read the full Malware Types and Removal explanation →

During a security incident, a user's files have been renamed with a '.encrypted' extension, and a ransom note demands Bitcoin to restore them. The user has no backups. What is the most appropriate immediate action?

Question 21hardmultiple choice
Read the full Malware Types and Removal explanation →

A technician is investigating a computer that has been sending spam emails from the user's account without their knowledge. The user has not installed any new software recently. The technician finds a process running that matches a known botnet client. Which two steps should the technician take first to mitigate the threat?

Question 22mediummultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their computer is displaying a message claiming their files are encrypted and they must pay 0.5 Bitcoin to a specific address to regain access. The user cannot open any documents or photos. What is the first step the technician should take to respond to this incident?

Question 23mediummultiple choice
Read the full Malware Types and Removal explanation →

A technician is troubleshooting a Windows 10 computer that exhibits strange behavior: system files are missing, and the computer fails to boot normally. A boot-time virus scan detects a virus that infected the Master Boot Record (MBR). Which tool should the technician use to repair the MBR?

Question 24mediummultiple choice
Read the full Malware Types and Removal explanation →

During a security incident, a technician discovers that a user's computer has a program that hides its processes from Task Manager and allows an attacker to remotely control the system. The technician suspects a rootkit. Which removal method is most effective for a rootkit?

Question 25hardmultiple choice
Read the full Malware Types and Removal explanation →

A technician is tasked with removing malware from a Windows 10 computer that has a Trojan horse that downloaded additional payloads. The technician has already run a full antivirus scan and removed the Trojan, but the computer still exhibits suspicious network activity. What should the technician do next?

Question 26easymultiple choice
Read the full Malware Types and Removal explanation →

A customer reports that their Windows 10 computer is running very slowly, and they see frequent pop-up ads even when no browser is open. They also notice a new toolbar in their browser that they did not install. What type of malware is most likely causing these symptoms?

Question 27hardmultiple choice
Read the full Malware Types and Removal explanation →

A user reports that their computer is infected with a virus that has encrypted all their personal files and left a text file with instructions to pay a ransom. The technician has verified the infection is ransomware. The company has a backup policy. What is the best course of action to recover the data?

Question 28easymultiple choice
Read the full Malware Types and Removal explanation →

During a routine security audit, a technician finds that a user's computer has an unknown program running that is sending keystrokes and screenshots to a remote server. The user did not install this program. Which type of malware is this?

Question 29mediummultiple choice
Read the full Malware Types and Removal explanation →

A user calls the help desk because their computer is running slowly and they see a fake antivirus program warning that their system is infected. The user cannot close the warning window. Which type of malware is this, and what is the best removal approach?

Question 30mediummultiple choice
Read the full Malware Types and Removal explanation →

A small business owner reports that all their employees are receiving emails from each other containing a link that, when clicked, downloads a file that installs a program that spreads to other contacts. The emails appear to come from known senders. What type of malware is this?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

220-1202 Practice Test 1 — 10 Questions→220-1202 Practice Test 2 — 10 Questions→220-1202 Practice Test 3 — 10 Questions→220-1202 Practice Test 4 — 10 Questions→220-1202 Practice Test 5 — 10 Questions→220-1202 Practice Exam 1 — 20 Questions→220-1202 Practice Exam 2 — 20 Questions→220-1202 Practice Exam 3 — 20 Questions→220-1202 Practice Exam 4 — 20 Questions→Free 220-1202 Practice Test 1 — 30 Questions→Free 220-1202 Practice Test 2 — 30 Questions→Free 220-1202 Practice Test 3 — 30 Questions→220-1202 Practice Questions 1 — 50 Questions→220-1202 Practice Questions 2 — 50 Questions→220-1202 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Windows OS Features and ToolsWindows Settings and Control PanelWindows Command-Line ToolsWindows Administrative ToolsmacOS Features and ToolsLinux Commands and File PermissionsMobile OS Features and ToolsVirtualization and Cloud TechnologiesPhysical Security ControlsLogical Security ConceptsWireless Security ProtocolsMalware Types and RemovalSocial Engineering AttacksWindows Security SettingsBrowser and Application SecurityData Destruction and DisposalWindows OS TroubleshootingPC Security Issue RemediationMobile OS and App TroubleshootingSafety Procedures and ComplianceEnvironmental Awareness and ImpactDocumentation and Change ManagementRemote Access TechnologiesScripting BasicsCommunication and ProfessionalismOperating SystemsSecuritySoftware TroubleshootingOperational Procedures

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Malware Types and Removal setsAll Malware Types and Removal questions220-1202 Practice Hub