Question 254 of 750
PC Security Issue RemediationhardMultiple ChoiceObjective-mapped

Quick Answer

The correct tool is Windows Defender Firewall with Advanced Security, accessible by running wf.msc. This is the right choice because it allows you to configure a host-based firewall to block all incoming connections by default, then create precise allow rules for specific applications, meeting the security policy’s requirement for granular control. On the CompTIA A+ Core 2 220-1202 exam, this scenario tests your understanding of inbound rule management and the distinction between the basic Windows Defender Firewall and its Advanced Security console—a common trap is confusing it with the simpler settings in the Control Panel or using netsh commands. Remember that wf.msc is the only tool that gives you the explicit “Block all incoming connections” option alongside application-specific exceptions. A helpful memory tip: think “wf.msc” as “Windows Firewall, Master Security Control” for the deepest rule customization.

220-1202 PC Security Issue Remediation Practice Question

This 220-1202 practice question tests your understanding of pc security issue remediation. This is a configuration task: choose the command set that satisfies every stated requirement. Small differences — like 'secret' vs 'password' or 'transport input ssh' vs 'all' — change whether the answer is correct. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

A company's security policy requires that all workstations use a host-based firewall to block incoming connections except for specific allowed applications. A technician needs to configure this on a Windows 10 PC. Which tool should they use?

Question 1hardmultiple choice
Full question →

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Windows Defender Firewall with Advanced Security

The Windows Defender Firewall with Advanced Security (wf.msc) is the correct tool because it provides granular control over inbound rules, allowing the technician to block all incoming connections by default and then create explicit allow rules for specific applications. This meets the security policy requirement for a host-based firewall that blocks incoming traffic except for permitted applications.

Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Windows Defender Antivirus settings

    Why it's wrong here

    Windows Defender Antivirus handles malware detection, not firewall rules.

  • Windows Defender Firewall with Advanced Security

    Why this is correct

    This MMC snap-in allows creating inbound and outbound rules to block or allow traffic based on application, port, or IP address, meeting the policy requirement.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Group Policy Editor

    Why it's wrong here

    Group Policy can deploy firewall rules across a domain, but on a local workstation, the technician would use the Windows Defender Firewall with Advanced Security console directly.

  • Network and Sharing Center

    Why it's wrong here

    Network and Sharing Center provides basic firewall status and network profile settings, but not the detailed rule creation needed for specific application allowances.

Common exam traps

Common exam trap: answer the scenario, not the keyword

CompTIA often tests the distinction between basic firewall settings (accessible via Control Panel) and the Advanced Security console, where candidates mistakenly choose the simpler interface or confuse firewall management with antivirus or group policy tools.

Detailed technical explanation

How to think about this question

The Windows Defender Firewall with Advanced Security uses Windows Filtering Platform (WFP) to enforce rules at the network stack level, supporting both inbound and outbound filtering with options for protocol (TCP/UDP), port numbers, and program paths. In a real-world scenario, a technician might create an inbound rule for a legacy application that listens on a non-standard port, ensuring it functions while all other unsolicited inbound traffic is dropped, which is critical for compliance with PCI DSS or HIPAA security policies.

KKey Concepts to Remember

  • Read the scenario before looking for a memorised answer.
  • Find the constraint that changes the correct option.
  • Eliminate answers that are true in general but not in this case.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Real-world example

How this comes up in practice

A security administrator must allow nursing staff to reach a patient records server while blocking access from the guest Wi-Fi VLAN. After applying an extended ACL, traffic is still blocked from nursing workstations. The ACL was applied outbound instead of inbound on the wrong interface. Questions like this test ACL direction and placement rules.

What to study next

Got this wrong? Here's your next step.

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Related practice questions

Related 220-1202 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free 220-1202 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this 220-1202 question test?

PC Security Issue Remediation — This question tests PC Security Issue Remediation — Read the scenario before looking for a memorised answer..

What is the correct answer to this question?

The correct answer is: Windows Defender Firewall with Advanced Security — The Windows Defender Firewall with Advanced Security (wf.msc) is the correct tool because it provides granular control over inbound rules, allowing the technician to block all incoming connections by default and then create explicit allow rules for specific applications. This meets the security policy requirement for a host-based firewall that blocks incoming traffic except for permitted applications.

What should I do if I get this 220-1202 question wrong?

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

What is the key concept behind this question?

Read the scenario before looking for a memorised answer.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Last reviewed: Jun 30, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This 220-1202 practice question is part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the 220-1202 exam.