Question 1mediummultiple choice
Full question →Question 546 of 1,000
mediummultiple choiceObjective-mapped
220-1102 Practice Question: Phishing uses deceptive emails to trick users.
This 220-1102 practice question tests your understanding of phishing uses deceptive emails to trick users.. Compare every option against the stated constraints before choosing — the best answer satisfies all requirements, not just the most obvious one. A key principle to apply: phishing uses deceptive emails to trick users.. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.
A user receives an email that appears to be from their bank, warning about a fraudulent transaction. The email contains an attachment named 'Statement.docm'. When the user attempts to open the attachment, Windows Defender detects and quarantines a Trojan. Which of the following BEST describes the attack vector that was prevented?
Answer choices
Why each option matters
Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.
A
Best answer
Phishing with a malicious macro
Correct. The .docm attachment is a Word document with macros, which are commonly used to deliver malware. The email is phishing, and the macro is the malicious component.
B
Distractor review
Ransomware
Ransomware is a type of malware that encrypts files, but the attack described is the delivery mechanism (phishing with macro), not the specific malware type.
C
Distractor review
Spear phishing
Spear phishing is a targeted form of phishing aimed at a specific individual or organization. The email described is a generic bank fraud alert, not necessarily targeted.
D
Distractor review
Vishing
Vishing (voice phishing) uses phone calls, not email attachments.
Answer analysis
Why the other options are wrong
Understanding why incorrect options are tempting is as important as knowing the correct answer.
- ✗
Ransomware
Ransomware is a type of malware that encrypts files, but the attack described is the delivery mechanism (phishing with macro), not the specific malware type.
- ✗
Spear phishing
Spear phishing is a targeted form of phishing aimed at a specific individual or organization. The email described is a generic bank fraud alert, not necessarily targeted.
- ✗
Vishing
Vishing (voice phishing) uses phone calls, not email attachments.
Common exam trap
Common exam trap: answer the scenario, not the keyword
Candidates might confuse the delivery method with the malware type, incorrectly choosing Ransomware because it's a common threat.
Technical deep dive
How to think about this question
The scenario perfectly illustrates a phishing attack leveraging a malicious macro. Phishing is a social engineering technique where attackers attempt to trick users into revealing sensitive information or performing actions, often by impersonating a trusted entity like a bank. In this case, the email's content, warning about a fraudulent transaction, is designed to create urgency and panic, compelling the user to open the attachment without critical thought. The attachment, 'Statement.docm', is crucial here. The '.docm' file extension indicates a Microsoft Word document that contains macros. Macros are small programs or scripts embedded within documents to automate tasks. While legitimate for productivity, they are a common vector for malware delivery. When the user attempts to open such a document, if security settings allow, the embedded macro can execute, downloading and installing malware, in this case, a Trojan, which Windows Defender successfully intercepted. This attack differs significantly from the distractor options. Ransomware (B) is a type of malware that encrypts files and demands payment, but the question describes the *delivery mechanism* of the malware, not the malware's ultimate payload or effect. Spear phishing (C) is a more targeted form of phishing, aimed at a specific individual or organization with personalized information. The email described, a generic bank fraud alert, lacks the specific targeting characteristics of spear phishing. Vishing (D), or voice phishing, involves using phone calls to trick victims, which is distinct from an email-based attack with an attachment. Therefore, the combination of a deceptive email (phishing) and a macro-enabled document (malicious macro) accurately describes the prevented attack vector.
KKey Concepts to Remember
- Phishing uses deceptive emails to trick users.
- .docm files indicate macro-enabled Microsoft Word documents.
- Macros can execute code, making them a common malware delivery method.
- Windows Defender can detect and quarantine malicious macros.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Key takeaway
Phishing uses deceptive emails to trick users.
Related practice questions
Related 220-1102 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
CompTIA A+ hardware practice questions
Practise 220-1102 questions linked to CompTIA A+ hardware.
CompTIA A+ mobile devices practice questions
Practise 220-1102 questions linked to CompTIA A+ mobile devices.
CompTIA A+ networking practice questions
Practise 220-1102 questions linked to CompTIA A+ networking.
CompTIA A+ operating systems practice questions
Practise 220-1102 questions linked to CompTIA A+ operating systems.
CompTIA A+ security practice questions
Practise 220-1102 questions linked to CompTIA A+ security.
CompTIA A+ software troubleshooting questions
Practise 220-1102 questions linked to CompTIA A+ software troubleshooting questions.
CompTIA A+ operational procedures questions
Practise 220-1102 questions linked to CompTIA A+ operational procedures questions.
More questions from this exam
Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.
Question 1
A change advisory board (CAB) approved a standard change to update antivirus definitions on all servers. The technician completes the update on a file server and verifies the server is functioning normally. According to change management best practices, what documentation should the technician complete?
Question 2
A company's change management policy requires all server changes to be approved by the Change Advisory Board (CAB). A technician discovers that a critical database server's operating system needs a security patch to comply with a new regulatory requirement that takes effect in one week. The patch has a known risk of causing service downtime. The next scheduled CAB meeting is in two weeks. What should the technician do FIRST?
Question 3
A company is implementing a bring-your-own-device (BYOD) policy and needs to ensure that corporate data on employee mobile devices is protected. Which of the following is the MOST important technical control to implement?
Question 4
A company requires employees to present both a smart card and a PIN to log into their workstations. Which authentication principle is being implemented?
Question 5
A company requires all Windows 10 workstations to be able to join an Active Directory domain. Which edition of Windows 10 must be installed on these workstations?
Question 6
A company wants to allow employees to securely access internal resources from home via the internet. Which method provides the highest level of security for remote desktop connections?
Practice this exam
Start a free 220-1102 practice session
Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.
FAQ
Questions learners often ask
What does this 220-1102 question test?
Phishing uses deceptive emails to trick users.
What is the correct answer to this question?
The correct answer is: Phishing with a malicious macro — The .docm extension indicates a Word document with macros. Macros can contain malicious code that executes upon opening the document. This is a classic example of a phishing email carrying a macro-based malware payload. Ransomware is a type of malware, not the vector. Spear phishing is targeted at a specific individual or organization, while vishing uses voice communication. The attack vector is phishing with a malicious macro.
What should I do if I get this 220-1102 question wrong?
Review phishing uses deceptive emails to trick users., then practise related 220-1102 questions on the same topic to reinforce the concept.
About these practice questions
Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →
Keep practising
More 220-1102 practice questions
- A change advisory board (CAB) approved a standard change to update antivirus definitions on all servers. The technician…
- A company's change management policy requires all server changes to be approved by the Change Advisory Board (CAB). A te…
- A company is implementing a bring-your-own-device (BYOD) policy and needs to ensure that corporate data on employee mobi…
- A company requires employees to present both a smart card and a PIN to log into their workstations. Which authentication…
- A company requires all Windows 10 workstations to be able to join an Active Directory domain. Which edition of Windows 1…
- A company wants to allow employees to securely access internal resources from home via the internet. Which method provid…
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Loading comments…
Sign in to join the discussion.
This 220-1102 practice question is part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the 220-1102 exam.