220-1102 Practice Question: A technician is supporting a field engineer tablet

Answer choices

Why each option matters

Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.

Answer analysis

Why the other options are wrong

Understanding why incorrect options are tempting is as important as knowing the correct answer.

• ✗

  Event Viewer

  Event Viewer is useful for logs, but this scenario requires a different primary tool or control.

• ✗

  System Restore

  System Restore is useful for reversing certain Windows changes but is not the best fit for this specific goal.

• ✗

  Local Users and Groups

  Local user management does not directly address the stated issue.

Technical deep dive

How to think about this question

The scenario describes an immediate goal to respond to a possible MFA fatigue attack, which is a social engineering technique where an attacker repeatedly sends MFA prompts hoping the user will eventually approve one by mistake or out of frustration. The most direct and effective response for the user in this situation is to actively deny any unexpected MFA prompts and immediately report them to the IT security team. This action directly thwarts the attacker's attempt to gain unauthorized access by preventing the approval of the malicious prompt and initiates the necessary security incident response. It empowers the user as the first line of defense against this specific type of attack. This immediate user action is distinct from the other options. Event Viewer, while crucial for post-incident analysis and forensic investigation by security personnel, does not provide an immediate, proactive defense against an ongoing MFA fatigue attack from the end-user's perspective. System Restore is designed to revert system files and settings to a previous state, which is irrelevant to preventing an MFA approval or reporting a security incident. Local Users and Groups manages user accounts and permissions on a local machine, which has no bearing on responding to an external MFA prompt or a social engineering attempt. The core principle here is that the user is the gatekeeper for MFA, and their active denial and reporting are the critical first steps in mitigating this specific threat.

More questions from this exam

Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.

FAQ

Questions learners often ask

Keep practising

More 220-1102 practice questions

• →A change advisory board (CAB) approved a standard change to update antivirus definitions on all servers. The technician…
• →A company's change management policy requires all server changes to be approved by the Change Advisory Board (CAB). A te…
• →A company is implementing a bring-your-own-device (BYOD) policy and needs to ensure that corporate data on employee mobi…
• →A company requires employees to present both a smart card and a PIN to log into their workstations. Which authentication…
• →A company requires all Windows 10 workstations to be able to join an Active Directory domain. Which edition of Windows 1…
• →A company wants to allow employees to securely access internal resources from home via the internet. Which method provid…