220-1202 · topic practice

Security practice questions

Practise CompTIA A+ Core 2 220-1202 Security practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Security

What the exam tests

What to know about Security

Security questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Security exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Security questions

20 questions · select your answer, then reveal the explanation

Question 1hardmultiple choice
Read the full Security explanation →

A technician is responding to a security incident where an employee's credentials were used to access a server without authorization. The employee claims they did not perform the action. Which of the following should the technician do first to remediate the compromised account?

Question 2mediummultiple choice
Read the full Security explanation →

A user reports that their external hard drive is no longer recognized by Windows. They suspect it might be infected with malware from a previous connection. You run a security scan and find no threats. What is the most likely cause of the drive not being recognized?

Question 3mediummultiple choice
Read the full Security explanation →

A company's Android devices are failing to connect to the corporate email server after a security policy update. The devices show 'Authentication failed' for the email app. What is the most likely cause?

Question 4hardmultiple choice
Read the full Security explanation →

A security incident response team needs to find all files in /var/www that have the SUID bit set, which may indicate a privilege escalation risk. Which command should they use?

Question 5mediummultiple choice
Read the full Security explanation →

A company’s change management policy requires all changes to be approved by the Change Advisory Board (CAB) before implementation. A technician applies an emergency security patch to a critical server without CAB approval because the vulnerability is being actively exploited. What should the technician do after applying the patch?

Question 6easymultiple choice
Review the full routing breakdown →

A small business owner wants to allow a remote employee to access their office desktop from home, but is concerned about security. They currently have a standard router with a public IP. Which of the following is the most secure method to enable this access?

Question 7mediummultiple choice
Read the full VPN explanation →

A technician is setting up remote access for a salesperson who frequently works from coffee shops. The company uses a VPN with two-factor authentication (2FA). The salesperson reports that after entering their username and password, they receive a prompt for a code but do not have their token. What should the technician do to resolve this?

Question 8hardmultiple choice
Read the full VPN explanation →

A company is experiencing a security incident where an attacker gained access to the internal network via a compromised VPN account. The technician must prevent future attacks. Which two-factor authentication method should the technician implement for VPN access?

Question 9mediummultiple choice
Read the full VPN explanation →

You are configuring a new Windows 10 workstation for a remote employee who will connect to the corporate VPN. The user should not be able to install software or change system settings. Which tool should you use to enforce these restrictions?

Question 10easymultiple choice
Read the full Security explanation →

During a routine security audit, you discover that several user accounts on a Windows 10 workstation have local administrator privileges when they should only be standard users. You need to quickly review and modify user account types from the command line. Which built-in tool should you use?

Question 11hardmultiple choice
Read the full Security explanation →

A user is unable to change their desktop background because the option is grayed out. You suspect a Group Policy setting is enforcing a specific wallpaper. Which Control Panel tool would you use to check if a Group Policy is applied, and what is the specific path to verify this setting?

Question 12hardmultiple choice
Read the full Security explanation →

A security incident occurred where an employee's workstation was infected with ransomware. The IT manager wants to ensure that all future workstations have Controlled Folder Access enabled to protect critical data from unauthorized changes. Which Windows Security applet should be used to configure this?

Question 13hardmultiple choice
Read the full Security explanation →

A security incident occurred where an unauthorized user gained access to a workstation. The security team needs to review detailed logs of all user logon attempts, including successful and failed logins, for the past 48 hours. Which administrative tool and specific log should you access to provide this information?

Question 14easymultiple choice
Read the full Security explanation →

A small business owner wants to ensure that only authorized users can log into their Windows 10 workstations. They need a tool to create and manage user accounts and set password policies. Which administrative tool should you use?

Question 15mediummultiple choice
Read the full Security explanation →

Your company's security policy requires that all workstations have the latest Windows security updates installed. You need to verify the update history on a user's Windows 10 PC to ensure no critical updates are missing. Which tool should you use?

Question 16mediummultiple choice
Read the full wireless explanation →

A technician is troubleshooting a Mac that fails to connect to a Wi-Fi network. The network is visible, but entering the correct password results in an 'unable to join the network' error. The technician wants to delete the saved network configuration to start fresh. Which macOS tool or location should they use?

Question 17hardmultiple choice
Read the full Security explanation →

A security incident has occurred: a user's Mac running macOS Ventura was infected with malware that modified system files. The technician needs to boot the Mac into a mode that loads only essential Apple-signed kernel extensions and prevents third-party software from loading, in order to safely remove the malware. Which startup mode should they use?

Question 18easymultiple choice
Read the full Security explanation →

A small business owner wants to restrict app installations on company Macs to only the Mac App Store to prevent employees from downloading unapproved software. Which macOS security feature should you configure?

Question 19easymultiple choice
Read the full Security explanation →

During a security incident, a technician needs to verify whether a specific application was granted camera and microphone permissions on a macOS computer. Which macOS tool should they use to check these privacy settings?

Question 20easymultiple choice
Read the full Security explanation →

During a security audit, a Linux server is found to have a configuration file that is world-writable. The file /etc/app/config.cfg must only be readable and writable by the root user. Which command should the administrator run?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Security sessions

Start a Security only practice session

Every question in these sessions is drawn from the Security domain — nothing else.

Related practice questions

Related 220-1202 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the 220-1202 exam test about Security?
Security questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Security questions in a focused session?
Yes — the session launcher on this page draws every question from the Security domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other 220-1202 topics?
Use the topic links above to move to related areas, or go back to the 220-1202 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the 220-1202 exam covers. They are not copied from any real exam or dump site.