CompTIA ITF+ FC0-U61 (FC0-U61) — Questions 301375

512 questions total · 7pages · All types, answers revealed

Page 4

Page 5 of 7

Page 6
301
Multi-Selectmedium

Which TWO of the following are advantages of using a relational database management system (RDBMS) over a file-based system?

Select 2 answers
A.Enforcement of data integrity
B.Faster data access for all queries
C.Reduced data redundancy
D.No need for a database administrator
E.Simpler setup and maintenance
AnswersA, C

Constraints enforce accuracy and consistency.

Why this answer

A relational database management system (RDBMS) enforces data integrity through constraints such as primary keys, foreign keys, unique constraints, and check constraints. These rules ensure that data entered into the database adheres to defined business rules and referential integrity, preventing orphaned records and invalid data entries. In contrast, a file-based system relies on application code to enforce such rules, which is error-prone and inconsistent.

Exam trap

The trap here is that candidates often assume 'faster data access' is always true for RDBMS due to indexing, but they overlook the overhead of SQL processing and the fact that file-based systems can be faster for simple, non-relational lookups.

302
MCQmedium

A small business needs to share files among employees within the same building. Which network topology is most efficient for this scenario?

A.Ring
B.Bus
C.Mesh
D.Star
AnswerD

Star topology is the most common for LANs due to centralized management and easy fault detection.

Why this answer

The star topology is most efficient for this scenario because all employee workstations connect to a central switch, which provides dedicated bandwidth per connection and simplifies troubleshooting. In a small office, the star topology allows easy addition or removal of devices without disrupting the network, and the central switch can manage traffic efficiently using MAC address tables.

Exam trap

The trap here is that candidates may confuse 'efficiency' with 'simplicity' and choose bus topology, overlooking that star topology provides better fault isolation and scalability for a shared file environment.

How to eliminate wrong answers

Option A is wrong because a ring topology passes data in a unidirectional loop, and a single cable break can disrupt the entire network, making it less reliable for a small business. Option B is wrong because a bus topology uses a single backbone cable that can become a bottleneck and is prone to collisions, especially as the number of employees increases. Option C is wrong because a mesh topology requires every device to connect to every other device, which is impractical and costly for a small office due to excessive cabling and configuration overhead.

303
MCQeasy

Refer to the exhibit. A database administrator executes the following query: SELECT COUNT(*) FROM employees WHERE department_id = 10; What is the result?

A.2
B.3
C.0
D.1
AnswerA

Employees with department_id 10 are John Doe and Bob Johnson.

Why this answer

The query `SELECT COUNT(*) FROM employees WHERE department_id = 10;` counts all rows in the `employees` table where the `department_id` column equals 10. According to the exhibit (not shown here but implied), there are exactly two employees in department 10, so the result is 2.

Exam trap

Cisco often tests the difference between `COUNT(*)`, `COUNT(column)`, and `COUNT(DISTINCT column)`, and the trap here is that candidates might miscount the rows in the exhibit or confuse the filter condition with a different department ID.

How to eliminate wrong answers

Option B (3) is wrong because it would imply three employees in department 10, but the data shows only two. Option C (0) is wrong because it would mean no employees in department 10, but the data clearly contains two. Option D (1) is wrong because it would indicate a single employee, but the query counts two matching rows.

304
MCQmedium

Refer to the exhibit. A technician notices high CPU usage from a process called 'svchost.exe'. What is the most appropriate action?

A.Scan for malware
B.End the process immediately
C.Increase virtual memory
D.Update Windows
AnswerA

High CPU usage from svchost can indicate malware; a thorough scan is the best initial diagnostic step.

Why this answer

Svchost.exe is a legitimate Windows process that hosts services. High CPU usage could indicate a malfunctioning service or malware disguised as svchost. Scanning for malware is the safest first step.

Ending the process could cause system instability; updating Windows might fix service issues but not malware; virtual memory is not relevant.

305
MCQmedium

Refer to the exhibit. A technician is troubleshooting why a user cannot run a custom application installed in D:\Apps. Based on the exhibit, what is the MOST likely reason?

A.The path rule for C:\Program Files is too broad.
B.The policy does not include a rule for D:\Apps.
C.The publisher rule is incorrect.
D.The enforcement mode is set to Enforce, blocking all unlisted apps.
AnswerB

No rule allows execution from D:\Apps, so the custom app is blocked.

Why this answer

The exhibit shows a software restriction policy that includes path rules for C:\Program Files and C:\Windows, but no rule for D:\Apps. Since the policy does not explicitly allow the custom application installed in D:\Apps, it is blocked by default. This is the most likely reason the user cannot run the application.

Exam trap

The trap here is that candidates may assume 'Enforce' mode blocks all unlisted apps, but the actual issue is the missing path rule for D:\Apps, not the enforcement mode itself.

How to eliminate wrong answers

Option A is wrong because the path rule for C:\Program Files is not too broad; it correctly targets the standard installation directory and does not affect D:\Apps. Option C is wrong because the publisher rule is irrelevant here; the issue is the absence of a path rule for D:\Apps, not an incorrect publisher certificate or signature. Option D is wrong because the enforcement mode being set to Enforce does not block all unlisted apps; it enforces the existing rules, and the problem is the lack of a rule for D:\Apps, not the enforcement mode itself.

306
Multi-Selecthard

A user wants to ensure software is legitimate and free from malware before installation. Which THREE of the following are recommended practices?

Select 3 answers
A.Use a cracked version to save money
B.Read user reviews and check hash values
C.Download from the official vendor website
D.Verify digital signatures
E.Disable antivirus to speed up installation
AnswersB, C, D

Reviews and hash comparisons help verify legitimacy.

Why this answer

Option B is correct because reading user reviews can reveal community reports of malware or tampering, and checking hash values (e.g., SHA-256) against the vendor's published digest verifies file integrity, ensuring the software hasn't been altered. This combination provides both social and cryptographic verification of legitimacy.

Exam trap

The trap here is that candidates may think disabling antivirus speeds up installation without realizing it removes a critical security layer, or they might confuse 'cracked version' with a legitimate free trial, missing that cracking inherently bypasses integrity checks.

307
Multi-Selectmedium

Which TWO of the following are advantages of using a virtual private network (VPN) for remote employees?

Select 2 answers
A.Eliminates need for antivirus software
B.Provides encrypted communication
C.Allows access to internal resources
D.Reduces hardware costs
E.Increases network bandwidth
AnswersB, C

VPNs encrypt data to ensure confidentiality.

Why this answer

Options B and C are correct. VPNs provide encrypted communication (B) and allow access to internal resources (C). Option A is incorrect because VPNs typically reduce bandwidth due to encryption overhead.

Option D is incorrect because VPNs do not directly reduce hardware costs. Option E is incorrect because a VPN does not eliminate the need for antivirus software.

308
MCQhard

A technician is diagnosing performance issues in a wireless network. Users report intermittent slowdowns. Which of the following is the MOST likely cause?

A.WPA2 encryption overhead
B.Weak signal from the access point
C.Interference from neighboring networks
D.Incorrect channel width setting
AnswerC

Interference can cause sporadic slowdowns.

Why this answer

Intermittent slowdowns in a wireless network are most commonly caused by co-channel or adjacent-channel interference from neighboring networks. Wi-Fi operates on shared, unlicensed spectrum (2.4 GHz and 5 GHz), and overlapping channels or high utilization from nearby access points force stations to wait for clear channel access, causing latency spikes and throughput drops. WPA2 encryption overhead is negligible for modern hardware, and weak signal or incorrect channel width would typically cause consistent, not intermittent, issues.

Exam trap

The trap here is that candidates confuse 'intermittent slowdowns' with 'weak signal' or 'incorrect channel width,' but CompTIA emphasizes that interference from neighboring networks is the most common cause of sporadic performance issues in dense wireless environments.

How to eliminate wrong answers

Option A is wrong because WPA2 encryption overhead is minimal (typically <5% CPU impact on modern devices) and causes a constant, predictable latency increase, not intermittent slowdowns. Option B is wrong because a weak signal from the access point results in consistently low data rates or frequent disconnections, not intermittent slowdowns that come and go. Option D is wrong because an incorrect channel width setting (e.g., 40 MHz in 2.4 GHz) would cause persistent performance degradation or compatibility issues, not intermittent slowdowns, and is less common than interference as a root cause.

309
MCQmedium

A user receives an error 'This application cannot run on your PC' when trying to install a legacy program on Windows 10. What is the most likely cause?

A.Incompatible architecture (32-bit vs 64-bit)
B.Corrupted hard drive
C.Insufficient RAM
D.Missing antivirus
AnswerA

The program may be incompatible with the system's processor architecture.

Why this answer

The error 'This application cannot run on your PC' typically occurs when a 32-bit legacy program is incompatible with the 64-bit architecture of Windows 10, or vice versa. 64-bit Windows cannot execute 16-bit or certain older 32-bit applications that rely on deprecated system components like NTVDM (NT Virtual DOS Machine) without proper compatibility layers. This is the most likely cause because the error specifically points to an architecture mismatch, not hardware or security issues.

Exam trap

The trap here is that candidates may confuse this architecture-specific error with general hardware or security issues, such as insufficient RAM or missing antivirus, because they assume any installation failure is due to resource constraints or security blocks rather than a fundamental CPU instruction set mismatch.

How to eliminate wrong answers

Option B is wrong because a corrupted hard drive would cause file read/write errors, boot failures, or data loss, not a specific application compatibility error during installation. Option C is wrong because insufficient RAM would result in system slowdowns, out-of-memory errors, or application crashes after launch, not a pre-installation architecture-related error. Option D is wrong because missing antivirus software does not prevent application installation; it only increases vulnerability to malware, and the error message is unrelated to security software.

310
MCQhard

A database manager is designing a new table to store customer information for a retail company. The table needs to store a unique identifier for each customer, the customer's first and last name, email address, phone number, and date of birth. The manager also wants to ensure that the email address is always provided and that no two customers have the same email. Which of the following SQL constraints should be applied to the email column?

A.INDEX
B.FOREIGN KEY
C.PRIMARY KEY
D.UNIQUE and NOT NULL
AnswerD

These constraints ensure email is mandatory and distinct.

Why this answer

The email column must be both unique (to prevent duplicate email addresses) and NOT NULL (to ensure an email is always provided). The UNIQUE constraint enforces that no two rows have the same value, and NOT NULL guarantees that the column cannot be left empty. Together, they satisfy the requirement that every customer has a distinct, mandatory email address.

Exam trap

The trap here is that candidates confuse PRIMARY KEY with UNIQUE+NOT NULL, not realizing that a table can have only one primary key and that email is often a natural key requiring both uniqueness and mandatory presence, but not necessarily the table's primary identifier.

How to eliminate wrong answers

Option A is wrong because an INDEX is a performance optimization for faster data retrieval, not a constraint that enforces data integrity or uniqueness. Option B is wrong because a FOREIGN KEY links a column to a primary key in another table, ensuring referential integrity, but it does not enforce uniqueness or non-null values within the same table. Option C is wrong because a PRIMARY KEY enforces both uniqueness and non-null, but a table can have only one primary key, and the customer ID (not the email) is the natural choice for that role; applying PRIMARY KEY to email would prevent using a separate customer identifier.

311
Multi-Selecthard

Which THREE are valid primitive data types in most programming languages? (Choose three.)

Select 3 answers
A.String
B.Character
C.Boolean
D.Integer
E.Array
AnswersB, C, D

Character is a primitive type.

Why this answer

The correct answers are A, C, and D: Integer, Boolean, and character. String (B) is not primitive in many languages (it's an object). Array (E) is a composite type.

312
MCQmedium

A small business wants to secure its wireless network. Which configuration provides the strongest encryption?

A.WPA
B.WEP
C.WPA2
D.WPA3
AnswerD

WPA3 offers stronger encryption and improved security features over older standards.

Why this answer

WPA3 (Wi-Fi Protected Access 3) is the latest wireless security standard, introduced in 2018, which provides the strongest encryption through mandatory use of 192-bit AES encryption in WPA3-Enterprise and 128-bit AES in WPA3-Personal, along with Simultaneous Authentication of Equals (SAE) to replace the vulnerable Pre-Shared Key (PSK) exchange used in WPA2. This makes it resistant to offline dictionary attacks and provides forward secrecy, ensuring that even if a password is compromised, past sessions remain secure.

Exam trap

The trap here is that candidates often confuse 'strongest' with 'most common' and select WPA2 because it is widely deployed, forgetting that WPA3 is the current gold standard and explicitly tested as the most secure option in the CompTIA FC0-U61 objectives.

How to eliminate wrong answers

Option A is wrong because WPA (Wi-Fi Protected Access) uses TKIP (Temporal Key Integrity Protocol) with RC4 encryption, which is vulnerable to attacks like Beck-Tews and has been deprecated since 2009. Option B is wrong because WEP (Wired Equivalent Privacy) uses static RC4 keys with a 24-bit initialization vector, making it trivially crackable within minutes using tools like aircrack-ng. Option C is wrong because WPA2, while using AES-CCMP and being significantly stronger than WPA or WEP, is still susceptible to KRACK (Key Reinstallation Attack) and offline dictionary attacks against the 4-way handshake, which WPA3 explicitly addresses.

313
MCQeasy

A junior developer is tasked with creating a function that checks whether a number is even or odd. The developer writes the following pseudocode: FUNCTION isEven(number) IF number % 2 == 0 THEN RETURN true ELSE RETURN false. The developer then realizes they need to handle non-integer input. Which of the following should the developer add to improve the robustness of this function?

A.Add input validation to check if the number is an integer.
B.Delete the function and use a built-in library instead.
C.Change the modulus operator to a division operator.
D.Add a parameter for the number type.
AnswerA

Validation ensures only integers are processed, preventing errors.

Why this answer

Adding input validation to check if the number is an integer ensures the modulus operation works correctly. A parameter for number type is not standard. Changing the operator would break the logic.

Deleting and using a library is overkill.

314
MCQeasy

Which type of software provides an interface for users to interact with the computer's hardware?

A.Operating system
B.Firmware
C.Application software
D.Utility software
AnswerA

The OS acts as an intermediary between hardware and software, providing a user interface.

Why this answer

The operating system (OS) is the core software that manages hardware resources and provides a user interface (such as a GUI or CLI) for users to interact with the computer's hardware. It abstracts the underlying hardware details, allowing applications to communicate with devices through standardized system calls and drivers. Without an OS, users would have to write low-level machine code to perform basic tasks like reading from a disk or displaying output.

Exam trap

The trap here is that candidates often confuse firmware (which controls hardware at boot) with the operating system, thinking that firmware provides the main user interface, but firmware only initializes hardware and hands control to the OS, which then manages ongoing user interaction.

How to eliminate wrong answers

Option B (Firmware) is wrong because firmware is low-level software stored in non-volatile memory (e.g., ROM, flash) that initializes hardware during boot, but it does not provide a persistent user interface for ongoing interaction with hardware. Option C (Application software) is wrong because application software (e.g., word processors, browsers) runs on top of the OS and uses its services to access hardware indirectly, not providing a direct interface to the hardware itself. Option D (Utility software) is wrong because utility software (e.g., disk defragmenters, antivirus) performs specific maintenance or optimization tasks but does not serve as the primary interface for user-hardware interaction.

315
MCQmedium

A user is trying to access a website but receives a 'DNS server not responding' error. Which of the following is the MOST likely cause?

A.DHCP server is down
B.DNS server is unreachable
C.Firewall is blocking the website
D.Modem is disconnected
AnswerB

The error explicitly mentions DNS server.

Why this answer

The 'DNS server not responding' error indicates that the client cannot reach the DNS server to resolve the domain name into an IP address. This is most commonly caused by the DNS server being unreachable due to network connectivity issues, server downtime, or incorrect DNS server configuration. Without DNS resolution, the browser cannot translate the website's URL into an IP address, even if the network and web server are functional.

Exam trap

The trap here is that candidates often confuse DNS resolution failures with network connectivity issues or firewall blocks, but the specific error message points directly to the DNS server being unreachable, not to general network or application-layer problems.

How to eliminate wrong answers

Option A is wrong because a DHCP server being down would prevent the client from obtaining an IP address, subnet mask, or default gateway, but the error message specifically mentions DNS, not IP configuration failure. Option C is wrong because a firewall blocking the website would typically result in a 'connection timed out' or 'access denied' error, not a 'DNS server not responding' error, as DNS resolution occurs before the HTTP request. Option D is wrong because a disconnected modem would cause a complete loss of network connectivity, resulting in a 'no internet access' or 'network cable unplugged' error, not a DNS-specific error.

316
MCQhard

Refer to the exhibit. The database administrator sees this error in the log. Which action should the administrator take to resolve the deadlock?

A.Increase the transaction isolation level to Serializable to prevent deadlocks.
B.Remove all indexes from the involved tables to reduce lock contention.
C.Manually kill one of the processes to break the deadlock.
D.The database will automatically roll back one of the transactions; no immediate action is needed.
AnswerD

Most DBMSs detect deadlocks and automatically choose a victim transaction to roll back.

Why this answer

When a deadlock occurs in a database, the database management system (DBMS) automatically detects the circular dependency and selects one of the transactions as a victim, rolling it back to break the deadlock. This is a built-in mechanism in most relational databases, such as SQL Server, Oracle, or MySQL, and does not require manual intervention. Therefore, no immediate action is needed from the administrator, as the database will resolve the deadlock itself.

Exam trap

The trap here is that candidates may think manual intervention (killing a process) is required, but the exam tests the understanding that modern databases have automatic deadlock resolution built in, making option D the correct answer.

How to eliminate wrong answers

Option A is wrong because increasing the transaction isolation level to Serializable increases locking and contention, which actually makes deadlocks more likely, not less. Option B is wrong because removing indexes increases the likelihood of table scans and lock escalation, which can worsen lock contention and deadlock frequency. Option C is wrong because manually killing one of the processes is unnecessary and disruptive; the database's deadlock detection mechanism automatically selects and rolls back a victim transaction without administrator intervention.

317
Multi-Selectmedium

Which TWO of the following are common file formats for images?

Select 2 answers
A.PDF
B.PNG
C.TXT
D.MP3
E.JPEG
AnswersB, E

PNG is a common image format.

Why this answer

PNG (Portable Network Graphics) is a common image file format that uses lossless compression, making it ideal for images requiring high detail and transparency. It supports up to 48-bit true color and an alpha channel for transparency, which distinguishes it from other formats like JPEG.

Exam trap

CompTIA often tests the distinction between file formats by including common non-image formats like PDF or TXT, leading candidates to confuse document or text formats with image formats.

318
MCQhard

A small business uses a single external IP address from their ISP and has a network of 10 computers. They want to host a web server that must be accessible from the internet, but they also need to protect their internal network. They have a firewall/router that supports port forwarding. Which configuration should they implement?

A.Connect the web server directly to the ISP modem, bypassing the firewall
B.Place the web server in the DMZ of the firewall and allow all inbound traffic to the server's IP
C.Assign a public IP address to the web server and connect it to the same switch as the other computers
D.Configure port forwarding on the router to direct HTTP (port 80) and HTTPS (port 443) traffic to the web server's internal IP address
AnswerD

This allows external access only to the specified ports while protecting the internal network.

Why this answer

Option D is correct because port forwarding allows the firewall/router to accept incoming HTTP (port 80) and HTTPS (port 443) traffic on the single public IP address and forward it to the web server's internal private IP address. This exposes only the necessary ports to the internet while keeping the web server behind the firewall, protecting the internal network from direct external access.

Exam trap

The trap here is that candidates often confuse the DMZ option (B) as a secure solution, not realizing that a typical SOHO DMZ exposes the host to all inbound traffic, which is far less secure than targeted port forwarding.

How to eliminate wrong answers

Option A is wrong because connecting the web server directly to the ISP modem bypasses the firewall entirely, leaving the server and potentially the internal network unprotected from internet threats. Option B is wrong because placing the web server in the DMZ and allowing all inbound traffic to its IP exposes the server to every port and protocol, defeating the purpose of selective access and increasing the attack surface unnecessarily. Option C is wrong because assigning a public IP address to the web server on the same switch as the other computers would require multiple public IPs (which the business does not have) and would expose the server directly to the internet without firewall protection, compromising the internal network.

319
MCQhard

An administrator is configuring access to an S3 bucket. The policy is applied to an IAM user. Which of the following actions will the user be allowed to perform?

A.List all objects in my-company-bucket
B.Read and write objects in my-company-bucket
C.Delete objects from my-company-bucket
D.Change the bucket policy of my-company-bucket
AnswerB

The policy grants GetObject and PutObject, which allow reading and writing objects.

Why this answer

The IAM policy applied to the user explicitly grants 's3:GetObject' and 's3:PutObject' actions on the 'my-company-bucket' resource, which correspond to reading and writing objects. This is the only action set permitted by the policy, so the user can read and write objects in the bucket.

Exam trap

The trap here is that candidates often assume an IAM policy applied to a user grants all actions on the bucket by default, but AWS IAM follows a least-privilege model where only explicitly allowed actions are permitted.

How to eliminate wrong answers

Option A is wrong because listing objects requires the 's3:ListBucket' permission, which is not granted in the policy. Option C is wrong because deleting objects requires the 's3:DeleteObject' permission, which is not granted. Option D is wrong because changing the bucket policy requires the 's3:PutBucketPolicy' permission, which is not granted and is typically reserved for bucket owners or administrators.

320
MCQhard

A developer sees the above output. After a recent commit, the application crashed due to a null pointer. Which commit likely introduced the null pointer issue?

A.def456
B.abc123
C.012jkl
D.789ghi
AnswerA

The null pointer bug likely originated in the new feature commit def456.

Why this answer

The correct answer is C: def456. The null pointer was fixed in 789ghi, so the bug was introduced before that. The initial commit (D) likely didn't have the bug.

The bug fix (A) fixes it. The fix commit shows 'Fixed bug', but the null pointer fix is 789ghi. So the commit that introduced it is def456.

Wait: The exhibit shows: abc123 fixed bug, def456 added feature, 789ghi fixed null pointer, 012jkl initial. So the null pointer was fixed in 789ghi. It was introduced in the commit before that? Usually the bug is introduced in a prior commit.

The question asks: 'After a recent commit, the application crashed due to a null pointer.' Which commit likely introduced the null pointer? Since it was fixed in 789ghi, it was likely introduced in def456 (the addition of new feature). So correct answer is B: def456. But options: A abc123, B def456, C 789ghi, D 012jkl.

Correct is B.

321
MCQeasy

A help desk technician receives an alert from the security monitoring system showing multiple events like the one in the exhibit. The technician is investigating a possible brute-force attack. Based on the exhibit, which of the following is the primary attack vector being used?

A.VPN brute-force attack
B.RDP brute-force attack
C.SSH brute-force attack
D.Web application attack
AnswerB

Logon Type 10 indicates a remote interactive logon, commonly used by RDP.

Why this answer

The exhibit shows repeated failed authentication attempts targeting TCP port 3389, which is the default port for Remote Desktop Protocol (RDP). A brute-force attack on RDP involves systematically trying many username/password combinations to gain unauthorized remote access to a Windows system. This matches the definition of an RDP brute-force attack.

Exam trap

CompTIA often tests the association of default port numbers with specific protocols, so the trap here is confusing RDP (port 3389) with SSH (port 22) or VPN (various ports), leading candidates to pick a plausible but incorrect attack vector.

How to eliminate wrong answers

Option A is wrong because VPN brute-force attacks target VPN protocols like IPsec or SSL/TLS on ports such as UDP 500 or TCP 443, not TCP 3389. Option C is wrong because SSH brute-force attacks target TCP port 22, not port 3389. Option D is wrong because web application attacks target HTTP/HTTPS ports (80/443) and exploit application-layer vulnerabilities like SQL injection or XSS, not repeated authentication attempts on a remote access protocol.

322
MCQeasy

Refer to the exhibit. What does this event log entry indicate?

A.A virus infected the system
B.A software update was installed
C.A power outage or unexpected shutdown occurred
D.A scheduled restart took place
AnswerC

Event ID 41 specifically logs an unclean shutdown.

Why this answer

The event log entry indicates a system shutdown that was not expected or planned, as shown by the 'unexpected' keyword and the event ID 41 in the System log, which corresponds to the Kernel-Power source. This typically occurs when the system loses power or crashes without a clean shutdown process, such as during a power outage or hardware failure.

Exam trap

CompTIA often tests the distinction between 'unexpected' and 'planned' shutdowns by using event ID 41 versus event ID 1074, where candidates may confuse a scheduled restart (which logs a clean shutdown) with an unexpected power loss.

How to eliminate wrong answers

Option A is wrong because event ID 41 does not indicate a virus infection; malware infections are typically logged under different event IDs (e.g., Windows Defender events) or show unusual process behavior, not a kernel power loss. Option B is wrong because software updates are logged under event IDs like 43 (Windows Update) or 19 (Installation) in the System or Setup logs, not as a Kernel-Power event ID 41. Option D is wrong because a scheduled restart would show event ID 1074 with a reason code like 'Application: Maintenance' or 'Planned,' not the 'unexpected' classification seen here.

323
Multi-Selecteasy

Which TWO of the following are types of malware?

Select 2 answers
A.Patch
B.Encryption
C.Virus
D.Worm
E.Firewall
AnswersC, D

A virus is a type of malware that replicates by attaching to programs.

Why this answer

A virus is a type of malware that attaches itself to a legitimate program or file and replicates when the host is executed, often causing damage or stealing data. It requires user interaction (e.g., opening an infected attachment) to spread, distinguishing it from other malware types.

Exam trap

The trap here is that candidates confuse security tools (patches, encryption, firewalls) with malware types, or mistakenly think encryption itself is malicious, whereas encryption is a neutral technique used by both security software and some malware (e.g., ransomware) to lock data.

324
Multi-Selecteasy

Which TWO of the following are primitive data types commonly used in programming?

Select 2 answers
A.String
B.Integer
C.Boolean
D.Array
E.Function
AnswersB, C

Integer is a primitive numeric data type.

Why this answer

Integer and Boolean are primitive data types. Array and String are composite or reference types. Function is not a data type.

325
MCQmedium

An employee receives an email from 'IT Support' asking for his password due to 'system maintenance'. This is an example of:

A.Baiting
B.Phishing
C.Tailgating
D.Pretexting
AnswerB

The email impersonates IT support and requests sensitive information, typical of phishing.

Why this answer

Phishing is a social engineering attack where an attacker masquerades as a trusted entity (here, 'IT Support') to trick the victim into revealing sensitive information, such as a password. The email requesting credentials under the pretext of 'system maintenance' is a classic phishing technique, often executed via email (spear phishing if targeted). This directly matches the definition of phishing as an attempt to acquire sensitive data through deceptive electronic communication.

Exam trap

The trap here is that candidates confuse pretexting with phishing because both involve a fabricated story, but the exam specifically tests that phishing is the correct term when the attack is carried out via email, instant message, or other electronic communication, whereas pretexting is broader and often involves direct voice or in-person interaction.

How to eliminate wrong answers

Option A is wrong because baiting involves offering something enticing (e.g., a free USB drive or download) to lure the victim into executing malware or revealing information, not sending a deceptive email requesting credentials. Option C is wrong because tailgating is a physical security breach where an unauthorized person follows an authorized individual into a restricted area, not an email-based attack. Option D is wrong because pretexting is a social engineering tactic where the attacker fabricates a scenario (pretext) to obtain information, but it typically involves impersonation over the phone or in person, not specifically via email; while the email does create a pretext, the question explicitly describes an email request for a password, which is the hallmark of phishing, not pretexting alone.

326
MCQeasy

A user needs to create a presentation for a sales meeting. Which type of software should they use?

A.Spreadsheet.
B.Presentation software.
C.Database.
D.Word processor.
AnswerB

Presentation software (e.g., PowerPoint) is used for slide-based presentations.

Why this answer

Presentation software, such as Microsoft PowerPoint or Google Slides, is specifically designed to create slide-based presentations for meetings, lectures, or sales pitches. It provides tools for adding text, images, charts, animations, and transitions to effectively communicate information to an audience.

Exam trap

CompTIA often tests the distinction between application categories by presenting a common business task and expecting candidates to recognize that presentation software is the only tool designed for slide-based visual storytelling, not for data analysis, storage, or document creation.

How to eliminate wrong answers

Option A is wrong because spreadsheet software (e.g., Microsoft Excel) is used for organizing, calculating, and analyzing numerical data, not for creating visual slide decks. Option C is wrong because database software (e.g., Microsoft Access) is used for storing, querying, and managing structured data, not for designing presentations. Option D is wrong because a word processor (e.g., Microsoft Word) is used for creating text-based documents like letters or reports, which lack the slide-by-slide layout and multimedia features required for a presentation.

327
MCQhard

A small business purchases a cable modem from the ISP. They need to obtain a public IP address to access the internet. Which method does the cable modem typically use?

A.NAT
B.DHCP
C.Static assignment
D.APIPA
AnswerB

Cable modems use DHCP to obtain an IP address from the ISP automatically.

Why this answer

Cable modems typically use DHCP to obtain a public IP address from the ISP. When the modem powers on, it sends a DHCPDISCOVER broadcast, and the ISP's DHCP server responds with an IP address, subnet mask, default gateway, and DNS server information. This is the standard method for dynamically assigning public IP addresses to customer premises equipment (CPE) in cable networks.

Exam trap

The trap here is that candidates often confuse the cable modem's method of obtaining an IP address with the router's NAT function, leading them to incorrectly select NAT as the answer when DHCP is the correct mechanism used by the modem to request a public IP from the ISP.

How to eliminate wrong answers

Option A is wrong because NAT (Network Address Translation) is a technique used by routers to map private IP addresses to a public IP address, not a method for a cable modem to obtain a public IP address from the ISP. Option C is wrong because static assignment requires manual configuration of the IP address on the modem, which is not the typical method used by ISPs for cable modems; static IPs are usually an additional service. Option D is wrong because APIPA (Automatic Private IP Addressing) assigns a link-local address in the 169.254.0.0/16 range when a DHCP server is unavailable, and it is not used to obtain a public IP address from an ISP.

328
Multi-Selecteasy

A user is trying to install a new application but receives an error that the system does not meet the minimum requirements. Which TWO hardware components should the user check first to ensure compatibility?

Select 2 answers
A.Available storage space
B.CPU clock speed
C.Number of USB ports
D.Amount of RAM
E.Monitor refresh rate
AnswersA, D

Applications often require a minimum amount of free disk space; without it, installation fails.

Why this answer

Option A (Available storage space) is correct because applications require a minimum amount of free disk space to install and run. Option C (Amount of RAM) is correct because insufficient memory can prevent installation or cause poor performance. Option B (Monitor refresh rate) is irrelevant to application installation.

Option D (CPU clock speed) is important but not as commonly checked as RAM and storage for typical applications; however, the question asks for TWO components, and storage and RAM are the most fundamental. Option E (Number of USB ports) is unrelated.

329
Multi-Selecthard

Which THREE of the following are characteristics of object-oriented programming (OOP)? (Select THREE).

Select 3 answers
A.Polymorphism
B.Encapsulation
C.Inheritance
D.Top-down design
E.Sequential execution
AnswersA, B, C

Polymorphism allows objects to be treated as instances of their parent class.

Why this answer

Polymorphism is a core OOP concept that allows objects of different classes to be treated as objects of a common superclass, with method calls resolved at runtime based on the actual object type. This enables one interface to be used for a general class of actions, with specific behavior determined by the specific object instance.

Exam trap

CompTIA often tests the distinction between OOP principles (encapsulation, inheritance, polymorphism) and procedural or structured programming concepts (top-down design, sequential execution), so candidates mistakenly select familiar-sounding terms like 'top-down design' without recognizing they belong to a different paradigm.

330
MCQeasy

A user has just installed a new word-processing application on their laptop. When the user tries to open the application for the first time, a window appears asking for a product key. The user purchased the software online and received an email with the product key. Where should the user enter the product key to activate the software?

A.Enter the product key into the activation window that appeared.
B.Look for the product key field in the application's 'File' menu.
C.Open the operating system's settings and navigate to 'Activation'.
D.Close the activation window and try to use the software without activation.
AnswerA

The activation prompt is specifically for entering the product key.

Why this answer

Option A is correct because the activation window that appears when launching the application is the standard interface for entering a product key. This window is generated by the application itself, not the operating system, and is the intended mechanism to validate the license before full functionality is granted.

Exam trap

The trap here is that candidates may confuse application activation with operating system activation, leading them to choose Option C, or they may think the product key can be entered through a menu like 'File' (Option B), which is not the standard workflow for first-time activation.

How to eliminate wrong answers

Option B is wrong because the 'File' menu typically contains options like 'Save', 'Open', and 'Print', but not a product key entry field; product key entry is handled by a dedicated activation dialog, not a menu item. Option C is wrong because the operating system's 'Activation' settings (e.g., Windows Activation) are used to activate the OS itself, not individual applications like a word processor. Option D is wrong because closing the activation window will either prevent the application from launching or limit it to a trial mode, and the software cannot be used without activation as the product key is required to unlock full features.

331
MCQmedium

A user wants to upgrade their workstation's storage without losing existing data. Which of the following is the BEST method?

A.Clone the existing drive to the new one
B.Perform a clean installation on the new drive
C.Back up data to external drive, then restore
D.Set up a RAID 1 array
AnswerA

Cloning preserves all data.

Why this answer

Option B is correct because cloning copies the entire drive to a new one, preserving data and OS. Option A is incorrect because a clean install erases data. Option C is incorrect because RAID requires multiple drives.

Option D is incorrect because external backup is for backup, not upgrading internal storage.

332
Drag & Dropmedium

Drag and drop the steps to uninstall a program in Windows 10 into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Uninstalling programs removes them from the system to free up space.

333
MCQhard

Refer to the exhibit. A system administrator notices that the computer occasionally freezes and data read errors occur. What should the administrator do?

A.Update the storage controller driver
B.Replace Disk 1
C.Run CHKDSK on both disks
D.Replace Disk 0
AnswerD

Disk 0 is predicted to fail and has reallocated sectors, so replacement is necessary.

Why this answer

Disk 0 is the system disk (as indicated by the 'System' label in the exhibit), and the described symptoms—occasional freezing and data read errors—are classic indicators of a failing hard drive. Replacing Disk 0 addresses the root cause because a failing system disk can cause intermittent read failures and system hangs. Running CHKDSK or updating drivers would only mask the problem temporarily, and replacing Disk 1 (a non-system disk) would not resolve system-level freezes.

Exam trap

The trap here is that candidates assume CHKDSK (Option C) can fix any disk issue, but it only addresses logical corruption, not physical failures, and they may overlook that the 'System' label on Disk 0 indicates it is the boot drive, making its failure the primary cause of system freezes.

How to eliminate wrong answers

Option A is wrong because updating the storage controller driver would not fix physical read errors or freezes caused by a failing disk; driver updates address software compatibility issues, not hardware degradation. Option B is wrong because Disk 1 is labeled as a data disk, and replacing it would not resolve system freezes or read errors originating from the system disk (Disk 0). Option C is wrong because CHKDSK can only detect and repair logical file system errors, not physical media failures; running it on both disks would not fix the underlying hardware problem on Disk 0.

334
MCQeasy

A network printer should always receive the same IP address to ensure reliable access. Which configuration method guarantees this?

A.Static IP address
B.DHCP reservation
C.Dynamic IP address
D.APIPA
AnswerA

A static IP address remains constant, ensuring the printer is always reachable.

Why this answer

A static IP address is manually configured on the printer itself, ensuring it never changes regardless of network conditions or DHCP server availability. This guarantees the printer always receives the same IP address because the assignment is hard-coded and not subject to lease expiration or server failures.

Exam trap

The trap here is that candidates often confuse DHCP reservation with static IP, thinking both guarantee the same address, but the exam tests the understanding that a static IP is configured on the device itself and does not depend on any server, whereas a reservation still relies on DHCP server availability and proper lease renewal.

How to eliminate wrong answers

Option B is wrong because a DHCP reservation assigns a fixed IP address from the DHCP server, but if the server is down or the printer is moved to a different subnet, it may not receive that address. Option C is wrong because a dynamic IP address is leased from a DHCP server and can change when the lease expires or the device reconnects. Option D is wrong because APIPA (Automatic Private IP Addressing) assigns a random link-local address in the 169.254.0.0/16 range when no DHCP server is available, which is not guaranteed to be consistent and cannot be relied upon for network printing.

335
MCQmedium

A company has two departments on separate floors and wants to connect them into a single local area network (LAN). Which device should be used to interconnect the switches on each floor?

A.Router
B.Modem
C.Switch
D.Hub
AnswerC

Switches connect devices within the same network, allowing multiple switches to extend a LAN.

Why this answer

A switch is the correct device because it operates at Layer 2 (Data Link layer) and can forward frames based on MAC addresses, allowing multiple switches to be interconnected to extend a single broadcast domain and form a larger LAN. Connecting switches on different floors via Ethernet cables or fiber uplinks creates a unified local area network without requiring routing or network-layer addressing.

Exam trap

The trap here is that candidates often confuse a router as necessary for connecting any two network segments, but when the goal is to extend the same LAN (same subnet and broadcast domain), a Layer 2 switch is the appropriate device, not a router.

How to eliminate wrong answers

Option A is wrong because a router operates at Layer 3 (Network layer) and is used to connect different networks or subnets, not to extend a single LAN; using a router would segment the network and require IP routing. Option B is wrong because a modem modulates/demodulates signals for WAN connections (e.g., DSL, cable) and is not designed to interconnect local switches within a building. Option D is wrong because a hub is a Layer 1 device that simply repeats electrical signals, lacks MAC address learning, and would create a single collision domain, leading to inefficiency and increased collisions when interconnecting switches.

336
MCQhard

After a ransomware attack, which step should be taken FIRST in the incident response process?

A.Notify law enforcement
B.Disconnect affected systems from network
C.Restore from backup
D.Pay the ransom
AnswerB

Disconnecting stops the spread and limits damage, a crucial first step.

Why this answer

The first step in incident response after a ransomware attack is to contain the threat by disconnecting affected systems from the network. This prevents the ransomware from encrypting additional files on other systems and stops lateral movement, which is critical because ransomware often uses network shares and SMB protocols to spread. Immediate isolation preserves forensic evidence and limits the scope of the incident before any other actions are taken.

Exam trap

CompTIA often tests the misconception that the first step should be to restore from backups or notify authorities, but the correct first step is always containment to stop the spread of the attack.

How to eliminate wrong answers

Option A is wrong because notifying law enforcement is a secondary step that should occur after containment and initial investigation; contacting authorities prematurely can delay critical containment actions and may not be required for all incidents. Option C is wrong because restoring from backup should only be performed after the ransomware has been fully removed and the root cause identified; restoring while the infection is active can re-encrypt the restored data. Option D is wrong because paying the ransom does not guarantee data recovery, encourages further attacks, and violates many organizational security policies and legal guidelines; it is never a recommended technical step in incident response.

337
MCQeasy

A database designer wants to avoid duplicate data across tables and ensure each table stores information about a single entity. Which process should the designer apply?

A.Indexing
B.Transaction isolation
C.Normalization
D.Backup and recovery
AnswerC

Normalization minimizes duplication by splitting data into related tables.

Why this answer

Normalization is the process of organizing data in a database to reduce redundancy and dependency by dividing large tables into smaller, related tables and defining relationships between them. This ensures each table stores information about a single entity and avoids duplicate data across tables, aligning with the designer's goal.

Exam trap

The trap here is that candidates confuse normalization with indexing, assuming both reduce redundancy, but indexing only optimizes query speed without addressing data duplication or entity isolation.

How to eliminate wrong answers

Option A is wrong because indexing is used to speed up data retrieval by creating data structures (e.g., B-trees) that improve query performance, not to eliminate duplicate data or enforce entity-level table design. Option B is wrong because transaction isolation is a property of database transactions (defined by SQL standards like ACID) that controls concurrency and visibility of changes, not a method for structuring tables to avoid redundancy. Option D is wrong because backup and recovery involves creating copies of data and restoring it after failure (e.g., using full, differential, or transaction log backups), which does not address data duplication or table design.

338
MCQhard

A database designer is modeling a system where each book can have multiple authors and each author can write multiple books. Which type of relationship should be used between the Book and Author entities?

A.One-to-one
B.Hierarchical
C.One-to-many
D.Many-to-many
AnswerD

Many-to-many allows a book to have multiple authors and an author to have multiple books, typically implemented via a junction table.

Why this answer

The scenario describes a many-to-many relationship because each book can have multiple authors and each author can write multiple books. In relational database design, this is modeled using a junction (or associative) table that contains foreign keys referencing both the Book and Author primary keys, enabling the bidirectional association without data redundancy.

Exam trap

The trap here is that candidates often confuse a one-to-many relationship with many-to-many, mistakenly thinking that adding multiple author fields to the Book table (violating first normal form) is acceptable, rather than recognizing the need for a junction table.

How to eliminate wrong answers

Option A is wrong because a one-to-one relationship would require each book to have exactly one author and each author to write exactly one book, which contradicts the given scenario. Option B is wrong because hierarchical is not a standard relational database relationship type; it typically refers to a data model (like in LDAP or XML) where records have parent-child relationships, not the associative many-to-many needed here. Option C is wrong because a one-to-many relationship would allow one book to have many authors but would force each author to write only one book (or vice versa), which does not satisfy the bidirectional multiplicity described.

339
MCQmedium

A user wants to ensure data is not lost in the event of a drive failure. Which storage configuration provides redundancy?

A.RAID 1
B.JBOD
C.RAID 0
D.Single drive
AnswerA

RAID 1 mirrors data across two or more drives, so data remains intact if one drive fails.

Why this answer

RAID 1 (mirroring) writes identical data to two or more drives simultaneously, so if one drive fails, the data remains accessible from the other drive(s). This provides fault tolerance and ensures no data loss during a single drive failure, meeting the user's requirement for redundancy.

Exam trap

The trap here is that candidates often confuse RAID 0 (striping for performance) with providing redundancy, or they think JBOD offers some form of protection because it combines drives, but neither provides fault tolerance.

How to eliminate wrong answers

Option B (JBOD) is wrong because JBOD (Just a Bunch Of Disks) simply concatenates disks into a single logical volume without any parity, mirroring, or striping, offering no redundancy—if one drive fails, data on that drive is lost. Option C (RAID 0) is wrong because RAID 0 uses striping to improve performance but provides no redundancy; a single drive failure destroys all data in the array. Option D (Single drive) is wrong because a single drive has no built-in redundancy; any drive failure results in complete data loss.

340
MCQeasy

A user's laptop battery no longer holds a charge and the laptop only works when plugged in. Which component should be replaced?

A.Battery
B.RAM
C.Hard drive
D.Power adapter
AnswerA

The battery is the component that holds charge and needs replacement when it fails.

Why this answer

Option D is correct because the battery is the component that stores charge. The hard drive (A), RAM (B), and power adapter (C) do not affect battery charging.

341
MCQmedium

A company wants to implement a solution that allows employees to access internal applications from home without installing software on their personal devices. Which technology should be used?

A.Remote Desktop Services (RDS)
B.Thin client
C.Virtual Private Network (VPN)
D.Virtual Desktop Infrastructure (VDI)
AnswerD

VDI provides a full desktop experience accessible via a web browser without installing software.

Why this answer

VDI provides hosted virtual desktops that users can access from any device, including personal ones, without installing software locally. The applications run on the server, and only screen updates are sent to the client, meeting the requirement of no software installation on personal devices.

Exam trap

The trap here is confusing VPN with VDI: candidates often think a VPN alone provides application access, but VPN only grants network-level connectivity and still requires local software or RDP clients to run the actual applications.

How to eliminate wrong answers

Option A is wrong because Remote Desktop Services (RDS) typically requires a Remote Desktop Protocol (RDP) client to be installed on the user's device, which violates the 'no software installation' requirement. Option B is wrong because a thin client is a hardware device that requires a dedicated operating system and often local configuration, not a solution for accessing applications from personal devices without installation. Option C is wrong because a Virtual Private Network (VPN) creates an encrypted tunnel to the corporate network but still requires the user to install VPN client software on their personal device and does not inherently provide application access without local installation.

342
MCQhard

You are an IT support specialist for a mid-sized company. A user in the accounting department, Jane, reports that her accounting software (QuickBooks 2021) crashes every time she tries to export a report to PDF. The crash occurs immediately after clicking 'Export to PDF' and displays the error: 'The application has stopped working.' Jane's workstation runs Windows 10 Pro with 8GB RAM and an SSD. She has sufficient disk space. Other users in the same department using the same software version do not experience this issue. Jane recently installed a free PDF printer driver for personal use. What is the most likely cause and the best course of action?

A.Remove the recently installed PDF printer driver and test the export again.
B.Reinstall QuickBooks 2021 using the original installation media.
C.Reinstall Windows 10 because the operating system is corrupted.
D.Update all printer drivers to the latest versions.
AnswerA

The new PDF printer driver likely interferes with QuickBooks' PDF export; removing it should resolve the crash.

Why this answer

The most likely cause is the recently installed free PDF printer driver, which conflicts with QuickBooks' PDF export functionality. QuickBooks relies on its own PDF generation engine or system PDF printers, and a third-party PDF driver can intercept or corrupt the export process, causing the crash. Removing the driver and testing is the best first step because it isolates the change without affecting other software or system files.

Exam trap

The trap here is that candidates may assume the crash is due to QuickBooks corruption or a system-wide issue, rather than recognizing that a recent user-installed driver is the most probable cause given the isolated nature of the problem.

How to eliminate wrong answers

Option B is wrong because reinstalling QuickBooks would not resolve a conflict caused by a third-party driver; the software itself is not corrupted since other users with the same version work fine. Option C is wrong because reinstalling Windows 10 is an extreme and unnecessary step; the issue is isolated to a single application and a recent driver installation, not OS corruption. Option D is wrong because updating all printer drivers is too broad and may not address the specific conflict; the problem is likely the new PDF driver, not outdated drivers, and updating could even introduce further incompatibilities.

343
MCQeasy

A developer writes the following pseudocode: for i = 1 to 5, sum = sum + i. What does this code do?

A.It sums the numbers from 1 to 5
B.It adds 5 to the sum
C.It multiplies numbers from 1 to 5
D.It prints the numbers from 1 to 5
AnswerA

The loop iterates through 1 to 5 and accumulates the sum.

Why this answer

The correct answer is C: It sums the numbers from 1 to 5. The loop runs i from 1 to 5, adding each to sum. Option A (adds 5 to sum) is incorrect because i takes multiple values.

Option B (multiplies numbers) uses '+' not '*'. Option D (prints numbers) doesn't involve output.

344
MCQmedium

A database administrator needs to ensure that a transaction either fully completes or is fully rolled back. Which database property guarantees this?

A.Isolation
B.Durability
C.Atomicity
D.Consistency
AnswerC

Atomicity ensures that each transaction is 'all or nothing'.

Why this answer

Atomicity ensures that a transaction is treated as a single, indivisible unit of work: either all of its operations are committed successfully, or none are applied, and the database is rolled back to its previous state. This property directly guarantees the 'all or nothing' behavior required by the database administrator. In SQL databases, atomicity is typically enforced through transaction control statements like BEGIN TRANSACTION, COMMIT, and ROLLBACK, with the database engine managing undo logs to reverse partial changes if a failure occurs.

Exam trap

The trap here is that candidates often confuse atomicity with consistency, mistakenly thinking that 'all or nothing' is about maintaining data rules, when in fact atomicity is the specific property that guarantees transactional indivisibility.

How to eliminate wrong answers

Option A is wrong because isolation controls how concurrent transactions interact with each other (e.g., preventing dirty reads via locking or MVCC), not whether a single transaction completes fully or rolls back. Option B is wrong because durability guarantees that once a transaction is committed, its changes persist even after a system crash (typically via write-ahead logging), but it does not address the 'all or nothing' completion of the transaction itself. Option D is wrong because consistency ensures that a transaction brings the database from one valid state to another, preserving defined rules (e.g., constraints, cascades), but it does not enforce the atomic 'all or nothing' execution; atomicity is a prerequisite for consistency.

345
MCQmedium

Refer to the exhibit. What is the output of the SELECT statement?

A.Widget, 2
B.Widget, 2
C.Widget, 2; Gadget, 1
D.Widget, 2; Gadget, 1; Widget, 1
AnswerB

The GROUP BY groups by ProductName, and HAVING filters groups with count > 1, so only Widget (count 2) is returned.

Why this answer

The SELECT statement uses COUNT(*) with GROUP BY Category, which counts the number of rows per unique category value. The table has two rows with 'Widget' and one row with 'Gadget', so the output is two rows: Widget with count 2, and Gadget with count 1. Option B correctly lists both rows, matching the query's result.

Exam trap

The trap here is that candidates may forget that GROUP BY produces one row per unique group value, causing them to either omit groups with fewer rows or incorrectly include duplicate rows with partial counts.

How to eliminate wrong answers

Option A is wrong because it only shows one row (Widget, 2), omitting the Gadget row entirely, which would only happen if a WHERE clause filtered out Gadget or if the query used DISTINCT on Category without COUNT. Option C is wrong because it lists 'Widget, 2; Gadget, 1; Widget, 1', which incorrectly includes a third row with Widget count 1, likely confusing COUNT(*) with a row count per individual occurrence or misapplying a HAVING clause. Option D is wrong because it lists 'Widget, 2; Gadget, 1; Widget, 1' (same as C), which duplicates Widget with an incorrect count and adds an extra row not produced by the GROUP BY.

346
Multi-Selectmedium

Which TWO of the following are types of software licenses? (Select TWO).

Select 2 answers
A.Proprietary
B.Router
C.Open source
D.Switch
E.Firewall
AnswersA, C

Proprietary licenses restrict use and modification.

Why this answer

Proprietary software licenses grant the creator exclusive rights to the software, typically restricting modification, redistribution, and access to the source code. This is the standard model for commercial software like Microsoft Windows or Adobe Photoshop, where users purchase a license to use the software but do not own it.

Exam trap

The trap here is that candidates confuse hardware networking components (router, switch, firewall) with software license types, as all are common IT terms but belong to entirely different conceptual domains.

347
MCQmedium

A user reports that their computer is running slowly and the network activity light is constantly on. The technician runs the command shown in the exhibit. Based on the output, what is the most likely cause?

A.The computer is experiencing a denial-of-service (DoS) attack
B.The computer is infected with malware communicating with a command-and-control server
C.The user is running excessive web browsing sessions
D.The firewall is misconfigured and blocking legitimate traffic
AnswerB

Multiple connections to the same remote server are a sign of botnet or C2 activity.

Why this answer

The exhibit shows multiple established connections from the local computer to the same remote IP on port 443 (HTTPS). This pattern suggests a botnet or malware establishing multiple command-and-control channels. Option B is correct because it indicates a malware infection.

Option A is wrong because a DoS attack would typically show many connections from different sources. Option C wrong because a firewall misconfiguration would block or allow traffic, not create multiple connections. Option D wrong because excessive web browsing would show connections to various IPs, not just one.

348
MCQmedium

You are the IT administrator for a small company with 50 employees. The company uses a shared network drive for project files. Employees have read/write access to all folders on the drive. Recently, a ransomware attack encrypted many files on the network drive after an employee's workstation became infected. The employee had mapped the drive as a local letter. Backups are available but restoring takes several hours. Management wants to reduce the risk of future ransomware damage to the network drive. You are considering implementing one of the following controls. Which control would be most effective in limiting the spread of ransomware to the network drive?

A.Enable disk encryption on the network drive.
B.Implement file-level permissions so users only have write access to folders they need.
C.Install antivirus software on all workstations and schedule weekly scans.
D.Require all employees to use a VPN when accessing the network drive.
AnswerB

Least privilege reduces the scope of encryption if a workstation is infected.

Why this answer

Option A is correct because implementing file-level permissions with least privilege limits the number of files a ransomware infection can encrypt. Option B is wrong because VPN is for remote access, not internal protection. Option C is wrong because antivirus may not prevent malware from running.

Option D is wrong because disk encryption protects data at rest but does not prevent ransomware from encrypting files.

349
MCQeasy

A user needs to edit a PDF file that was received as an attachment. What type of application is required?

A.A PDF editor.
B.A video player.
C.A web browser.
D.An image editing application.
AnswerA

PDF editors like Adobe Acrobat provide editing capabilities.

Why this answer

A PDF editor is specifically designed to modify the content, structure, and metadata of PDF files, such as adding text, images, or annotations. Unlike a viewer, a PDF editor provides the necessary tools to edit the file directly, which is required when a user needs to make changes to a received PDF attachment.

Exam trap

CompTIA often tests the misconception that a web browser or image editor can fully edit PDFs because they can display or convert them, but they lack the native ability to modify the PDF's internal structure and save changes without data loss.

How to eliminate wrong answers

Option B is wrong because a video player is designed to decode and render video/audio codecs (e.g., H.264, AAC), not to edit or manipulate PDF files, which are based on PostScript and contain structured document objects. Option C is wrong because a web browser can display PDFs via built-in plugins or PDF.js, but it lacks the ability to save changes to the PDF file's internal object tree or modify its content streams. Option D is wrong because an image editing application works with raster or vector graphics (e.g., JPEG, PNG, SVG) and cannot natively parse the PDF file format's cross-reference table, page tree, or embedded fonts without specialized conversion.

350
MCQhard

A database administrator notices that a transaction that updates two tables is failing halfway, leaving data inconsistent. Which property of ACID ensures that the database returns to its original state if the transaction fails?

A.Consistency
B.Durability
C.Isolation
D.Atomicity
AnswerD

Atomicity guarantees that all parts of a transaction succeed or none do, allowing rollback on failure.

Why this answer

Atomicity (option D) ensures that a transaction is treated as a single, indivisible unit of work. If any part of the transaction fails (e.g., updating the second table), the entire transaction is rolled back, and the database returns to its original state before the transaction began. This prevents partial updates that would leave data inconsistent.

Exam trap

CompTIA often tests the distinction between Atomicity and Consistency, where candidates mistakenly think Consistency handles rollback, but Atomicity is the property that ensures the entire transaction is undone on failure.

How to eliminate wrong answers

Option A is wrong because Consistency ensures that a transaction brings the database from one valid state to another, but it does not handle rollback on failure—that is the role of Atomicity. Option B is wrong because Durability guarantees that once a transaction is committed, its changes persist even after a system crash, but it does not undo a failed transaction. Option C is wrong because Isolation ensures that concurrent transactions do not interfere with each other, but it does not provide rollback mechanisms for a single failing transaction.

351
MCQeasy

A technician is explaining the difference between volatile and non-volatile memory. Which of the following is an example of volatile memory?

A.Hard disk drive
B.RAM
C.Solid-state drive
D.USB flash drive
AnswerB

RAM is volatile; data is lost when power is off.

Why this answer

RAM (Random Access Memory) is volatile memory because it requires continuous electrical power to retain data; once the system is powered off, all data stored in RAM is lost. This is in contrast to non-volatile memory, which retains data without power. The question specifically asks for an example of volatile memory, and RAM is the classic example.

Exam trap

The trap here is that candidates often confuse 'memory' with 'storage' and incorrectly assume that any device used to save files (like a USB drive or SSD) is volatile, when in fact volatile memory specifically refers to components like RAM that lose data on power loss.

How to eliminate wrong answers

Option A is wrong because a hard disk drive (HDD) is a non-volatile storage device that uses magnetic platters to retain data even when power is removed. Option C is wrong because a solid-state drive (SSD) uses NAND flash memory, which is non-volatile and retains data without power. Option D is wrong because a USB flash drive also uses NAND flash memory and is non-volatile, designed to preserve data when unpowered.

352
MCQhard

An IT administrator applies the software restriction policy shown in the exhibit. What is the intended effect of this policy?

A.Allows executables in the Temp folder to run.
B.Blocks executables in Program Files but allows in AppData.
C.Blocks all executables on the system.
D.Allows executables in Program Files to run, but blocks others.
AnswerD

Default is disallowed, but Program Files is unrestricted.

Why this answer

The software restriction policy shown in the exhibit uses a 'Disallowed' default rule, which blocks all executables by default. It then creates an 'Unrestricted' path rule for `%ProgramFiles%`, which explicitly allows executables in that folder to run. Therefore, executables in Program Files are allowed, while all others (e.g., in Temp, AppData, or Downloads) are blocked.

Exam trap

The trap here is that candidates assume the 'Disallowed' default rule blocks everything, overlooking that a path rule for Program Files creates an explicit exception, making option D correct rather than option C.

How to eliminate wrong answers

Option A is wrong because the policy does not include a path rule for the Temp folder; the default 'Disallowed' rule blocks executables there. Option B is wrong because the policy blocks executables in AppData (no allow rule) and allows executables in Program Files, not the reverse. Option C is wrong because the policy explicitly allows executables in Program Files via the path rule, so it does not block all executables on the system.

353
MCQeasy

A help desk technician receives a ticket that a user cannot access a shared folder. The technician verifies the network cable is connected and the user can ping the server. What should the technician check next?

A.Restart the user's computer
B.Check the DNS server settings
C.Check the default gateway configuration
D.Check the permissions on the shared folder
AnswerD

Permissions control access to shared resources; incorrect permissions are a common cause of access issues.

Why this answer

Since the user can ping the server, Layer 3 (network layer) connectivity is confirmed, ruling out issues with the network cable, DNS resolution, and default gateway. The inability to access a shared folder despite successful ping points to a permissions issue at the file system or share level, which is independent of basic network connectivity. Checking the permissions on the shared folder is the logical next step to verify that the user's account has the necessary read/write access rights.

Exam trap

The trap here is that candidates often assume network connectivity issues (DNS, gateway, or physical layer) are the cause of shared folder access problems, but the ability to ping the server isolates the issue to higher-layer permissions or authentication.

How to eliminate wrong answers

Option A is wrong because restarting the user's computer is a generic troubleshooting step that does not address the specific symptom of inaccessible shared folder when network connectivity is already verified. Option B is wrong because checking DNS server settings is unnecessary when the user can ping the server by hostname or IP, indicating name resolution is working; if the ping used an IP address, DNS is irrelevant. Option C is wrong because checking the default gateway configuration is irrelevant when the user can ping the server, which proves that traffic is being routed correctly through the gateway to the destination network.

354
MCQeasy

A technician is setting up a small office network. Which device should be used to connect multiple computers and allow them to communicate with each other?

A.Router
B.Modem
C.Switch
D.Hub
AnswerC

A switch connects devices on a local network and forwards frames based on MAC addresses.

Why this answer

A switch operates at Layer 2 of the OSI model and uses MAC addresses to forward frames only to the specific port where the destination device is connected. This allows multiple computers on the same local network to communicate directly with each other without unnecessary traffic, making it the correct device for interconnecting computers in a small office LAN.

Exam trap

The trap here is that candidates often confuse a switch with a hub because both have multiple ports and connect computers, but the key distinction is that a switch uses MAC address learning and forwarding logic (Layer 2) while a hub is a simple electrical repeater (Layer 1).

How to eliminate wrong answers

Option A is wrong because a router is a Layer 3 device that forwards packets between different networks (e.g., connecting a LAN to the internet), not for directly connecting multiple computers on the same local subnet. Option B is wrong because a modem modulates and demodulates signals for WAN connectivity (e.g., DSL or cable), but it does not provide local switching or allow multiple computers to communicate with each other on a LAN. Option D is wrong because a hub is a Layer 1 device that blindly repeats electrical signals out all ports, causing collisions and inefficiency; it does not intelligently forward frames like a switch, and is not recommended for modern networks.

355
MCQhard

A network administrator wants to restrict access to the wireless network to only approved devices. Which security feature should be enabled on the access point?

A.Firewall rules
B.Disable SSID broadcast
C.WPA2 encryption
D.MAC filtering
AnswerD

MAC filtering allows only whitelisted MAC addresses to connect.

Why this answer

MAC filtering allows the access point to permit or deny network access based on the device's MAC address, which is a unique hardware identifier. By creating an allowlist of approved MAC addresses, the administrator can restrict the wireless network to only those devices. This directly addresses the requirement to limit access to approved devices.

Exam trap

The trap here is that candidates often confuse MAC filtering with encryption or SSID hiding, thinking that hiding the network or using strong encryption alone can restrict device access, but neither prevents an unauthorized device from connecting if it has the SSID or password.

How to eliminate wrong answers

Option A is wrong because firewall rules control traffic flow based on IP addresses, ports, or protocols, not device identity, and they do not restrict which devices can associate with the wireless network. Option B is wrong because disabling SSID broadcast only hides the network name from beacon frames; it does not prevent unauthorized devices from connecting if they know the SSID. Option C is wrong because WPA2 encryption secures data in transit and requires a pre-shared key or authentication server, but it does not restrict access to specific approved devices—any device with the correct credentials can connect.

356
Multi-Selectmedium

Which THREE of the following are types of network topologies?

Select 3 answers
A.Mesh
B.Star
C.Bus
D.Triangle
E.Circle
AnswersA, B, C

Each device connects to many others.

Why this answer

A mesh topology connects each device to every other device, providing high redundancy and fault tolerance. It is a valid network topology type commonly used in WANs and wireless networks.

Exam trap

CompTIA often tests that only the three standard topologies (mesh, star, bus) are correct, and traps candidates into selecting 'circle' or 'triangle' because they sound like plausible geometric network shapes.

357
Drag & Dropmedium

Drag and drop the steps to create a new folder on the desktop in Windows 10 into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Creating a folder uses the right-click context menu, then naming it.

358
MCQhard

A company uses a legacy application that only runs on Windows 7. The IT department plans to upgrade to Windows 10. What is the best approach to ensure compatibility?

A.Use Windows 10 compatibility mode for the application.
B.Replace the legacy application with a modern equivalent.
C.Run the application in a virtual machine with Windows 7.
D.Install the application directly on Windows 10 without changes.
AnswerA

Compatibility mode allows the app to run as if on an older OS.

Why this answer

Windows 10 compatibility mode allows the legacy application to run by emulating the environment of Windows 7, including specific service packs and settings. This is the best approach because it requires no additional hardware or software costs and preserves the existing application functionality without modification. Compatibility mode works by intercepting API calls and presenting the expected Windows 7 behavior to the application.

Exam trap

The trap here is that candidates often assume a virtual machine is always the safest choice, but the question asks for the 'best approach' in terms of simplicity and cost, making compatibility mode the correct answer over the more resource-intensive VM solution.

How to eliminate wrong answers

Option B is wrong because replacing the legacy application is not the best approach when compatibility mode can resolve the issue without the cost, time, and training required for a new application. Option C is wrong because running the application in a virtual machine adds overhead, requires a valid Windows 7 license, and is more complex to manage than using built-in compatibility mode. Option D is wrong because installing the application directly on Windows 10 without changes will likely fail due to API differences, security changes, or missing dependencies in the newer OS.

359
MCQeasy

Which file system is commonly used on external USB drives for compatibility between Windows and macOS?

A.APFS
B.ext4
C.FAT32
D.NTFS
AnswerC

FAT32 is compatible with both Windows and macOS.

Why this answer

FAT32 is the correct answer because it is natively supported by both Windows and macOS for read and write operations, making it the most compatible file system for external USB drives that need to be used across both platforms. Unlike NTFS (which macOS can only read by default) and APFS (which Windows does not natively support), FAT32 has been a universal standard for cross-platform storage since the 1990s, though it has a 4 GB maximum file size limit.

Exam trap

The trap here is that candidates often assume NTFS is fully compatible with macOS because macOS can read NTFS drives, but they overlook the lack of native write support, making FAT32 the safer choice for true cross-platform read/write compatibility despite its age and limitations.

How to eliminate wrong answers

Option A is wrong because APFS (Apple File System) is the default for macOS internal drives and is not natively supported by Windows, requiring third-party software for access. Option B is wrong because ext4 is the standard file system for Linux and is not natively recognized by Windows or macOS without additional drivers or tools. Option D is wrong because NTFS is the default for Windows internal drives, but macOS can only read NTFS volumes natively (write support requires third-party software or a paid driver), making it less suitable for full read/write compatibility on external drives.

360
MCQhard

A team is developing a new feature using an Agile methodology. The product owner wants to see a working version of the feature after each iteration. Which practice best supports this request?

A.Code review
B.Continuous integration
C.Refactoring
D.Writing comprehensive documentation
AnswerB

Continuous integration ensures that code changes are integrated and built frequently, providing a working version.

Why this answer

Continuous integration (CI) is the practice of automatically merging and testing code changes frequently, often multiple times per day. This ensures that after each iteration (sprint), the team has a working, integrated version of the feature, directly supporting the product owner's request to see a functional build. CI relies on automated builds and tests to catch integration issues early, enabling rapid feedback and delivery.

Exam trap

The trap here is that candidates may confuse 'continuous integration' with 'code review' or 'refactoring,' thinking that any quality practice supports iterative delivery, but only CI directly ensures a working integrated build after each iteration.

How to eliminate wrong answers

Option A is wrong because code review focuses on manual inspection of code quality and logic, not on producing a working integrated version after each iteration; it does not automate the build or test process. Option C is wrong because refactoring is the process of restructuring existing code without changing its external behavior, aimed at improving maintainability, not at delivering a working feature increment. Option D is wrong because writing comprehensive documentation, while valuable for knowledge transfer, does not produce a working software version; it is a separate activity that can delay or distract from iterative delivery.

361
MCQeasy

A user wants to open a PDF file but receives an error that no application is associated. Which action should the user take?

A.Update device drivers
B.Install a PDF reader
C.Rename the file to .docx
D.Restart the computer
AnswerB

A PDF reader is required to open PDF files.

Why this answer

The error 'no application is associated' means the operating system lacks a default program capable of handling the PDF file format. Installing a PDF reader, such as Adobe Acrobat Reader or a web browser with built-in PDF support, registers the necessary file association and allows the file to open correctly.

Exam trap

The trap here is that candidates may confuse a missing application association with a system-level error, leading them to choose a generic troubleshooting step like restarting or updating drivers instead of recognizing the need to install the appropriate software.

How to eliminate wrong answers

Option A is wrong because updating device drivers addresses hardware communication issues, not software file associations. Option C is wrong because renaming the file to .docx does not change its internal structure; the file remains a PDF and will either fail to open or produce garbled content in a word processor. Option D is wrong because restarting the computer only clears temporary glitches and does not install the missing application or register the PDF file type association.

362
Multi-Selecthard

A network technician is troubleshooting a server that is not reachable from the LAN. The server has a static IP address of 192.168.1.100/24 and a default gateway of 192.168.1.1. The technician pings the gateway successfully but cannot ping the server from another workstation on the same subnet. Which TWO steps should the technician take to resolve the issue?

Select 2 answers
A.Clear the ARP cache on the server
B.Replace the network cable
C.Verify the network adapter settings on the server
D.Check DNS resolution for the server
E.Check the server's firewall settings
AnswersC, E

Misconfigured adapter could cause subnet mismatch.

Why this answer

Option C is correct because the technician can ping the gateway from the server, confirming Layer 3 connectivity to the router, but cannot ping the server from another workstation on the same subnet. This points to a local configuration issue on the server itself, such as a misconfigured subnet mask, a disabled network adapter, or incorrect IP settings. Verifying the network adapter settings ensures the server's IP address, subnet mask, and default gateway are correctly applied and the adapter is enabled.

Exam trap

The trap here is that candidates assume a successful ping to the gateway means the server is fully reachable, overlooking that local subnet communication requires correct subnet mask and adapter settings, not just gateway connectivity.

363
MCQeasy

A user cannot connect to the internet. Which step is most appropriate to start troubleshooting?

A.Update the graphics driver
B.Replace the router
C.Reinstall the operating system
D.Check the network cable connection
AnswerD

Checking the physical cable is a fundamental step to ensure the link is active.

Why this answer

The most appropriate first step in troubleshooting a network connectivity issue is to check the physical layer (Layer 1 of the OSI model). A loose or unplugged network cable is a common cause of connectivity loss, and verifying the cable connection is quick, non-invasive, and follows the principle of starting with the simplest possible cause before escalating to more complex solutions.

Exam trap

CompTIA often tests the troubleshooting methodology by presenting a flashy, high-level solution (like reinstalling the OS) to distract from the fundamental step of verifying the physical connection, which candidates may overlook due to overthinking the problem.

How to eliminate wrong answers

Option A is wrong because updating the graphics driver addresses display or rendering issues, not network connectivity; graphics drivers have no role in TCP/IP or Ethernet communication. Option B is wrong because replacing the router is a drastic, costly step that should only be considered after verifying all simpler components (cables, device settings, ISP status) and is not a starting point. Option C is wrong because reinstalling the operating system is an extreme measure that wipes user data and applications; it is reserved for software corruption or malware, not for a basic connectivity problem that could be caused by a disconnected cable.

364
MCQmedium

A database table contains redundant employee data, leading to update anomalies. Which database design process should be applied to resolve this?

A.Normalization
B.Indexing
C.Denormalization
D.Query optimization
AnswerA

Normalization eliminates redundant data and reduces update anomalies.

Why this answer

Normalization is the database design process that eliminates redundant data and ensures data dependencies make sense, thereby resolving update anomalies. By decomposing a table into smaller, related tables and defining relationships through foreign keys, normalization reduces data duplication and maintains consistency during insert, update, and delete operations.

Exam trap

The trap here is that candidates often confuse normalization with indexing or query optimization because all three improve database performance, but only normalization addresses structural redundancy and update anomalies at the schema level.

How to eliminate wrong answers

Option B (Indexing) is wrong because indexing improves query performance by creating data structures for faster data retrieval, but it does not address data redundancy or update anomalies. Option C (Denormalization) is wrong because it intentionally adds redundant data to improve read performance, which would worsen update anomalies rather than resolve them. Option D (Query optimization) is wrong because it focuses on improving the efficiency of SQL query execution plans, not on restructuring the database schema to eliminate redundancy.

365
Matchingmedium

Match each cloud service model to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Virtual machines and storage

Platform for app development

Software accessed via browser

Virtual desktop infrastructure

Why these pairings

Cloud service delivery models.

366
Multi-Selecteasy

A user reports that their computer is not turning on. Which TWO hardware components should be checked first?

Select 2 answers
A.CPU
B.Power outlet
C.RAM
D.Power supply
E.Hard drive
AnswersB, D

A dead power outlet is a simple cause that should be verified first.

Why this answer

The power outlet is the first component to check because it is the most basic point of failure in the power delivery chain. If the outlet is dead or switched off, no power reaches the system, making it impossible for the computer to turn on. Verifying the outlet with a known working device (e.g., a lamp) quickly isolates this common issue before inspecting internal hardware.

Exam trap

The trap here is that candidates often jump to internal components like the power supply or CPU first, forgetting the simplest external cause—a dead or switched-off power outlet—which is the most logical and quickest check in the troubleshooting process.

367
Multi-Selecteasy

Which THREE are phases of the software development life cycle? (Choose three.)

Select 3 answers
A.Marketing
B.Planning
C.Deployment
D.Debugging
E.Coding
AnswersB, C, E

Planning is the initial SDLC phase.

Why this answer

The correct answers are A, B, and D: Planning, coding, and deployment. Debugging (C) is part of testing. Marketing (E) is not an SDLC phase.

368
Multi-Selectmedium

Which TWO of the following are characteristics of the Agile software development methodology?

Select 2 answers
A.Emphasis on detailed upfront planning
B.Heavy documentation
C.Rigid change control
D.Customer collaboration
E.Iterative development cycles
AnswersD, E

Agile promotes continuous customer involvement.

Why this answer

Agile emphasizes iterative development and customer collaboration, not upfront planning or heavy documentation.

369
MCQhard

A company needs to connect two separate local area networks (LANs) in different buildings. Which device is required to route traffic between the networks?

A.Hub
B.Router
C.Switch
D.Bridge
AnswerB

A router operates at Layer 3 and can connect different networks.

Why this answer

A router is required to connect two separate LANs because it operates at Layer 3 (Network layer) of the OSI model and uses IP addresses to make forwarding decisions. Unlike switches or bridges, routers can examine the destination IP address, consult a routing table, and forward packets between different subnets or networks, even if they use different data link layer technologies.

Exam trap

The trap here is that candidates often confuse a switch's ability to segment collision domains with the router's ability to segment broadcast domains and route between different IP networks, leading them to incorrectly select 'Switch' for inter-network connectivity.

How to eliminate wrong answers

Option A is wrong because a hub operates at Layer 1 (Physical layer) and simply repeats electrical signals to all ports; it cannot make any forwarding decisions or separate traffic between networks. Option C is wrong because a switch operates at Layer 2 (Data Link layer) and forwards frames based on MAC addresses within the same broadcast domain; it cannot route traffic between different IP subnets. Option D is wrong because a bridge also operates at Layer 2 and connects two network segments within the same broadcast domain; it does not have the IP routing capability needed to connect separate LANs.

370
MCQhard

An inventory database contains Products (ProductID int PK, ProductName varchar(50), Quantity int, Price decimal) and Sales (SaleID int PK, ProductID int FK, SaleDate date, QuantitySold int). A report is needed: for each product, show product ID, name, current quantity, and total quantity sold. An employee writes: SELECT p.ProductID, p.ProductName, p.Quantity, SUM(s.QuantitySold) AS TotalSold FROM Products p LEFT JOIN Sales s ON p.ProductID = s.ProductID ORDER BY p.ProductID; The query executes without error but the results are incorrect. For products with no sales, TotalSold displays the same value as p.Quantity. For products with sales, TotalSold shows the correct sum. Which action should the employee take to fix the query?

A.Replace LEFT JOIN with INNER JOIN
B.Add 'GROUP BY p.ProductID, p.ProductName, p.Quantity'
C.Use SUM(COALESCE(s.QuantitySold,0))
D.Remove the ORDER BY clause
AnswerB

Corrects aggregation by grouping per product.

Why this answer

The query uses an aggregate function (SUM) without a GROUP BY clause, which causes SQL to treat the non-aggregated columns (p.ProductID, p.ProductName, p.Quantity) as part of a single group. For products with no sales, the LEFT JOIN produces NULL for s.QuantitySold, and SUM(NULL) returns NULL, but the database engine incorrectly displays p.Quantity in the TotalSold column because the ungrouped query collapses rows unpredictably. Adding GROUP BY p.ProductID, p.ProductName, p.Quantity ensures SUM(s.QuantitySold) is calculated per product, returning NULL (or 0 if COALESCE is used) for products with no sales.

Exam trap

CompTIA often tests the requirement for GROUP BY when mixing aggregate and non-aggregate columns, exploiting the misconception that adding COALESCE or changing join types alone resolves the issue.

How to eliminate wrong answers

Option A is wrong because replacing LEFT JOIN with INNER JOIN would exclude products with no sales entirely, which does not fix the incorrect TotalSold display and loses required data. Option C is wrong because SUM(COALESCE(s.QuantitySold,0)) would convert NULL to 0, but without a GROUP BY, the aggregate still operates on an ungrouped result set, so the incorrect display of p.Quantity for TotalSold persists. Option D is wrong because removing the ORDER BY clause only affects row ordering, not the aggregation logic; the fundamental issue of missing GROUP BY remains.

371
Multi-Selectmedium

A user reports that their laptop cannot connect to the corporate Wi-Fi. Other devices are working fine. Which TWO troubleshooting steps should the technician take first? (Choose TWO.)

Select 2 answers
A.Verify the SSID and password on the laptop.
B.Check the DHCP server for available IP addresses.
C.Update the network adapter driver.
D.Check if the laptop's wireless switch is turned on.
E.Restart the wireless router.
AnswersA, D

Incorrect credentials are a common cause.

Why this answer

Option A is correct because verifying the SSID and password is the most basic and common cause of a single device failing to connect to Wi-Fi. If other devices are working, the issue is isolated to the laptop, so checking its wireless configuration is a logical first step. This aligns with the 'isolate the problem' troubleshooting methodology.

Exam trap

The trap here is that candidates may jump to network-wide solutions (like restarting the router or checking DHCP) instead of focusing on the single affected device, ignoring the principle of 'start with the simplest and most likely cause first.'

372
MCQmedium

Refer to the exhibit. A user can successfully ping the local default gateway but cannot ping an external IP address. What is the most likely cause?

A.The internet connection is down
B.The network interface card is faulty
C.The DNS server is not responding
D.The subnet mask is misconfigured
AnswerA

The gateway works but external IP fails, indicating an issue beyond the gateway.

Why this answer

Since the user can successfully ping the local default gateway, the Layer 2 and Layer 3 connectivity within the local subnet is intact, ruling out issues with the NIC, subnet mask, or local routing. The failure to ping an external IP address indicates that traffic is not being forwarded beyond the local network, which most commonly occurs when the internet connection (WAN link) is down or the ISP's upstream router is unreachable.

Exam trap

CompTIA often tests the distinction between local connectivity (Layer 2/3 within subnet) and external connectivity (Layer 3 routing beyond the gateway), leading candidates to incorrectly blame DNS or subnet mask when the real issue is the upstream connection.

How to eliminate wrong answers

Option B is wrong because a faulty network interface card would prevent all network communication, including the successful ping to the local default gateway. Option C is wrong because DNS resolution is not required to ping an external IP address; the ping command uses the IP address directly, so a non-responsive DNS server would not affect this test. Option D is wrong because a misconfigured subnet mask would cause the user to be unable to reach the default gateway itself, as the system would not correctly determine that the gateway is on the same subnet.

373
MCQmedium

A small business needs to share documents among employees and allow real-time collaboration. Which type of application is best suited?

A.Using email to send attachments back and forth.
B.Implementing a cloud-based productivity suite.
C.Using a web browser to access public documents.
D.Installing a local office suite on each workstation.
AnswerB

Cloud suites like Google Workspace or Microsoft 365 allow simultaneous editing and sharing.

Why this answer

A cloud-based productivity suite (e.g., Microsoft 365, Google Workspace) stores documents on remote servers and provides real-time co-authoring, version history, and simultaneous editing via web or client applications. This directly meets the requirement for sharing documents and enabling real-time collaboration without the overhead of manual file distribution.

Exam trap

The trap here is that candidates often confuse 'accessing documents via a web browser' (Option C) with cloud-based collaboration, overlooking that public web documents typically offer read-only access and no editing or sharing controls.

How to eliminate wrong answers

Option A is wrong because emailing attachments creates multiple file versions, lacks real-time co-editing, and introduces latency and version-control conflicts. Option C is wrong because using a web browser to access public documents only allows viewing, not editing or collaboration, and exposes sensitive data to uncontrolled access. Option D is wrong because a local office suite (e.g., standalone Microsoft Office) lacks built-in sharing and real-time collaboration features; users would still need to manually transfer files or use a separate sharing mechanism.

374
MCQmedium

A banking transaction transfers money from savings to checking. The system updates the savings balance, then the power fails before the checking balance is updated. Which ACID property is violated?

A.Atomicity
B.Isolation
C.Durability
D.Consistency
AnswerA

Atomicity requires all or nothing; partial update violates it.

Why this answer

Atomicity ensures that a transaction is treated as a single, indivisible unit of work. In this scenario, the transfer operation consists of two steps: deducting from savings and crediting to checking. Because the power failure occurs after the savings balance is updated but before the checking balance is updated, the transaction is left partially completed, violating atomicity.

The system must either complete both steps or roll back the first step to maintain atomicity.

Exam trap

The trap here is that candidates often confuse atomicity with consistency, thinking a partial update violates consistency first, but the core issue is that the transaction did not complete as an atomic unit, which is the direct violation of atomicity.

How to eliminate wrong answers

Option B (Isolation) is wrong because isolation concerns the visibility of intermediate transaction states to other concurrent transactions, not the completion of a single transaction. Option C (Durability) is wrong because durability guarantees that committed changes persist, but here the transaction was never committed due to the failure. Option D (Consistency) is wrong because consistency ensures that a transaction leaves the database in a valid state; while a partial update could lead to inconsistency, the primary violated property is atomicity, as the transaction failed to execute as an all-or-nothing unit.

375
MCQmedium

A development team is using version control for their project. They need to isolate a new feature from the main codebase until it is complete. Which version control operation should they perform?

A.Merge
B.Commit
C.Branch
D.Push
AnswerC

Branching creates a separate workspace for developing a feature independently.

Why this answer

Branching creates a separate line of development within a version control system (e.g., Git, Mercurial), allowing the team to work on a new feature in isolation without affecting the main codebase (often called 'main' or 'master'). Once the feature is complete and tested, the branch can be merged back. This directly addresses the requirement to isolate work until it is finished.

Exam trap

CompTIA often tests the misconception that 'commit' or 'push' can isolate work, but these operations only record or share changes; they do not create a separate development path, which is the core purpose of a branch.

How to eliminate wrong answers

Option A is wrong because a merge combines changes from two branches (e.g., a feature branch into main) and is used after the feature is complete, not to isolate it. Option B is wrong because a commit saves a snapshot of changes to the local repository but does not create a separate workspace or isolate the feature from the main codebase. Option D is wrong because a push uploads local commits to a remote repository (e.g., GitHub, GitLab) but does not provide isolation; it simply shares existing changes.

Page 4

Page 5 of 7

Page 6

All pages