Question 427 of 750
Logical Security ConceptsmediumMultiple ChoiceObjective-mapped

Application Whitelisting: Prevent Unauthorized Software

This 220-1202 practice question tests your understanding of logical security concepts. The scenario asks you to isolate a root cause — eliminate options that address a different problem before choosing. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

A technician is configuring a new employee's laptop and needs to ensure that only approved applications can run. The company wants to prevent users from installing unauthorized software. Which security control should be implemented?

Quick Answer

The correct answer is to configure an application whitelist using AppLocker. Application whitelisting prevents unauthorized software by allowing only pre-approved programs to execute, while blocking all others by default, making it the most effective security control for this scenario. On the CompTIA A+ Core 2 220-1202 exam, this concept tests your understanding of Windows security features and how they enforce software restriction policies; a common trap is confusing whitelisting with blacklisting, which only blocks known threats and is less secure. Remember that whitelisting is a “default deny” approach—if an application isn’t on the approved list, it simply won’t run. A useful memory tip is “Whitelist = Welcome only; Blacklist = Ban only”—for preventing unauthorized software, you always want the welcome list.

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Configure an application whitelist using AppLocker.

AppLocker is a Windows security feature that allows administrators to create rules that explicitly permit only approved applications to run, effectively blocking all others. This is the correct control for preventing unauthorized software installation because it enforces an application whitelist at the kernel level, overriding user permissions. Standard User accounts or antivirus alone cannot prevent execution of approved-but-unauthorized binaries, making AppLocker the precise solution for this requirement.

Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Enable Windows Defender real-time protection.

    Why it's wrong here

    Antivirus detects known malware but does not prevent installation of unauthorized legitimate software.

  • Set the user account as a Standard User.

    Why it's wrong here

    Standard User rights limit installation to some extent but can be bypassed; it does not block all unauthorized apps.

  • Configure an application whitelist using AppLocker.

    Why this is correct

    AppLocker enforces a whitelist, allowing only specified applications to run, directly meeting the requirement.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Disable the Windows Store.

    Why it's wrong here

    Disabling the Store only blocks one source; users could still install from other locations.

Common exam traps

Common exam trap: answer the scenario, not the keyword

CompTIA expects you to recognize that while Standard User accounts limit some installations, AppLocker is the specific control for application whitelisting. The common pitfall is assuming user permissions alone can block all unauthorized software.

Detailed technical explanation

How to think about this question

AppLocker operates by evaluating file attributes such as publisher signature, file hash, or path against configured allow/deny rules before the process is created, using the Application Identity service. A subtle behavior is that AppLocker rules can be bypassed if the service is not running or if the user can copy an executable to an allowed path; therefore, proper rule design should use publisher rules with strong signing enforcement. In a real-world scenario, a company might combine AppLocker with Software Restriction Policies (SRP) for legacy systems, but AppLocker provides more granular control and is the recommended tool for Windows 10/11 Enterprise and Education editions.

KKey Concepts to Remember

  • Read the scenario before looking for a memorised answer.
  • Find the constraint that changes the correct option.
  • Eliminate answers that are true in general but not in this case.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Real-world example

How this comes up in practice

A security administrator must allow nursing staff to reach a patient records server while blocking access from the guest Wi-Fi VLAN. After applying an extended ACL, traffic is still blocked from nursing workstations. The ACL was applied outbound instead of inbound on the wrong interface. Questions like this test ACL direction and placement rules.

What to study next

Got this wrong? Here's your next step.

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Related practice questions

Related 220-1202 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free 220-1202 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this 220-1202 question test?

Logical Security Concepts — This question tests Logical Security Concepts — Read the scenario before looking for a memorised answer..

What is the correct answer to this question?

The correct answer is: Configure an application whitelist using AppLocker. — AppLocker is a Windows security feature that allows administrators to create rules that explicitly permit only approved applications to run, effectively blocking all others. This is the correct control for preventing unauthorized software installation because it enforces an application whitelist at the kernel level, overriding user permissions. Standard User accounts or antivirus alone cannot prevent execution of approved-but-unauthorized binaries, making AppLocker the precise solution for this requirement.

What should I do if I get this 220-1202 question wrong?

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

What is the key concept behind this question?

Read the scenario before looking for a memorised answer.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Keep practising

More 220-1202 practice questions

Last reviewed: Jul 4, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This 220-1202 practice question is part of Courseiva's free CompTIA certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the 220-1202 exam.