CompTIA 220-1201 Practice Test

Explanation:

The scenario describes the need for controlling which applications can be installed on user devices (i.e. ensuring only company-approved software is allowed). This is precisely a function of Mobile Device Management (MDM) solutions.

An MDM platform allows IT administrators to:

Enforce app whitelisting or blacklisting
Push approved apps to devices
Prevent installation of unauthorized apps
Apply security compliance policies (e.g. encryption, passcodes)
Perform remote wipe if a device is lost or compromised

While “Mobile Device Management” sounds like it’s only for mobile phones or tablets, many modern MDM/Unified Endpoint Management (UEM) solutions also manage laptops and desktops (Windows, macOS, etc.).

Why not the others?

A. EDR (Endpoint Detection and Response) → Primarily focuses on detecting and responding to threats, not on application whitelisting and compliance control.

B. VPN (Virtual Private Network) → Provides secure remote connections but doesn’t manage software installations.

D. SaaS (Software as a Service) → Refers to cloud applications but doesn’t control device-level software installations.

Explanation:

The error message “Bootable device not found.” means the system can’t detect or access the storage device containing the operating system. Since the BIOS boot order is already verified as correct, the next logical step is to test whether the hard drive itself is failing or has logical errors.

Running built-in or vendor-supplied HDD diagnostics helps determine:

1. If the drive is physically failing
2. If there are corrupt boot sectors
3. If cabling or drive communication issues exist

Why not the others?

A. Reformat the HDD. → This wipes all data and OS — it’s too drastic without confirming the drive’s health first.

C. Reseat the RAM. → Memory issues can cause POST errors or crashes, but not typically “boot device not found” messages.

D. Replace the HDD. → Replacement costs time and money — only done if diagnostics prove the drive is bad.

Proper troubleshooting follows this order:

1. Check BIOS settings (already done)
2. Run diagnostics
3. Repair the boot sector or reinstall OS if necessary
4. Replace the drive only if proven faulty

Explanation:

A swollen battery is the most common reason for:

✅ A bulge in a mobile device or tablet casing
✅ The screen being pushed outward from the chassis
✅ The device turning off when unplugged (battery not holding charge)
✅ Visible damage to the screen from internal pressure

Lithium-ion batteries can swell due to:
Overcharging
Heat exposure
Manufacturing defects
Battery aging and chemical breakdown

This is also a safety hazard because a swollen battery can leak or even catch fire. The tablet should be powered off and repaired by a professional as soon as possible.

Why not the others?

A. Malfunctioning power supply → Would not cause physical bulging inside the device.

B. Damaged charge port → Might cause charging issues but wouldn’t physically deform the case.

D. Broken screen → A cracked or shattered screen doesn’t cause the case to bulge outward.

Explanation:

An injector in networking—specifically called a Power over Ethernet (PoE) injector—is a device that adds electrical power to the same Ethernet cable used for data transmission.

PoE allows devices like:

Wireless access points
IP cameras
VoIP phones
Network switches (low-power models)

…to receive both data and power over a single Ethernet cable. This reduces the need for separate power outlets near the device and simplifies cabling infrastructure.

A PoE injector typically has:

One port for data-only input (from the network switch or router)
One port that outputs both data + power on the same cable

This is useful when your existing switch does not support PoE, but you still want to deploy PoE devices.

Why not the others?

A. To provide only data connectivity → Incorrect. An injector provides power in addition to data.

C. To improve wireless performance → Not directly; it simply powers devices like APs.

D. To extend a network connection → That’s the job of repeaters, extenders, or switches—not injectors.

Explanation:

The symptoms described—slow internet browsing, high CPU/memory usage, and frequent pop-ups—strongly indicate a malware infection. Many types of malware (adware, spyware, browser hijackers, etc.) cause:

1. Excessive resource consumption
2. Intrusive pop-ups
3. Sluggish system performance
4. Internet connectivity issues due to malicious network traffic

The next step is to ensure the anti-malware software has the latest definitions so it can detect recent threats. Then, run a full malware scan to identify and remove malicious software.

Why not the others?

A. Escalate to the network team → Not necessary yet; symptoms point to a local machine issue.

B. Download and install latest drivers → Driver updates won’t fix malware-related pop-ups or high resource usage.

D. Check wireless/DHCP settings → Connectivity settings aren’t the cause of pop-ups or high CPU usage.

Proper troubleshooting steps for suspected malware:
1. Update definitions
2. Scan and clean the system
3. Remove threats
4. Reboot and retest

Explanation:

The scenario states:

1. A user has performance issues after an OS update.
2. The technician has already diagnosed the issue and determined that rolling back will resolve it.

Once a technician has diagnosed the problem and decided on the solution, the next logical troubleshooting step is to implement the fix — in this case, initiate the system restore to roll back the OS update.

This matches CompTIA’s troubleshooting methodology:

1. Identify the problem
2. Establish a theory of probable cause
3. Test the theory to determine the cause
4. Establish a plan of action and implement the solution ← This is where we are.
5. Verify full system functionality
6. Document findings, actions, and outcomes

Why not the others?

A. Document the findings. → That comes after resolving the problem.

B. Investigate infrastructure changes. → Not relevant if the issue is isolated to a single PC and linked to a recent OS update.

D. Verify full system functionality. → That’s done after implementing the solution.

Explanation:

NFC (Near Field Communication) is a short-range wireless technology that enables communication between devices when they’re very close together — typically within 4 cm (about 1.5 inches).

Common uses for NFC:
Contactless payments (e.g., Apple Pay, Google Pay)
Pairing Bluetooth devices quickly
Data sharing between smartphones (photos, contacts, etc.)
Electronic access cards or tickets
Reading NFC tags (e.g., info posters)

Key characteristics of NFC:
Operates at 13.56 MHz
Very low power
Very short distance for security
Often a peer-to-peer connection between two devices

Why not the others?

A. Wired connections between several devices → NFC is wireless.

C. Wireless connections between multiple devices at once → NFC is typically point-to-point between two devices, not many.

D. Direct connection of two computers for file sharing → Could be done over many technologies (e.g. Ethernet crossover), but NFC is more for mobile devices and small data bursts.

Explanation:

A sandbox is a secure, isolated environment used to run and analyze programs or files without risking harm to the host system.

When testing a suspicious file for potential malware, a sandbox allows you to:

✅ Execute the file safely without it infecting your real OS or network
✅ Observe what processes, file changes, registry edits, or network connections the file attempts
✅ Analyze malicious behavior in a controlled setting

This is the best practice for security professionals or technicians to analyze unknown files safely. Many modern antivirus and EDR systems have built-in sandboxing features.

Why not the others?

A. Multitenancy → Refers to cloud environments where multiple customers share the same resources but are logically separated — unrelated to malware testing.

B. Test development → A vague term that doesn’t specifically refer to secure malware analysis.

C. Cross-platform virtualization → Means running software for one OS on another OS (e.g. virtualizing Windows on macOS). While virtualization can be part of sandboxing, the precise purpose is sandboxing itself.

Explanation:

A PoE switch (Power over Ethernet switch) is a network switch that delivers both data and electrical power over the same Ethernet cable.

This technology allows network devices like:
Wireless access points
IP cameras
VoIP phones
Some IoT devices

…to operate without requiring a separate power adapter or outlet. This simplifies installation, especially in ceilings, walls, or remote areas where running power lines would be costly.

Why not the others?

A. Edge router → Routes data between networks but doesn’t supply power over Ethernet cables.

C. Access point → Receives power from PoE but does not supply it.

D. Patch panel → Passively organizes network cables but provides no power.

Explanation:

SSH (Secure Shell) is the correct protocol to use for secure, encrypted remote console logins. It encrypts:

✅ Usernames and passwords during login
✅ All subsequent session data and commands
✅ File transfers (via SCP or SFTP)

It’s widely used for:
Remote administration of network devices (switches, routers, firewalls, servers)
Secure shell sessions into Linux/Unix systems
Encrypted tunnels for other services
Without SSH, older protocols like Telnet send everything in plaintext, which is a security risk.

Why not the others?

B. LDAP (Lightweight Directory Access Protocol) → Used for directory services (authentication, user lookups). It’s not used for console sessions by itself.

C. FTPS (FTP Secure) → Encrypts file transfers, not console logins.

D. SMTP (Simple Mail Transfer Protocol) → Used for sending email, not for logging into consoles.

Enabling SSH ensures all data communications are encrypted while managing network devices over the console.