CompTIA 220-1002 (A+ Core 2) Practice Exam
100 Questions with Answers and Rationales
The exam domains and weight distribution are:
• Operating Systems – 27%
• Security – 24%
• Software Troubleshooting – 26%
• Operational Procedures – 23%
Part 1: Questions 1–50
1. A user reports that their Windows 10 computer is running slowly. Which built-in Windows
tool can be used to view CPU, memory, disk, and network utilization in real time?
• A) Performance Monitor
• B) Task Manager
• C) Resource Monitor
• D) System Configuration
Answer: B) Task Manager
Rationale: Task Manager (Ctrl+Shift+Esc) provides real-time graphs and percentages for CPU,
memory, disk, network, and GPU utilization on the Performance tab. Resource Monitor
provides more detail but is different; Performance Monitor is for logging.
2. Which of the following Windows commands will display the IP address, subnet mask, and
default gateway of a computer?
• A) ipconfig
• B) netstat
• C) nslookup
• D) tracert
, Answer: A) ipconfig
*Rationale: ipconfig displays TCP/IP configuration including IPv4 address, subnet mask, and
default gateway. netstat shows network connections and ports; nslookup queries DNS;
tracert traces the route to a destination.*
3. A technician needs to prevent a specific application from launching at startup for all users
on a Windows 10 computer. Where should the technician look?
• A) Startup folder in the Start Menu
• B) Task Scheduler
• C) Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
• D) Group Policy Editor
Answer: C) Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Rationale: HKLM (HKEY_LOCAL_MACHINE) Run key affects all users. HKCU Run affects only
the current user. Task Scheduler can also launch apps, but the Run registry keys are the most
common location for startup programs.
4. Which type of malware disguises itself as legitimate software but performs malicious
actions when executed?
• A) Virus
• B) Worm
• C) Trojan horse
• D) Ransomware
Answer: C) Trojan horse
Rationale: A Trojan horse appears legitimate but contains malicious code. Unlike
viruses/worms, Trojans do not self-replicate; they rely on user execution. Ransomware
encrypts files for extortion; often delivered via Trojans.
5. A user receives an email claiming to be from the IT department asking them to click a link
to verify their password. This is an example of:
• A) Phishing
,• B) Spoofing
• C) Man-in-the-middle
• D) Shoulder surfing
Answer: A) Phishing
Rationale: Phishing is a social engineering attack that attempts to trick users into revealing
sensitive information by impersonating a legitimate entity. Spear phishing targets specific
individuals; whaling targets executives.
6. Which Windows feature allows a technician to revert the operating system to a previous
state without affecting user files?
• A) System Restore
• B) Backup and Restore
• C) File History
• D) Reset this PC
Answer: A) System Restore
Rationale: System Restore reverts system files, registry settings, and installed applications to a
previous restore point while preserving personal documents. File History backs up user files;
Reset this PC can keep or remove files but is more drastic.
7. What is the default file system for Windows 10 on a standard consumer installation?
• A) FAT32
• B) NTFS
• C) exFAT
• D) ext4
Answer: B) NTFS
*Rationale: NTFS (New Technology File System) is the default for Windows 10/11, offering
security permissions, encryption, compression, journaling, and large volume/file size
support. FAT32 is older with 4GB file limit; exFAT is for flash drives; ext4 is Linux.*
, 8. A technician needs to forcibly stop a non-responsive application in Windows. Which
command-line tool should be used?
• A) tasklist
• B) taskkill
• C) shutdown
• D) sfc
Answer: B) taskkill
Rationale: taskkill terminates processes by PID or image name (e.g., taskkill /F /IM
notepad.exe). tasklist displays running processes. shutdown powers down the system. sfc
checks system file integrity.
9. Which of the following is the strongest wireless security protocol as of the 220-1002
exam objectives?
• A) WEP
• B) WPA
• C) WPA2
• D) WPA3
Answer: D) WPA3
Rationale: WPA3 is the latest standard with SAE (Simultaneous Authentication of Equals),
forward secrecy, and improved encryption. WPA2 is still acceptable but older. WEP and
original WPA are deprecated and insecure.
10. A user reports that their Windows 10 computer boots to a blue screen with an error
message and then restarts continuously. What is the best initial step?
• A) Reinstall Windows immediately
• B) Boot into Safe Mode and disable automatic restart on system failure
• C) Replace the hard drive
• D) Run chkdsk from the recovery console
Answer: B) Boot into Safe Mode and disable automatic restart on system failure
Rationale: Disabling automatic restart allows the blue screen error code to be read, which
helps diagnose the cause. Safe Mode loads minimal drivers and may bypass the problematic
driver/software. After reading the error, further troubleshooting (driver rollback, chkdsk, sfc)
can proceed.
100 Questions with Answers and Rationales
The exam domains and weight distribution are:
• Operating Systems – 27%
• Security – 24%
• Software Troubleshooting – 26%
• Operational Procedures – 23%
Part 1: Questions 1–50
1. A user reports that their Windows 10 computer is running slowly. Which built-in Windows
tool can be used to view CPU, memory, disk, and network utilization in real time?
• A) Performance Monitor
• B) Task Manager
• C) Resource Monitor
• D) System Configuration
Answer: B) Task Manager
Rationale: Task Manager (Ctrl+Shift+Esc) provides real-time graphs and percentages for CPU,
memory, disk, network, and GPU utilization on the Performance tab. Resource Monitor
provides more detail but is different; Performance Monitor is for logging.
2. Which of the following Windows commands will display the IP address, subnet mask, and
default gateway of a computer?
• A) ipconfig
• B) netstat
• C) nslookup
• D) tracert
, Answer: A) ipconfig
*Rationale: ipconfig displays TCP/IP configuration including IPv4 address, subnet mask, and
default gateway. netstat shows network connections and ports; nslookup queries DNS;
tracert traces the route to a destination.*
3. A technician needs to prevent a specific application from launching at startup for all users
on a Windows 10 computer. Where should the technician look?
• A) Startup folder in the Start Menu
• B) Task Scheduler
• C) Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
• D) Group Policy Editor
Answer: C) Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Rationale: HKLM (HKEY_LOCAL_MACHINE) Run key affects all users. HKCU Run affects only
the current user. Task Scheduler can also launch apps, but the Run registry keys are the most
common location for startup programs.
4. Which type of malware disguises itself as legitimate software but performs malicious
actions when executed?
• A) Virus
• B) Worm
• C) Trojan horse
• D) Ransomware
Answer: C) Trojan horse
Rationale: A Trojan horse appears legitimate but contains malicious code. Unlike
viruses/worms, Trojans do not self-replicate; they rely on user execution. Ransomware
encrypts files for extortion; often delivered via Trojans.
5. A user receives an email claiming to be from the IT department asking them to click a link
to verify their password. This is an example of:
• A) Phishing
,• B) Spoofing
• C) Man-in-the-middle
• D) Shoulder surfing
Answer: A) Phishing
Rationale: Phishing is a social engineering attack that attempts to trick users into revealing
sensitive information by impersonating a legitimate entity. Spear phishing targets specific
individuals; whaling targets executives.
6. Which Windows feature allows a technician to revert the operating system to a previous
state without affecting user files?
• A) System Restore
• B) Backup and Restore
• C) File History
• D) Reset this PC
Answer: A) System Restore
Rationale: System Restore reverts system files, registry settings, and installed applications to a
previous restore point while preserving personal documents. File History backs up user files;
Reset this PC can keep or remove files but is more drastic.
7. What is the default file system for Windows 10 on a standard consumer installation?
• A) FAT32
• B) NTFS
• C) exFAT
• D) ext4
Answer: B) NTFS
*Rationale: NTFS (New Technology File System) is the default for Windows 10/11, offering
security permissions, encryption, compression, journaling, and large volume/file size
support. FAT32 is older with 4GB file limit; exFAT is for flash drives; ext4 is Linux.*
, 8. A technician needs to forcibly stop a non-responsive application in Windows. Which
command-line tool should be used?
• A) tasklist
• B) taskkill
• C) shutdown
• D) sfc
Answer: B) taskkill
Rationale: taskkill terminates processes by PID or image name (e.g., taskkill /F /IM
notepad.exe). tasklist displays running processes. shutdown powers down the system. sfc
checks system file integrity.
9. Which of the following is the strongest wireless security protocol as of the 220-1002
exam objectives?
• A) WEP
• B) WPA
• C) WPA2
• D) WPA3
Answer: D) WPA3
Rationale: WPA3 is the latest standard with SAE (Simultaneous Authentication of Equals),
forward secrecy, and improved encryption. WPA2 is still acceptable but older. WEP and
original WPA are deprecated and insecure.
10. A user reports that their Windows 10 computer boots to a blue screen with an error
message and then restarts continuously. What is the best initial step?
• A) Reinstall Windows immediately
• B) Boot into Safe Mode and disable automatic restart on system failure
• C) Replace the hard drive
• D) Run chkdsk from the recovery console
Answer: B) Boot into Safe Mode and disable automatic restart on system failure
Rationale: Disabling automatic restart allows the blue screen error code to be read, which
helps diagnose the cause. Safe Mode loads minimal drivers and may bypass the problematic
driver/software. After reading the error, further troubleshooting (driver rollback, chkdsk, sfc)
can proceed.
