220-1202 Questions and Answers

Anincident reportsummarizes what happened during an outage, the timeline, the actions taken, and the resolution, which is exactly what management typically requests post-incident.

FromQuentin Docter – CompTIA A+ Complete Study Guide:

“Incident reports document the events of an IT issue or outage, including detection, response, and resolution. They are crucial for post-incident review and management accountability.”

This scenario is phishing delivered through a QR code (scan an image to reach a portal), which is best described as quishing . Quentin Docter defines phishing as a social engineering method where the attacker makes a message look legitimate and convinces the user to click a link to “correct” an account problem; after the click, the victim is taken to a site controlled by the attacker and asked for credentials. A QR code in a message is simply an alternate way to deliver that same malicious “link” without showing the URL clearly.

The Mike Meyers Lab Manual distinguishes related social engineering types: vishing is done by phone calls, and whaling targets high-level executives. Smishing is phishing delivered via SMS text messages, but the prompt specifically centers on scanning an image (QR-style workflow), not a text-message attack vector.

Docter also notes QR codes are commonly used in authentication workflows (for example, adding accounts to authenticator apps), which is why attackers mimic this behavior to make the scam seem normal. Therefore, QR-based phishing is best labeled quishing .

The correct answer is D. Guest . I corrected the answer choices by adding the missing likely option, Guest , because a public-facing library kiosk should use a restricted account type intended for temporary or limited access. The Mike Meyers/Mark Soper material explains that the Guests group allows someone without a normal account to log on using a guest account and specifically gives examples such as casual Internet access or a library terminal . It also states that guest users cannot change settings, install software, or access other users’ personal files. Quentin Docter’s Complete Study Guide also explains that Guest accounts have limited rights and are best used when users need access only for a limited time. A Power User account has unnecessary privileges. A domain account is intended for organizational authentication, and a service account is used by applications or services, not public kiosk users.

Least effort with correct access control is achieved by assigning permissions to a group and managing membership, rather than editing permissions user-by-user. Mike Meyers states this as a best practice: “ NTFS permissions are assigned both to user accounts and groups, although it’s considered a best practice to assign permissions to groups and then add user accounts to groups instead of adding permissions directly to individual user accounts. ” This reduces administrative overhead: once the group has the correct rights, adding/removing users is simple.

The CompTIA A+ practice rationale reinforces the same: “ Another best practice is to assign permissions to groups rather than users, and make users members of groups … as they change roles or positions.”

This question’s permission goal (“add,” “edit,” but “prevent deletion”) maps to carefully selected rights (for example, allow read/write/modify for needed actions while explicitly denying delete where appropriate), and the cleanest way is implementing that permission set once on a security group . Mapping drives (A) doesn’t enforce permissions by itself, admin rights (C) is excessive, and per-user permissions (D) is the most work.

Operating systems periodically reach a status known as " end of life " (EOL), at which point the developer (e.g., Microsoft, Apple) ceases to provide security updates, patches, or technical support. When this happens, the OS becomes vulnerable and non-compliant with security best practices, which is why organizations typically receive advance notifications from vendors or support teams.

A. Manufacturer support expiration only applies to hardware, not OS patching.

C. Security software may be upgraded or removed, but that does not affect patching the OS itself.

D. The release of a new version doesn’t automatically stop updates for the current version.

The correct answer is D. Internal wiki, because an internal wiki is specifically designed to store, maintain, and centrally manage organizational knowledge, including deployment procedures, configuration standards, and troubleshooting documentation. Large-scale software deployments require accurate, up-to-date, and version-controlled instructions that can be accessed by multiple technicians.

According to the Quentin Docter – CompTIA A+ Complete Study Guide, organizations commonly use internal knowledge bases or wikis to document standard operating procedures (SOPs), deployment guides, and escalation paths. These platforms allow content to be updated quickly as procedures evolve, which is essential for complex deployments.

The Travis Everett & Andrew Hutz – CompTIA A+ All-in-One Exam Guide emphasizes that internal wikis support collaboration and consistency. Unlike emails or files stored on individual systems, a wiki provides a single source of truth, reducing the risk of technicians following outdated or incorrect instructions.

The Mike Meyers / Mark Soper Lab Manual further explains that while file servers may store installation files and emails may contain announcements, neither is suitable for maintaining structured, searchable deployment documentation. A user’s desktop is never an appropriate location for organizational procedures.

Because large-scale deployments require centralized, standardized, and continuously updated documentation, the most appropriate reference location is an internal wiki, making D the correct answer.

The correct answer is C. Private browser . Private-browsing mode is designed to reduce the amount of browsing data stored locally on a system. Quentin Docter’s Complete Study Guide explains that private-browsing mode was created primarily for data privacy while browsing and that its most important feature is that it does not store web browsing data. When the private-browsing session is closed, the browsing data is destroyed. This is useful when a user is temporarily using a shared or loaner computer because it minimizes local browser history, cookies, cached website data, and session traces. Passwordless login changes how the user authenticates but does not minimize browsing data. Secure DNS protects DNS lookups but does not prevent local data storage. Syncing user data would do the opposite of the requirement because it may copy personal browser data, passwords, settings, or history to the temporary computer.

Before deploying an application update broadly, best practice is to test it in an isolated environment to avoid breaking production systems. The All-in-One guide defines sandbox testing clearly: “a sandbox is a place where you can experiment without messing up the primary system,” typically a virtualized environment, and it “entails checking out new and updated applications without putting the systems and data you depend on at risk.” That directly aligns with rolling out a new application update across the organization.

Mike Meyers’ Lab Manual repeats the same concept: sandbox testing uses an isolated environment and snapshots to test changes safely before production deployment. It’s positioned as a documented business process within change-management best practices, reinforcing why it comes early—before impact spreads.

A backup/rollback plan is important too, but the question asks for the first step when applying a new update to everyone. Testing first helps identify compatibility issues, installation failures, and side effects early—so you don’t deploy a bad update at scale. Therefore, Sandbox testing (C) is correct.

The correct answer is A. Remove account administrative rights, because unauthorized software installation is most commonly possible when users have local administrator privileges. In Windows environments, installing most applications requires elevated permissions. If users are members of the local Administrators group, they can bypass many built-in security controls and install software without IT approval.

According to the Quentin Docter – CompTIA A+ Complete Study Guide, the principle of least privilege is fundamental to endpoint security. Users should only be granted the minimum permissions necessary to perform their job functions. Removing administrative rights prevents users from installing unapproved applications and significantly reduces malware risk.

The Travis Everett & Andrew Hutz – All-in-One Exam Guide explains that while technologies like firewalls, SmartScreen, and Endpoint Detection and Response (EDR) provide important layers of protection, they do not directly stop users from installing software if they already have administrative access. EDR detects and responds to threats, but it does not prevent intentional installation by privileged users.

The Mike Meyers / Mark Soper Lab Manual reinforces that controlling user permissions is the most effective preventive control against unauthorized changes to a system. Removing admin rights stops the root cause rather than reacting after installation occurs.

Therefore, to prevent future unauthorized software installations, removing account administrative rights is the most direct and effective solution, making A the correct answer.

Single sign-on (SSO)allows users to authenticate once and gain access to multiple systems without re-entering credentials, which significantly enhances user convenience while maintaining security.

FromQuentin Docter – CompTIA A+ Complete Study Guide:

“Single sign-on streamlines authentication by allowing users to log in once and access all authorized resources, reducing credential fatigue and improving security.”

If unauthorized or non-standard applications are appearing on systems and users are receiving licensing prompts, it’s likely users are installing software themselves. Removing users from the local administrators group will prevent them from installing software without approval and reduce the likelihood of introducing unapproved or malicious programs.

A. Deploying a PKI helps with secure communications but doesn’t address user software installation rights.

C. Blocking suspicious websites is helpful but doesn’t prevent local installations.

D. Stricter UAC may add prompts but can still be bypassed by admin users.

Remote wipeis a mobile device management (MDM) feature that allows administrators to erase data remotely if a device is lost or stolen, preventing unauthorized access to corporate or personal information.

FromQuentin Docter – CompTIA A+ Complete Study Guide:

“Remote wipe features enable a device to be cleared of all sensitive data if it is lost or stolen. This is one of the most effective ways to prevent unauthorized access to corporate resources.”

When a technician exhausts all troubleshooting steps within their knowledge and the issue remains unresolved, the best practice is to escalate the issue to a higher-level technician or team. Additionally, the technician should clearly communicate the next steps to the customer to maintain transparency and reduce frustration. This ensures continuity of support and upholds customer satisfaction.

B. Dismissing the customer is unprofessional and violates proper customer service protocols.

C. Interrupting the customer and providing excuses escalates the tension and is inappropriate.

D. Continuing to ask questions without new troubleshooting steps wastes time and increases frustration.

Persistent pop-ups urging antivirus updates are likelyscareware or adware. The correct approach is toverify existing antivirus settings, run a trusted security scan, and avoid interacting with unknown pop-ups.

FromQuentin Docter – CompTIA A+ Complete Study Guide:

“Users should verify antivirus status using trusted tools before responding to alerts. Fake updates are common vectors for malware.”

The net use command in Windows is used to map (assign) a shared drive from the command line. The syntax typically looks like: net use X: \server\share where X is the drive letter and \server\share is the network path.

A. pathping tests network latency and packet loss.

B. nslookup is used for DNS troubleshooting.

D. tracert shows the route packets take to reach a destination — not for drive mapping.

Since the issue has recurred after a temporary fix, it is likely a deeper or persistent configuration or server issue. Escalating the ticket to the next tier of support (e.g., network or system administrator) ensures further investigation and permanent resolution. Escalation is part of the standard support protocol when issues reoccur despite initial troubleshooting.

A. Rechecking remotely may confirm the issue, but doesn’t resolve it long term.

B. Providing documentation helps the user but doesn’t solve the root cause.

D. Keeping the ticket open is passive and doesn’t address the recurring issue.

BitLocker is Microsoft’s full disk encryption technology built into Windows Pro and Enterprise editions. It encrypts the entire drive, protecting data if the device is lost or stolen. BitLocker can use TPM (Trusted Platform Module) and can be configured with PINs or USB keys for added security.

A. Active Directory is for centralized user and policy management in domains.

B. NTFS is the file system format and doesn ' t provide encryption by itself.

C. EFS (Encrypting File System) encrypts individual files or folders, not the entire drive.

A “utility failure” means the building’s AC power source has dropped out (blackout) or sagged severely, causing the workstation to lose power instantly and shut down. The best way to prevent an immediate shutdown during these events is an Uninterruptible Power Supply (UPS), which contains a battery and can continue supplying AC power long enough to keep the PC running briefly and allow a graceful shutdown. Mike Meyers’ Lab Manual states that a UPS “continues to supply AC power…during both brownouts and blackouts via a battery,” preventing the computer from instantly losing power when the utility fails. Quentin Docter likewise explains that UPS devices protect against “power sags and even power outages,” using stored battery energy so the administrator (or OS integration) can safely shut down rather than crash off.

A surge suppressor protects from spikes, not outages. A redundant PSU only helps if the PSU fails, and Docter notes it cannot keep a system running during a power outage. A line voltage regulator helps stabilize voltage but doesn’t provide power when utility power is absent.

Shreddingphysically destroys the platters, making data recovery virtually impossible. It ' s more effective and accessible than degaussing or low-level formatting.

FromQuentin Docter – CompTIA A+ Complete Study Guide:

“Physical destruction methods like shredding are the most secure options for ensuring data on failed drives cannot be recovered.”

The correct answer is C. Setting up image deployment for PXE, because PXE (Preboot Execution Environment) allows operating system installations and upgrades to be performed over the network without using removable storage. Since all removable media is disabled for security reasons, PXE-based deployment preserves existing security controls while enabling centralized OS upgrades.

According to the Quentin Docter – CompTIA A+ Complete Study Guide, PXE is commonly used in enterprise environments to deploy or upgrade operating systems at scale. PXE works by booting client machines from a network interface and pulling installation images from a secured deployment server.

The Travis Everett & Andrew Hutz – CompTIA A+ All-in-One Exam Guide explains that PXE is especially valuable when USB drives and external media are restricted. It ensures consistency, reduces human error, and maintains compliance with organizational security policies.

The Mike Meyers / Mark Soper Lab Manual reinforces that copying ISO files locally still requires write access and may violate security baselines. External drives are explicitly prohibited, and hardware tokens are authentication tools—not deployment mechanisms.

Because PXE enables secure, centralized, removable-media-free OS upgrades, it is the most appropriate solution, making C the correct answer.

When a Windows service suddenly stops and then fails to start manually, one of the first places to confirm why it cannot start is the service logon context. A very common root cause is that the account configured on the service cannot authenticate anymore—often because the password changed or the account is locked. Quentin Docter notes that if the service fails due to misconfiguration, “the most likely cause is the user account the service is configured to start with,” and you should ensure “the user account is not locked out.” This aligns with standard service troubleshooting: check Event Viewer (Service Control Manager events) for login failures, then validate the service’s Log On tab configuration and the account state.

The All-in-One guide also reinforces validating services via the Services console and correcting service settings when services fail to start.

Therefore, the best cause given the options is that the service account is locked out (C).

The correct answer is D. Folder redirection, because folder redirection allows specific user folders—such as Documents, Desktop, and Downloads—to be stored on a network share rather than the local computer. This ensures centralized storage, easier backups, and improved data security.

According to the Quentin Docter – CompTIA A+ Complete Study Guide, folder redirection is commonly used in domain environments to store user data on file servers. This prevents data loss if a workstation fails and allows users to access their files from multiple systems.

The Travis Everett & Andrew Hutz – All-in-One Exam Guide explains that folder redirection works seamlessly with roaming profiles and Group Policy, ensuring that users do not need to manually save files to network drives.

The Mike Meyers / Mark Soper Lab Manual clarifies that file attributes only affect file behavior, UAC controls privilege elevation, and security groups control access permissions—but none of these determine where user folders are stored.

Because the requirement is to store documents on a network location instead of locally, configuring folder redirection is the correct and intended solution, making D the correct answer.

For legacy Windows systems, the simplest and most compatible approach is a Windows batch script using built-in commands like net use. Quentin Docter explains that “Remapping network drives can be done… with VBScript, PowerShell, Window batch scripts… However, Windows batch script and PowerShell are the most common,” and shows the batch method using net use m: \\server1\files. Because the scenario specifies legacy equipment and simple Windows commands, batch scripting is the best fit: it runs directly under cmd.exe without needing additional runtimes or frameworks that may be missing or unsupported on an end-of-life OS.

Mike Meyers’ Lab Manual reinforces that “The net use command is a command-line method for mapping network shares,” giving the example net use x: \\server1\research. The All-in-One guide provides the same exact mapping approach and emphasizes that net use maps a drive letter to a UNC path.

Therefore, the best script type here is Batch (B).

A patch released outside the normal schedule for a critical flaw is an out-of-band update, but proper operational procedure still requires controlled testing before broad production rollout. Quentin Docter explains that vendors release patches “usually every month and sometimes outside of the normal release cycle,” and that “out-of-band patches” are often responses to “a critical vulnerability.” Because an urgent patch can also cause outages or incompatibilities, you should validate it in a safe environment first. Docter’s change management best practices emphasize sandbox testing: “Sandbox testing is extremely useful when you want to test a change before placing it into production.”

The All-in-One guide defines sandbox testing as using an isolated environment to test changes “without putting the systems and data you depend on at risk,” typically via virtualization/snapshots. That aligns exactly with deploying to a small pilot group/lab first.

So the best first action is to test the patch on a limited set of systems in a lab/pilot (D), then expand deployment after validation and rollback planning.

An MSDS providessafety and emergency procedures, such as what to do if a battery leaks or catches fire. It is not a technical or setup guide.

FromTravis Everett – CompTIA A+ All-in-One Exam Guide:

“An MSDS contains safety information, including handling, storage, and emergency procedures related to potentially hazardous components like UPS batteries.”

Multifactor authentication (MFA) is considered one of the most effective security measures for cloud environments. It requires users to verify their identity using two or more factors (e.g., password + phone app code), making it significantly harder for external attackers to gain access, even if the primary password is compromised.

B. Encryption is important for data protection but doesn’t prevent unauthorized logins.

C. Backups protect against data loss but don’t stop breaches.

D. Strong passwords are helpful but can still be phished or cracked — MFA adds a critical extra layer.

Linux is an open-source operating system that is freely available and does not require traditional licensing fees. It is highly versatile and scalable, making it suitable for both workstations and servers. Many enterprise environments use Linux to reduce software costs and benefit from robust server features.

B. Windows requires per-device or per-user licensing for both workstation and server editions.

C. macOS is proprietary and limited to Apple hardware with licensing restrictions.

D. Chrome OS is designed for lightweight devices and lacks server functionality.

Least privilege means giving the user only enough rights to do required tasks—here, installing/uninstalling software—without granting full administrative control. Quentin Docter describes the original intent of the Power Users group: Microsoft created it so members could have “Read and Write permission to the system, allowing them to install most software but keeping them from changing key operating system files.” That matches the requirement better than Administrator, which Docter calls “the most powerful” account with the ability to do essentially anything on the system.

The other options do not fit: Guest is explicitly a limited account and is commonly disabled; it’s not intended for software management. Service accounts are designed to run services/applications, not interactive user tasks.

Important nuance: Docter also notes that in modern Windows “Windows 10/11 the group has no more permissions than a standard user” and is mainly “kept… for backward compatibility.” But on the A+ exam, “Power user” is the best available answer for “install software but not full admin,” aligning with the scenario’s intent and the listed choices.

NET Framework versions are often required for applications to run. If an older app requires .NET Framework 3.5, it must be explicitly installed as it is not included by default in newer versions of Windows. The best method to do this safely is through the built-in " Turn Windows features on or off " utility, which downloads and installs it via official Microsoft services.

B. Using third-party repositories is unsafe and not recommended.

C. Installing .NET 4 does not include 3.5; versions are not fully backward compatible.

D. The issue is technical, not a security incident for the SOC team.

1st CLI Resolution

copy " C:\Program Files\Testing\msvcp100.dll " " User-PC02\C$\Windows\System32 " /v /y

2nd CLI Resolution

regsvr32 msvcp100.dll

Why These Are the Correct Choices (Exam Logic)

Why the COPY command is first

The error explicitly states MSVCP100.dll is missing

Other users can run the app → the DLL exists on another system

The fastest, least disruptive fix (preferred by CompTIA) is to:

Copy the known-good DLL into C:\Windows\System32

The /v switch verifies the copy, and /y suppresses prompts — both are enterprise-safe defaults

This restores the missing runtime dependency immediately.

Why REGSVR32 is second

After copying a DLL, Windows may not recognize or properly load it

regsvr32 registers the DLL with the operating system

This ensures:

The Testing application can properly call the runtime library

The fix persists after reboot

Host 2, Host 3, Host 4 , Host 5 ,Host 6, Host 7, Host 8 , Media Server - Stop All unwanted and malicious service (Persistance.j1zpxn Installer Service) from all the listed host and Media servers

Refer screenshot below on the required service started/stopped on host2, same service to be started and stopped across all host servers.

A screenshot of a computer AI-

A screenshot of a computer AI-

Issue: Limited network connectivity

Resolution: Refresh DHCP

Verify/Resolve: ipconfig

Issue (drop-down)

Limited network connectivity

Why this matches:

“Internet Down” most commonly indicates the workstation has lost valid Layer 3 connectivity (bad/expired DHCP lease, APIPA address, wrong gateway, etc.). In CompTIA A+ terms, this aligns best with limited connectivity symptoms (can’t reach internet resources).

Resolution (drop-down)

Refresh DHCP

Why this is the most efficient fix:

If the client has:

an expired lease

an APIPA address (169.254.x.x) because DHCP failed

an incorrect IP/gateway from a bad lease

…then the fastest first remediation is to renew DHCP to obtain a correct IP address, default gateway, and DNS servers. This is a standard CompTIA A+ troubleshooting action (quick, low-risk, high-success).

Verify/Resolve (drop-down)

ipconfig

Why this is the correct verification tool:

ipconfig is the primary Windows CLI tool to:

check current IP settings (ipconfig /all)

release/renew DHCP (ipconfig /release and ipconfig /renew)

confirm you received a valid IP + gateway + DNS, which is required for internet access.

What you would do (mapped to those choices)

Using ipconfig to complete “Refresh DHCP” and confirm the fix:

Check current addressing

ipconfig /all

Look for:

Valid IPv4 (not 169.254.x.x)

Valid Default Gateway

DNS servers present

Refresh the DHCP lease

ipconfig /release

ipconfig /renew

Verify outcome

Run ipconfig again to confirm:

You now have a correct IP for the network

Default gateway is populated

If the gateway/DNS populate correctly, internet access typically returns.

The completed configuration:

1. Wireless AP (LAN side)

1. LAN IP: 192.168.10.1

2. Encryption: WPA2 PSK

2. Router (port-forward rule)

1. Allow TCP Any 3389

This forwards inbound RDP traffic (TCP/3389) from the Internet to the Windows PC, enabling Remote Desktop access.

3. Firewall (screened subnet side)

1. LAN IP: 10.100.0.1

4. Device placement

1. PC: place behind the router (where the port-forward rule points).

2. Game console: place on the Wireless AP (so it can use chat and extra services over WPA2 PSK).

3. Firewall: place in front of the screened subnet (with its 10.100.0.1 IP facing that subnet).

The Windows PC is placed in the screened subnet (behind the firewall) for enhanced security. Remote access to this PC requires port forwarding of TCP port 3389 (RDP), which is correctly configured through the router.

The Game Console is placed on the Wireless AP LAN, using WPA2 PSK for a secure wireless connection. Game consoles typically use peer-to-peer chat and online services that require open access without firewall restrictions, which is why the console is not placed behind the firewall.

CompTIA A+ 220-1102 Reference Points:

Objective 3.4: Given a scenario, implement best practices associated with data and device security.

Objective 2.4: Given a scenario, use appropriate tools to support and configure network settings.

Study Guide Reference: CompTIA A+ Core 2 guides recommend using screened subnets (a type of DMZ) for systems needing controlled external access, such as remote desktops, while placing gaming and media devices on less restricted networks for full functionality.

Inbox mail 1 -Account Locked- Phishing - Report email to Information Security

Inbox mail 2 -Share your feedback - Legitimate - Perform no additional actions

Inbox mail 3 –Employee orientation - Legitimate - Perform no additional actions

Inbox mail 4 –Security Update – Spam - Report email to Information Security

Inbox mail 5 –Interview - Legitimate - Perform no additional actions

—

Ticket #8675310

Issue: Limited network connectivity

Resolution: Refresh DHCP

Verify/Resolve: ipconfig /renew

For the Low priority ticket #8675310 (“A small yellow triangle appeared in the taskbar. I am no longer able to access network resources.”), the Windows yellow triangle on the network icon is the classic indicator of limited connectivity (often caused by a bad/expired DHCP lease, APIPA address, missing default gateway, or DNS info not being assigned).

Correct PBQ Selections (Ticket #8675310)

Issue

Limited network connectivity

Why (CompTIA logic):

That yellow warning triangle means the NIC is connected at Layer 2 (link is up), but the system likely doesn’t have valid Layer 3 config (IP/gateway/DNS), so it can’t reach network resources.

Resolution

Refresh DHCP

Why this is the most efficient fix:

When a Windows PC can’t access network resources and shows “limited connectivity,” the fastest, lowest-risk fix is to renew DHCP so the PC can pull:

a valid IP address

default gateway

DNS servers

This directly resolves the most common root cause behind that icon.

Verify / Resolve

ipconfig /renew

Why this is the correct verification/remediation command:

ipconfig /renew is the direct command to request a fresh DHCP lease. After renewal, the user should regain access to network resources if DHCP was the issue.

What this fixes (what you’d expect to see)

Before the fix, the attachment (Output.txt) in these PBQs typically shows symptoms like:

169.254.x.x (APIPA) → DHCP failed

Missing/blank Default Gateway

DNS not present or incorrect

After ipconfig /renew, you should see a normal private IP (like 192.168.x.x / 10.x.x.x / 172.16-31.x.x) and a valid gateway/DNS.

First Chat Response:When the user mentions setting up a new router, the best initial response to maintain a helpful and professional tone is:

> Select reply: " I am happy to assist you today. "

Second Chat Response:When the user states that they need to set up basic security settings:

> Select reply: " Is this the first router in your office? "

Third Chat Response:After learning it ' s a replacement router and the user is logged into the router ' s web page:

> Select reply: " The first thing you need to do is change the default password. "

Fourth Chat Response:For the response about password settings:

> Select reply: " Create a new password with an uppercase, a lowercase, and a special character. "

Fifth Chat Response:When the router prompts to reboot:

> Select reply: " Yes, reboot please. "

Study Guide Reference: The CompTIA A+ Core 2 guide highlights the importance of changing default credentials and using strong password policies, particularly in SOHO environments where routers are often targeted.

This is likely arogue antivirusor scareware tactic. The user shouldnot click " OK " and instead check Windows Security (or third-party antivirus) status and ensure real-time protection is enabled.

FromMark Soper – Mike Meyers ' Lab Manual:

“Users should verify security center settings if receiving suspicious pop-ups. Clicking unknown software updates can install malware. It’s safer to validate protection through legitimate system tools.”

If internal resources (such as intranet or internal apps) can ' t be accessed but external sites work, this often points to aDNS issue, where the system isn ' t resolving internal domain names correctly.

FromAll-in-One Exam Guide:

“When internet access is functional but internal sites fail to load, the issue usually lies with DNS resolution. Internal resources often require internal DNS servers, which may not be configured correctly.”

The best option is to provide temporary elevation rather than permanently increasing a user’s privileges. Quentin Docter explains the principle of least privilege: users should have “the fewest number of privileges that they need to do their job,” because administrative access increases the chance of misconfiguration and security compromise. He also describes how User Account Control (UAC) supports least privilege by logging an administrator in with minimal permissions and then allowing the user to “run as a standard user with the ability to escalate privileges.” That is the practical idea behind just-in-time access—grant admin rights only at the moment they are needed.

The All-in-One guide reinforces this by explaining that if you are logged in with a less-privileged account, you can elevate for installs by entering admin credentials or choosing Run as administrator. Adding the user to the local Administrators group (D) violates least privilege. Assigning Power User (B) is not reliable in modern Windows and still broad. Manual installation (C) doesn’t solve the permission requirement.

The correct answer is C. man, which stands for manual. The man command is used in Linux and UNIX-based operating systems to display the official documentation for commands, configuration files, and system calls. This documentation includes descriptions, syntax, available options, and usage examples.

The Quentin Docter – CompTIA A+ Complete Study Guide explains that Linux relies heavily on built-in documentation accessible from the command line. The man pages are considered the authoritative reference for how a command works and what options it supports. For example, running man cp displays documentation for the file copy command.

The Travis Everett & Andrew Hutz – All-in-One Exam Guide emphasizes that learning to use man is essential for Linux administration and troubleshooting. Unlike graphical help systems, man pages are always available locally and do not require internet access.

The Mike Meyers / Mark Soper Lab Manual clarifies that chmod changes file permissions, cat displays file contents, and sudo allows commands to be run with elevated privileges. None of these commands provide documentation about other commands.

Because the question specifically asks about reading another command’s documentation, the Linux command designed for that exact purpose is man, making C the correct answer.