220-1201  CompTIA A+ Certification Exam: Core 1 Exam Dumps and Practice Test Questions Set 8 Q141-160

Visit here for our full CompTIA 220-1201 exam dumps and practice test questions.

Question 141:

Which Windows utility is used to create, delete, and format partitions on a storage drive?

A) Disk Management
B) Device Manager
C) Task Scheduler
D) Event Viewer

Answer: A) Disk Management

Explanation:

A) Disk Management is a built-in Windows utility that allows users to manage storage devices, including hard drives, SSDs, and removable media. It enables creation, deletion, resizing, and formatting of partitions, assignment of drive letters, and initialization of new disks. Disk Management provides a graphical interface that displays all connected drives, their partition structure, file system type, and available space. Administrators and users rely on this tool to prepare storage devices for operating system installation, set up dual-boot environments, or organize data efficiently. Additionally, Disk Management supports converting disks between basic and dynamic types, creating volumes that span multiple disks, and initializing GPT or MBR partition styles depending on system requirements. Proper use of Disk Management prevents data loss by allowing careful partitioning and formatting, and it is essential for troubleshooting storage issues such as unallocated space, corrupted partitions, or drive recognition errors.

B) Device Manager is focused on hardware management and driver configuration. While it can display storage devices and indicate whether drivers are functioning, it does not allow creating, deleting, or formatting partitions. Its role is monitoring and troubleshooting hardware rather than managing the storage structure.

C) Task Scheduler automates system or application tasks at scheduled times or events. While essential for administration, it has no functionality for managing storage drives, partitions, or file systems. Task Scheduler deals with task automation rather than storage management.

D) Event Viewer logs system, application, and security events to help diagnose issues. Although it can provide alerts about disk errors or system failures, Event Viewer does not allow direct manipulation of partitions, formatting, or drive creation. It is a monitoring and diagnostic tool rather than a configuration utility for storage.

Reasoning about the correct answer: The Windows utility specifically designed to create, delete, and format partitions is Disk Management. Device Manager handles hardware, Task Scheduler manages tasks, and Event Viewer monitors events. Disk Management provides direct access to partition operations and storage preparation, making A) Disk Management the correct choice.

Question 142:

Which wireless frequency band is less prone to interference from common household devices?

A) 2.4 GHz
B) 5 GHz
C) 900 MHz
D) 60 GHz

Answer: B) 5 GHz

Explanation:

A) The 2.4 GHz frequency band is widely used for Wi-Fi networks, cordless phones, Bluetooth, microwaves, and other household devices. While its range is longer and it penetrates walls better, it is highly susceptible to interference due to device congestion. Overlapping channels and signal interference can reduce network performance and reliability, especially in densely populated environments.

B) The 5 GHz frequency band is less crowded and experiences less interference from household electronics. It supports higher throughput and faster Wi-Fi speeds, making it suitable for streaming, gaming, and data-intensive applications. Although its range is shorter and wall penetration is lower than 2.4 GHz, 5 GHz networks provide a cleaner spectrum, reducing packet loss, latency, and congestion. Modern dual-band routers often allow users to select either band or use automatic band steering to optimize performance. 5 GHz also supports wider channel widths, which further improve data transfer rates.

C) The 900 MHz frequency band is used in older cordless phones, some IoT devices, and amateur radio. It is rarely used in Wi-Fi networks today and has limited bandwidth, making it unsuitable for modern high-speed data requirements. Although interference is generally low due to limited devices using it, its adoption is minimal, limiting practical utility.

D) The 60 GHz frequency band, used in technologies like WiGig, provides extremely high-speed data rates but very limited range and poor penetration through obstacles. It is mainly used for short-range applications and is not suitable for general household Wi-Fi networks. Interference is minimal, but its practical deployment is restricted to specific use cases like room-scale high-speed transfers.

Reasoning about the correct answer: The frequency band less prone to interference from household devices is 5 GHz. The 2.4 GHz band is crowded, 900 MHz has limited application, and 60 GHz is short-range. Therefore, B) 5 GHz is correct.

Question 143:

Which protocol is used to send ean mail from a client to a mail server?

A) POP3
B) IMAP
C) SMTP
D) FTP

Answer: C) SMTP

Explanation:

A) POP3 (Post Office Protocol 3) is designed to retrieve email from a server to a client, typically downloading messages and removing them from the server. POP3 is not used to send email, only to receive it. It is suitable for single-device access, but modern workflows requiring synchronization across devices prefer IMAP.

B) IMAP (Internet Message Access Protocol) also retrieves email from a server but allows synchronization across multiple devices. IMAP keeps messages on the server and supports folder management. Like POP3, IMAP does not send outgoing email; it only manages incoming mail.

C) SMTP (Simple Mail Transfer Protocol) is specifically designed to send email from a client to a mail server or between mail servers. SMTP handles the delivery of outgoing mail, including queuing and relaying messages to the recipient server. SMTP operates over TCP ports 25, 465 (secure SSL), or 587 (submission) and is used in conjunction with POP3 or IMAP for a complete email workflow. Proper configuration ensures that email can be sent securely and reliably. SMTP does not retrieve messages; it focuses on message transmission.

D) FTP (File Transfer Protocol) is used for transferring files between systems. FTP has no email delivery functionality and is unrelated to sending or receiving messages. It is designed for file upload and download operations, not email communication.

Reasoning about the correct answer: The protocol used to send email from a client to a mail server is SMTP. POP3 and IMAP retrieve email, while FTP handles file transfer. SMTP is the standard protocol for outgoing email. Therefore, C) SMTP is correct.

Question 144:

Which malware type disguises itself as legitimate software to trick users into installing it?

A) Virus
B) Trojan
C) Worm
D) Spyware

Answer: B) Trojan

Explanation:

A) Viruses attach themselves to executable files and require user interaction to propagate. Viruses can damage systems, modify files, or corrupt data, but they do not inherently disguise themselves as legitimate software. Their spread depends on file execution rather than deception.

B) Trojans are malicious programs disguised as legitimate applications. They trick users into installing them, often appearing as software downloads, updates, or utility tools. Once installed, Trojans can steal data, install backdoors, or download additional malware. Trojans do not self-replicate like worms; their primary danger is deceptive installation, allowing attackers to bypass user awareness and security measures. Trojans can lead to identity theft, unauthorized access, or ransomware deployment. Effective mitigation includes antivirus software, user education, and caution when downloading or executing unknown files.

C) Worms self-replicate and spread across networks without user action. They exploit vulnerabilities to propagate, often causing network congestion or delivering payloads. Worms do not necessarily disguise themselves as legitimate programs; their primary focus is replication rather than deception.

D) Spyware secretly monitors user activities, including keystrokes and browsing habits, and reports information back to attackers. Spyware can be installed via Trojans or malicious downloads, but it is primarily a monitoring tool, not necessarily disguised as legitimate software.

Reasoning about the correct answer: The malware type that disguises itself as legitimate software to trick users into installing it is a Trojan. Viruses rely on file execution, worms self-replicate, and spyware monitors without always disguising itself. Therefore, B) Trojan is correct.

Question 145:

Which Windows utility allows monitoring of CPU, memory, disk, and network usage in real-time?

A) Task Manager
B) Event Viewer
C) Device Manager
D) Disk Management

Answer: A) Task Manager

Explanation:

A) Task Manager provides real-time monitoring of system resources, including CPU utilization, memory usage, disk activity, and network bandwidth. It also displays running processes, services, and application performance. Task Manager allows users to terminate unresponsive applications, manage startup programs, and view detailed statistics for performance troubleshooting. It is essential for diagnosing system slowdowns, identifying resource-hogging processes, and maintaining system stability. Task Manager also provides insights into GPU utilization in modern Windows versions, enabling monitoring of graphics-intensive workloads.

B) Event Viewer logs system, security, and application events. While valuable for historical troubleshooting and analyzing system errors, it does not provide real-time performance monitoring of resources like CPU or memory usage.

C) Device Manager manages hardware devices and drivers. It allows checking for driver issues, updating firmware, and viewing hardware status, but it does not monitor system performance metrics in real time.

D) Disk Management is used to manage storage drives, partitions, and volumes. While critical for configuring storage, it does not provide CPU, memory, network, or real-time performance information.

Reasoning about the correct answer: The utility that monitors CPU, memory, disk, and network usage in real-time is Task Manager. Event Viewer is for logging, Device Manager for hardware, and Disk Management for storage. Therefore, A) Task Manager is correct.

Question 146:

Which type of IP address is manually configured by an administrator rather than assigned automatically?

A) Dynamic IP
B) Static IP
C) Private IP
D) Public IP

Answer: B) Static IP

Explanation:

A) Dynamic IP addresses are automatically assigned to devices using DHCP (Dynamic Host Configuration Protocol). Dynamic IPs can change over time, making them suitable for general client devices where consistent addressing is not required. While convenient, dynamic IPs may cause issues with devices requiring permanent addresses for services like web servers or printers.

B) Static IP addresses are manually assigned by an administrator. They remain constant and do not change unless modified manually. Static IPs are essential for servers, network printers, and devices needing predictable addressing for DNS, routing, and firewall configurations. Proper static IP assignment ensures reliable network communication, avoids IP conflicts, and supports advanced network configurations. Administrators typically configure the IP address, subnet mask, gateway, and DNS manually to maintain consistency. Static IPs also facilitate remote access, port forwarding, and monitoring, as the device can always be reached at the same address. While static IPs offer predictability, they require careful management to prevent conflicts in larger networks.

C) Private IP addresses are IPs reserved for use within internal networks and are not routable on the public internet. Both static and dynamic IPs can be private. Private IPs include ranges such as 192.168.x.x, 10. x.x.x, and 172.16.x.x – 172.31.x.x. Private IPs reduce the need for public IP addresses but do not inherently indicate whether the assignment is manual or automatic.

D) Public IP addresses are assigned by an ISP and are globally unique. Public IPs can be static or dynamic. While a public IP can be manually assigned, the defining characteristic of a public IP is global accessibility, not the method of configuration.

Reasoning about the correct answer: The IP address manually configured by an administrator, remaining constant and predictable, is a static IP. Dynamic IPs are automatically assigned, and private/public addresses describe scope rather than configuration method. Therefore, B) Static IP is correct.

Question 147:

Which port number is associated with secure web traffic using HTTPS?

A) 80
B) 443
C) 21
D) 25

Answer: B) 443

Explanation:

A) Port 80 is used by HTTP, the standard protocol for web traffic. HTTP does not encrypt data, making it insecure for transmitting sensitive information such as login credentials, financial data, or personal information. Port 80 traffic is susceptible to eavesdropping and man-in-the-middle attacks.

B) Port 443 is the default port for HTTPS (Hypertext Transfer Protocol Secure). HTTPS encrypts web traffic using TLS (Transport Layer Security) or SSL (Secure Sockets Layer), ensuring confidentiality, integrity, and authentication. Secure web applications, online banking, e-commerce, and any service handling sensitive data rely on HTTPS to prevent interception and tampering. Browsers indicate HTTPS usage through padlock icons and display warnings for insecure connections. Port 443 is essential for modern web security, protecting data from unauthorized access during transit. HTTPS also supports certificate-based authentication, which verifies the legitimacy of the website and prevents phishing attacks. With increasing security standards, most websites redirect HTTP requests on port 80 to HTTPS on port 443 to ensure encrypted communication.

C) Port 21 is used for FTP (File Transfer Protocol). FTP is primarily for transferring files and does not provide encrypted communication by default. Secure alternatives like SFTP or FTPS address FTP’s lack of encryption, but port 21 itself is associated with standard, unencrypted FTP traffic.

D) Port 25 is primarily used for SMTP (Simple Mail Transfer Protocol) to send email between servers. It is not related to web traffic. While some SMTP clients use port 587 for submission, port 25 is mainly for server-to-server email relay.

Reasoning about the correct answer: The port associated with secure web traffic using HTTPS is 443. Port 80 is unsecured HTTP, 21 is for FTP, and 25 is for SMTP. Therefore, B) 443 is correct.

Question 148:

Which protocol provides secure remote access to a device over a network?

A) Telnet
B) SSH
C) FTP
D) HTTP

Answer: B) SSH

Explanation:

A) Telnet provides remote access to a device over a network but transmits data in plain text. Telnet sessions are vulnerable to interception, eavesdropping, and credential theft. It is now considered insecure and largely replaced by encrypted alternatives.

B) SSH (Secure Shell) provides secure remote access by encrypting the entire session. SSH ensures confidentiality, integrity, and authentication, preventing attackers from intercepting or modifying transmitted data. SSH is widely used for administrative access to servers, network devices, and remote systems. It supports features such as secure file transfer (SFTP), tunneling, and port forwarding. By using public/private key pairs or strong password authentication, SSH allows secure management of remote systems even over untrusted networks. SSH also logs connection activity and can enforce user-based access policies, enhancing security for system administrators.

C) FTP is for transferring files between devices and does not provide secure interactive remote access. While SFTP uses SSH to secure file transfers, standard FTP transmits credentials and data in plaintext.

D) HTTP transmits web traffic but is unencrypted. While HTTPS provides encryption for web interfaces, standard HTTP is not suitable for secure remote administrative access.

Reasoning about the correct answer: The protocol providing secure remote access to a device over a network is SSH. Telnet is insecure, FTP is for file transfer, and HTTP is unencrypted web traffic. Therefore, B) SSH is correct.

Question 149:

Which type of network attack overwhelms a system with excessive traffic to render it unavailable?

A) Phishing
B) DoS
C) Man-in-the-middle
D) Trojan

Answer: B) DoS

Explanation:

A) Phishing is a social engineering attack that tricks users into providing sensitive information like passwords or financial data. It relies on deception rather than traffic flooding and does not directly disrupt system availability.

B) DoS (Denial of Service) attacks overwhelm a system or network with excessive traffic or resource requests, preventing legitimate users from accessing services. Attackers may use a single device (DoS) or multiple devices (DDoS) to generate the attack. DoS attacks can exploit vulnerabilities, consume bandwidth, or exhaust system resources, rendering servers, websites, or network devices unavailable. Organizations mitigate DoS attacks using firewalls, intrusion detection/prevention systems, traffic filtering, and cloud-based mitigation services. DoS attacks may also involve malformed packets or application-level requests to trigger service crashes or slowdowns.

C) Man-in-the-middle attacks intercept communication between two parties, potentially modifying or eavesdropping on data. While dangerous, these attacks focus on confidentiality and integrity rather than overwhelming resources.

D) Trojans disguise themselves as legitimate software to install malware on a system. Trojans focus on deception and payload delivery rather than directly flooding a system with traffic to cause downtime.

Reasoning about the correct answer: The attack that overwhelms a system with excessive traffic to render it unavailable is a DoS attack. Phishing steals information, man-in-the-middle intercepts communication, and Trojans deliver malicious payloads. Therefore, B) DoS is correct.

Question 150:

Which cloud service model provides virtualized computing resources such as servers, storage, and networking?

A) SaaS
B) PaaS
C) IaaS
D) DaaS

Answer: C) IaaS

Explanation:

A) SaaS (Software as a Service) delivers fully functional applications accessible via a browser or client. Users do not manage underlying infrastructure or platforms. SaaS focuses on software delivery, not virtualized computing resources.

B) PaaS (Platform as a Service) provides a development and deployment environment for applications. Users manage applications but not the underlying infrastructure. PaaS abstracts hardware, OS, and runtime environments but is primarily for application development.

C) IaaS (Infrastructure as a Service) delivers virtualized computing resources such as servers, storage, and networking. Users can configure virtual machines, install operating systems, and manage applications while the cloud provider handles the physical hardware. IaaS enables flexible resource allocation, scaling, and cost efficiency. Examples include AWS EC2, Microsoft Azure VMs, and Google Compute Engine. Organizations use IaaS for hosting applications, backup solutions, disaster recovery, and testing environments. IaaS offers full control over the infrastructure, allowing custom configurations, security policies, and resource management, making it ideal for IT departments or businesses that require control over virtual environments without maintaining physical hardware.

D) DaaS (Desktop as a Service) provides virtual desktops to users over the cloud. While it delivers virtualized desktops, it focuses on desktop environments rather than generalized infrastructure resources like servers or storage.

Reasoning about the correct answer: The cloud service model providing virtualized computing resources such as servers, storage, and networking is IaaS. SaaS delivers applications, PaaS provides a development platform, and DaaS offers virtual desktops. Therefore, C) IaaS is correct.

Question 151:

Which component converts digital signals from a computer into analog signals for transmission over telephone lines?

A) Router
B) Modem
C) Switch
D) Hub

Answer: B) Modem

Explanation:

A) A router directs network traffic between different networks using IP addresses. Routers operate at Layer 3 of the OSI model and do not convert digital signals to analog. They are primarily used to connect LANs to WANs or the internet and manage routing paths, NAT, and firewall settings.

B) A modem (modulator-demodulator) converts digital signals from a computer into analog signals suitable for transmission over telephone lines and vice versa. When sending data, the modem modulates digital information into analog tones; when receiving data, it demodulates the analog signals back into digital form for the computer to process. Modems were widely used in dial-up internet connections, where telephone lines provided the communication medium. They ensure proper encoding, modulation techniques, and error correction to maintain reliable communication over analog networks. Modern broadband technologies may integrate modem functions into a single device with routing capabilities, such as cable or DSL modems. The importance of a modem lies in bridging digital devices with analog infrastructures while maintaining signal integrity and compatibility with existing telephone lines.

C) A switch operates at the data link layer (Layer 2) to forward frames between devices in a LAN using MAC addresses. Switches improve LAN efficiency by directing traffic intelligently rather than broadcasting it to all ports. They do not modulate or demodulate signals and are purely digital network devices.

D) A hub is a basic networking device that broadcasts incoming data to all ports. Hubs operate at the physical layer (Layer 1) and lack intelligence for traffic management. They also do not perform signal conversion between digital and analog.

Reasoning about the correct answer: The component that converts digital signals from a computer into analog signals for transmission over telephone lines is a modem. Routers direct traffic, switches manage LAN frames, and hubs broadcast data without conversion. Therefore, B) Modem is correct.

Question 152:

Which type of backup captures only data that has changed since the last full backup?

A) Full Backup
B) Differential Backup
C) Incremental Backup
D) Snapshot Backup

Answer: C) Incremental Backup

Explanation:

A) Full backups copy all selected data regardless of previous backups. While full backups provide a complete restore point, they require significant storage and time to complete, making them inefficient for frequent backups.

B) Differential backups copy all data that has changed since the last full backup. This allows for faster restoration than incremental backups but grows in size as changes accumulate, increasing storage and processing requirements over time.

C) Incremental backups capture only the data that has changed since the last backup of any type, whether full or incremental. Incremental backups are highly efficient in terms of storage and backup time because only new or modified data is copied. During restoration, the process involves applying the last full backup followed by all subsequent incremental backups. While restoration may take longer due to multiple incremental sets, this method balances efficiency and data protection. Incremental backups are commonly used in enterprise environments to reduce backup windows and minimize impact on network or storage resources. Best practices involve performing periodic full backups combined with daily incremental backups to maintain manageable recovery times while saving storage space. Incremental backups are also suitable for off-site or cloud backups where bandwidth and storage costs must be minimized.

D) Snapshot backups capture the current state of a system or storage volume at a specific point in time. Snapshots are often used for virtual machines or file systems and allow quick restoration. However, snapshots are not a traditional incremental backup method; they are typically dependent on the underlying storage system and do not replace regular backup strategies.

Reasoning about the correct answer: The backup type that captures only data changed since the last backup is incremental. Full backups copy everything, differential backups copy since the last full backup, and snapshot backups capture point-in-time states. Therefore, C) Incremental Backup is correct.

Question 153:

Which device is used to connect multiple devices in a LAN and selectively forwards traffic based on MAC addresses?

A) Hub
B) Switch
C) Router
D) Access Point

Answer: B) Switch

Explanation:

A) A hub broadcasts all incoming network traffic to every connected device. Hubs operate at the physical layer (Layer 1) and do not make intelligent forwarding decisions. They are inefficient in modern LANs due to collisions and excessive traffic.

B) A switch operates at the data link layer (Layer 2) and forwards traffic based on MAC addresses. By maintaining a MAC address table, the switch knows which device is connected to which port, allowing it to selectively forward frames to the intended recipient. This reduces unnecessary traffic and improves network efficiency. Switches support full-duplex communication, VLANs, and some models include Layer 3 capabilities for routing between VLANs. Switches are critical components of modern LANs, providing scalability, performance, and security. They allow multiple devices to communicate simultaneously without collisions, making them superior to hubs for high-performance networks. Managed switches provide additional features such as port mirroring, QoS, and traffic monitoring, while unmanaged switches offer simple plug-and-play functionality for small networks.

C) Routers operate at Layer 3 and manage traffic between networks using IP addresses. While routers connect LANs to external networks and the internet, they are not typically used for intra-LAN switching based on MAC addresses.

D) Access points provide wireless connectivity to a wired network. They facilitate wireless device connections but do not perform intelligent frame forwarding based on MAC addresses. Access points primarily bridge wireless devices to the LAN.

Reasoning about the correct answer: The device that connects multiple LAN devices and forwards traffic based on MAC addresses is a switch. Hubs broadcast traffic, routers route between networks, and access points provide wireless access. Therefore, B) Switch is correct.

Question 154:

Which Windows command-line tool displays IP configuration, including IP address, subnet mask, and default gateway?

A) ping
B) ipconfig
C) tracert
D) netstat

Answer: B) ipconfig

Explanation:

A) ping tests connectivity to a remote host by sending ICMP echo requests and measuring response times. While useful for diagnosing network reachability and latency, ping does not display IP configuration or network settings.

B) ipconfig displays the IP configuration of a Windows system. It shows IP addresses, subnet masks, default gateways, DNS server settings, and whether interfaces are enabled or disabled. ipconfig is essential for troubleshooting connectivity issues, verifying assigned addresses, and configuring static IPs. Additional flags, such as /release and /renew, allow DHCP-based IP management. ipconfig /all provides detailed information about all network adapters, including MAC addresses, DHCP lease times, and DNS configurations. This command is a primary diagnostic tool for network administrators to confirm that devices are correctly configured for network communication and to detect conflicts or misconfigurations. By understanding the output of ipconfig, technicians can determine whether network issues stem from incorrect IP assignments, subnet mismatches, gateway misconfigurations, or DNS problems. ipconfig is a first step in troubleshooting before using advanced tools like netstat, tracert, or Wireshark.

C) tracert traces the route packets take from a source to a destination. It identifies intermediate hops and latency but does not provide IP configuration details.

D) netstat displays active network connections, listening ports, and network statistics. While helpful for monitoring connections, it does not report the system’s IP configuration or network adapter settings.

Reasoning about the correct answer: The tool that displays IP configuration, including IP, subnet mask, and default gateway, is ipconfig. Ping tests connectivity, tracert traces routes, and netstat monitors connections. Therefore, B) ipconfig is correct.

Question 155:

Which cable type is most commonly used for high-speed Ethernet connections in modern LANs?

A) Coaxial
B) Cat 5e/Cat 6 UTP
C) Fiber Optic
D) HDMI

Answer: B) Cat 5e/Cat 6 UTP

Explanation:

A) Coaxial cables were used in older Ethernet networks (10BASE2, 10BASE5) and for cable television. They are less common today for LANs due to limited bandwidth, inflexibility, and susceptibility to interference compared to twisted-pair cabling.

B) Cat 5e and Cat 6 UTP (Unshielded Twisted Pair) cables are the standard for modern LANs. Cat 5e supports up to 1 Gbps over 100 meters, while Cat 6 supports 10 Gbps at shorter distances and reduced crosstalk. Twisted pairs minimize electromagnetic interference, and structured cabling ensures reliable performance for Ethernet, PoE, and network communications. Cat 5e and Cat 6 are cost-effective, flexible, and widely available, making them ideal for offices, data centers, and home networks. These cables also support VLANs, PoE devices, and high-speed applications like video conferencing and cloud access.

C) Fiber optic cables provide extremely high-speed connections with long-distance capabilities and immunity to electromagnetic interference. While fiber is used in backbone networks or high-performance connections, it is more expensive and requires specialized equipment, making Cat 5e/Cat 6 the preferred choice for typical LAN deployments.

D) HDMI cables are used for audio/video transmission and are not suitable for network connections. They cannot carry Ethernet traffic or replace twisted-pair cables for LANs.

Reasoning about the correct answer: The cable type most commonly used for high-speed Ethernet in LANs is Cat 5e or Cat 6 UTP. Coaxial is outdated, fiber is expensive and specialized, and HDMI is for AV. Therefore, B) Cat 5e/Cat 6 UTP is correct.

Question 156:

Which device allows multiple wireless devices to connect to a wired network?

A) Router
B) Switch
C) Access Point
D) Hub

Answer: C) Access Point

Explanation:

A) Routers connect multiple networks and manage traffic between LANs and WANs. While many routers include wireless capabilities, the router’s primary function is routing traffic between networks rather than providing dedicated wireless connectivity for multiple devices.

B) Switches operate at the data link layer and forward frames between devices on a wired LAN. Switches do not provide wireless connectivity. They are used to interconnect devices in a LAN and manage traffic efficiently based on MAC addresses.

C) Access points (APs) enable wireless devices to connect to a wired network. APs act as bridges between wireless clients and the wired LAN infrastructure, allowing laptops, smartphones, and IoT devices to communicate with network resources. Access points often support multiple SSIDs, security protocols (WPA2/WPA3), and can be managed centrally in enterprise networks for load balancing and roaming. APs extend the network’s coverage area and provide seamless connectivity for mobile devices, enabling users to access shared resources, internet services, and cloud applications without physical cabling. High-performance APs offer features such as dual-band support, MIMO technology, and VLAN tagging to optimize wireless performance, security, and segmentation. They are widely used in homes, offices, campuses, and public hotspots.

D) Hubs are basic Layer 1 devices that broadcast traffic to all connected devices. Hubs do not provide wireless connectivity and are largely obsolete due to inefficiency and collisions.

Reasoning about the correct answer: The device that allows multiple wireless devices to connect to a wired network is an access point. Routers route traffic, switches manage wired LAN connections, and hubs are basic broadcasting devices. Therefore, C) Access Point is correct.

Question 157:

Which protocol is used for secure file transfer over SSH?

A) FTP
B) SFTP
C) SMTP
D) Telnet

Answer: B) SFTP

Explanation:

A) FTP (File Transfer Protocol) allows transferring files between systems over a network. However, standard FTP does not encrypt data or credentials, making it insecure over untrusted networks. FTP is susceptible to interception, eavesdropping, and credential theft.

B) SFTP (Secure File Transfer Protocol) provides secure file transfer over SSH. Unlike FTP, SFTP encrypts both data and authentication credentials, ensuring confidentiality and integrity. It is widely used for transferring sensitive files, managing remote servers, and automating secure backups. SFTP operates over port 22 by default, leveraging SSH for authentication, encryption, and secure communication. Organizations adopt SFTP for regulatory compliance, secure data transmission, and protection against cyber threats. SFTP supports file manipulation commands like upload, download, rename, delete, and directory listing, providing functionality similar to FTP while maintaining security. By using public/private key authentication, SFTP enhances security further, allowing automated and passwordless transfers without compromising data integrity.

C) SMTP (Simple Mail Transfer Protocol) is used for sending email and does not provide secure file transfer.

D) Telnet provides unencrypted remote access to devices. While Telnet can be used for management, it is insecure and not intended for file transfer.

Reasoning about the correct answer: The protocol used for secure file transfer over SSH is SFTP. FTP is unencrypted, SMTP sends email, and Telnet is insecure remote access. Therefore, B) SFTP is correct.

Question 158:

Which Windows utility allows viewing hardware resource conflicts and driver status?

A) Device Manager
B) Task Manager
C) Disk Management
D) Resource Monitor

Answer: A) Device Manager

Explanation:

A) Device Manager is the Windows utility for viewing and managing hardware devices. It displays the status of all installed hardware, driver versions, and any conflicts. Yellow warning icons indicate issues such as driver problems, missing resources, or malfunctioning hardware. Device Manager allows updating, disabling, or uninstalling drivers, as well as configuring device properties like IRQs, I/O addresses, and memory ranges. It is essential for troubleshooting hardware-related issues and ensuring all devices function correctly.

B) Task Manager provides real-time monitoring of CPU, memory, disk, and network usage. While useful for performance monitoring, it does not provide detailed hardware configuration or driver conflict information.

C) Disk Management is used to manage storage devices, partitions, and volumes. It does not provide information on general hardware or driver conflicts.

D) Resource Monitor allows detailed performance monitoring, including CPU, memory, disk, and network activity. While it shows resource usage by processes, it does not directly indicate driver status or hardware conflicts.

Reasoning about the correct answer: The utility that allows viewing hardware resource conflicts and driver status is Device Manager. Task Manager and Resource Monitor track performance, and Disk Management manages storage. Therefore, A) Device Manager is correct.

Question 159:

Which malware type encrypts files and demands a ransom for decryption?

A) Trojan
B) Ransomware
C) Worm
D) Spyware

Answer: B) Ransomware

Explanation:

A) Trojans disguise themselves as legitimate programs to trick users into installing malware. While Trojans can deliver ransomware, they do not inherently encrypt files or demand a ransom.

B) Ransomware encrypts user files or system data and demands payment, often in cryptocurrency, to provide decryption keys. It can spread via email attachments, malicious downloads, or vulnerabilities. Once infected, the system or files may be inaccessible until the ransom is paid. Modern ransomware can target personal devices, enterprise networks, or cloud environments. Prevention involves regular backups, up-to-date security software, network segmentation, user education, and patch management. Ransomware may use symmetric or asymmetric encryption, and decryption without paying the ransom is often difficult or impossible. Organizations implement incident response plans, including isolating infected systems and restoring from backups to mitigate damage.

C) Worms self-replicate across networks and may carry payloads, but do not necessarily encrypt files for ransom. Their main function is propagation.

D) Spyware secretly monitors user activity, capturing sensitive information such as passwords or browsing behavior. Spyware does not encrypt files for ransom.

Reasoning about the correct answer: The malware type that encrypts files and demands a ransom is ransomware. Trojans deliver payloads, worms replicate, and spyware monitors activity. Therefore, B) Ransomware is correct.

Question 160:

Which Windows command-line tool traces the route packets take to a destination?

A) ping
B) tracert
C) ipconfig
D) netstat

Answer: B) tracert

Explanation:

A) ping tests connectivity to a remote host by sending ICMP echo requests and measuring response time. It does not provide the path packets take through the network.

B) tracert (trace route) shows the path packets travel from a source to a destination. It displays each hop along the route, including intermediate routers, and measures the latency to each hop. tracert helps diagnose routing issues, network congestion, and identify points of failure. By sending packets with incrementally increasing Time-to-Live (TTL) values, tracert forces intermediate devices to return ICMP “Time Exceeded” messages, revealing the route. Administrators use tracert to troubleshoot network paths, confirm routing configurations, and pinpoint network slowdowns or outages. Combined with other tools like ping and netstat, tracert provides detailed insights into network connectivity and performance.

C) ipconfig displays IP configuration, including IP address, subnet mask, and default gateway, but does not trace packet routes.

Ping is a basic network diagnostic tool used to test connectivity between devices on a network. It works by sending Internet Control Message Protocol (ICMP) echo request packets to a target host and waiting for echo replies. Ping measures the round-trip time for messages sent from the source to the destination and determines whether the target device is reachable. It is widely used to check network connectivity, detect packet loss, and measure latency. While ping provides information about whether a host is online and how quickly it responds, it does not give detailed information about the path the data takes or the intermediate devices along the route.

Tracert, short for “trace route,” is a network diagnostic command that tracks the path that data packets take from the source device to a specified destination. It identifies each router or hop along the route and measures the time taken for packets to reach each intermediate point. This tool is useful for troubleshooting network issues, such as identifying where delays or packet loss occur in a network path. Tracert works by sending ICMP echo request packets with incrementally increasing Time-to-Live (TTL) values, which allows each router along the path to return an ICMP “time exceeded” message, revealing its address. By listing each hop and the corresponding response times, tracert provides a detailed view of the route packets travel, helping network administrators pinpoint problem areas in complex networks.

Ipconfig is a command-line utility used primarily in Windows operating systems to display and manage the network configuration of a computer. It provides information such as the IP address, subnet mask, default gateway, and DNS server settings for each network interface. Additionally, ipconfig can be used to release and renew DHCP-assigned addresses, flush the DNS resolver cache, and troubleshoot network configuration issues. While ipconfig is essential for understanding and managing a device’s network settings, it does not provide information about the route taken by data packets or connectivity beyond the local device’s network.

Netstat, short for “network statistics,” is a command-line tool that displays active network connections, listening ports, and routing tables on a computer. It provides detailed information about TCP and UDP connections, including the local and remote addresses, connection states, and associated process identifiers (PIDs). Netstat is commonly used for monitoring network activity, detecting unauthorized connections, and diagnosing network performance issues. While netstat is a powerful tool for analyzing active network connections and system-level traffic, it does not trace the path of packets or identify intermediate devices along a network route.

In summary, ping tests basic connectivity and measures round-trip times to a destination, ipconfig displays and manages a device’s network configuration, and netstat provides detailed information about active connections and routing tables. Tracert, however, is the tool specifically designed to trace the route that packets take from the source to the destination, identifying each intermediate router or hop along the path and measuring response times. By providing a detailed path analysis, tracert helps network administrators pinpoint bottlenecks, delays, or points of failure in a network. This makes tracert the correct answer when the goal is to trace the path of data packets across a network, distinguishing it from other tools that focus on connectivity, configuration, or active connections.

D) netstat shows active connections, listening ports, and protocol statistics, but does not provide hop-by-hop routing information.

Reasoning about the correct answer: The tool that traces the route packets take to a destination is tracert. Ping tests connectivity, ipconfig shows configuration, and netstat monitors connections. Therefore, B) tracert is correct.