A network technician notices that most of the company's network switches are now end-of- life and need to be upgraded. Which of the following should the technician do first?

1. A. Implement the change
2. B. Approve the change
3. C. Propose the change
4. D. Schedule the change

Correct Answer: C
Comprehensive and Detailed Explanation From Exact Extract:
The first step in the IT change management process is to identify and propose the change. In this case, the technician notices a need (end-of-life network switches), so the
appropriate action is toformally propose a change. This proposal would be documented and submitted for approval before any planning or implementation occurs.
According to the CompTIA A+ 220-1102 objectives under Operational Procedures (Domain 4.0), the change management process follows these typical steps:
✑ Submit a change request (Propose the change)
✑ Review and approval (Approve the change)
✑ Planning and scheduling (Schedule the change)
✑ Implementation
✑ Documentation and review
Therefore, proposing the change is the correct first step in accordance with standard ITIL- based change management practices.
Reference:
CompTIA A+ 220-1102 Objective 4.1: Given a scenario, implement best practices associated with documentation and support systems information management.
Study Guide Section: Change Management Process
===========================

A user frequently misplaces their Windows laptop and is concerned about it being stolen. The user would like additional security controls on their laptop. Which of the following is a built-in technology that a technician can use to enable full drive encryption?

1. A. Active Directory
2. B. New Technology File System
3. C. Encrypting File System
4. D. BitLocker

Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract: BitLocker is Microsoft??s full disk encryption technology built into Windows Pro and Enterprise editions. It encrypts the entire drive, protecting data if the device is lost or stolen. BitLocker can use TPM (Trusted Platform Module) and can be configured with PINs or USB keys for added security.
* A. Active Directory is for centralized user and policy management in domains.
* B. NTFS is the file system format and doesn't provide encryption by itself.
* C. EFS (Encrypting File System) encrypts individual files or folders, not the entire drive. Reference:
CompTIA A+ 220-1102 Objective 2.2: Compare and contrast security measures and encryption tools.
Study Guide Section: Encryption options — BitLocker vs. EFS
===========================

Which of the following types of social engineering attacks sends an unsolicited text
message to a user's mobile device?

1. A. Impersonation
2. B. Vishing
3. C. Spear phishing
4. D. Smishing

Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract:
Smishing (SMS phishing) is a type of social engineering attack where attackers send fraudulent text messages to trick users into revealing sensitive information or downloading malware. These messages often impersonate banks, delivery services, or official institutions to lure the victim into clicking malicious links.
* A. Impersonation is an in-person or voice-based tactic.
* B. Vishing refers to voice phishing over phone calls.
* C. Spear phishing is a targeted email-based phishing method. Reference:
CompTIA A+ 220-1102 Objective 2.3: Compare and contrast social engineering techniques.
Study Guide Section: Smishing as a type of phishing via SMS or mobile messaging.
===========================

Which of the following provides information to employees, such as permitted activities when using the organization's resources?

1. A. AUP
2. B. MNDA
3. C. DRM
4. D. EULA

Correct Answer: A
Comprehensive and Detailed Explanation From Exact Extract:
An Acceptable Use Policy (AUP) outlines the rules and guidelines for employees or users regarding the appropriate use of company systems, resources, and internet access. It defines permitted and prohibited activities, helping to mitigate security risks and establish clear behavioral expectations.
* B. MNDA (Mutual Non-Disclosure Agreement) deals with confidentiality, not usage guidelines.
* C. DRM (Digital Rights Management) controls access to copyrighted content.
* D. EULA (End User License Agreement) pertains to software licensing, not internal policies.
Reference:
CompTIA A+ 220-1102 Objective 4.3: Explain common safety and environmental impacts and procedures.
Study Guide Section: Organizational policies — AUP, security best practices
===========================

Which of the following is a Linux command that is used for administrative purposes?

1. A. runas
2. B. cmcl
3. C. net user
4. D. su

Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract:
The su (substitute user) command is used in Linux to switch to another user account, most commonly to escalate privileges by switching to the root (administrator) account. It allows administrative tasks to be performed in a terminal session.
* A. runas is a Windows command for executing a program under another user's context.
* B. cmcl is not a valid Linux or administrative command.
* C. net user is a Windows command for managing local user accounts.
Reference:
CompTIA A+ 220-1102 Objective 1.9: Identify common features and tools of the Linux client/desktop OS.
Study Guide Section: Linux command-line tools — su, sudo
===========================