220-1002 Exam Questions Dumps
                     220-1002
CompTIA A+ Certification Exam: Core 2
It not just passing A+ Certification Exam but making the highest 
possible score in the first attempt that add to the benefits of our 
CompTIA 220-1002 Practice Exam Dumps. With the help of them you 
will be able to not only understand each concept and term of 
CompTIA A+ Certification Exam: Core 2 Exam but also be one step 
ahead of the others. Give your test with confidence after studying 
through our amazing 220-1002 Practice Test Questions. Even the 
Professionals claim that these are 100% accurate and real.
220-1002 Questions Dumps
Exam 
Anxiety
220-1002 Questions Dumps
I don’t remember
How to answer
What do I
these questions
Do now?!
220-1002 Questions Dumps
Un wariness
Of actual
Exam Scenario
220-1002 Questions Dumps
Free
 Demo 
 Questions
220-1002 Questions Dumps
Question NO 1
Incidents are reported in order to:
A. Provide stronger protection for systems and data
B. Deal properly with legal issues
C. Be prepared for handling future incidents
D. All the above
Answer: D
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 2
Business Continuity planning includes other plans such as:
A. Incident/disaster recovery plan
B. Business recovery and resumption plans
C. Contingency plan
D. All the above
Answer: D
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 3
An audit trail policy collects all audit trails such as series of records of computer 
events, about an operating system, application or user activities. Which of the 
following statements is NOT true for an audit trail policy:
A. It helps calculating intangible losses to the organization due to incident
B. It helps tracking individual actions and allows users to be personally accountable 
for their actions
C. It helps in compliance to various regulatory laws, rules,and guidelines
D. It helps in reconstructing the events after a problem has occurred
Answer: A
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 4
Which among the following CERTs is an Internet provider to higher education 
institutions and various other research institutions in the Netherlands and deals with 
all cases related to computer security incidents in which a customer is involved either 
as a victim or as a suspect?
A. NET-CERT
B. DFN-CERT
C. Funet CERT
D. SURFnet-CERT
Answer: D
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 5
The insider risk matrix consists of technical literacy and business process knowledge vectors. 
Considering the matrix, one can conclude that:
A. If the insider’s technical literacy is low and process knowledge is high, the risk posed by the threat 
will be insignificant.
B. If the insider’s technical literacy and process knowledge are high, the risk posed by the threat will 
be insignificant.
C. If the insider’s technical literacy is high and process knowledge is low, the risk posed by the threat 
will be high.
D. If the insider’s technical literacy and process knowledge are high, the risk posed by the threat will 
be high.
Answer: D
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 6
Which policy recommends controls for securing and tracking organizational 
resources:
A. Access control policy
B. Administrative security policy
C. Acceptable use policy
D. Asset control policy
Answer: D
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 7
An incident recovery plan is a statement of actions that should be taken before, during 
or after an incident. Identify which of the following is NOT an objective of the 
incident recovery plan?
A. Creating new business processes to maintain profitability after incident
B. Providing a standard for testing the recovery plan
C. Avoiding the legal liabilities arising due to incident
D. Providing assurance that systems are reliable
Answer: A
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 8
An active vulnerability scanner featuring high speed discovery, configuration 
auditing, asset profiling, sensitive data discovery, and vulnerability analysis is called:
A. Nessus
B. CyberCop
C. EtherApe
D. nmap
Answer: A
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 9
A security policy will take the form of a document or a collection of documents, depending on the 
situation or usage. It can become a point of reference in case a violation occurs that results in dismissal 
or other penalty. Which of the following is NOT true for a good security policy?
A. It must be enforceable with security tools where appropriate and with sanctions where actual 
prevention is not technically feasible
B. It must be approved by court of law after verifications of the stated terms and facts
C. It must be implemented through system administration procedures, publishing of acceptable use 
guide lines or other appropriate methods
D. It must clearly define the areas of responsibilities of the users, administrators and management
Answer: B
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
Question NO 10
What command does a Digital Forensic Examiner use to display the list of all IP addresses and their 
associated MAC addresses on a victim computer to identify the machines that were communicating 
with it:
A. “arp” command
B. “netstat –an” command
C. “dd” command
D. “ifconfig” command
Answer: A
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll  
220-1002 Questions Dumps
220-1002 Questions Dumps
220-1002 Questions Dumps
220-1002 Questions Dumps
www..dumpspediia..iinfo/220-1002-questions-dumps..htmll