Certification Exam Prep Questions For CompTIA A+ (220-1001)
QuickStart is now offering assessment questions for CompTIA A+ (220-1001). Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA A+ (220-1001).


Identify the people who hack and deface websites for the sake of promoting and bringing social change?
- A. Hactivists
-
Correct!
- B. Black hat hackers
-
Incorrect.
- C. Gray hat hackers
-
Incorrect.
- D. Ethical hackers
-
Incorrect.
When individuals are aware of the complete layout of the network, what type of testing may occur?
There is a type of security test which usually takes on an adversarial role. With this test, security professionals check the system to see where the gaps are, and how much access and control of the system an outsider can achieve.
- A. Network evaluation
-
Incorrect.
- B. Penetration test
-
Correct!
- C. Policy assessment
-
Incorrect.
- D. High-level evaluation
-
Incorrect.
If you are examining technologies such as old copiers, telecommunication, USBs or other equipment found in trash of a private property, what type of penetration test would it be characterized as?
- A. Database testing
-
Incorrect.
- B. Communication systems
-
Incorrect.
- C. Denial of service
-
Incorrect.
- D. Stolen equipment
-
Correct!
Identify the hacker who might get a very long prison term, but still carry out a cyberattack?
You are reviewing the security posture for an organization. You identify the absence of proper documented security for a specific area you are assessing. What action would you take in this situation?
- A. Stop the audit
-
Incorrect.
- B. Create policies while testing
-
Incorrect.
- C. Identify and evaluate current practices
-
Correct!
- D. Increase the level of testing
-
Incorrect.
An ethical hacker is performing a pre-assessment. Identify the most important step that he will perform during the pre-assessment?
- A. Gather information about the target
-
Incorrect.
- B. Obtain written permission to hack
-
Correct!
- C. Obtain permission to hack
-
Incorrect.
- D. Hack the web server
-
Incorrect.
Sometimes there are unknown vulnerabilities that the cyber attackers hang on to, only to use them in an attack later with malware or viruses or other malicious threats that have no known defense or patch. Flame and Stuxnet are believed to be such attacks by some. Identify from below which best describes that vulnerability??
- A. Polymorphic
-
Incorrect.
- B. Unpatched vulnerability
-
Incorrect.
- C. Zero day
-
Correct!
- D. Unknown attack
-
Incorrect.
You are assessing backup methods. Here is the series of backup events: A full backup performed on Monday; An incremental backup performed on Tuesday, Wednesday and Thursday. If an outage occurs on Friday, what is the proper restoration technique?
- A. Only the full backup
-
Incorrect.
- B. The full backup and all three incrementals
-
Correct!
- C. The full backup and only the last incremental
-
Incorrect.
- D. Only the incremental backups
-
Incorrect.
Here are three different types of cyberattacks: Phishing, social engineering, and buffer overflows. Can you identify the point in attacker’s process where all these are usually used?
- A. Port scanning
-
Incorrect.
- B. Covering tracks
-
Incorrect.
- C. Gaining access
-
Correct!
- D. Backdoors
-
Incorrect.
Identify the DNS record that provides information regarding the zone, for example, administrator contact?
You are about to hack a targeted network. The configuration of the DNS server needs to be checked by you. Identify the port you should look for in order to attempt a zone transfer.
You are worried about the fact that your DNS server could be poisoned by someone. Identify an option that tells you how long would cache poisoning last?
Identify a Class D address out of the following.
Identify which TCP flag is set if you use Wireshark to filter for the first step of TCP handshake after capturing data from a client to an HTTP server.
Planning, discovery, attack and reporting are four basic stages of a security assessment in which of the following?
Identify a DNS record that provides information about the zone. Information could be administrator contact and so on?
Identify an option from below that that represents the code for ICMP unreachable message?
You performed the following scan in the pen test: nmap -sL www.example.com Starting Nmap 6.25 ( http://nmap.org ) at 2016-10-12 18:46 Central Daylight Time Host 93.184.216.34 not scanned. You have a junior pen tester with you who wants to understand the results. Which of the options below would you inform your partner as the correct answer?
- A. The syntax is incorrect.
-
Incorrect.
- B. The technique only checks DNS and does not scan.
-
Correct!
- C. ICMP is blocked, so no scan is performed.
-
Incorrect.
- D. The system was offline
-
Incorrect.
You are a pen tester who is asked to perform penetration test. You need to identify web servers that might reflect vulnerability to shellshock. Identify the tools that support scripts helping you identify these devices?
You are required to perform an ACK scan. While the scan was being performed, you monitor the sniffer. ICMP type 3 code 13 was captured by the sniffer captured as the result of the scan. Can you choose an option that reflects the result?
- A. The port is closed.
-
Incorrect.
- B. The firewall is only a router with an ACL.
-
Correct!
- C. The port is open.
-
Incorrect.
- D. Port knocking is used.
-
Incorrect.
Can you identify which of these options is a passive OS fingerprinting tool?
You are doing carrying a footprinting exercise for a company. What option will you choose if you are required to take out metadata from the target company’s website?
If you want to scan ports in a consecutive manner, which Nmap scan would you choose?
Choose an option you think is not typically used for OS fingerprinting?
- A. TCP window size
-
Incorrect.
- B. UDP checksum
-
Correct!
- C. IP DF option
-
Incorrect.
- D. IP TTL
-
Incorrect.
Choose an option that reflects the response from a target you can expect from a connect or SYN scan of an open port?
Following are some hping commands. Which of these you think is appropriate to ping 192.168.123.1?
- A. hping3 -2 192.168.123.1
-
Incorrect.
- B. hping3 -A 192.168.123.1 -p 80
-
Incorrect.
- C. hping3 -1 192.168.123.1
-
Correct!
- D. hping3 192.168.123.1 -Q -p 139 -s
-
Incorrect.
One of these biometrics is widely believed to be most accurate. Can you identify which?
- A. Iris scanning
-
Correct!
- B. Palm scanning
-
Incorrect.
- C. Fingerprint scanning
-
Incorrect.
- D. Voice scanning
-
Incorrect.
After gaining the access to a system, you plan on hiding a file. The hidden file will be streamed behind another. Identify which of the following systems is required.
You have managed to gain access to a system when performing a penetration test. You have successfully gained a local administrator status on one of the workstations and moved to another workstation with gaining the same status. Which of the following statements stand true in this case?
- A. You have completed vertical privilege escalation.
-
Incorrect.
- C. You have no access.
-
Incorrect.
- D. You will have a RID of 501.
-
Incorrect.

CompTIA A+ Certification Course + Exam Bundle
Virtual ClassroomQuickStart’s CompTIA A+ Certification Course + Exam Bundle prepares aspiring IT profession...
Get info
Designing and Implementing Microsoft DevOps solutions (AZ-400T00)
Virtual ClassroomThis course provides the knowledge and skills to design and implement DevOps processes...
Get info- Home
- 220-1001 Sample Question - CompTIA A+
220-1001 Sample Question - CompTIA A+
More Information:
- Learning Style: On Demand
- Learning Style: Practice Exam
- Difficulty: Beginner
- Course Duration: 1 Hour
- Course Info: Download PDF
- Certificate: See Sample
Contact a Learning Consultant
Need Training for 5 or More People?
Customized to your team's need:
- Annual Subscriptions
- Private Training
- Flexible Pricing
- Enterprise LMS
- Dedicated Customer Success Manager
Outline
Reviews
Community Experts

About Our Experts
Our experts featured on QuickStart are driven by our ExpertConnect platform, a community of professionals focused on IT topics and discussions. Interact with these experts, create project opportunities, gain help and insights on questions you may have, and more.