CompTIA A+ 220-1202 Certification Core 2 Exam Dumps and Practice Test Questions Set 5 Q61-75

Visit here for our full CompTIA 220-1202 exam dumps and practice test questions.

Question 61

A Windows 10 user reports that their computer takes an unusually long time to boot,, and applications are sluggish immediately after startup. The CPU and RAM usage appear normal. Which hardware component is most likely causing the performance issue?

A) Hard Disk Drive (HDD)
B) Solid-State Drive (SSD)
C) Graphics Processing Unit (GPU)
D) Network Interface Card (NIC)

Answer: A) Hard Disk Drive (HDD)

Explanation:

Answer: A) Hard Disk Drive (HDD) is correct because the symptoms indicate that the system is experiencing a storage bottleneck. HDDs rely on spinning platters and mechanical read/write heads, which are considerably slower than the flash memory used in SSDs. When a system is booting or launching applications, it frequently accesses a large number of files stored on the drive. If these operations take longer than normal, even when CPU and RAM usage are low, the storage subsystem is likely the limiting factor. Applications that rely on reading large amounts of data, such as office suites, multimedia software, or databases, are particularly sensitive to slow read/write speeds. By replacing an HDD with an SSD, which uses non-volatile memory to store data, read and write operations are dramatically faster, reducing boot times and application load times. SSDs have no moving parts, which also improves reliability, reduces the likelihood of mechanical failure, and minimizes latency compared to HDDs. Upgrading to an SSD is one of the most noticeable improvements for system responsiveness.

Using a solid-state drive (SSD) is incorrect because SSDs are significantly faster than HDDs. If the system already had an SSD, the symptoms described would not typically occur unless there was another underlying issue. Therefore, the problem is not caused by an SSD, but rather by an older mechanical HDD.

The Graphics Processing Unit (GPU) is incorrect because the GPU primarily handles the rendering of video, images, and graphical content. General system sluggishness or slow boot times are not usually related to the GPU unless the system is performing graphics-intensive operations at startup. The CPU and RAM usage are normal, further indicating that graphics processing is not the cause.

The Network Interface Card (NIC) is incorrect because network adapters manage communication with other devices and networks. Sluggish application startup and delayed boot times are rarely caused by network hardware unless specific applications are heavily dependent on network access. Since other aspects of system performance appear normal, the NIC is unlikely to be the bottleneck. The HDD is the most likely cause because storage speed directly impacts the system’s ability to read and load the operating system and applications efficiently.

Question 62

A Windows 10 user reports that they cannot access files on a shared folder located on a network server. Other users can access the same folder without issues. Which step should a technician perform first?

A) Verify the user’s network permissions
B) Run Disk Cleanup
C) Open Task Manager
D) Enable BitLocker

Answer: A) Verify the user’s network permissions

Explanation:

Answer: A) Verifying the user’s network permissions is correct because access to shared network folders is controlled by file and folder permissions on the host server or storage device. If a user cannot access a shared folder while others can, it is often due to incorrect or missing permissions on the user account. Permissions can be set at the folder level using NTFS security settings or through network share permissions. The technician should ensure that the user has at least read access for viewing files or write access for modifying files, depending on the intended functionality. Permissions can also be affected by group membership or inheritance from parent folders, which may restrict access despite individual account settings. Verifying network permissions ensures that access issues are resolved without making unnecessary changes to the system, and it prevents potential security risks by only granting the appropriate level of access. This step is often the first and most efficient action when troubleshooting single-user network access problems.

Running Disk Cleanup is incorrect because it only removes temporary files and unnecessary system files. While it helps improve storage efficiency, it does not affect network permissions or file access.

Opening Task Manager is incorrect because it monitors running processes and system resources. It does not provide insight into file permissions or network access rights.

Enabling BitLocker is incorrect because it encrypts drives to prevent unauthorized access. BitLocker does not configure network permissions or address access issues to shared folders. Verifying permissions is the correct first step because it directly targets the root cause of the problem without affecting system performance or security.

Question 63

A user wants to ensure that their Windows 10 laptop can be located if it is lost or stolen. Additionally, they want the ability to lock or erase the device remotely. Which feature should the technician enable?

A) Find My Device
B) Windows Hello
C) BitLocker
D) File History

Answer: A) Find My Device

Explanation:

Answer: A) Find My Device is correct because it is a built-in Windows 10 feature that allows users to track the physical location of their device using GPS or network-based location services. Find My Device also enables remote actions such as locking the device, displaying a message on the screen, or erasing data to prevent unauthorized access. This feature is linked to the user’s Microsoft account, allowing actions to be performed from another device or via the Microsoft web portal. By enabling Find My Device, the user ensures that if the laptop is misplaced or stolen, it can be tracked and secured. This is particularly important for portable devices that leave the office frequently or travel with users. Find My Device integrates with Windows security and authentication mechanisms to ensure that recovery and remote management are performed safely. This proactive measure reduces the risk of data loss, enhances device security, and increases the likelihood of recovering lost devices.

Windows Hello is incorrect because it provides biometric authentication, such as facial recognition or fingerprints. While Windows Hello secures user access to the device, it does not provide remote tracking or the ability to lock or erase a device.

BitLocker is incorrect because it encrypts drives to protect data at rest. While BitLocker ensures that unauthorized users cannot access the content of a stolen device, it does not allow location tracking, remote locking, or erasing.

File History is incorrect because it backs up user files for recovery. While File History helps protect data in case of accidental deletion, it does not provide remote device management or tracking capabilities. Find My Device is the only feature among these options that fulfills both tracking and remote security requirements.

Question 64

A technician wants to protect sensitive data on a Windows laptop from unauthorized access if the device is lost or stolen. Which built-in feature should be used?

A) BitLocker
B) Windows Defender Firewall
C) Disk Cleanup
D) Task Manager

Answer: A) BitLocker

Explanation:

Answer: A) BitLocker is correct because it provides full-disk encryption, protecting all files and data stored on the device. If the device is lost or stolen, BitLocker ensures that unauthorized users cannot access the contents of the drive without the correct password, PIN, or recovery key. BitLocker To Go extends encryption to removable drives, allowing external storage to be secured. The encryption uses strong algorithms and integrates with the operating system to protect both user files and system files without impacting normal operations. BitLocker can be managed through Windows settings or enterprise management tools, making it suitable for corporate environments where data security is a priority. Recovery keys can be stored securely in Microsoft accounts or Active Directory, ensuring that authorized personnel can regain access if credentials are forgotten. Enabling BitLocker is an essential step in securing sensitive information and ensuring compliance with data protection policies.

Windows Defender Firewall is incorrect because it protects the system from network-based threats, but does not encrypt local files.

Disk Cleanup is incorrect because it removes temporary files and frees disk space. While useful for system maintenance, it does not secure sensitive information.

Task Manager is incorrect because it monitors system processes and resources. It does not encrypt or secure files. BitLocker is the correct feature for protecting sensitive data on a Windows laptop.

Question 65

A user accidentally deleted critical documents on their Windows 10 PC. Which built-in feature allows recovery of individual files or previous versions without affecting system files?

A) File History
B) System Restore
C) BitLocker
D) Windows Defender Antivirus

Answer: A) File History

Explanation:

Answer: A) File History is correct because it continuously backs up user-selected folders, allowing restoration of individual files or previous versions. File History monitors designated folders and copies files to an external drive or network location at scheduled intervals, maintaining multiple versions. Users can browse prior versions to recover accidentally deleted or modified files without affecting other system files, applications, or operating system settings. Unlike System Restore, which focuses on system files and installed programs, File History is designed to protect user-generated content such as documents, pictures, and spreadsheets. Configuring File History includes specifying backup destinations, retention policies, and schedule frequency, giving users flexibility in managing backup data. In environments where users frequently modify or create important documents, File History provides a critical safety net that minimizes data loss, reduces downtime, and ensures continuity. File History complements other backup strategies by focusing specifically on user data, ensuring that accidental deletion or corruption does not result in permanent loss.

System Restore is incorrect because it restores system files and settings. While it can undo certain changes to the operating system, it does not protect or recover user documents.

BitLocker is incorrect because it encrypts data on drives but does not provide file recovery or versioning.

Windows Defender Antivirus is incorrect because it protects against malware and viruses, but does not back up or restore user files. File History is the appropriate built-in tool for recovering deleted or modified documents.

Question 66

A Windows 10 user reports that programs take an unusually long time to open, even though the system boots quickly. Memory usage is normal, and CPU activity remains low during application launches. Which issue is the most likely cause?

A) Fragmented hard drive
B) Overheating CPU
C) Faulty GPU
D) Weak Wi-Fi signal

Answer: A) Fragmented hard drive

Explanation:

Answer: A)A  Fragmented hard drive is correct because fragmentation affects the physical structure of data on traditional magnetic disk drives. When a file becomes fragmented, pieces of that file are scattered across different areas of the disk. Each time the file is accessed, the read/write head must travel between multiple physical locations to assemble the complete file. This process significantly increases access times, especially for larger files or applications that depend heavily on sequential data loading. Fragmentation accumulates naturally over time as files are created, deleted, and modified. On mechanical hard drives, this leads to noticeable performance issues such as slow program launches, delayed file opening times, and general sluggishness when working with applications that rely on frequent disk access. Because the user reports that boot times are fast, the system likely loads the most essential startup files efficiently; however, once in the operating environment, fragmented program files, libraries, and assets cause delays that do not reflect CPU or RAM usage. These symptoms point toward a storage-level performance bottleneck rather than a processing or thermal issue. Defragmenting the drive rearranges file clusters into contiguous sections, reducing seek time and allowing the disk to respond faster to application requests.

An overheating CPU is incorrect because thermal issues typically cause system throttling or sudden drops in performance during extended high-load operations. Overheating problems frequently lead to shutdowns, crashes, or very slow overall performance, not specifically delayed program launches while maintaining low CPU usage. A CPU overheating would present symptoms like system freezes, audible fan acceleration, or abrupt protective shutdowns, none of which are described by the user.

A faulty GPU is incorrect because the GPU primarily handles graphical computations, rendering images, and producing display output. GPU issues manifest visibly through artifacting, flickering, freezing during graphic-intensive tasks, or driver crashes. Program launch delays are storage-related, not graphics-related. Even if a GPU were malfunctioning, it would not cause slow loading of general applications unless the applications depended on graphics acceleration, which is not indicated in the scenario.

A weak Wi-Fi signal is incorrect because internal program launching does not depend on internet connectivity. Even cloud-based services usually perform a portion of their startup locally before attempting to communicate with servers. If the Wi-Fi connection were weak, the user would experience slow downloads, buffering, or an inability to load web content, not delayed application start times for local programs.

Therefore, the fragmented hard drive is the most relevant and probable cause since it directly explains the symptoms while matching the resource observations (normal CPU and memory activity).

Question 67

A technician installs a new software application on a Windows 10 machine, and immediately afterward, the system begins crashing randomly. Which tool should be used first to determine whether the crashes are related to the newly installed application?

A) Event Viewer
B) File History
C) Windows Update
D) Disk Cleanup

Answer: A) Event Viewer

Explanation:

Answer: A) Event Viewer is correct because it provides detailed logs that document system events, warnings, and critical errors. When a system begins crashing after a software installation, Event Viewer is the most effective tool to identify whether the newly installed application is causing the problem. Its logs include application errors, driver faults, service failures, kernel crashes, and hardware issues. By filtering logs by time and severity, a technician can pinpoint entries that occurred immediately before or during the crash. Event Viewer also stores stop codes, exception codes, and stack traces that reveal how the failure was triggered. This allows the technician to determine whether the new application introduced incompatible drivers, corrupted system components, or caused resource conflicts. Reviewing the application log can confirm whether the new software attempted to modify protected system areas or interact improperly with existing services. Event Viewer thus acts as a diagnostic foundation that guides more advanced troubleshooting steps.

File History is incorrect because its purpose is to create backups of user files. It does not monitor system events or diagnose application failures. Even though File History protects documents from accidental deletion, it offers no insights into why a system crashes.

Windows Update is incorrect because it provides operating system patches and driver updates. Although updating may resolve some issues, the first diagnostic step is determining the cause, not applying updates blindly. Running Windows Update does not reveal whether the recently installed application triggered the crashes.

Disk Cleanup is incorrect because it removes unnecessary files such as caches and temporary data. Cleaning up storage space does not address or diagnose system instability. While low disk space can cause performance problems, this scenario directly links crashes to a new software installation, which Disk Cleanup cannot analyze. Event Viewer is, therefore, the correct first tool to identify the cause.

Question 68

A user complains that their Windows laptop repeatedly disconnects from the Wi-Fi network, while other devices stay connected. The technician suspects a driver issue. Which action should be performed first?

A) Update the wireless adapter driver
B) Replace the router
C) Run Disk Cleanup
D) Disable the firewall

Answer: A) Update the wireless adapter driver

Explanation:

Answer: A) Updating the wireless adapter driver is correct because frequent disconnections isolated to a single device typically point toward software-level issues, most commonly driver corruption or outdated drivers. Wireless adapter drivers are responsible for maintaining compatibility between the hardware NIC and the operating system. When these drivers become outdated, corrupt, or misconfigured, the system may experience intermittent connectivity issues such as dropped connections, failure to authenticate, or inability to maintain stable communication with the access point. Updating the wireless driver ensures that the adapter receives the most recent performance optimizations, bug fixes, and compatibility improvements released by the manufacturer. Driver updates also resolve issues introduced by recent Windows updates, which sometimes disrupt older drivers. By updating the driver first, the technician eliminates one of the most common and easily fixable causes of intermittent Wi-Fi disconnections.

Replacing the router is incorrect because other devices remain connected, which indicates that the router itself is functioning properly. Router replacement is a last resort and only appropriate when multiple users experience connectivity problems.

Running Disk Cleanup is incorrect because removing temporary files does not affect wireless driver performance or network stability. Disk Cleanup is useful for freeing storage space, not resolving connectivity issues.

Disabling the firewall is incorrect because the firewall controls inbound and outbound traffic, but does not maintain the physical wireless connection. A firewall issue would likely block certain applications or ports, but it would not cause the Wi-Fi connection itself to drop repeatedly. Updating the wireless driver directly targets the suspected cause and is the correct first step.

Question 69

A Windows 10 system frequently displays low virtual memory warnings. RAM usage appears high even when only a few applications are running. What is the most likely cause?

A) Memory leak in an application
B) Incorrect monitor resolution
C) Faulty GPU driver
D) Slow internet connection

Answer: A) Memory leak in an application

Explanation:

Answer: A) A memory leak in an application is correct because memory leaks occur when a program allocates RAM but fails to release it after the task is completed. Over time, the program consumes increasing amounts of memory, eventually exhausting available RAM and forcing the system to rely heavily on virtual memory. When virtual memory demand becomes excessive, Windows displays warnings and may experience reduced performance. Memory leaks are often caused by poorly written software, incompatible applications, or buggy updates. They present symptoms such as high RAM usage, slow performance, frequent system freezing, and warnings about low memory even when few programs appear to be open. By identifying and closing the offending application, uninstalling the problematic software, or applying patches, the technician can resolve the leak and restore normal memory usage.

An incorrect monitor resolution is incorrect because screen resolution has no direct impact on RAM consumption. Resolution changes affect GPU load, not system memory allocation.

A faulty GPU driver is incorrect because GPU drivers impact graphics processing and display output. While a failing GPU driver can cause crashes or visual anomalies, it does not cause virtual memory warnings or excessive RAM usage.

A slow internet connection is incorrect because network speed has no connection to RAM allocation or virtual memory management. Slow internet affects downloads and web performance, not system memory. A memory leak is the most plausible explanation given the symptoms.

Question 70

A technician wants to ensure that a Windows workstation automatically receives security patches without user intervention. Which setting should be configured?

A) Automatic Windows Updates
B) Disk Defragmentation
C) System Restore
D) File History

Answer: A) Automatic Windows Updates

Explanation:

Answer: A) Automatic Windows Updates is correct because it ensures the system downloads and installs security patches, feature updates, and critical fixes without requiring user action. Configuring Windows Updates to run automatically protects the system from known vulnerabilities, malware exploits, and security flaws addressed by Microsoft. Automatic updates help maintain system stability and security consistency across all devices in a network environment. The technician can configure update schedules, active hours, restart policies, and behavior for optional updates. Ensuring that updates occur automatically reduces the risk that users will delay or ignore important patches.

Disk Defragmentation is incorrect because it improves hard drive performance by reorganizing fragmented data, but does not install security updates.

System Restore is incorrect because it creates restore points to revert the system to previous states. It does not apply security patches or updates.

File History is incorrect because it backs up user files. While important for data preservation, it does not protect the operating system from emerging security threats. Automatic Windows Updates is the correct setting to enable.

Question 71

A technician needs to configure a Windows device so that only approved applications can run, while preventing users from installing or executing unverified software. Which feature provides this type of restriction?

A) AppLocker
B) Windows Defender Firewall
C) Disk Management
D) File History

Answer: A) AppLocker

Explanation:

AppLocker is the correct answer because it provides powerful policy-based control over which applications are allowed to run on a Windows system. When properly configured, it enables administrators to approve specific executable files, scripts, packaged applications, and installers. This prevents users from downloading or launching unapproved software, creating a controlled and predictable environment that is especially valuable in business or educational settings. AppLocker operates through rules that can be based on file attributes such as publisher, path, or file hash, ensuring that applications cannot run without explicit authorization. This tool helps mitigate risks associated with malware, unauthorized software installations, and violations of organizational policy. It is included with certain editions of Windows and integrates with Group Policy to allow centralized management. In environments where security and compliance are priorities, AppLocker helps ensure that only known, trusted applications run, thereby reducing vulnerabilities and minimizing exposure to threats associated with unknown or malicious software.

Windows Defender Firewall is not the correct choice because it focuses on controlling network traffic rather than restricting application execution. Although it can block programs from communicating through the network, it does not prevent them from running locally. Disk Management is also not correct since its purpose is related to the administration of disks and partitions, not limitations on application execution. It allows technicians to format drives, assign drive letters, and manage volumes, but it has nothing to do with preventing users from launching software. File History is designed for backup and versioning of files, enabling users to restore older versions of personal documents. While valuable for data recovery, it does not impose restrictions on what applications may run. AppLocker is clearly the feature that provides fine-grained control over application execution, making it the appropriate answer.

AppLocker goes beyond simple application blocking by offering multiple types of rules. Executable rules control traditional applications. Windows Installer rules control software installed through MSI or MSP packages. Script rules address scripts written in languages such as PowerShell or VBScript. Packaged app rules govern modern Windows Store applications. With this layer of sophistication, a technician can tailor application control to specific organizational needs. AppLocker integrates with audit mode, allowing administrators to test rules before enforcing them. This helps identify potential conflicts or impacts on user productivity without immediately blocking applications. If a rule prevents critical software from launching, auditing makes it easier to spot and correct the issue before it affects the organization.

In contrast, Windows Defender Firewall enhances network defense but cannot identify whether an application should be allowed to run. An application might be allowed through the firewall but still cause system issues if not properly vetted. Disk Management performs operations that are essential for storage administration, but does not contribute to security beyond organizing data. File History protects personal data but offers no capability to restrict or govern application execution. AppLocker stands apart because it directly targets the problem described in the question: preventing unauthorized or unverified applications from running. Its rule-based structure, integration with enterprise tools, and ability to enforce software restrictions make it the best mechanism for controlling what software users can run on a Windows device.

Question 72

A user needs to run an older business application that is incompatible with Windows 10. The software previously worked on Windows XP. Which Windows feature allows the user to run the legacy program successfully?

A) Compatibility Mode
B) Device Manager
C) Windows Update
D) Event Viewer

Answer: A) Compatibility Mode

Explanation:

Compatibility Mode is correct because it allows Windows to emulate certain behaviors of earlier versions of the operating system, helping to support older applications that may not function correctly under modern conditions. This feature enables users to modify program properties so that the application runs as if it were operating on an earlier Windows version. Through these settings, the system can adjust how it handles file structure, permissions, display scaling, and legacy APIs. Many older programs depend on functions or interface elements that have been removed or replaced in newer Windows versions. Compatibility Mode gives these applications a better chance of running successfully by creating an environment that mimics the one for which they were originally designed. It also offers additional options such as reduced color modes, administrative privilege elevation, and DPI adjustments for programs that expect outdated graphic handling methods.

Device Manager does not solve this type of compatibility issue. Its purpose is to manage hardware devices and drivers rather than legacy applications. While driver problems can cause software malfunction, Device Manager cannot emulate older operating system behavior. Windows Update is intended for delivering patches, updates, and security improvements. Although keeping a system up to date is essential, updates do not guarantee compatibility with older programs. Event Viewer is used for system and application logging, helping technicians diagnose errors after they occur, but it does not provide a mechanism to make older programs run on the system. Compatibility Mode is specifically designed to help run legacy software, making it the correct option.

Compatibility Mode also includes a troubleshooting wizard that attempts to detect the settings needed for older programs. This wizard analyzes the software and its behavior, checking for common compatibility obstacles such as deprecated system calls, improper privilege requirements, or older display formats. Users can test recommended settings and confirm whether the application runs properly. If additional adjustments are needed, advanced settings allow manual overrides. Some older applications require execution as an administrator due to outdated design assumptions. Compatibility Mode makes it easy to force this behavior without altering account policies. Additionally, compatibility profiles can be assigned to shortcuts, ensuring that the application always launches with the correct settings.

Device Manager, while essential for resolving hardware conflicts, does not replicate software environments from older Windows versions. Windows Update provides important patches, but cannot retroactively add support for outdated software. Event Viewer could reveal errors caused by incompatible software, but it cannot resolve them. Only Compatibility Mode enables users to recreate aspects of Windows XP or other past versions, making it the appropriate tool for ensuring that the legacy application runs. Its flexibility in adjusting older programs to function smoothly under Windows 10 confirms that it best meets the user’s needs.

Question 73

A technician needs to prevent unauthorized wireless devices from connecting to a company’s Wi-Fi network. Which security measure should be implemented to accomplish this?

A) MAC filtering
B) Port forwarding
C) QoS
D) WPS

Answer: A) MAC filtering

Explanation:

MAC filtering is correct because it provides a way to control which devices can connect to a wireless network based on their unique hardware identifiers, known as MAC addresses. A technician can configure the wireless router or access point to accept connections only from approved MAC addresses. This creates a whitelist that blocks all devices not explicitly authorized. While not an absolute security measure, because MAC addresses can be spoofed by advanced attackers, it is still a valuable layer of wireless access control. It helps reduce unauthorized connections, limits unknown devices, and ensures that only recognized devices belonging to employees or approved guests gain network access. In conjunction with other security measures, MAC filtering increases the difficulty for unauthorized users to join the network covertly.

Port forwarding is incorrect because its function is unrelated to wireless authentication. It is used for directing external network traffic to specific internal devices, typically for hosting services or applications. QoS, or Quality of Service, prioritizes network traffic, ensuring that critical applications receive appropriate bandwidth. It does not authenticate devices or prevent connections. WPS allows quick wireless setup but is known for security vulnerabilities and should not be used to restrict network access. MAC filtering stands out because it directly addresses the need to prevent unauthorized wireless devices from connecting.
MAC filtering functions by checking each device attempting to connect. When a connection request is made, the router reads the MAC address included in the request. If it appears in the whitelist, the connection proceeds. If not, the device is blocked. This is a simple but effective method in small and medium environments where device inventories are manageable. Although it should not be relied upon as a sole security method, it forms part of a multi-layered security approach that also includes strong encryption, secure authentication methods, and periodic review of authorized devices.

Port forwarding plays no role in this process. It affects how incoming external traffic is handled, not whether a device can join the Wi-Fi network. QoS ensures bandwidth allocation but does not control access. WPS simplifies the device connection process but weakens security, making it unsuitable for restricting devices. MAC filtering is the only measure listed that prevents unauthorized wireless devices from connecting to the network. When combined with WPA2 or WPA3 security, strong passphrases, and regular network monitoring, it contributes substantially to securing a wireless environment.

Question 74

A technician is investigating a Windows system that frequently crashes after new software was installed. The user reports that the crashes occur only when the new program is running. The technician wants to determine whether the program is causing instability by examining system-level crash reports and detailed logs. Which tool should be used?

A) Reliability Monitor
B) Task Manager
C) Disk Cleanup
D) Windows Update

Answer: A) Reliability Monitor

Explanation:

Reliability Monitor is the correct answer because it provides an organized, chronological view of system stability events, including application failures, hardware failures, driver crashes, Windows errors, and warnings. This tool allows technicians to analyze the stability index over time, giving a clear picture of when system issues began. When new software is installed and begins to cause crashes or malfunctions, Reliability Monitor will record the application failures tied to that program and link them to overall system stability. A technician can select days on the stability timeline to examine specific failures, making it easier to identify patterns such as repeated crashes associated with a particular executable. This kind of correlation is essential when diagnosing newly installed software that destabilizes the system. Reliability Monitor also captures detailed technical information about failures, such as faulting application version, faulting module, and exception codes, which help technicians better understand the root cause. These logs assist not only in confirming whether the software is responsible, but also in determining whether updates or patches for the software may be needed.

Task Manager is not the correct tool for this scenario because its primary function is to monitor system resource utilization and manage running processes. While it can show when a program consumes excessive CPU or memory, it does not record long-term crash history or compile stability trends. It is useful for real-time analysis but not for historical crash investigation. Disk Cleanup is unrelated to system crashes. It is designed to remove temporary files, system caches, and other unnecessary data to free storage space. Removing clutter may improve performance, but it does not help identify instability caused by a specific program. Windows Update provides patches and updates but does not track crashes or provide analysis of system stability; it only manages updates. Reliability Monitor stands out because it connects system instability directly to software failures over time, making it useful for diagnosing problems that appear after installing new applications.

Reliability Monitor is designed to help technicians understand the context in which failures occur. When an application repeatedly crashes, Reliability Monitor logs the time, details, and impact of each crash. It also provides action links that allow the technician to explore technical reports or access solutions when available. This level of detail is important for determining whether software conflicts exist, whether a driver interacts poorly with the new program, or whether system updates are necessary to resolve the issue. The stability index is another helpful feature because it visually displays how stable the system has been. A sudden drop in the stability score immediately after a new installation strongly indicates that the software contributes to the instability. This evidence-based approach saves time by allowing technicians to focus on specific applications rather than troubleshooting unrelated components.

Task Manager has no historical logging capability. It may show a program that becomes unresponsive, but once the program closes, the technician loses valuable diagnostic information. Disk Cleanup provides general maintenance functions but plays no role in determining why the system crashes. Windows Update may supply security patches or driver updates, but it cannot examine system logs or provide a timeline of errors. Only Reliability Monitor brings together event information, application failures, and system stability into a single view that directly addresses the technician’s goal of determining whether the new program is the cause of system crashes. For this reason, it is the most appropriate tool in this scenario.

Question 75

A company wants to ensure that all laptops assigned to employees can still be tracked and secured if they are lost or stolen. The organization needs a solution that allows remote wiping of data, GPS-based device tracking, and enforcement of security configurations. Which technology should the company implement?

A) Mobile Device Management
B) Disk Defragmentation
C) Local Group Policy
D) Task Scheduler

Answer: A) Mobile Device Management

Explanation:

Mobile Device Management is the correct answer because it allows organizations to control, track, secure, and configure mobile and portable devices remotely. This includes laptops, smartphones, and tablets. With Mobile Device Management, administrators can push policies, enforce encryption, configure security settings, and mandate password complexity. One of the most important capabilities is the ability to remotely wipe a lost or stolen device. This prevents unauthorized individuals from accessing sensitive corporate data even if they physically possess the device. MDM solutions also commonly include GPS tracking capabilities, allowing administrators to locate devices geographically. This is essential for recovering lost equipment or determining whether a stolen device can be retrieved. MDM tools integrate with authentication systems and enterprise applications, giving administrators detailed control over device access and the ability to decommission devices when employees leave the company.

Disk Defragmentation is not the correct answer because its purpose is to reorganize fragmented data on a hard drive to improve performance. While it is a useful maintenance tool for mechanical hard drives, it has no security function and cannot track or remotely wipe devices. Local Group Policy allows configuration of user and system settings on Windows machines, but it applies only to devices that are physically accessible or connected to the internal network. It does not offer remote wiping or GPS tracking and cannot manage devices outside the corporate environment. Task Scheduler automates tasks and scripts but does not provide device tracking, remote security enforcement, or remote wiping capabilities. Mobile Device Management stands out because it addresses all requirements in question: tracking, remote wiping, and enforcement of security configurations.

Mobile Device Management platforms offer far more than simple device tracking. They allow administrators to manage endpoint security holistically. For example, MDM can enforce full-disk encryption to ensure data remains protected even if a device’s storage is removed. It can require VPN settings for secure communication, deploy antivirus policies, and install corporate applications remotely. If an employee misplaces a laptop, the administrator can check the last known GPS location, lock the device instantly, or initiate a selective wipe that removes business data while leaving personal files intact. Many MDM systems also integrate with identity management tools, enabling multi-factor authentication and preventing unauthorized logins. These capabilities give organizations confidence that their mobile devices remain secure, compliant, and manageable regardless of where employees travel.

Disk Defragmentation has no enterprise-security features and cannot help organizations protect devices or data. Local Group Policy applies only to Windows devices within the local domain environment and does not support remote tracking or remote wiping beyond the local network. Task Scheduler runs automated tasks but cannot enforce corporate security controls or remotely protect devices. Only Mobile Device Management offers the comprehensive security, tracking, and remote control that organizations require to protect employee laptops. For companies concerned about lost or stolen devices, MDM provides the most complete and effective solution available.