Software Troubleshooting for CompTIA A+

Sample Practice Questions

1. Question 1

   A technician is attempting to join a workstation to a domain but is receiving an error message stating the domain cannot be found. However, the technician is able to ping the server and access the internet. Given the following information: Which of the following should the technician do to fix the issue?
   1. A. Change the DNS settings.
   2. B. Assign a static IP address.
   3. C. Configure a subnet mask.
   4. D. Update the default gateway.
   Explanation

   The correct answer is: A. Change the DNS settings..

   If the workstation can ping the domain controller and reach the internet but cannot find the domain when joining, the underlying network path is fine and the failure is at name resolution, because Active Directory join relies on locating a domain controller via DNS SRV records under _msdcs and _ldap.tcp.dc.msdcs zones. Pointing the client at the correct internal DNS servers, normally the domain controllers themselves rather than a public resolver such as 8.8.8.8 or the ISP's, is the fix that allows the client to discover the LDAP, Kerberos, and global-catalog services it needs. Assigning a static IP address would not help unless the current dynamic address were broken, and the fact that ping and internet access already work proves IP addressing is not the limiting factor. Configuring a subnet mask is unnecessary for the same reason; basic IP connectivity is established. Updating the default gateway is also unhelpful because the gateway is forwarding traffic correctly enough for the workstation to reach external hosts and the corporate server. The methodology directs the technician to identify the layer that is failing, and a domain join error with working IP-layer connectivity points at DNS every time. Once the adapter is configured to use the internal DNS servers and ipconfig /flushdns clears any stale records, the join completes.

2. Question 2

   MFA for a custom web application on a user's smartphone is no longer working. The last time the user remembered it working was before taking a vacation to another country. Which of the following should the technician do FIRST ?
   1. A. Verify the date and time settings.
   2. B. Apply mobile OS patches.
   3. C. Uninstall and reinstall the application.
   4. D. Escalate to the website developer.
   Explanation

   The correct answer is: A. Verify the date and time settings..

   Time-based one-time password MFA tokens are generated from a shared secret combined with the current Unix time in 30-second windows, which means the smartphone clock and the authentication server clock must agree within a small tolerance. When a user travels internationally, the phone may have switched time zones automatically but the underlying clock or daylight-saving offset can drift, especially if the phone was off the cellular network for extended periods or if Set Automatically was toggled, and the resulting skew makes every TOTP code the phone produces appear invalid to the server. Verifying that date, time, time zone, and automatic network time are correct is therefore the cheapest, fastest first check and resolves a very common post-travel MFA failure. Applying mobile OS patches is a heavier action that may help with bugs but is not the first thing to check for a problem clearly tied to a recent trip rather than to a software defect. Uninstalling and reinstalling the application can wipe legitimate enrollment data and force a re-enrollment that may itself be blocked, so it is a later step after simpler causes are excluded. Escalating to the website developer is premature when the technician has not yet verified basic client-side conditions like clock accuracy and connectivity. Following the troubleshooting methodology, the technician confirms the simplest probable cause first and only escalates if the time settings are correct.

3. Question 3

   The screen of a previously working computer repeatedly displays an OS Not Found error message when the computer is started. Only a USB drive, a keyboard, and a mouse are plugged into the computer. Which of the following should a technician do first ?
   1. A. Run data recovery tools on the disk.
   2. B. Partition the disk using the GPT format.
   3. C. Check boot options.
   4. D. Switch from UEFI to BIOS.
   Explanation

   The correct answer is: C. Check boot options..

   A previously working machine that now boots to OS Not Found is almost always failing because firmware is no longer pointing at the correct boot device, and with a USB drive plugged into the system the most common cause is that the BIOS or UEFI is enumerating the USB device first and trying to boot from it rather than from the internal drive. Checking the boot options in firmware lets the technician confirm the boot order, remove or deprioritize the USB entry, ensure the internal SSD or HDD is listed and selected, and verify that secure boot or UEFI/Legacy mode has not been altered. Running data recovery tools on the disk is premature and skips the cheapest fix; the drive is likely fine and recovery utilities should not be invoked until the firmware boot path has been ruled out. Partitioning the disk using GPT is destructive and would wipe an OS that is probably still intact; the symptom does not justify reformatting before checking which device firmware is selecting. Switching from UEFI to BIOS is a guessing-game change that can cause its own boot problems by orphaning a UEFI-installed Windows that depends on EFI System Partition entries, and it is not the first thing to try. Following CompTIA's troubleshooting methodology, the technician identifies the simplest plausible cause first; after asking the user to remove the USB drive or correcting the boot order in firmware, the system should boot normally.

4. Question 4

   A user reports some single sign-on errors to a help desk technician. Currently, the user is able to sign in to the company's application portal but cannot access a specific SaaS-based tool. Which of the following would the technician most likely suggest as a next step?
   1. A. Reenroll the user's mobile device to be used as an MFA token.
   2. B. Use a private browsing window to avoid local session conflicts.
   3. C. Bypass single sign-on by directly authenticating to the application.
   4. D. Reset the device being used to factory defaults.
   Explanation

   The correct answer is: B. Use a private browsing window to avoid local session conflicts..

   Single sign-on issues where the user can reach the portal but a specific SaaS tool fails are often caused by a cached, stale, or conflicting browser session bound to a previous SAML or OIDC assertion, expired tokens, or cookies referencing the wrong tenant. The fastest, lowest-risk way to test that theory is to use a private browsing window, which starts with no cached cookies, no service worker state, and no logged-in sessions, and then attempt the SAML or OIDC redirect afresh. If the SaaS tool now works, the diagnosis is a local session conflict and the fix is to clear the relevant cookies in the regular profile. That is why a private window is the correct next suggestion. Re-enrolling the user's mobile device for MFA is heavy and unnecessary, since the user is already past portal authentication, which means their MFA is accepting them; the failure is downstream of MFA at the SaaS app. Bypassing SSO by directly authenticating to the application defeats the entire purpose of single sign-on, may not even be permitted by the SaaS configuration, and is a workaround rather than a diagnostic step. Resetting the device to factory defaults is enormously destructive, throws away the user's data and configuration, and is grossly disproportionate to a session-state problem at one application. The private window step is fast, reversible, and produces evidence.

5. Question 5

   A technician verifies that a malware incident occurred on some computers in a small office. Which of the following should the technician do next?
   1. A. Quarantine the infected systems.
   2. B. Educate the end users.
   3. C. Disable System Restore.
   4. D. Update the anti-malware and scan the computers.
   Explanation

   The correct answer is: A. Quarantine the infected systems..

   CompTIA's seven-step malware removal procedure is explicit about ordering, and once symptoms have been investigated and verified, the very next step is to quarantine the infected systems before any remediation begins. Quarantine isolates the host from the network so it can no longer spread laterally to other endpoints, contact command-and-control servers, or exfiltrate data while the technician works. That is why quarantining the infected systems is the correct next action immediately after confirmation. Educating the end users is the seventh and final step in the procedure and is appropriate at the close of the engagement, not in the middle of an active incident. Disabling System Restore is the third step in the procedure, taken after quarantine, because malicious files can be preserved in restore points and will resurrect if a user restores after cleanup, but the question is asking about the step that comes immediately after verification, which is quarantine. Updating the anti-malware tool and scanning the computers is the fourth step and the actual remediation phase, performed after quarantine and after disabling System Restore. Following the methodology in the documented order, quarantine is the correct second step and the immediate next action, and the rest of the procedure proceeds from there with disable System Restore, remediate, schedule scans and updates, re-enable System Restore with a fresh restore point, and educate the user.

Other CompTIA A+ domains

• Operating Systems (102 questions)
• Operational Procedures (76 questions)
• Security (80 questions)