Study CompTIA 220-1202 Secure Wireless and SOHO Practices: key concepts, common traps, and exam decision cues.
Security questions on Core 2 also extend beyond the Windows desktop. CompTIA expects you to secure small-office routers, browsers, wireless access, mobile devices, and retired media without turning every problem into enterprise security theory.
WPA3: The newer Wi-Fi protection standard that improves wireless security over older options such as WPA2 with weaker legacy compatibility modes.
MDM: Mobile device management, the policy and configuration layer used to secure and manage mobile devices at scale.
The exam usually wants you to:
| If the question says… | Strongest first reading |
|---|---|
| modern secure Wi-Fi with supported clients | prefer stronger current encryption and protocol choices |
| older legacy device must still connect | security may weaken for compatibility, so read the trade-off carefully |
| enterprise-style authentication | think RADIUS, Kerberos, directory-backed identity, or MFA |
| suspicious nearby AP or impersonated wireless network | evil twin or spoofed wireless environment |
| SOHO setting | Strong answer usually does |
|---|---|
| default credentials | changes them immediately |
| old firmware | updates it |
| unused services or ports | disables them |
| guest network need | isolates it cleanly |
| management access | secures it and restricts exposure |
| UPnP or broad port forwarding | treats it as a risk unless the prompt explicitly justifies it |
| Browser clue | Strongest first reading |
|---|---|
| add-on or extension from an unknown source | trust boundary problem, not just “a browser setting” |
| persistent pop-ups or redirection | extension, malicious site, compromise, or unsafe browser state |
| certificate warnings | secure-connection trust problem, not something to ignore casually |
| stored credentials or sync issue | password manager, sign-in sync, or profile state |
| Mobile-device security cue | Strong answer usually does |
|---|---|
| lost or stolen corporate device | remote locate, lock, wipe, and policy enforcement if supported |
| BYOD vs corporate-owned policy difference | respects profile and management boundaries |
| repeated failed logins or casual sharing risk | uses lockout, encryption, and strong screen-lock controls |
| mobile app from unofficial source | reads it as a real security risk, not as a harmless shortcut |
| patch lag | updates OS and apps rather than tolerating drift |
| Situation | Strongest first reading |
|---|---|
| highly sensitive or regulated data on failed media | physical destruction may be the strongest fit |
| repurposing a device internally | wipe or erase appropriately before reuse |
| third-party disposal vendor | certification of destruction and compliance still matter |
| regulatory or environmental language in the stem | disposal method must satisfy more than just convenience |
| Trap | Better reading |
|---|---|
| assuming “disable SSID broadcast” is enough security | encryption, authentication, and segmentation matter more |
| installing browser add-ons from anywhere | trust source and extension risk still matter |
| treating mobile convenience as more important than policy | MDM, encryption, remote wipe, and profile controls exist for a reason |
| reusing or recycling storage with no verified wipe | disposal must match the data sensitivity |
A small office wants guest Wi-Fi, remote management for the router, and a quick fix for employees who forget passwords. Which answer best fits Core 2?
Correct answer: B. Core 2 favors practical hardening: segmented guest access, secured router management, and ordinary endpoint protection.