Study CompTIA 220-1202 Windows App, Startup, and Security Symptoms: key concepts, common traps, and exam decision cues.
Software-troubleshooting questions on Core 2 are mostly classification questions. The exam wants you to identify whether the symptom belongs to boot, startup, profile, application, service, or security compromise before you pick a fix.
BSOD: Blue screen of death, the Windows stop-error state that usually signals a serious driver, hardware, or kernel-level problem.
Slow profile load: A sign-in process that reaches the user environment but takes unusually long, which usually points to profile, policy, or startup behavior rather than “no boot.”
The exam usually wants you to:
| Symptom | Strongest first lane |
|---|---|
| no OS found or immediate startup failure | boot chain, storage, partition, or recovery environment |
| sign-in works but desktop is unstable after logon | startup item, profile, service, or recent update |
| one app crashes while the rest of Windows behaves normally | application, dependency, compatibility, or profile |
| services fail to start | service state, dependency, permissions, or update side effects |
| false antivirus alerts, redirects, random pop-ups, or certificate warnings | browser compromise or security issue, not just “a buggy app” |
| time drift or policy oddities on managed devices | domain, sync, policy, or reachability path |
| If the question says the problem started after… | Better first move |
|---|---|
| a new update or driver | rollback, uninstall, Safe Mode, or targeted repair |
| a new app install | remove or isolate the app before deeper OS repair |
| suspicious browsing or downloads | treat it as a security symptom set first |
| profile migration or new sign-in setup | profile, policy, sync, or permissions lane |
| If you see… | Read it as… |
|---|---|
| one application failing to launch or crashing | app or dependency issue first |
| random redirects, pop-ups, and degraded browser performance | possible compromise, PUP, or malicious browser state |
| false alerts about antivirus protection | security symptom, not just a cosmetic pop-up |
| missing or renamed files | possible malicious alteration or ransomware path |
flowchart TD
A["Classify the symptom"] --> B["Check what changed"]
B --> C["Test the smallest reversible fix"]
C --> D["Use logs, services, startup, or Safe Mode evidence"]
D --> E["Escalate to repair, restore, or rollback if needed"]
E --> F["Reset or rebuild only when the narrower path is not enough"]
| Trap | Better reading |
|---|---|
| treating every crash as an OS reinstall case | isolate whether the issue is app, service, profile, update, or security first |
| using System Restore for a single-app problem with no system-state evidence | stay narrower if the symptom is still contained |
| ignoring security cues because the browser still opens | Core 2 often hides compromise inside “software issue” language |
| using boot tools for problems that happen after normal sign-in | use startup, service, or profile tools first |
A user signs in successfully, but the browser redirects constantly and displays certificate warnings after installing a free utility from an unknown source. Which answer best fits Core 2?
Correct answer: A. The prompt contains compromise clues: redirects, certificate warnings, and an untrusted application source. Core 2 expects you to separate security symptoms from ordinary app instability.