If the PC can ping the domain controller by IP , basic connectivity exists. Domain join, however, depends heavily on name resolution (finding the domain and locating domain services), so incorrect DNS is the most likely cause. Mike Meyers explains a key diagnostic pattern: when you ping a URL/name and get “could not find host,” the system “can’t get an IP address for that Web site,” which “points to a DNS failure.” This same logic applies to domains: if the client can reach the DC by IP but can’t properly resolve domain names/services, the join fails.
Quentin Docter reinforces that one of the “key things” for TCP/IP to work effectively is that “a hostname must resolve to an IP address—an action usually performed by a DNS server,” and he highlights nslookup as a tool to verify DNS server entries.
Firewall issues could block some traffic, but the clue “ping by IP works” points away from total network blockage. IPv6 enabled is normal, and “not connected” contradicts successful ping. Therefore, DNS settings are incorrect (A) .
Question 22
Why would a network engineering team provide a help desk technician with IP addresses for a wired network segment?
Options:
A.
Only specific DNS servers are allowed outbound.
B.
The network allow list is set to a specific address.
C.
DHCP is not enabled for this subnet.
D.
NAC servers only allow security updates to be installed.
Answer:
C
Explanation:
When DHCP isn’t enabled, static IPs must be assigned manually, so the engineering team provides the IP details.
From Travis Everett – All-in-One Exam Guide :
“If DHCP is unavailable, technicians need the static IP configuration to connect devices to the network.” .
Question 23
Options:
A.
Folder permissions
B.
Outdated definitions
C.
Port security not enabled
D.
User account permissions
Answer:
B
Explanation:
Antivirus/antimalware detection depends heavily on its definitions/signatures . If those are outdated, new malware variants may not be recognized. Quentin Docter explains that the “definitions database” is a core antivirus component and that its effectiveness depends on “the frequency of updates and the comprehensiveness of the database signatures.” He adds that new signatures are discovered frequently and added to the database, meaning stale definitions leave gaps.
Docter is also explicit that security software “is not perfect” and that malware may get around it, “especially a new threat (and especially if you haven’t updated your definitions lately).” That statement directly matches this scenario: the software exists, but it failed to detect the infection—most likely because the detection data wasn’t current.
The other answers don’t fit as well: folder permissions and user permissions can limit what malware can change, but they don’t explain why security software didn’t detect it . Port security relates to network access control, not local signature detection. Therefore, Outdated definitions (B) is the best explanation.
Question 24
Which of the following prevents forced entry into a building?
Options:
A.
PIV card
B.
Motion-activated lighting
C.
Video surveillance
D.
Bollard
Answer:
D
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
A bollard is a sturdy physical barrier—often a steel or concrete post—designed to prevent vehicles or unauthorized individuals from ramming into or entering secure areas of a building. It provides physical security and is commonly used outside entrances to prevent forced entry.
A. PIV (Personal Identity Verification) cards are used for identity access control, not physical blocking.
B. Motion lighting may deter activity but doesn’t physically prevent entry.
C. Surveillance records activity but cannot stop a forced entry.
[Reference:, CompTIA A+ 220-1102 Objective 2.4: Compare and contrast physical security measures., Study Guide Section: Physical security devices — barriers, bollards, and deterrents, , ]
