2.7 Given a scenario, apply workstation security options and hardening techniques.
📘CompTIA A+ Core 2 (220-1202)
End-user best practices are basic security habits that every user must follow to help protect computers, data, and networks.
Most security incidents happen because of user mistakes, not system failures.
For the exam, you must understand what each practice is, why it is important, and how it helps secure a workstation.
1. Use Screensaver Locks
A screensaver lock automatically locks the computer screen after a short period of inactivity.
What it does
- Requires the user to enter a password, PIN, or biometric to unlock the screen
- Prevents unauthorized access when the user is away
Why it is important
- Stops other people from accessing the system when the user is not present
- Protects:
- Open files
- Logged-in sessions
- Company data
- User accounts
Key exam points
- Screensaver locks are a basic workstation security control
- They should activate automatically after a short idle time
- Unlocking the screen should require authentication
- Often enforced using Group Policy in business environments
2. Log Off When Not in Use
Logging off completely ends the user’s session.
What logging off does
- Closes all running applications
- Clears user credentials from memory
- Ends access to network resources
Why logging off is important
- Prevents someone else from using the system under the same account
- Reduces the risk of:
- Unauthorized access
- Data modification
- Credential misuse
Difference between locking and logging off
| Action | What it does |
|---|---|
| Lock | Keeps apps running, requires password to return |
| Log off | Ends session completely |
Key exam points
- Logging off is more secure than just locking the screen
- Especially important on:
- Shared computers
- Public or office workstations
- Often required by company security policies
3. Secure and Protect Critical Hardware (e.g., Laptops)
Critical hardware includes devices that store or access sensitive data.
Examples of critical hardware
- Laptops
- Tablets
- External hard drives
- USB storage devices
Why hardware security is important
- Portable devices are easy to:
- Steal
- Lose
- Access without permission
Common hardware protection methods
- Physical locks (cable locks)
- Locked cabinets or secure rooms
- Asset tagging
- Keeping devices under supervision
- Enabling full-disk encryption
Key exam points
- Laptops are high-risk devices because they are portable
- Hardware security protects both:
- The device itself
- The data stored on it
- Physical security is just as important as software security
4. Secure Personally Identifiable Information (PII) and Passwords
What is PII?
Personally Identifiable Information (PII) is any data that can identify a person.
Examples of PII
- Full name
- Email address
- Phone number
- National ID numbers
- Usernames
- Login credentials
Why PII must be protected
- PII can be used for:
- Identity theft
- Unauthorized access
- Account compromise
Best practices for protecting PII
- Do not share PII unnecessarily
- Store PII in encrypted files or systems
- Limit access to authorized users only
- Never write passwords in plain text
- Do not reuse passwords across systems
Key exam points
- Protecting PII is a legal and security requirement
- Passwords are considered sensitive data
- Users must follow least privilege and data protection policies
5. Use Password Managers
A password manager is software that securely stores and manages passwords.
What a password manager does
- Stores passwords in an encrypted vault
- Generates strong, complex passwords
- Automatically fills login credentials
Why password managers are important
- Users often reuse weak passwords
- Strong passwords are hard to remember
- Password managers solve both problems
Benefits of using a password manager
- Encourages unique passwords for every account
- Reduces password reuse
- Protects passwords with encryption
- Requires only one master password
Key exam points
- Password managers improve password security
- They reduce human error
- They support:
- Complexity
- Uniqueness
- Secure storage
Exam Tips – What CompTIA Wants You to Know
For the 220-1202 exam, remember:
- End-user behavior is a major part of workstation security
- These practices are preventive controls
- Focus on:
- Protecting access
- Protecting data
- Reducing user-caused security risks
- Understand why each practice exists, not just what it does
Summary (Quick Revision)
- Screensaver locks prevent unauthorized access when away
- Logging off ends the user session and increases security
- Critical hardware must be physically protected
- PII and passwords must always be secured
- Password managers help create and store strong passwords safely
