An incident report documents key details such as the cause of the outage, steps taken to resolve it, and measures to prevent recurrence. It is a post-mortem analysis often shared with stakeholders to improve future response.
According to the Quentin Docter - CompTIA A+ Complete Study Guide:
"An incident report provides a summary of an event that disrupted normal operations and includes a timeline of what occurred, how the issue was diagnosed and fixed, and who was involved in the resolution".
This is reaffirmed in Travis Everett's All-in-One Guide:
"Documentation after an incident helps technical teams and management review the situation and learn from it. This is formalized in an incident report".

The correct answers are E. Set the view extensions to " on " and F. Check the box to view hidden files, because folders located in the root directory are often hidden or protected system folders by default in Windows operating systems. Windows hides certain files and folders to prevent accidental modification or deletion, especially those critical to system functionality.
According to the Quentin Docter - CompTIA A+ Complete Study Guide, File Explorer includes view options that control whether hidden files, protected operating system files, and file extensions are visible. If these options are disabled, users will not see many system-level folders, even when browsing the root of the drive (such as C:\).
The Travis Everett & Andrew Hutz - CompTIA A+ All-in-One Exam Guide explains that enabling "Show hidden files, folders, and drives" allows technicians to view directories that are normally concealed, such as configuration or application folders. Additionally, turning on file name extensions helps identify system folders and files more accurately, especially when troubleshooting or guiding users remotely.
The Mike Meyers / Mark Soper Lab Manual reinforces that simply opening File Explorer or adjusting display resolution does not affect file visibility. The correct fix is to modify File Explorer view settings, specifically enabling hidden items and file extensions.
Therefore, enabling hidden files and file extensions is required, making E and F the correct answers.

The correct answer is A. Perform a factory reset, because the symptoms strongly indicate a serious mobile malware infection, potentially including spyware or a trojan installed from an unofficial app store. Random pop-ups, excessive data usage, blocked access to banking apps, and inability to update the OS are classic indicators that malicious software has gained deep system-level access.
According to the Quentin Docter - CompTIA A+ Complete Study Guide, mobile malware installed from unofficial sources can embed itself deeply into the operating system, sometimes gaining device administrator privileges. In such cases, standard remediation steps such as clearing cache or uninstalling apps may be ineffective.
The Travis Everett & Andrew Hutz - All-in-One Exam Guide explains that when a mobile device shows signs of persistent compromise-especially when core OS functions and security-sensitive applications are affected-the recommended first step is to perform a factory reset. This completely wipes user-installed applications and restores the device to a known-good state.
The Mike Meyers / Mark Soper Lab Manual reinforces that changing passwords is important after the device is secured, not before. Contacting support or clearing cache does not remove deeply embedded malware.
Therefore, to immediately address the security threat and regain control of the device, a factory reset is the most appropriate first action, making A the correct answer.

NET Framework versions are often required for applications to run. If an older app requires .NET Framework
3.5, it must be explicitly installed as it is not included by default in newer versions of Windows. The best method to do this safely is through the built-in " Turn Windows features on or off " utility, which downloads and installs it via official Microsoft services.
B). Using third-party repositories is unsafe and not recommended.
C). Installing .NET 4 does not include 3.5; versions are not fully backward compatible.
D). The issue is technical, not a security incident for the SOC team.
Reference:
CompTIA A+ 220-1102 Objective 3.3: Troubleshoot common software, application, and OS security issues.
Study Guide Section: Managing application dependencies (e.g., .NET Framework, Java)

The correct answer is C. Browser policy, because the listed requirements apply specifically to browser-level behavior and settings, not general network traffic or system-wide configuration. Browser policies allow administrators to centrally control how browsers behave on managed systems.
The Quentin Docter - CompTIA A+ Complete Study Guide explains that modern browsers support administrative templates or policies that govern password storage, trusted sites, security levels, history handling, and URL restrictions. These policies ensure consistent behavior across all user systems without relying on manual configuration.
The Travis Everett & Andrew Hutz - All-in-One Exam Guide clarifies that while Group Policy can deploy browser policies, the object being configured is still the browser itself. The question asks what is best to configure, not how it is delivered. Browser policies directly control password management, trusted URLs, and security zones.
The Mike Meyers / Mark Soper Lab Manual further notes that web proxies and gateways filter traffic at the network level and cannot control local browser features such as password storage or history retention.
Because every listed requirement is a browser-specific control, the most accurate and targeted solution is Browser policy, making C the correct answer.