CompTIA A+ Core 2 (220-1202) - One-Hour Cram Sheet
High-yield facts across all four domains - built for a final review pass
90 questions max
90 minutes
Multiple-choice + performance-based
Scaled 100-900, pass 700
OS 28% · Security 28% · Troubleshooting 23% · Ops 21%
Strategy: Operating Systems + Security = 56% of the exam. Spend most of the hour on command-line tools, Windows utilities, permissions/encryption, malware removal, and symptoms-to-fix troubleshooting.
1. Operating Systems ~28%
OS types, filesystems, and install choices
| Item | Know this |
| Workstation OSs | Windows, Linux, macOS, Chrome OS. |
| Mobile OSs | iOS, iPadOS, Android. |
| NTFS / ReFS | Modern Windows filesystems. NTFS supports permissions, EFS, quotas, compression; ReFS emphasizes resiliency. |
| FAT32 | Broad compatibility; 4 GB max file size; weak security features. |
| exFAT | Flash/removable media; handles files larger than 4 GB; cross-platform. |
| ext4 / XFS | Linux filesystems. |
| APFS | Modern Apple filesystem for macOS/iOS devices. |
- Clean install: wipe/replace OS; cleanest fix but requires backup and reinstall.
- Upgrade / in-place: keeps apps/files when supported; check compatibility first.
- Image deployment: repeatable standardized build; often used for fleets.
- Repair install: fixes OS files while preserving data when possible.
- Recovery partition: vendor restore tools on local disk.
- GPT: modern partition table, UEFI-friendly. MBR: legacy BIOS-era partitioning.
- Before upgrades: back up files/user preferences, verify drivers, apps, hardware, and product life cycle.
Windows editions and account context
- Domain = centralized AD authentication/policy. Workgroup = peer-to-peer local accounts.
- Windows Home lacks key business features such as domain join, Group Policy Editor, BitLocker management, and RDP host.
- Windows Pro/Enterprise are the usual business choices for domain join, RDP host, BitLocker, and policy control.
- N editions omit some media technologies for regulatory markets.
- Windows 11 requires modern hardware such as TPM and UEFI support.
- RDP availability question? Client exists widely; hosting RDP sessions is the business-edition feature.
Windows GUI tools and snap-ins
| Tool | Best use |
| eventvwr.msc | Event Viewer: logs for boot, driver, app, service, security, and crash clues. |
| diskmgmt.msc | Disk Management: partitions, volumes, drive letters, initialize disks. |
| taskschd.msc | Task Scheduler: run actions on time/event triggers. |
| devmgmt.msc | Device Manager: drivers, disabled devices, hardware errors. |
| certmgr.msc | Certificate Manager: user certificate stores. |
| lusrmgr.msc | Local Users and Groups: local account/group management. |
| perfmon.msc | Performance Monitor: counters, trends, bottleneck data. |
| gpedit.msc | Local Group Policy Editor: local policy settings, not usually Home edition. |
| msinfo32 | System Information: hardware, BIOS/UEFI, drivers, environment summary. |
| resmon | Resource Monitor: CPU, memory, disk, network process activity. |
| msconfig | System Configuration: boot options, startup troubleshooting. |
| cleanmgr / dfrgui | Disk Cleanup / Defragment and Optimize Drives. |
| regedit | Registry Editor. Back up/export before changes. |
Windows command line: fastest recall
| Command | Purpose |
| cd / dir | Change directory / list directory contents. |
| ipconfig | View IP config; /all, /release, /renew, /flushdns are common. |
| ping | Basic reachability and latency test. |
| tracert / pathping | Trace route path; pathping adds loss/latency statistics. |
| nslookup | DNS lookup testing. |
| netstat | Open connections/listening ports. |
| net use | Map/list network shares and drives. |
| chkdsk | Filesystem/disk error scan and repair. |
| diskpart | Advanced disk/partition CLI. Be careful: destructive commands exist. |
| format | Format a volume. |
| md / rmdir | Make/remove directories. |
| robocopy | Robust file copy for migrations/backups. |
| sfc | System File Checker; repairs protected Windows system files. |
| gpupdate / gpresult | Refresh policy / report applied policies. |
| hostname / whoami / winver | Computer name / current identity / Windows version. |
Windows networking and settings
- IP config includes IP address, subnet mask, default gateway, and DNS servers.
- Static IP = manually assigned. Dynamic IP = DHCP assigned.
- Public network profile is restrictive. Private network allows discovery/sharing more often.
- VPN creates an encrypted tunnel; proxy forwards web traffic; metered connection restricts background usage.
- Windows Defender Firewall can allow/block apps and ports; check profile-specific rules.
- Network paths use UNC format:
\\server\share. Mapped drives assign a letter to a share.
- Power Options: sleep, hibernate, lid action, fast startup, USB selective suspend.
- File Explorer Options: show hidden files and show/hide file extensions.
macOS and Linux client tools
- macOS app packages:
.dmg disk image, .pkg installer, .app application bundle.
- macOS folders:
/Applications, /Users, /Library, /System, /Users/Library.
- Time Machine = backups. FileVault = disk encryption. Keychain = passwords/certs/keys.
- Spotlight searches; Mission Control manages desktops/windows; Force Quit kills stuck apps.
- Use Disk Utility for disks/volumes and Terminal for CLI.
- Linux files:
/etc/passwd users, /etc/shadow password hashes, /etc/hosts local names, /etc/fstab mounts, /etc/resolv.conf DNS.
- File commands:
ls, pwd, mv, cp, rm, chmod, chown, grep, find.
- Admin/package:
su, sudo, apt, dnf.
- Network/info:
ip, ping, curl, dig, traceroute, man, top, ps, du, df.
- systemd manages services; kernel is the OS core; bootloader starts the OS.
Applications and cloud productivity
- Check 32-bit vs. 64-bit, OS compatibility, CPU/RAM/storage, VRAM/GPU, external hardware tokens, and driver dependencies.
- Distribution methods: physical media, mountable ISO, downloadable package, and image deployment.
- Consider impact to device performance, network bandwidth, business operations, and support burden.
- Cloud productivity: email, storage/sync folders, spreadsheets, videoconferencing, presentations, word processing, and instant messaging.
- Identity synchronization connects local/cloud identities; licensing assignment controls who can use paid cloud services.
2. Security ~28%
Physical, access, and logical controls
| Control | Purpose / clue |
| Bollards / fences / guards | Physical perimeter protection; stop vehicles or unauthorized entry. |
| Access control vestibule | One-person controlled entry area; formerly called a mantrap. |
| Badge reader / key fob / smart card | Possession-based access control. |
| Biometrics | Retina, fingerprint, palm, facial, or voice recognition; "something you are." |
| Video surveillance / alarms / sensors | Detect, deter, and provide evidence. |
| Least privilege | Give users only the access required to do the job. |
| Zero Trust | Never implicitly trust; continuously verify identity, device, and context. |
| ACL | Rule list that allows/denies access to objects or traffic. |
| MFA | Two or more factor categories: know, have, are, location/behavior. |
| SSO / SAML | Single login across apps; SAML passes authentication assertions. |
| PAM / JIT access | Limit privileged access and grant it only when needed. |
| MDM / DLP / IAM | Manage mobile devices, prevent data leakage, and control identities/access. |
Windows security settings
- Defender Antivirus: activate/deactivate, update definitions, scan for malware.
- Firewall: enable/disable, configure application and port rules.
- Standard user for daily work; administrator for system changes; disable Guest.
- Windows Hello: PIN, fingerprint, facial recognition, passwordless options.
- Run as administrator elevates one app. UAC prompts before elevated changes.
- NTFS permissions apply locally and over network. Share permissions apply only through network shares. Most restrictive effective permission wins.
- Inheritance flows parent folder permissions to child objects unless blocked.
- BitLocker encrypts full drives; BitLocker To Go encrypts removable drives; EFS encrypts individual files/folders.
- Active Directory tasks: join domain, apply Group Policy, assign logon scripts/home folders, move OUs, select security groups, configure folder redirection.
Wireless security and authentication
| Item | Know this |
| WPA2 | Modern baseline wireless security; use AES when possible. |
| WPA3 | Newer/stronger wireless security. |
| TKIP | Legacy WPA encryption; avoid when AES is available. |
| AES | Preferred strong encryption for Wi-Fi. |
| RADIUS | Centralized authentication common with 802.1X enterprise Wi-Fi. |
| TACACS+ | AAA often used for network device administration. |
| Kerberos | Ticket-based authentication common in Windows domains. |
Malware, social engineering, and threats
- Trojan: malware disguised as useful software.
- Rootkit: hides deeply and may alter OS/kernel behavior.
- Virus: attaches to files/programs and spreads when executed.
- Spyware/keylogger/stalkerware: monitors user activity or keystrokes.
- Ransomware: encrypts/blocks data and demands payment.
- Boot sector virus: infects startup area.
- Cryptominer: steals CPU/GPU cycles.
- Fileless malware: runs in memory/legitimate tools; harder to find.
- Adware/PUP: unwanted ads or bundled software.
- Phishing: deceptive message. Vishing: voice. Smishing: SMS. QR phishing: malicious QR.
- Spear phishing targets a person/group. Whaling targets executives.
- Tailgating: following into a secure area. Shoulder surfing: watching secrets being entered.
- Evil twin: rogue Wi-Fi AP that imitates a real one.
- On-path attack: attacker intercepts traffic between parties.
- Brute force tries all options; dictionary uses wordlists.
- SQL injection / XSS: input validation web app attacks.
- BEC: business email compromise. Supply chain: compromise through vendor/pipeline.
- Vulnerabilities: unpatched, unprotected, non-compliant, EOL systems, and unmanaged BYOD.
Detection/removal tools include recovery console, EDR, MDR, XDR, antivirus, anti-malware, email security gateways, software firewalls, user education, and OS reinstall/reimage when needed.
SOHO malware removal process (memorize order)
- Investigate and verify malware symptoms.
- Quarantine infected system.
- Disable System Restore in Windows Home.
- Remediate infected systems.
- Update anti-malware software.
- Use scan/removal techniques such as Safe Mode or preinstallation environment.
- Reimage/reinstall if necessary.
- Schedule scans and run updates.
- Enable System Restore and create a restore point in Windows Home.
- Educate the end user.
Hardening, mobile security, and data destruction
- Use data-at-rest encryption, BIOS/UEFI passwords, screen locks, password managers, account lockout, timeout/screen lock, and restricted user permissions.
- Disable Guest, unused services, and AutoRun; change default administrator passwords.
- Password quality: length, character variety, uniqueness, complexity, and appropriate expiration policy.
- Mobile: encryption, screen locks, OS/app updates, endpoint security, locator apps, remote wipe, remote backup, failed-login restrictions, MDM profiles.
- BYOD gives flexibility; corporate-owned devices give stronger control.
| Destruction method | Best clue |
| Drilling / shredding / incineration | Physical destruction of media. |
| Degaussing | Magnetic destruction for HDD/tape; not useful for SSDs. |
| Erasing/wiping | Overwrite/sanitize before reuse or recycling. |
| Standard formatting | Not secure by itself. |
| Certificate of destruction | Proof from a third-party disposal vendor. |
SOHO network and browser security
- Router basics: change default password, update firmware, use secure management access, place device physically securely.
- Disable unused ports and risky services; be cautious with UPnP and port forwarding.
- Wireless: change SSID, use WPA2/WPA3 with AES, configure guest access, understand SSID broadcast hiding is not real security.
- Screened subnet isolates public-facing services from the internal LAN.
- Browser: install from trusted sources, check hashes when provided, patch regularly, and only use trusted extensions/plugins.
- Use valid certificates/HTTPS, password managers, pop-up blockers, private browsing, cache/data clearing, ad blockers, proxy settings, and secure DNS where appropriate.
3. Software Troubleshooting ~23%
Windows symptom - likely cause / first move
| Symptom | Think / do first |
| BSOD after driver or update | Boot Safe Mode/recovery, roll back driver/update, check Event Viewer and dump clues. |
| Degraded performance | Task Manager/Resource Monitor: CPU, RAM, disk, startup apps, malware, low storage. |
| Boot issues / No OS found | Boot order, disconnected/failing drive, corrupt boot files, wrong partition/UEFI settings. |
| Frequent shutdowns | Power, thermals, updates, malware, or crash/restart setting. |
| Services not starting | Check service account, dependencies, Event Viewer, startup type. |
| Applications crashing | Patch/repair/reinstall app, verify requirements, profile/settings, Event Viewer. |
| Low memory warnings | Close apps, find leaks, add RAM, check pagefile/virtual memory. |
| USB controller resource warnings | Too many USB devices/controllers, driver/chipset issue, power management. |
| System instability | Recent changes, driver updates, malware scan, SFC, hardware diagnostics. |
| Slow profile load | Roaming profile, network share, GPO/logon script, corrupt profile. |
| Time drift | Time zone/NTP sync; on desktops also suspect CMOS battery. |
Mobile OS and application troubleshooting
| Symptom | Likely fix path |
| App fails to launch or crashes | Force close, update app/OS, clear cache/data, reinstall, verify compatibility. |
| App fails to update/install | Check storage, network, app store account, OS version, restrictions/profiles. |
| Slow response | Close background apps, restart, free storage, update, check battery health. |
| OS fails to update | Check storage, battery/charger, Wi-Fi, vendor support/EOL, MDM restrictions. |
| Battery life issues | Screen brightness, rogue apps, radios/location, battery health, updates. |
| Random reboots | Bad app/update, OS corruption, battery/thermal issue, hardware fault. |
| Bluetooth/Wi-Fi/NFC issues | Toggle radio, forget/re-pair, reset network settings, verify range/interference. |
| Screen does not autorotate | Rotation lock, app support, sensor issue, restart/update. |
Security symptoms on PCs and mobile
- Mobile risk clues: unofficial app stores, developer mode, root/jailbreak, unauthorized app, app spoofing.
- Mobile compromise symptoms: high network traffic, high data usage, ads, fake warnings, slow response, limited/no internet, odd app behavior, leaked data.
- PC security symptoms: false antivirus alerts, desktop alerts, altered/missing/renamed files, cannot access files, unwanted OS notifications, update failures.
- Browser symptoms: pop-ups, certificate warnings, redirects, degraded browser performance.
- First protect data and isolate suspicious systems; then follow the malware removal process.
- For fake security warnings, do not call displayed numbers or install offered tools.
4. Operational Procedures ~21%
Ticketing, documentation, and asset management
- Ticket essentials: user info, device info, issue description, category, severity, escalation level, progress notes, and resolution.
- Write clear, concise notes so another tech can continue the work.
- Asset management: inventory lists, CMDB, asset tags/IDs, procurement life cycle, warranty/licensing, assigned users.
- Documents: incident reports, SOPs, custom install procedures, onboarding/offboarding checklists, SLAs, and knowledge base articles.
- SLA defines expected service level; can be internal or external/third-party.
Change management
| Required thought | What it means |
| Purpose and scope | Why the change is needed and what systems/users are included. |
| Type | Standard, normal, or emergency change. |
| Date/time | Use maintenance windows; respect change freezes. |
| Risk and impact | Risk level, affected systems, business effect. |
| Rollback and backup plan | How to restore service if the change fails. |
| Sandbox testing | Validate before production when possible. |
| Approvals and review | Change board approval, responsible staff, peer review, end-user acceptance. |
Backups and recovery
| Backup type | Fast recall |
| Full | Copies all selected data; easiest restore, longest backup. |
| Incremental | Copies changes since last backup of any type; fastest backup, more restore steps. |
| Differential | Copies changes since last full backup; grows until next full, simpler restore than incremental. |
| Synthetic full | Builds a new full backup from prior full + incrementals without rereading the client. |
| 3-2-1 rule | 3 copies, 2 media types, 1 offsite/offline copy. |
| GFS | Grandfather-father-son rotation: monthly/weekly/daily generations. |
| Recovery | Restore in-place/overwrite or to an alternate location; test backups on a schedule. |
Safety, environment, and privacy
- Use ESD straps/mats, antistatic bags, proper grounding, careful component handling/storage, and cable management.
- Disconnect power before repairing a PC; use proper lifting, fire safety, safety goggles, and air filter mask when needed.
- Use MSDS/SDS for handling/disposal. Dispose of batteries, toner, devices, and assets properly.
- Control temperature, humidity, ventilation, dust, and equipment placement.
- Power events: surge = voltage spike, brownout = reduced voltage, blackout = power loss. UPS helps with outages; surge suppressor handles spikes.
- Incident response: chain of custody, inform management/law enforcement as necessary, preserve data with a drive image, document incident, follow order of volatility.
- Know EULA/DRM, valid licenses, perpetual vs. subscription-style usage, personal vs. corporate use, open-source license, NDA/MNDA.
- Regulated data: payment cards, government IDs, PII, healthcare data, and retention requirements. AUP defines acceptable use.
Professionalism, scripting, remote access, and AI
- Be on time, dress for the environment, use professional language, avoid jargon when appropriate, actively listen, and avoid interruptions.
- With difficult customers: do not argue, dismiss, judge, or get defensive. Clarify, restate, set expectations, document work, and follow up.
- Protect confidential/private materials on desks, computers, printers, and screens.
- Script types:
.bat, .ps1, .vbs, .sh, .js, .py.
- Script uses: automation, restart machines, remap drives, install apps, backups, gather info, initiate updates.
- Script risks: malware, unintended settings changes, browser/system crashes due to mishandled resources.
- Remote access: RDP, VPN, VNC, SSH, RMM, SPICE, WinRM, and third-party screen sharing/video/file transfer/desktop management.
- RDP = Windows remote GUI. SSH = secure remote CLI. VPN = secure tunnel. RMM = managed support/monitoring tool.
- Secure remote access with MFA, least privilege, encryption, auditing, user consent, and vendor/tool trust.
- AI basics: app integration, appropriate-use policy, plagiarism concerns.
- AI limitations: bias, hallucinations, accuracy limits.
- Private vs. public AI: data security, data source, and data privacy determine whether sensitive information can be used.
Rapid recall: Pass score 700 · Core 2 domains: OS 28, Security 28, Troubleshooting 23, Ops 21 · Home lacks domain join/RDP host/gpedit/BitLocker management · NTFS = permissions/EFS · exFAT = large removable files · Time Machine = macOS backup · FileVault/BitLocker = full-disk encryption · EFS = file/folder encryption · WPA3/WPA2+AES · Malware removal starts by verifying symptoms and quarantining · 3-2-1 backup · Chain of custody preserves evidence.