CompTIA A+ Core 2 (220-1202) Cheat Sheet
High-yield review of operating systems, endpoint security, permissions, recovery tools, scripting, and operational procedures for CompTIA A+ Core 2.
On this page
Use this for last-mile review. Core 2 rewards answers that preserve security and process discipline while still restoring the user’s workstation or access cleanly.
Final 20-minute recall (exam day)
Cue -> best move (scenario map)
| If the question says… | Usually best answer |
|---|---|
| PC unstable after update/driver | Safe Mode -> rollback/update removal -> logs -> sfc/DISM |
| “Access denied” on shared folder | Evaluate share + NTFS effective permissions, ownership, elevation |
| Browser popups/hijack symptoms | Malware workflow + extension cleanup + DNS/hosts verification |
| BitLocker recovery prompt | TPM/hardware change path, recover key from Entra ID, AD DS, or approved escrow |
| User needs app but not admin rights | Least privilege + Run as needed + allow-list approach |
| Domain login slow/failing | DNS to DC, network profile/firewall, time sync, GPO processing |
| Suspicious process persistence | Startup items/services/tasks + EDR/AV scan + containment |
| Need secure remote support | VPN + MFA + controlled RDP/remote tooling with logging |
| Repeated helpdesk issue | Document root cause + standardize fix/runbook |
| New script for operations | Test in non-prod, parameterize, log actions, least privilege execution |
Must-memorize Core 2 anchors
| Topic | Fast recall |
|---|---|
| Malware cleanup (exam order) | Identify -> quarantine -> disable restore -> remediate -> schedule updates -> enable restore -> restore point -> educate |
| WinRE tools | Startup Repair, System Restore, Uninstall Updates, Command Prompt |
| Health repair pair | DISM /Online /Cleanup-Image /RestoreHealth + sfc /scannow |
| Permission rule | Most restrictive effective access wins |
| Security baseline | Patching, AV, firewall, MFA, least privilege |
| Data handling | Need-to-know access, encryption, secure disposal |
Last-minute traps
- Disabling security controls as first troubleshooting step.
- Confusing local account issues with domain/DNS/time issues.
- Applying broad admin permissions instead of scoped rights.
- Skipping documentation/change control for “quick fixes.”
1) Windows editions & features (quick map)
| Feature | Home | Pro | Enterprise/Education | Notes |
|---|---|---|---|---|
| Domain join / Group Policy | ✗ | ✓ | ✓ | Business environments |
| BitLocker | ✗ | ✓ | ✓ | Full-disk encryption |
| Hyper-V | ✗ | ✓ | ✓ | Virtualization |
| Remote Desktop host | ✗ | ✓ | ✓ | Client → host access |
| Assigned Access / AppLocker | ✗ | Limited | ✓ | Kiosk / allow-lists |
2) Core Windows tools (where to click)
| Need | Tool | Path |
|---|---|---|
| System overview | System / About | Settings → System → About |
| Device drivers | Device Manager | Win+X → Device Manager |
| Network basics | Network & Internet | Settings → Network & Internet |
| Local security | Local Security Policy | secpol.msc (Pro+) |
| Local users/groups | lusrmgr.msc |
Pro+ (not Home) |
| Services | Services | services.msc |
| Disk tasks | Disk Management | diskmgmt.msc |
| Resource view | Task Manager | Ctrl+Shift+Esc |
| Logs | Event Viewer | eventvwr.msc |
3) Windows command quickies
| Task | Command | Notes |
|---|---|---|
| IP/DNS | ipconfig /all |
Stack config |
| Reachability | ping, tracert |
Path/latency |
| Name lookup | nslookup |
DNS test |
| Filesystem check | chkdsk /f |
Fix errors (may require reboot) |
| System files | sfc /scannow |
Verify/repair protected files |
| Image repair | DISM /Online /Cleanup-Image /RestoreHealth |
Use before/after SFC |
| Boot repair | bootrec /fixmbr bootrec /fixboot bootrec /rebuildbcd |
WinRE |
| Boot config | bcdedit |
Edit boot entries |
| Startup apps | taskmgr → Startup tab |
Enable/disable |
| Processes | tasklist, taskkill /PID n /F |
CLI control |
| Policy refresh | gpupdate /force |
Pro+ |
4) Startup, recovery & reset
- Safe Mode: Shift+Restart → Troubleshoot → Advanced → Startup Settings.
- WinRE tools: Startup Repair, System Restore, Command Prompt, Uninstall Updates, UEFI Firmware Settings.
- System Restore: Roll back system files/registry (not documents).
- Reset this PC: Keep files vs remove everything; local vs cloud reinstall.
- MSConfig (legacy): Diagnostic/Selective startup; today prefer Task Manager + Services.
5) Disks, file systems & shares
- NTFS: permissions, quotas, EFS; exFAT for flash; FAT32 legacy.
- Share vs NTFS permissions: Effective = most restrictive. Share applies over network; NTFS local & network.
- Attributes: Read-only, Hidden, System; show via Folder Options.
- Map network drive: Explorer or
net use Z: \\server\share /user:DOMAIN\user.
6) Accounts, UAC & permissions
- Local vs Microsoft accounts; Groups: Administrators, Users, Guests.
- UAC: prompts on elevation; keep at default or higher.
- Least privilege: standard user for daily tasks; elevate only when needed.
- Run as: Shift-right-click → Run as different user.
7) Security hardening (Windows)
- Updates: Windows Update automatic.
- Defender AV/Firewall: on by default; real-time + periodic scans.
- Firewall profiles: Domain, Private, Public; set correct network profile.
- BitLocker (Pro+): TPM + PIN for best protection; store recovery key safely.
- RDP: allow only when required; restrict via firewall, NLA, and groups.
- Account policies: lockout thresholds; password length/age (or passphrases + MFA).
8) Malware response (CompTIA order)
This is the CompTIA-preferred workstation malware sequence for exam questions. Real enterprise incident playbooks may add evidence-preservation or EDR-specific steps around the same basic flow.
- Identify symptoms (pop-ups, slowdowns, unknown processes).
- Quarantine the system (isolate network, no file sharing).
- Disable System Restore (prevents re-infection from restore points).
- Remediate: update definitions, Safe Mode scan, remove malware; reimage if needed.
- Schedule scans / updates; enable System Restore.
- Create restore point.
- Educate the user (phishing, attachments, macros, downloads).
9) macOS essentials
| Need | Tool | Path |
|---|---|---|
| System info | About This Mac | → About |
| Activity | Activity Monitor | Applications → Utilities |
| Disks | Disk Utility | Apps → Utilities |
| Updates | System Settings → General → Software Update | |
| Terminal | bash/zsh |
Apps → Utilities |
- Time Machine backups; FileVault full-disk encryption; Keychain passwords/certs.
10) Linux essentials
- Package managers:
apt,dnf,yum,pacman. - Services:
systemctl status|start|stop <svc>. - Network:
ip a,ip r,nmcli,ping,dig. - Permissions:
chmod,chown,sudo. - Logs:
/var/log,journalctl. - Editors:
nano,vi.
11) Mobile OS & MDM (Core 2 depth)
- iOS: Face ID/Touch ID, iCloud, Screen Time, profiles via MDM.
- Android: Google account, biometric unlock, app permissions, Work Profile.
- MDM controls: passcode policy, remote lock/wipe, app allow/deny, Wi-Fi/VPN profiles, certificate deployment.
- Secure comms: company portal apps, per-app VPN, device compliance checks.
12) Authentication & access
- Something you know/have/are; prefer MFA.
- Biometrics: Windows Hello, Touch ID, Android biometrics.
- Certificates/Smart cards in enterprise; 802.1X (awareness).
- SSO improves UX; still enforce least privilege.
13) Scripting basics (PowerShell, Bash, Python)
- PowerShell: objects,
Get-Command,Get-Help,Get-Service,Get-Process, pipes; run as admin. - Bash: shebang
#!/usr/bin/env bash, variables,if/for, exit codes$?. - Python: shebang,
venv,pip, simple file/OS tasks. - Task scheduling: Task Scheduler (Windows),
cron/systemd timers(Linux). - Safety: test in non-prod; log actions; parameterize paths; validate inputs.
14) Operational procedures
- Documentation: ticket notes, change records, asset tags, diagrams.
- Change management: request → assess risk → approvals → maintenance window → backout plan → comms.
- Incident response: identify → contain → eradicate → recover → lessons learned.
- SLAs/OLAs: response vs resolution targets; prioritize accordingly.
- Professionalism: active listening, empathy, avoid jargon, confirm resolution, follow-up.
15) Privacy, safety & disposal
- PII/PHI/PCI: handle on a need-to-know basis; encrypt at rest/in transit.
- Safety: ESD strap/mat, proper lifting, cable management, power off & unplug before service.
- Disposal: shred/drill platters, secure erase/crypto-erase SSDs, follow e-waste laws.
16) Quick pickers (scenario speed)
- App won’t start after update → Safe Mode, roll back/uninstall, Event Viewer,
sfc/DISM. - Slow login on domain → Network profile/Public firewall, DNS to domain controller, GPO processing.
- High CPU/Mem → Task Manager → sort by usage; check startup items/services.
- Disk 100% → Resource Monitor; check Superfetch/SysMain, updates, AV scan, SMART.
- Browser hijack → Extensions/add-ons, reset profile, DNS, hosts file, full malware workflow.
- Access denied → NTFS permissions vs share; ownership; run elevated.
- BitLocker prompt for key → Hardware change/TPM event; retrieve key from Microsoft Entra ID, Active Directory, or printed escrow.
How to use: If you hesitate on any row, convert it into a 2-bullet rule of thumb and drill a 20–25 question set on that topic tomorrow.
Quiz
Loading quiz…
From here, move to the FAQ for deeper workflow explanations or use the resources page for official exam details and platform references.