CompTIA 220-1202 FAQ for exam format, topics, prep strategy, practice, and common candidate traps.
A+ Core 2 rewards controlled operational judgment: secure defaults, effective permissions, disciplined recovery order, and fixes that solve the problem without creating a larger problem. The exam is broader than “Windows commands.” It is really testing whether you can classify the failure correctly, apply the least risky supported fix, and document what changed.
| Question | Short answer |
|---|---|
| What exactly is covered on Core 2? | Operating systems, security, software troubleshooting, and operational procedures. |
| How is it different from Core 1? | Core 1 is device, networking, and hardware heavy. Core 2 is operating-system, access, malware, recovery, and support-process heavy. |
| What does the exam punish most? | Fast but sloppy fixes that ignore least privilege, recovery order, or documentation. |
| What hands-on work matters most? | One believable endpoint loop: configure, secure, troubleshoot, recover, and document. |
| What should I trust if notes disagree? | The current CompTIA exam-details page and public Core 2 page. |
Core 2 focuses on four lanes:
| Lane | What it is really testing |
|---|---|
| operating systems | can you navigate Windows first, then macOS, Linux, and ChromeOS fundamentals without guessing |
| security | can you choose least privilege, hardening, and malware-response steps in the right order |
| software troubleshooting | can you separate app, profile, OS, startup, and recovery problems cleanly |
| operational procedures | can you work like a disciplined support technician instead of a reckless fixer |
That means Windows editions and tools, account and permission models, patching, malware workflow, logging and diagnostics, backup and restore choices, and professional practices such as documentation, change control, safety, privacy, and disposal.
You need both exams for A+, but they reward different instincts.
| Exam | Strongest first instinct |
|---|---|
| Core 1 (220-1201) | identify the device, port, network, or hardware path first |
| Core 2 (220-1202) | identify the OS, identity, security, software, or procedure boundary first |
If a question is really about permissions, malware workflow, boot recovery, Group Policy, or documentation discipline, that is Core 2 thinking.
CompTIA lists the current A+ Core 2 220-1202 exam at up to 90 questions in 90 minutes with a passing score of 700 on the 100-900 scale. Expect multiple-choice and performance-based questions.
PBQs are not about memorizing obscure commands. They usually reward:
If a PBQ is consuming too much time, skip it and return.
It punishes support answers that are technically possible but operationally weak.
| Trap | Better reading |
|---|---|
| reset or reinstall first | start with reversible recovery and supported diagnostics |
| make the user local admin | prefer least privilege, scoped elevation, or approved deployment workflow |
| disable Defender, UAC, or firewall to “see if it works” | only do that when the question explicitly frames a temporary controlled test |
| say “permissions issue” without separating share from NTFS | fix the actual access boundary |
| stop after cleanup | verify, document, and add prevention |
You do not need every corner of Windows. You need the exam-critical lanes:
| Topic | What matters most |
|---|---|
| editions and features | Home vs Pro vs Enterprise/Education, especially BitLocker, RDP host, and Group Policy relevance |
| admin tools | Device Manager, Services, Disk Management, Event Viewer, Task Manager, Settings, Control Panel |
| repair tools | Safe Mode, WinRE, System Restore, Reset this PC, DISM, sfc, bootrec, bcdedit |
| permissions | NTFS vs share, inheritance, ownership, effective access |
| security | Defender, firewall profiles, BitLocker, UAC, patching, account models |
Core 2 only needs fundamentals, but those fundamentals must be clean.
| Platform | Know these anchors |
|---|---|
| macOS | Activity Monitor, Disk Utility, FileVault, Time Machine, Software Update |
| Linux | apt, dnf or yum, systemctl, chmod, chown, journalctl, /var/log |
The exam is usually not asking for deep platform administration. It is asking whether you can recognize the right tool family and the right next step.
Treat this as an access-boundary question, not a memorization question.
For exam purposes, the fastest correct reading is usually:
| If the user is… | Strongest first check |
|---|---|
| local at the machine | NTFS, ownership, inheritance, elevation |
| accessing over the network | share permission, then NTFS, then group membership |
| in a managed environment | effective group membership and policy application |
For workstation-cleanup questions, the CompTIA-friendly sequence is:
That is the exam-preferred endpoint-malware sequence. Real enterprise incident flow may differ when evidence preservation or EDR policy changes the order, but the exam still rewards this workstation-remediation logic.
| Tool | Best use |
|---|---|
| Safe Mode | driver, startup item, or malware troubleshooting with minimal services |
| WinRE | broader recovery, repair, rollback, restore, and offline command tools |
| Reset this PC | last-resort refresh or rebuild when smaller recovery moves are not enough |
If the question gives you a reversible fix and a destructive fix, Core 2 usually prefers the reversible fix first.
You do not need a giant lab. You need one believable endpoint support loop.
Route the miss by weak lane.
| If your misses sound like… | Weak lane | Fix next |
|---|---|---|
| “I always choose a bigger fix than needed.” | recovery order | review rollback, repair, restore, then reset logic |
| “I keep missing access questions.” | permissions | review share vs NTFS, inheritance, ownership, and elevation |
| “I know the symptom but not the malware workflow.” | security operations | review identification, quarantine, cleanup, restore-point logic |
| “I fix the tech issue but miss the process answer.” | operational procedures | review documentation, safety, change control, and verification |
Do less broad reading and more boundary review.
| Keep doing | Stop doing |
|---|---|
| rereading the cheat sheet and glossary | opening unrelated new tools or utilities |
| drilling permissions, malware order, and recovery choices | memorizing obscure flags with no scenario context |
| checking official CompTIA details if something sounds off | trusting unsupported forum summaries over the public Core 2 page |
| practicing least-disruptive secure first moves | defaulting to reset or reinstall |