CompTIA A+ Core 2 (220-1202) Cheat Sheet

March 28, 2026 6 min read

High-yield review of operating systems, endpoint security, permissions, recovery tools, scripting, and operational procedures for CompTIA A+ Core 2.

Use this for last-mile review. Core 2 rewards answers that preserve security and process discipline while still restoring the user’s workstation or access cleanly.

Final 20-minute recall (exam day)

Cue -> best move (scenario map)

If the question says…	Usually best answer
PC unstable after update/driver	Safe Mode -> rollback/update removal -> logs -> `sfc`/`DISM`
“Access denied” on shared folder	Evaluate share + NTFS effective permissions, ownership, elevation
Browser popups/hijack symptoms	Malware workflow + extension cleanup + DNS/hosts verification
BitLocker recovery prompt	TPM/hardware change path, recover key from Entra ID, AD DS, or approved escrow
User needs app but not admin rights	Least privilege + Run as needed + allow-list approach
Domain login slow/failing	DNS to DC, network profile/firewall, time sync, GPO processing
Suspicious process persistence	Startup items/services/tasks + EDR/AV scan + containment
Need secure remote support	VPN + MFA + controlled RDP/remote tooling with logging
Repeated helpdesk issue	Document root cause + standardize fix/runbook
New script for operations	Test in non-prod, parameterize, log actions, least privilege execution

Must-memorize Core 2 anchors

Topic	Fast recall
Malware cleanup (exam order)	Identify -> quarantine -> disable restore -> remediate -> schedule updates -> enable restore -> restore point -> educate
WinRE tools	Startup Repair, System Restore, Uninstall Updates, Command Prompt
Health repair pair	`DISM /Online /Cleanup-Image /RestoreHealth` + `sfc /scannow`
Permission rule	Most restrictive effective access wins
Security baseline	Patching, AV, firewall, MFA, least privilege
Data handling	Need-to-know access, encryption, secure disposal

Last-minute traps

Disabling security controls as first troubleshooting step.
Confusing local account issues with domain/DNS/time issues.
Applying broad admin permissions instead of scoped rights.
Skipping documentation/change control for “quick fixes.”

1) Windows editions & features (quick map)

Feature	Home	Pro	Enterprise/Education	Notes
Domain join / Group Policy	✗	✓	✓	Business environments
BitLocker	✗	✓	✓	Full-disk encryption
Hyper-V	✗	✓	✓	Virtualization
Remote Desktop host	✗	✓	✓	Client → host access
Assigned Access / AppLocker	✗	Limited	✓	Kiosk / allow-lists

2) Core Windows tools (where to click)

Need	Tool	Path
System overview	System / About	Settings → System → About
Device drivers	Device Manager	Win+X → Device Manager
Network basics	Network & Internet	Settings → Network & Internet
Local security	Local Security Policy	`secpol.msc` (Pro+)
Local users/groups	`lusrmgr.msc`	Pro+ (not Home)
Services	Services	`services.msc`
Disk tasks	Disk Management	`diskmgmt.msc`
Resource view	Task Manager	Ctrl+Shift+Esc
Logs	Event Viewer	`eventvwr.msc`

3) Windows command quickies

Task	Command	Notes
IP/DNS	`ipconfig /all`	Stack config
Reachability	`ping`, `tracert`	Path/latency
Name lookup	`nslookup`	DNS test
Filesystem check	`chkdsk /f`	Fix errors (may require reboot)
System files	`sfc /scannow`	Verify/repair protected files
Image repair	`DISM /Online /Cleanup-Image /RestoreHealth`	Use before/after SFC
Boot repair	`bootrec /fixmbr` `bootrec /fixboot` `bootrec /rebuildbcd`	WinRE
Boot config	`bcdedit`	Edit boot entries
Startup apps	`taskmgr` → Startup tab	Enable/disable
Processes	`tasklist`, `taskkill /PID n /F`	CLI control
Policy refresh	`gpupdate /force`	Pro+

4) Startup, recovery & reset

Safe Mode: Shift+Restart → Troubleshoot → Advanced → Startup Settings.
WinRE tools: Startup Repair, System Restore, Command Prompt, Uninstall Updates, UEFI Firmware Settings.
System Restore: Roll back system files/registry (not documents).
Reset this PC: Keep files vs remove everything; local vs cloud reinstall.
MSConfig (legacy): Diagnostic/Selective startup; today prefer Task Manager + Services.

5) Disks, file systems & shares

NTFS: permissions, quotas, EFS; exFAT for flash; FAT32 legacy.
Share vs NTFS permissions: Effective = most restrictive. Share applies over network; NTFS local & network.
Attributes: Read-only, Hidden, System; show via Folder Options.
Map network drive: Explorer or net use Z: \\server\share /user:DOMAIN\user.

6) Accounts, UAC & permissions

Local vs Microsoft accounts; Groups: Administrators, Users, Guests.
UAC: prompts on elevation; keep at default or higher.
Least privilege: standard user for daily tasks; elevate only when needed.
Run as: Shift-right-click → Run as different user.

7) Security hardening (Windows)

Updates: Windows Update automatic.
Defender AV/Firewall: on by default; real-time + periodic scans.
Firewall profiles: Domain, Private, Public; set correct network profile.
BitLocker (Pro+): TPM + PIN for best protection; store recovery key safely.
RDP: allow only when required; restrict via firewall, NLA, and groups.
Account policies: lockout thresholds; password length/age (or passphrases + MFA).

8) Malware response (CompTIA order)

This is the CompTIA-preferred workstation malware sequence for exam questions. Real enterprise incident playbooks may add evidence-preservation or EDR-specific steps around the same basic flow.

Identify symptoms (pop-ups, slowdowns, unknown processes).
Quarantine the system (isolate network, no file sharing).
Disable System Restore (prevents re-infection from restore points).
Remediate: update definitions, Safe Mode scan, remove malware; reimage if needed.
Schedule scans / updates; enable System Restore.
Create restore point.
Educate the user (phishing, attachments, macros, downloads).

9) macOS essentials

Need	Tool	Path
System info	About This Mac	 → About
Activity	Activity Monitor	Applications → Utilities
Disks	Disk Utility	Apps → Utilities
Updates	System Settings → General → Software Update
Terminal	`bash`/`zsh`	Apps → Utilities

Time Machine backups; FileVault full-disk encryption; Keychain passwords/certs.

10) Linux essentials

Package managers: apt, dnf, yum, pacman.
Services: systemctl status|start|stop <svc>.
Network: ip a, ip r, nmcli, ping, dig.
Permissions: chmod, chown, sudo.
Logs: /var/log, journalctl.
Editors: nano, vi.

11) Mobile OS & MDM (Core 2 depth)

iOS: Face ID/Touch ID, iCloud, Screen Time, profiles via MDM.
Android: Google account, biometric unlock, app permissions, Work Profile.
MDM controls: passcode policy, remote lock/wipe, app allow/deny, Wi-Fi/VPN profiles, certificate deployment.
Secure comms: company portal apps, per-app VPN, device compliance checks.

12) Authentication & access

Something you know/have/are; prefer MFA.
Biometrics: Windows Hello, Touch ID, Android biometrics.
Certificates/Smart cards in enterprise; 802.1X (awareness).
SSO improves UX; still enforce least privilege.

13) Scripting basics (PowerShell, Bash, Python)

PowerShell: objects, Get-Command, Get-Help, Get-Service, Get-Process, pipes; run as admin.
Bash: shebang #!/usr/bin/env bash, variables, if/for, exit codes $?.
Python: shebang, venv, pip, simple file/OS tasks.
Task scheduling: Task Scheduler (Windows), cron/systemd timers (Linux).
Safety: test in non-prod; log actions; parameterize paths; validate inputs.

14) Operational procedures

Documentation: ticket notes, change records, asset tags, diagrams.
Change management: request → assess risk → approvals → maintenance window → backout plan → comms.
Incident response: identify → contain → eradicate → recover → lessons learned.
SLAs/OLAs: response vs resolution targets; prioritize accordingly.
Professionalism: active listening, empathy, avoid jargon, confirm resolution, follow-up.

15) Privacy, safety & disposal

PII/PHI/PCI: handle on a need-to-know basis; encrypt at rest/in transit.
Safety: ESD strap/mat, proper lifting, cable management, power off & unplug before service.
Disposal: shred/drill platters, secure erase/crypto-erase SSDs, follow e-waste laws.

16) Quick pickers (scenario speed)

App won’t start after update → Safe Mode, roll back/uninstall, Event Viewer, sfc/DISM.
Slow login on domain → Network profile/Public firewall, DNS to domain controller, GPO processing.
High CPU/Mem → Task Manager → sort by usage; check startup items/services.
Disk 100% → Resource Monitor; check Superfetch/SysMain, updates, AV scan, SMART.
Browser hijack → Extensions/add-ons, reset profile, DNS, hosts file, full malware workflow.
Access denied → NTFS permissions vs share; ownership; run elevated.
BitLocker prompt for key → Hardware change/TPM event; retrieve key from Microsoft Entra ID, Active Directory, or printed escrow.

How to use: If you hesitate on any row, convert it into a 2-bullet rule of thumb and drill a 20–25 question set on that topic tomorrow.

Quiz

Loading quiz…

From here, move to the FAQ for deeper workflow explanations or use the resources page for official exam details and platform references.

FAQ