CC

Official 220-1202 Exam Guide

Exam Format, Domains & Preparation Tips

CompTIA A+ Core 2 (220-1202) V15 Certification Exam

Exam Objectives Document Version 3.0

Copyright © 2024 CompTIA, Inc. All rights reserved.

About the Exam

Candidates are encouraged to use this document to help prepare for the CompTIA A+ 220-1202 certification exam.

To receive the CompTIA A+ certification, you must pass two exams:

  • Core 1 (220-1201)
  • Core 2 (220-1202)

The CompTIA A+ Core 1 (220-1201) and Core 2 (220-1202) certification exams will verify the successful candidate has the knowledge and skills required to:

  • Install, configure, and maintain computer equipment, mobile devices, and software for end users
  • Service components based on customer requirements
  • Understand networking basics and apply basic cybersecurity methods to mitigate threats
  • Properly and safely diagnose, resolve, and document common hardware and software issues
  • Apply troubleshooting skills and provide customer support using appropriate communication skills
  • Understand the basics of scripting, cloud technologies, virtualization, and multi-OS deployments in corporate environments

Test Details

Detail Information
Required Exam A+ Core 2 (220-1202)
Number of Questions Maximum of 90
Types of Questions Multiple-choice and performance-based
Length of Test 90 minutes
Recommended Experience 12 months of hands-on experience in an IT support specialist job role
Passing Score 700 (on a scale of 100–900)
Exam Version V15
Exam Series Code 220-1202 (Core 2)
Launch Date March 25, 2025
Languages English
Retirement Usually three years after launch (estimated 2028)

Exam Objectives (Domains)

Domain Percentage of Examination
1.0 Operating Systems 28%
2.0 Security 28%
3.0 Software Troubleshooting 23%
4.0 Operational Procedures 21%
Total 100%

Note on Windows 11

Versions of Microsoft Windows that are not end of Mainstream Support (as determined by Microsoft), up to and including Windows 11, are intended content areas of the certification. As such, objectives in which a specific version of Microsoft Windows is not indicated in the main objective title can include content related to Windows 10 and Windows 11, as it relates to the job role.

Domain 1.0: Operating Systems (28%)

1.1 Explain common operating system (OS) types and their purposes

  • Workstation systems
    • Windows
    • Linux
    • macOS
    • Chrome OS
  • Mobile OSs
    • iPadOS
    • iOS
    • Android
  • Various filesystem types
    • NTFS, ReFS, FAT32, ext4, XFS, APFS, exFAT
  • Vendor life-cycle limitations
    • End-of-life (EOL)
    • Update limitations
  • Compatibility concerns between operating systems

1.2 Given a scenario, perform OS installations and upgrades

  • Boot methods
    • USB, Network, Solid-state/flash drives, Internet-based
    • External/hot-swappable drive, Internal hard drive (partition), Multiboot
  • Types of installations
    • Clean install, Upgrade, Image deployment
    • Remote network installation, Zero-touch deployment
    • Recovery partition, Repair installation
    • Third-party drivers
  • Partitioning
    • GPT (GUID Partition Table)
    • MBR (Master boot record)
  • Drive format
  • Upgrade considerations
    • Backup files and user preferences
    • Application and driver support/backward compatibility
    • Hardware compatibility
  • Feature updates
    • Product life cycle

1.3 Compare and contrast basic features of Microsoft Windows editions

  • Windows 10 editions: Home, Pro, Pro for Workstations, Enterprise
  • Windows 11 editions: Home, Pro, Enterprise
  • N versions
  • Feature differences
    • Domain vs. workgroup
    • Desktop styles/user interface
    • Availability of Remote Desktop Protocol (RDP)
    • RAM support limitations
    • BitLocker
    • gpedit.msc
  • Upgrade paths
    • In-place upgrade
    • Clean install
  • Hardware requirements
    • TPM, UEFI

1.4 Given a scenario, use Microsoft Windows OS features and tools

  • Task Manager
    • Services, Startup, Performance, Processes, Users
  • Microsoft Management Console (MMC) snap-in
    • Event Viewer (eventvwr.msc)
    • Disk Management (diskmgmt.msc)
    • Task Scheduler (taskschd.msc)
    • Device Manager (devmgmt.msc)
    • Certificate Manager (certmgr.msc)
    • Local User and Groups (lusrmgr.msc)
    • Performance Monitor (perfmon.msc)
    • Group Policy Editor (gpedit.msc)
  • Additional tools
    • System Information (msinfo32.exe)
    • Resource Monitor (resmon.exe)
    • System Configuration (msconfig.exe)
    • Disk Cleanup (cleanmgr.exe)
    • Disk Defragment (dfrgui.exe)
    • Registry Editor (regedit.exe)

1.5 Given a scenario, use the appropriate Microsoft command-line tools

  • Navigation: cd, dir
  • Network: ipconfig, ping, netstat, nslookup, net use, tracert, pathping
  • Disk management: chkdsk, format, diskpart
  • File management: md, rmdir, robocopy
  • Informational: hostname, net user, winver, whoami, [command name] /?
  • OS management: gpupdate, gpresult, sfc

1.6 Given a scenario, configure Microsoft Windows settings

  • Internet Options, Devices and Printers, Program and Features
  • Network and Sharing Center, System, Windows Defender Firewall
  • Mail, Sound, User Accounts, Device Manager
  • Indexing Options, Administrative Tools
  • File Explorer Options: View hidden files, Hide extensions, General/View options
  • Power Options: Hibernate, Power plans, Sleep/suspend, Standby, Lid closing behavior, Fast startup, USB selective suspend
  • Ease of Access, Time and Language, Update and Security
  • Personalization, Apps, Privacy, System, Devices, Network and Internet, Gaming, Accounts

1.7 Given a scenario, configure Microsoft Windows networking features

  • Domain joined vs. workgroup
    • Shared resources: Printers, File servers, Mapped drives
  • Local OS firewall settings
    • Application restrictions and exceptions, Configuration
  • Client network configuration
    • IP addressing scheme, DNS settings, Subnet mask, Gateway, Static vs. dynamic
  • Establish network connections
    • VPN, Wireless, Wired, WWAN/cellular network
  • Proxy settings
  • Public network vs. private network
  • File Explorer navigation–network paths
  • Metered connections and limitations

1.8 Explain common features and tools of macOS/desktop OS

  • Installation and uninstallation of applications
    • File types: .dmg, .pkg, .app
    • App Store
    • Uninstallation process
  • System folders: /Applications, /Users, /Library, /System, /Users/Library
  • Apple ID and corporate restrictions
  • Best practices: Backups, Antivirus, Updates/patches, Rapid Security Response (RSR)
  • System Preferences: Displays, Networks, Printers, Scanners, Privacy, Accessibility, Time Machine
  • Features: Multiple desktops, Mission Control, Keychain, Spotlight, iCloud (iMessage, FaceTime, Drive), Gestures, Finder, Dock, Continuity
  • Disk Utility, FileVault, Terminal, Force Quit

1.9 Identify common features and tools of Linux client/desktop OS

  • File management: ls, pwd, mv, cp, rm, chmod, chown, grep, find
  • Filesystem management: fsck, mount
  • Administrative: su, sudo
  • Package management: apt, dnf
  • Network: ip, ping, curl, dig, traceroute
  • Informational: man, cat, top, ps, du, df
  • Text editors: nano
  • Common configuration files: /etc/passwd, /etc/shadow, /etc/hosts, /etc/fstab, /etc/resolv.conf
  • OS components: systemd, kernel, bootloader
  • Root account

1.10 Given a scenario, install applications according to requirements

  • System requirements for applications
    • 32-bit vs. 64-bit
    • Dedicated vs. integrated graphics card
    • VRAM requirements
    • RAM requirements
    • CPU requirements
    • External hardware tokens
    • Storage requirements
    • Application to OS compatibility
  • Distribution methods
    • Physical media vs. mountable ISO file
    • Downloadable package
    • Image deployment
  • Impact considerations for new applications
    • Device, Network, Operation, Business

1.11 Given a scenario, install and configure cloud-based productivity tools

  • Email systems
  • Storage: Sync/folder settings
  • Collaboration tools: Spreadsheets, Videoconferencing, Presentation tools, Word processing tools, Instant messaging
  • Identity synchronization
  • Licensing assignment

Domain 2.0: Security (28%)

2.1 Summarize various security measures and their purposes

  • Physical security: Bollards, Access control vestibule, Badge reader, Video surveillance, Alarm systems, Motion sensors, Door locks, Equipment locks, Security guards, Fences
  • Physical access security: Key fobs, Smart cards, Mobile digital key, Keys, Biometrics (Retina, Fingerprint, Palm, Facial recognition, Voice), Lighting, Magnetometers
  • Logical security: Principle of least privilege, Zero Trust model, ACLs, MFA (Email, Hardware token, Authenticator app, SMS, Voice call, TOTP, OTP), SAML, SSO, Just-in-time access (PAM), MDM, DLP, IAM, Directory services

2.2 Given a scenario, configure and apply basic Microsoft Windows OS security settings

  • Defender Antivirus: Activate/deactivate, Update definitions
  • Firewall: Activate/deactivate, Port security, Application security
  • User and groups: Local vs. Microsoft account, Standard account, Administrator, Guest user, Power user
  • Log-in OS options: Username/password, PIN, Fingerprint, Facial recognition, SSO, Passwordless/Windows Hello
  • NTFS vs. share permissions: File/folder attributes, Inheritance
  • Run as administrator vs. standard user
  • User Account Control (UAC)
  • BitLocker, BitLocker-To-Go, Encrypting File System (EFS)
  • Active Directory: Joining domain, Assigning log-in script, Moving objects within OUs, Assigning home folders, Applying Group Policy, Selecting security groups, Configuring folder redirection

2.3 Compare and contrast wireless security protocols and authentication methods

  • Protocols and encryption: WPA2, WPA3, TKIP, AES
  • Authentication: RADIUS, TACACS+, Kerberos, Multifactor

2.4 Summarize types of malware and tools/methods for detection, removal, and prevention

  • Malware: Trojan, Rootkit, Virus, Spyware, Ransomware, Keylogger, Boot sector virus, Cryptominer, Stalkerware, Fileless
  • Adware: Potentially unwanted program (PUP)
  • Tools and methods: Recovery console, EDR, MDR, XDR, Antivirus, Anti-malware, Email security gateway, Software firewalls, User education (Antiphishing training), OS reinstallation

2.5 Compare and contrast common social engineering attacks, threats, and vulnerabilities

  • Social engineering: Phishing (Vishing, Smishing, QR code phishing, Spear phishing, Whaling), Shoulder surfing, Tailgating, Impersonation, Dumpster diving
  • Threats: DoS, DDoS, Evil twin, Zero-day attack, Spoofing, On-path attack, Brute-force attack, Dictionary attack, Insider threat, SQL injection, Cross-site scripting (XSS), Business email compromise (BEC), Supply chain/pipeline attack
  • Vulnerabilities: Non-compliant systems, Unpatched systems, Unprotected systems (missing antivirus/firewall), EOL, BYOD

2.6 Given a scenario, implement procedures for basic SOHO malware removal

  1. Investigate and verify malware symptoms
  2. Quarantine infected system
  3. Disable System Restore in Windows Home
  4. Remediate infected systems
  5. Update anti-malware software
  6. Scan and removal techniques (safe mode, preinstallation environment)
  7. Reimage/reinstall
  8. Schedule scans and run updates
  9. Enable System Restore and create restore point in Windows Home
  10. Educate the end user

2.7 Given a scenario, apply workstation security options and hardening techniques

  • Data-at-rest encryption
  • Password considerations: Length, Character types, Uniqueness, Complexity, Expiration
  • BIOS/UEFI passwords
  • End-user best practices: Use screensaver locks, Log off when not in use, Secure critical hardware, Secure PII and passwords, Use password managers
  • Account management: Restrict user permissions, Restrict log-in times, Disable guest account, Use failed attempts lockout, Use timeout/screen lock, Apply account expiration dates
  • Change default administrator's account/password
  • Disable AutoRun, Disable unused services

2.8 Given a scenario, apply common methods for securing mobile devices

  • Hardening techniques: Device encryption, Screen locks (Facial recognition, PIN codes, Fingerprint, Pattern, Swipe), Configuration profiles
  • Patch management: OS updates, Application updates
  • Endpoint security software: Antivirus, Anti-malware, Content filtering
  • Locator applications, Remote wipes, Remote backup applications
  • Failed log-in attempts restrictions
  • Policies and procedures: MDM, BYOD vs. corporate-owned devices, Profile security requirements

2.9 Compare and contrast common data destruction and disposal methods

  • Physical destruction: Drilling, Shredding, Degaussing, Incineration
  • Recycling or repurposing best practices: Erasing/wiping, Low-level formatting, Standard formatting
  • Outsourcing concepts: Third-party vendor, Certification of destruction/recycling
  • Regulatory and environmental requirements

2.10 Given a scenario, apply security settings on SOHO wireless and wired networks

  • Router settings: Change default passwords, IP filtering, Firmware updates, Content filtering, Physical placement/secure locations, UPnP, Screened subnet, Configure secure management access
  • Wireless specific: Changing SSID, Disabling SSID broadcast, Encryption settings, Configuring guest access
  • Firewall settings: Disabling unused ports, Port forwarding/mapping

2.11 Given a scenario, configure relevant security settings in a browser

  • Browser download/installation: Trusted sources (Hashing), Untrusted sources
  • Browser patching
  • Extensions and plug-ins: Trusted/Untrusted sources
  • Password managers
  • Secure connections/sites–valid certificates
  • Settings: Pop-up blocker, Clearing browsing data, Clearing cache, Private-browsing mode, Sign-in/browser data synchronization, Ad blockers, Proxy, Secure DNS
  • Browser feature management: Enable/disable (Plug-ins, Extensions, Features)

Domain 3.0: Software Troubleshooting (23%)

3.1 Given a scenario, troubleshoot common Windows OS issues

  • Blue screen of death (BSOD)
  • Degraded performance
  • Boot issues
  • Frequent shutdowns
  • Services not starting
  • Applications crashing
  • Low memory warnings
  • USB controller resource warnings
  • System instability
  • No OS found
  • Slow profile load
  • Time drift

3.2 Given a scenario, troubleshoot common mobile OS and application issues

  • Application fails to launch
  • Application fails to close/crashes
  • Application fails to update
  • Application fails to install
  • Slow to respond
  • OS fails to update
  • Battery life issues
  • Random reboots
  • Connectivity issues: Bluetooth, Wi-Fi, NFC
  • Screen does not autorotate

3.3 Given a scenario, troubleshoot common mobile OS and application security issues

  • Security concerns: Application source/unofficial stores, Developer mode, Root access/jailbreak, Unauthorized/malicious application (Application spoofing)
  • Common symptoms: High network traffic, Degraded response time, Data-usage limit notification, Limited/No internet connectivity, High number of ads, Fake security warnings, Unexpected application behavior, Leaked personal files/data

3.4 Given a scenario, troubleshoot common PC security issues

  • Common symptoms: Unable to access network, Desktop alerts, False antivirus alerts, Altered system/personal files (Missing/renamed files, Inability to access files), Unwanted notifications within OS, OS updates failures
  • Browser-related symptoms: Random/frequent pop-ups, Certificate warnings, Redirection, Degraded browser performance

Domain 4.0: Operational Procedures (21%)

4.1 Given a scenario, implement best practices for documentation and support systems

  • Ticketing systems: User information, Device information, Description of issues, Categories, Severity, Escalation levels, Clear written communication (Issue description, Progress notes, Issue resolution)
  • Asset management: Inventory lists, Configuration management database (CMDB), Asset tags and IDs, Procurement life cycle, Warranty and licensing, Assigned users
  • Types of documents: Incident reports, Standard operating procedures (SOPs) (Software package custom installation procedure), New user/onboarding setup checklist, User off-boarding checklist, Service-level agreements (SLAs) (Internal, External/third-party), Knowledge base/articles

4.2 Given a scenario, apply change management procedures

  • Documented business processes: Rollback plan, Backup plan, Sandbox testing, Responsible staff members
  • Change management: Request forms, Purpose of change, Scope of change, Change type (Standard, Normal, Emergency), Date/time of change (Change freeze, Maintenance windows), Affected systems/impact, Risk analysis (Risk level), Change board approvals, Implementation, Peer review, End-user acceptance

4.3 Given a scenario, implement workstation backup and recovery methods

  • Backup: Full, Incremental, Differential, Synthetic full
  • Recovery: In-place/overwrite, Alternative location
  • Backup testing: Frequency
  • Backup rotation schemes: Onsite vs. offsite, Grandfather-father-son (GFS), 3-2-1 backup rule

4.4 Given a scenario, use common safety procedures

  • ESD straps, ESD mats
  • Electrical safety: Equipment grounding
  • Proper component handling and storage
  • Cable management, Antistatic bags
  • Compliance with government regulations
  • Personal safety: Disconnect power before repairing PC, Lifting techniques, Fire safety, Safety goggles, Air filter mask

4.5 Summarize environmental impacts and local environment controls

  • MSDS documentation for handling and disposal
    • Proper battery disposal
    • Proper toner disposal
    • Proper disposal of other devices and assets
  • Temperature, humidity-level awareness, and proper ventilation
    • Location/equipment placement
    • Dust cleanup
    • Compressed air/vacuums
  • Power surges, brownouts, and blackouts
    • UPS, Surge suppressor

4.6 Explain importance of prohibited content/activity and privacy, licensing, and policy concepts

  • Incident response: Chain of custody, Informing management/law enforcement, Copy of drive (data integrity and preservation), Incident documentation, Order of volatility
  • Licensing/DRM/EULA: Valid licenses, Perpetual license, Personal-use vs. corporate-use license, Open-source license
  • NDA/MNDA
  • Regulated data: Credit card payment information, Personal government-issued information, PII, Healthcare data, Data retention requirements
  • Acceptable use policy (AUP)
  • Regulatory and business compliance requirements: Splash screens

4.7 Given a scenario, use proper communication techniques and professionalism

  • Present professional appearance and wear appropriate attire (Formal, Business casual)
  • Use proper language and avoid jargon, acronyms, and slang
  • Maintain positive attitude/project confidence
  • Actively listen and avoid interrupting
  • Be culturally sensitive (Use appropriate professional titles)
  • Be on time (contact customer if late)
  • Avoid distractions (Personal calls, Texting/social media, Personal interruptions)
  • Appropriately deal with difficult customers: Don't argue or be defensive, Avoid dismissing issues, Avoid being judgmental, Clarify statements (ask open-ended questions, restate issue), Use discretion and professionalism
  • Set and meet expectations: Offer repair/replacement options, Provide proper documentation, Follow up to verify satisfaction
  • Appropriately handle confidential and private materials

4.8 Explain the basics of scripting

  • Script file types: .bat, .ps1, .vbs, .sh, .js, .py
  • Use cases for scripting: Basic automation, Restarting machines, Remapping network drives, Installation of applications, Automated backups, Gathering information/data, Initiating updates
  • Other considerations: Unintentionally introducing malware, Inadvertently changing system settings, Browser/system crashes due to mishandling resources

4.9 Given a scenario, use remote access technologies

  • Methods/tools: RDP, VPN, VNC, SSH, RMM, SPICE, WinRM, Third-party tools (Screen-sharing, Videoconferencing, File transfer, Desktop management)
  • Security considerations of each access method

4.10 Explain basic concepts related to artificial intelligence (AI)

  • Application integration
  • Policy: Appropriate use, Plagiarism
  • Limitations: Bias, Hallucinations, Accuracy
  • Private vs. public: Data security, Data source, Data privacy

Key Acronyms (Selection)

Acronym Definition
ACL Access Control List
AES Advanced Encryption Standard
AUP Acceptable Use Policy
BEC Business Email Compromise
BIOS Basic Input/Output System
BSOD Blue Screen of Death
BYOD Bring Your Own Device
CMDB Configuration Management Database
DDoS Distributed Denial of Service
DLP Data Loss Prevention
DRM Digital Rights Management
EDR Endpoint Detection and Response
EFS Encrypting File System
EOL End-of-life
ESD Electrostatic Discharge
EULA End-user License Agreement
GPT GUID Partition Table
IAM Identity Access Management
MBR Master Boot Record
MDM Mobile Device Management
MDR Managed Detection and Response
MFA Multifactor Authentication
MNDA Mutual Non-Disclosure Agreement
MSDS Material Safety Data Sheet
NDA Non-Disclosure Agreement
NTFS New Technology File System
OTP One-time Password
PAM Privileged Access Management
PII Personally Identifiable Information
PIN Personal Identification Number
PUP Potentially Unwanted Program
RADIUS Remote Authentication Dial-in User Server
RDP Remote Desktop Protocol
ReFS Resilient File System
RMM Remote Monitoring and Management
RSR Rapid Security Response
SAML Security Assertions Markup Language
SLA Service-level Agreement
SOP Standard Operating Procedure
SSH Secure Shell
SSO Single Sign-on
TACACS Terminal Access Controller Access-control System
TKIP Temporal Key Integrity Protocol
TOTP Time-based One-time Password
TPM Trusted Platform Module
UAC User Account Control
UEFI Unified Extensible Firmware Interface
UPS Uninterruptible Power Supply
VDI Virtual Desktop Infrastructure
VNC Virtual Network Computer
VPN Virtual Private Network
WinRM Windows Remote Management
WPA Wi-Fi Protected Access
XDR Extended Detection and Response
XSS Cross-site Scripting

For complete acronym list, see full PDF document.

© 2024 CompTIA, Inc. All rights reserved.
Document Version 3.0 | Printed in the U.S. 11273-May2024

Related Resources

OverviewStudy GuideCheatsheetPractice Test