220-1202 cheat sheet
A one-page reference for the CompTIA A+ Core 2 exam: the format, how the domains are weighted, and the glossary terms for this exam.
Exam at a glance
Vendor
CompTIA
Level
Entry
Questions
90
Time
90 min
Mock pass mark
78%
Domains
4
Practice Qs
150
Code
220-1202
Domain weightings
How much of the exam each domain covers. Spend your study time in proportion — the heavier the domain, the more questions you'll see.
Key terms
- NTFS
- NTFS (New Technology File System) is the default file system for modern Windows, supporting file-level permissions, encryption, compression, and journaling. A+ Core 2 covers NTFS alongside FAT32, exFAT, and NTFS vs share permissions.
- Share Permissions
- Share permissions control access to a folder over the network, and A+ Core 2 requires understanding how they combine with NTFS permissions. When both apply, the most restrictive effective permission wins.
- BitLocker
- BitLocker is the Windows full-disk encryption feature that protects data if a device is lost or stolen, often using the TPM. A+ Core 2 covers BitLocker and BitLocker To Go as workstation security measures.
- User Account Control
- User Account Control (UAC) is a Windows security feature that prompts for consent or credentials before allowing changes that require administrative privileges. A+ Core 2 covers UAC as part of securing a Windows workstation.
- Malware
- Malware is malicious software such as viruses, ransomware, trojans, rootkits, spyware, and keyloggers. A+ Core 2 covers recognizing malware symptoms, removing it with the CompTIA seven-step process, and preventing reinfection.
- Malware Removal Process
- The malware removal process is CompTIA's seven-step best practice: identify and research symptoms, quarantine the system, disable System Restore, remediate, schedule scans and updates, re-enable System Restore, and educate the user. A+ Core 2 expects the steps in order.
- Social Engineering
- Social engineering is a category of attack that manipulates people into revealing information or granting access, including phishing, tailgating, shoulder surfing, and impersonation. A+ Core 2 covers recognizing and preventing these attacks.
- Multi-factor Authentication
- Multi-factor authentication (MFA) is a security control that requires two or more independent factors — something you know, have, or are — to verify identity. A+ Core 2 covers MFA as a logical security measure for workstations and accounts.
- Principle of Least Privilege
- The principle of least privilege is the practice of granting users and processes only the access they need to do their job. A+ Core 2 covers it through account management, user/group permissions, and disabling unnecessary accounts.
- Group Policy
- Group Policy is a Windows management feature that centrally enforces configuration and security settings across users and computers in a domain. A+ Core 2 covers using Group Policy and local security policy to secure Windows workstations.
- Change Management
- Change management is the operational practice of reviewing, approving, documenting, and communicating changes to reduce risk and downtime. A+ Core 2 covers change-management best practices as part of operational procedures.
- Backup
- A backup is a copy of data kept so it can be restored after loss, corruption, or ransomware. A+ Core 2 covers backup methods (full, incremental, differential, synthetic), the 3-2-1 rule, and testing restores.
- Incident Response
- Incident response is the documented process for identifying, containing, and recovering from a security incident while preserving evidence and following the chain of custody. A+ Core 2 covers it alongside handling regulated data such as PII and PCI.