Security Study Guide

CompTIA A+ (Core 1/2) Study Guide

CompTIA A+ (Core 1/2) validates the foundational skills an entry-level IT support technician needs: installing and troubleshooting hardware, mobile devices, networking, operating systems, and security, plus following operational procedures. It is the standard starting credential for help desk, desktop support, and field service roles, and requires passing two exams (Core 1 and Core 2). The scaled passing score is 700-750 out of 900 depending on the exam, with up to 90 questions in 90 minutes per exam.

Domain 1 Domain 2 Domain 3 Domain 4 Domain 5

Practice CompTIA A+ (Core 1/2) questions free Create free account

Domain 1: Mobile Devices and Hardware

Key concepts you must know · 74 practice questions

SSDs use NAND flash with no moving parts, giving sub-millisecond random access and far better shock resistance than spinning HDDs; NVMe SSDs run over PCIe lanes and reach several GB/s versus SATA's ~550 MB/s ceiling.
M.2 slots can be keyed B (SATA only), M (PCIe NVMe), or B+M; an NVMe (M-key) drive will not work in a SATA-only (B-key) slot, and on many boards populating an M.2 NVMe slot disables one or more SATA ports because they share lanes.
DisplayPort and HDMI are digital video/audio interfaces; converting digital HDMI/DisplayPort to analog VGA requires an active (powered) adapter that performs digital-to-analog conversion, not a simple passive pin adapter.
DDR4 desktop DIMMs have 288 pins; DDR4 laptop SODIMMs have 260 pins and are about half the length. DDR generations are not interchangeable (the notch differs).
Dual-channel memory requires matched modules installed in the correct same-color (paired) slots per the motherboard manual; placing sticks in the wrong slots drops the system to single-channel and halves bandwidth.
FAT32 has a 4 GB maximum single-file size and ~2 TB volume limit; exFAT removes those limits (files up to 16 EB) and is the cross-platform choice for large removable media; NTFS is required for the Windows system volume.
Power supply sizing: total the rated wattage of all components and add roughly 20-30% headroom, choose an 80 PLUS-rated unit for efficiency and less waste heat, and confirm it has the required PCIe (6/8-pin or 12VHPWR) connectors for the GPU.
The PSU converts AC mains (120 V/240 V) to the DC rails the system needs: +12 V, +5 V, +3.3 V, plus a standby rail that keeps the board powered so it can respond to the power button.
Overheating/thermal throttling is commonly fixed by cleaning dust from vents and fans, verifying airflow, and reapplying thermal paste between the CPU/GPU and heatsink.
USB-C is a reversible 24-pin connector that can carry USB 3.2, USB4, Thunderbolt, DisplayPort Alt Mode, and Power Delivery; USB Power Delivery (USB-PD) negotiation must be supported on both the source and the device to deliver higher-wattage charging.
Laptops with switchable/hybrid graphics use the low-power integrated GPU on battery and the discrete GPU when plugged in or under load to balance performance and battery life.
RAID levels to know: RAID 0 stripes for speed with no redundancy; RAID 1 mirrors; RAID 5 stripes with distributed parity (survives one drive failure); RAID 10 mirrors then stripes for both redundancy and performance.
A common upgrade path to speed up an old PC is replacing the boot HDD with a SATA or NVMe SSD; a tiered setup pairs a small NVMe SSD for OS/scratch with a large HDD or SSD array for bulk storage.
Repair-versus-replace decisions weigh total cost of repair against the device's replacement value, parts availability, and remaining useful life.

Domain 2: Networking

Key concepts you must know · 133 practice questions

RJ45 (8P8C) connectors terminate twisted-pair Ethernet; Cat5e supports 1 Gbps and Cat6 supports 10GBASE-T over short runs. Twisted-pair Ethernet has a 100-meter (328 ft) maximum run length; exceeding it requires fiber or a repeater/switch.
RFC 1918 private address ranges are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16; NAT/PAT (port address translation, overloading) lets many private hosts share one public IP.
169.254.0.0/16 is APIPA (link-local), self-assigned when no DHCP server responds and never routed; 127.0.0.0/8 is loopback and never appears on the wire.
DHCP uses the DORA exchange (Discover, Offer, Request, Acknowledge) over UDP ports 67 (server) and 68 (client) to hand out IP, subnet mask, default gateway, DNS, and lease.
Key well-known ports: HTTP 80, HTTPS 443, RDP 3389, SSH 22, Telnet 23, FTP 20/21, SMTP 25, DNS 53, DHCP 67/68, SMB 445, RDP 3389; HTTPS wraps HTTP in TLS.
Wi-Fi co-channel interference in the crowded 2.4 GHz band is avoided by using only the non-overlapping channels 1, 6, and 11 and assigning neighboring access points different channels.
ipconfig /all shows IP, mask, gateway, DNS, MAC, and DHCP details on Windows; ip addr show is the Linux equivalent; ipconfig /flushdns clears a stale DNS resolver cache.
ping sends ICMP echo requests to test reachability and latency; tracert/traceroute maps each hop along the path; testing a public IP like 8.8.8.8 isolates connectivity from DNS problems.
auto-MDIX lets modern switch ports automatically detect and swap transmit/receive pairs, so crossover cables are no longer needed between like devices.
A negotiated 100 Mbps link where 1 Gbps was expected usually points to a damaged cable, a duplex mismatch, or cabling rated below the required category (e.g., Cat5 instead of Cat5e/Cat6).
Managed switches add VLANs, QoS, SNMP, and port mirroring for segmentation and visibility; unmanaged switches do not. VLANs separate guest, voice, and internal data traffic.
QoS prioritizes latency-sensitive real-time traffic such as VoIP and video over bulk data; a CDN caches content near users to reduce latency and origin load.
Routers operate at OSI Layer 3, forwarding packets between IP networks using a longest-prefix-match lookup in the routing table; switches operate at Layer 2 using MAC addresses.
Redundant/HA design uses dual ISP/WAN links with automatic failover and redundant routers/firewalls; a layered core/distribution/access hierarchy improves scalability and fault isolation.

Domain 3: Hardware and Network Troubleshooting

Key concepts you must know · 137 practice questions

The CompTIA troubleshooting methodology: 1) identify the problem, 2) establish a theory of probable cause, 3) test the theory, 4) establish a plan of action, 5) implement the solution, 6) verify full functionality and apply preventive measures, 7) document findings, actions, and outcomes.
POST errors (bad RAM or GPU) are signaled by beep codes when the display is not yet initialized; consult the motherboard/BIOS vendor's beep-code chart to interpret them.
Always wear an ESD anti-static wrist strap and use proper grounding before handling components; electrostatic discharge can silently damage sensitive chips.
Slow boot/performance troubleshooting: check S.M.A.R.T. drive health and free disk space, disable unnecessary startup programs in Task Manager, and confirm the memory channel mode in BIOS/UEFI.
Repair tools to know: chkdsk /f /r fixes file-system errors and recovers bad sectors; sfc /scannow repairs corrupted Windows system files; DISM /Online /Cleanup-Image /RestoreHealth repairs the component store backing SFC.
Performance bottlenecks: a process blocked on slow disk I/O points to the storage subsystem; sustained high CPU temperatures that drop clock speeds indicate thermal throttling from inadequate cooling.
Capture performance baselines and compare peak-hour CPU, memory, disk, and network counters against idle to identify what resource is saturated.
Common printer issues: faded or light output points to low toner or a failing imaging drum in a laser printer.
Cable runs near motors, fluorescent lights, or power lines suffer EMI; replace affected runs with shielded (STP) cabling routed away from interference sources, or use fiber, which is immune to EMI.
Intermittent network outages or broadcast storms can indicate a switching loop; inspect cabling and port status and verify Spanning Tree Protocol (STP) is enabled.
Follow the 3-2-1 backup rule (3 copies, 2 different media types, 1 offsite) and regularly test restores; 3-2-1-1-0 adds an offline/immutable copy and zero verified errors for ransomware resilience.
Install a UPS with automatic graceful-shutdown integration so servers shut down cleanly during power loss and to ride out brief outages.
Change management requires assessing risk, getting approval, documenting the change, and having a rollback/back-out plan before implementing.
Remote-site performance complaints often trace to WAN latency and limited bandwidth between the site and the server rather than the local hardware.

Domain 4: Operating Systems

Key concepts you must know · 152 practice questions

NTFS is the required default Windows file system, supporting file-level ACL permissions, journaling, encryption (EFS), and compression; exFAT and FAT32 are used mainly for removable media.
icacls manages NTFS permissions from the command line; e.g., icacls C:\Data /grant jdoe:F grants user jdoe Full Control. Standard NTFS rights are Read, Write, Modify, and Full Control.
Run as administrator triggers UAC (User Account Control) elevation; least privilege means users run as standard accounts by default and elevate only when an admin task requires it.
Do not defragment an SSD - it has no seek penalty and the writes only add wear; Windows instead runs TRIM to maintain write performance, and Optimize Drives recognizes SSDs automatically.
Free up disk space with Disk Cleanup or Storage Sense (removes temp files and old Windows Update files), uninstall unused apps, and move large data files to another volume.
Process management on Windows: taskkill /IM notepad.exe /F force-ends a process by image name; sc query spooler checks a service state and net stop spooler stops it.
Linux essentials to know: ip addr show lists interfaces/addresses, tail -n 20 /var/log/syslog reads recent log entries, and standard rwx permissions are set with chmod.
GPT (GUID Partition Table) supports drives larger than 2 TB and more than 4 primary partitions and is required for UEFI/Secure Boot; MBR is the legacy 2 TB / 4-partition scheme.
Dual-boot setups use GPT with a shared EFI System Partition (ESP) and bootloaders that are Secure Boot compatible.
Mass OS deployment uses a standardized image pushed over the network (e.g., PXE boot/imaging) with an unattended answer file for hands-off configuration.
Join PCs to an Active Directory domain (or Entra ID) for centralized authentication, Group Policy, and management; workgroups manage each PC locally.
Update rollouts should be tested on a pilot ring first, then staged in phases with a defined rollback plan to limit the blast radius of a bad patch.
Containers share the host OS kernel for lightweight, fast, isolated app environments, whereas virtual machines each run a full guest OS on a hypervisor.
Use a Balanced power plan to scale CPU performance with demand; High performance keeps clocks high at the cost of battery and power.

Domain 5: Security

Key concepts you must know · 175 practice questions

The three authentication factor categories are something you know (password/PIN), something you have (token/phone/smart card), and something you are (biometric). Combining two different categories is multi-factor authentication (MFA).
Defense in depth layers multiple overlapping controls so one failed control does not cause full compromise; Zero Trust never implicitly trusts based on network location and continuously verifies identity and authorization for every request.
BitLocker provides full-volume encryption (AES-128/256) in Windows Pro/Enterprise/Education and protects data at rest if a drive is removed; pair encryption at rest with TLS for data in transit.
Apply least privilege and role-based access control (RBAC) tied to job functions so accounts get only the access required; admins should use separate dedicated admin accounts distinct from daily-use accounts and require MFA for all admin logins.
Phishing is a social-engineering attack that tricks users into revealing credentials via fraudulent messages; defenses include user training, strong unique passwords, and MFA.
Ransomware encrypts the victim's files (and often deletes shadow copies and exfiltrates data) then demands payment; offline/immutable backups with tested restores are the primary recovery defense.
On suspected malware infection, the first step is to isolate/quarantine the machine from wired and wireless networks to stop lateral spread and C2 communication, then investigate and remediate.
MDM (Mobile Device Management) centrally enrolls and configures devices, pushes screen-lock/encryption/passcode policies, and supports remote wipe; zero-touch/auto-enrollment provisions new devices automatically.
Mobile device hardening: enable a screen lock with timeout, use biometrics or a strong passcode, enable full-disk encryption, keep the OS and apps patched, and install apps only from trusted stores.
A hypervisor abstracts physical hardware into VMs; Type 1 (bare-metal) like ESXi or Hyper-V runs directly on hardware, while Type 2 runs on top of a host OS. Virtualization enables consolidation and isolation.
Cloud service models: SaaS (provider manages everything, e.g., Microsoft 365), PaaS (provider manages the platform), and IaaS (you manage the OS and up, provider manages hardware).
Cloud cost control: right-size or downgrade oversized instances, schedule shutdown/start of non-production resources outside business hours, move cold data to archive storage tiers, and set billing budgets with cost alerts.
Place internet-facing servers in a DMZ (screened subnet) isolated from the internal LAN by firewalls; Windows includes Microsoft Defender Antivirus built in.
Local account management: net user jdoe Pass123! /add creates a user and net localgroup Administrators jdoe /add adds them to the Administrators group.

CompTIA A+ (Core 1/2) exam tips

Master the seven-step CompTIA troubleshooting methodology in order and the steps of change management - scenario questions frequently ask for the next step or the first action to take.
Memorize the common port numbers and RFC 1918 private ranges cold; they appear across both Core 1 and Core 2 and are quick points if you have them instantly.
Watch for PBQs (performance-based questions) early in the exam - they take the most time, so consider flagging and returning to them so you do not run out of time on the multiple-choice questions.
Read for the BEST answer when several options are technically valid - questions often hinge on the first/safest step (e.g., isolate before investigate, back up before changing, ESD precautions before touching hardware).
Know the exact command-line syntax (chkdsk /f /r, sfc /scannow, DISM /RestoreHealth, icacls, taskkill, net user, ipconfig /all) because Core 2 tests literal command knowledge.

Study guide FAQ

How many exams do I need to pass to earn the A+ certification?

Two: Core 1 (220-1101) and Core 2 (220-1102). You must pass both, and they are taken separately. Core 1 leans toward hardware, mobile devices, networking, virtualization, and hardware troubleshooting, while Core 2 focuses on operating systems, security, software troubleshooting, and operational procedures.

What score do I need to pass and how many questions are on each exam?

Each exam has a maximum of 90 questions and a 90-minute time limit. Core 1 requires a scaled score of 675 out of 900 to pass, and Core 2 requires 700 out of 900. Questions are a mix of multiple-choice and performance-based simulations (PBQs).

Do I need work experience or prior certifications before taking A+?

There are no formal prerequisites, but CompTIA recommends 9-12 months of hands-on lab or field experience. A+ is the entry point of the CompTIA infrastructure pathway and is commonly followed by Network+ and Security+.

How long is the A+ certification valid and how do I renew it?

A+ is valid for three years from the date you pass. You renew through CompTIA's Continuing Education (CE) program by earning 20 continuing education units, by passing a higher-level CompTIA certification such as Network+ or Security+, or by retaking the current A+ exams before expiration.

Test yourself: 671 CompTIA A+ (Core 1/2) practice questions