RoleMath Study Track for CompTIA A+ (220-1201 & 220-1202)
A free study companion keyed to the officially published exam domains of CompTIA A+ (220-1201 & 220-1202): what each domain covers in plain language, clearly labeled free resources, a guided lab outline for every domain, and interactive self-checks from our own question bank. CompTIA A+ (Core 1 & 2 V15) objectives
A free, source-cited study companion built on CompTIA's published exam objectives — not official training, not a pass guarantee. Verify the current objectives on the official page before your exam.
A free two-exam A+ program blueprint that starts from CompTIA's official V15 scope, uses vetted instruction, and turns every domain into a risk-controlled hands-on artifact without claiming instructional completeness or an exam outcome.
This draft exposes RoleMath’s authored sequence and evidence plan. The current labs are guided outlines, not yet a fully fixture-backed course, and objective-leaf coverage has not passed the gold-standard gate. Completion does not predict an exam result.
Modules
9
Labs
9
Concept checks
18
Resource mix
3 official / 2 community
Choose an outcome
Three routes through the same evidence
Choose provisionally. Change routes when the work tells you something new about fit, time, or readiness.
Certification-focused
Learners who have decided to pursue A+ and need a complete sequence across both current exams.
Completion emphasis: Complete all nine modules and labs, both official sample sets, the integrated capstone, and a final objective-by-objective gap review.
Required phases: Scope, safety, and baseline, Core 1 devices, networks, hardware, and cloud, Core 1 hardware and network troubleshooting, Core 2 operating systems and security, Core 2 software troubleshooting and operational practice, Integrated support capstone and final gap review
Help-desk skills first
Career changers who want demonstrable support skills and artifacts before deciding when to schedule either exam.
Completion emphasis: Prioritize device, networking, operating-system, security, troubleshooting, and documentation labs; retain anonymized artifacts for interview discussion.
Required phases: Scope, safety, and baseline, Core 1 devices, networks, hardware, and cloud, Core 1 hardware and network troubleshooting, Core 2 operating systems and security, Core 2 software troubleshooting and operational practice, Integrated support capstone and final gap review
Career-fit sprint
Learners who are still deciding whether hands-on IT support work fits their interests and working style.
Completion emphasis: Complete the diagnostic plus one device, one networking, one operating-system, and one operational-procedures lab; record what felt energizing or frustrating before continuing.
Required phases: Scope, safety, and baseline, Core 1 devices, networks, hardware, and cloud, Core 2 software troubleshooting and operational practice
Start safely
Prerequisite diagnostic
Route learners to safe alternatives before they begin; this is a readiness check for the labs, not an eligibility gate or exam prediction.
Do you have permission to inspect settings and run non-destructive commands on a computer and phone you own?
Ready when: Yes, on personal devices or a disposable virtual machine.
If not yet: Use the observation-only screenshots and written simulation variants until you have an owned or disposable environment.
Can you open a terminal and type a command exactly as shown, even if the command is unfamiliar?
Ready when: Yes, with written steps available.
If not yet: Start with the operating-system navigation warm-up and practice pwd/cd/dir/ipconfig before networking labs.
Can you distinguish a read-only inspection from a setting change, stop when a step affects data, security, or connectivity, and explain why a VM snapshot is not a host backup or absolute isolation boundary?
Ready when: Yes, with a current host backup plus a guest snapshot before optional VM changes.
If not yet: Use read-only lab variants and complete the host-backup, VM-isolation, change-management, rollback, and cleanup checklist before any configuration exercise.
Have you confirmed that A+ requires two separate current exams and budgeted time and fees accordingly?
Ready when: Yes, or you are using the career-fit path without scheduling an exam yet.
If not yet: Review the official A+ page and RoleMath cost page before setting an exam date or buying a voucher.
Can you reserve at least three repeatable study blocks per week and one longer block for labs?
Ready when: Yes, even if each short block is only 30 to 45 minutes.
If not yet: Choose the steady pace, split each lab across sessions, and defer exam scheduling until the routine is stable.
Plan, then adapt
Pace options
Steady
12 weeks 6-8 hours/week
A flexible planning estimate for learners balancing work or caregiving; spend roughly one week per domain and reserve the final weeks for integration and gaps.
Standard
8 weeks 8-12 hours/week
A planning estimate that pairs related domains each week while keeping a separate lab block; slow down when an exit gate is not met.
Intensive
5 weeks 14-18 hours/week
For learners with prior support experience and a disposable lab environment; this pace is not a recommendation to schedule an exam before gaps are closed.
Evidence-gated sequence
Program roadmap
1
Scope, safety, and baseline
Understand the two-exam structure, choose a goal and pace, establish a safe lab workspace, and record the starting diagnostic.
Exit evidence
Choose one goal path and one provisional pace.
Confirm the current 220-1201 and 220-1202 scope on CompTIA's page.
Create a lab folder and complete the read-only/change-safety checklist.
2
Core 1 devices, networks, hardware, and cloud
Build the vocabulary and observation skills that later troubleshooting modules assume.
Complete the capstone artifacts and review them against the checklist.
Crosswalk all nine official domains to at least one lab artifact and one reviewed check.
Record remaining gaps and choose whether to continue practicing, defer, or verify exam logistics.
Before a lab
Environment, access, and safety
Required and optional setup
Required
A computer and smartphone you own or have explicit permission to inspect
A modern web browser, built-in terminal, and plain-text or spreadsheet editor
A dedicated folder for screenshots, command output, diagrams, tickets, and reflections
Optional
A disposable Windows or Linux virtual machine with snapshots, configured on a patched hypervisor with NAT networking and host-sharing features disabled by default
A spare USB drive or retired personal computer for non-production practice
Free diagramming software such as diagrams.net
Accounts and accessibility routes
Accounts
No account is required for the core RoleMath labs.
A free account is optional if the learner chooses cloud storage, Google Sheets, or another hosted tool.
Equivalent routes
Use command transcripts and screenshots instead of live configuration when motor, visual, device, or permission constraints block a step.
Use the written scenario variant for any lab that requires hardware you do not own.
Split long labs into setup, execution, and reflection sessions without losing completion credit.
Safety baseline
Use only devices, accounts, and networks you own or are explicitly authorized to test.
Prefer read-only inspection; snapshot or back up before optional changes.
Treat virtualization as risk reduction, not a host-safety guarantee: patch the host and hypervisor, keep a separate host backup, verify official image checksums, use NAT instead of bridged networking, disable shared folders/clipboard/drag-and-drop/device passthrough by default, keep real secrets out of guests, and remove unneeded VM files and attachments after the lab.
Never introduce real malware, expose credentials, open high-voltage components, or disable controls on a work-managed device.
Show your work
Module evidence and missed-check protocol
Module exit evidence
A saved lab artifact or observation record tied to the domain objective map.
A plain-language explanation of what changed, what was observed, and how the result was verified.
All authored checks attempted with missed answers reviewed against their cited sources.
After a missed check
Write why the selected answer was tempting and what evidence distinguishes it from the cited answer.
Repeat or adapt the related lab step, then answer a fresh self-authored scenario in your own words.
Return to the official objectives to confirm the gap belongs to the current exam version.
Completing this policy shows coverage and practice inside RoleMath; it does not predict a passing score or replace the vendor's current exam guidance.
Integrated practice
Small-office support intake, diagnosis, and handoff
Run a safe, end-to-end support simulation for two personal or fictional endpoints and leave behind the artifacts another technician would need to continue the work.
Workflow
Create anonymized asset records for two endpoints, including operating system, storage, memory, network connection, owner role, and backup posture.
Draw the small network showing endpoints, wireless access, router/default gateway, internet boundary, and any virtual machine or cloud service used.
Record a baseline on each endpoint using read-only commands and settings: address, gateway, storage space, update state, security controls, and recent backup state.
Author three fictional tickets: one connectivity failure, one slow or unstable endpoint, and one suspicious-browser or software symptom. Do not create the failures on a production device.
For each ticket, document symptoms, safe hypotheses, least-destructive tests, expected evidence, escalation conditions, rollback, and verification.
Perform one permitted read-only test sequence and attach command output or screenshots with credentials and personal identifiers removed.
Write a concise user update for one ticket and a technical handoff for another, using different levels of detail for each audience.
Complete a change record for one proposed fix, including approval assumption, risk, backup, rollback, and verification plan.
Crosswalk every artifact to the A+ domain IDs it demonstrates and flag any domain without evidence.
Review the complete packet against the capstone checklist and write a final reflection on strengths, gaps, and the next practice decision.
Retained artifacts
Anonymized two-endpoint asset inventory
Small-office network diagram
Three support ticket records
Read-only baseline evidence packet
User update and technician handoff
Change and rollback record
Nine-domain evidence crosswalk and reflection
Review checklist
No real names, account identifiers, public IP addresses, serial numbers, credentials, or employer information remain in the packet.
Every proposed action follows a stated hypothesis and includes verification and rollback or escalation.
The network diagram, inventory, tickets, and command evidence agree with one another.
All nine domains map to at least one artifact; uncovered domains are recorded as gaps rather than implied complete.
The packet contains no real malware, unauthorized scanning, destructive change, or claim that it predicts exam success.
Safety boundary: Use fictional incidents and read-only evidence from owned devices. Never create an outage, run malware, expose credentials, scan networks without permission, or alter a work-managed endpoint for this capstone.
Finish honestly
Completion, portfolio, and maintenance
Completion evidence
All nine current domain modules have been read and cross-checked against the official V15 scope.
All nine domain labs have a saved artifact, observation record, or documented accessibility alternative.
Every authored knowledge check has been attempted and every miss has a cited correction note.
Both official CompTIA sample-question sets have been used as a wording and scope check rather than memorized.
The integrated capstone packet passes its safety, privacy, consistency, and domain-coverage checklist.
The learner has recorded remaining gaps and an explicit next decision; completion is not represented as an exam outcome or credential.
Portfolio candidates
A redacted support packet from the capstone
One troubleshooting decision tree
One network diagram
One asset/change template set
A short reflection describing the evidence behind a diagnosis
Describe the problem-solving process and artifacts as self-directed lab work. Do not call the packet professional experience, an official CompTIA lab, or a RoleMath credential.
Freshness controls
Objective source checked 2026-07-09. Recheck objectives every 30 days and resources every 90 days.
Stop and re-verify when
CompTIA changes either active A+ exam code, version, objective domain, or published weight.
An official or community resource changes free-access posture, version coverage, ownership, or URL.
A lab tool becomes paid, unavailable, unsafe, or materially different from the documented steps.
Any domain explanation, check, lab, or capstone step fails adversarial technical or beginner-walkthrough review.
Skills measured
The official objective domains and their exam weight — titles & weights only, straight from the vendor’s exam objectives. CompTIA A+ (Core 1 & 2 V15) objectives
This certification is earned through more than one exam, so the domains span all required exams — their percentages add up across exams, not to 100%.
Suggested study order
A+ is two separate exams, so the honest sequencing advice is: pick one exam, finish it, then do the other — do not try to study all nine domains at once. Which exam first is genuinely up to you; many people take Core 1 (220-1201) first because it opens with tangible hardware, but Core 2 (220-1202) is just as reasonable if software and security are closer to your current work. Inside each exam, our default is heaviest-weighted domain first, because the published weights tell you where the exam spends its questions. For Core 1 that means Hardware and network troubleshooting (28%), then Hardware (25%), Networking (23%), Mobile devices (13%), and Virtualization and cloud computing (11%) — with the honest caveat that troubleshooting leans on the hardware and networking vocabulary, so if the troubleshooting domain feels like a foreign language, drop back to Hardware and Networking first and return to it. For Core 2 the weights are Operating systems (28%), Security (28%), Software troubleshooting (23%), and Operational procedures (21%) — close enough that order barely matters, though Operating systems is the natural anchor the others build on. This is sequencing advice based on the published weights and how the topics depend on each other, not a claim about the science of learning — if a different order fits how you think, use it.
Module 1 of 9 · 220-1201 domain 5 · 28% of the exam
Hardware and network troubleshooting
Core 1 (220-1201), 28%. The heaviest domain on Core 1. Study it after Hardware and Networking, because it applies both — it is where the exam checks that you can diagnose, not just identify.
This is the heaviest Core 1 domain at 28%, and it is different in kind from the others: it does not add new components, it tests whether you can reason about the ones you already know when they fail. This is the domain that turns a parts-identifier into a technician. It expects you to take a symptom — a machine that will not power on, a display that flickers, a network that drops — and work toward a cause methodically rather than by guessing.
The spine of the domain is the troubleshooting method itself, a repeatable sequence the exam expects you to apply to any problem. In our own words, its steps are: pin down exactly what is wrong and gather information (including asking what changed); form a reasonable theory of the cause; test that theory to confirm or reject it; once confirmed, plan the fix and consider side effects; carry out the fix and verify the whole system works again; and finally document what you found and did. The discipline is resisting the urge to jump to a fix before you understand the problem. On the exam and on the job, 'what would you do first?' almost always rewards the early, methodical steps over the dramatic replacement.
The first applied area is component and system failures. You should be able to connect symptoms to likely hardware causes: no power or no display, unexpected shutdowns and overheating, noises and burning smells, storage that clicks or reports errors, memory faults that cause random crashes, and the visual and audible signals a machine gives during startup when something is wrong. The skill is probabilistic reasoning — a symptom rarely proves one cause, but it makes some causes far more likely than others, and a good technician checks the cheap, likely, reversible things first.
The second applied area is displays. Because so many devices are laptops and all-in-ones, the domain treats screen problems as their own topic: dimness and flicker, distorted or missing images, dead pixels and artifacts, and the difference between a display problem and a graphics or cabling problem behind it. Knowing whether to suspect the panel, the cable, the connection, or the settings is exactly the kind of narrowing this domain rewards.
The third applied area is networking failures, which is why this domain sits after the Networking domain in our suggested order. Here you apply addressing, name resolution, and connectivity knowledge to real breakage: intermittent or no connectivity, slow speeds, wireless that will not associate, and the physical-layer causes (a bad cable, a dead port, a loose connector) that people skip past while blaming software. The domain's throughline is that many 'network problems' are physical, and checking the simple physical causes first is both faster and more professional than reimaging or replacing.
The best way to study this domain is to practice the method on faults rather than memorizing symptom lists, which is what the lab does with a structured, simulated scenario. Take any breakage — real or described — and force yourself through the six method steps out loud, writing a theory before you touch anything. Narrate what you would check first and why, always favoring the cheap, reversible, likely check. That habit is the entire skill this domain measures, and it transfers directly to the Core 2 software-troubleshooting domain. Read the official A+ objectives page for this domain's exact topic list; our explanation paraphrases the method and scope in our own words rather than reproducing CompTIA's wording.
Learn it free
Official · Official exam objectives
CompTIA A+ (Core 1 & 2 V15) exam objectives (on the certification page)The authoritative topic list for Core 1's heaviest domain, including the troubleshooting method — worth reading in full. The downloadable PDF is partner-login-gated; the public objectives live on this page. (captured 2026-06-14)
Lab: run the six-step troubleshooting method on a simulated fault
Practice CompTIA's troubleshooting methodology as a repeatable habit by working a written, simulated fault all the way through the six steps — theory before action — so the method becomes automatic before you face a real one.
Free tools
A plain-text editor or a sheet of paper — free
Your own computer, only for the optional safe verification steps (checking a cable seating, viewing an adapter status) — no special software
Steps
Read this simulated scenario (authored by RoleMath for this exercise — not from any exam): 'A user reports that their desktop, which worked yesterday, now shows a blank screen. The power light on the tower is on. The user mentions the cleaning crew moved the desk last night.' Write it at the top of your worksheet.
Step 1 — Identify the problem. Write down exactly what is wrong (blank display, tower powered) and the key question: what changed? Note the desk move as a clue. List two more questions you would ask the user.
Step 2 — Establish a theory. Write your most likely theory given the evidence. A desk move plus a powered tower and a blank screen points strongly at a disconnected or loose video/power cable on the monitor — a cheap, likely, reversible cause. Write a second, less likely theory too (for example, a failed monitor).
Step 3 — Test the theory. Describe how you would test the cable theory first: reseat the monitor's power and video cables, confirm the monitor's own power light, try the monitor on another output or another monitor on this PC. Write what result would confirm versus reject the theory.
Step 4 — Plan the fix. Assuming a loose cable is confirmed, write the fix and its side effects (there are almost none — reconnecting a cable). Note what you would plan differently if the test pointed at a failed monitor instead (swap the monitor, which affects the user's setup).
Step 5 — Implement and verify. Describe carrying out the fix and then verifying full functionality — not just that an image appears, but that resolution and the user's normal workflow are back to normal.
Step 6 — Document. Write a two-line ticket note capturing the symptom, the cause, and the fix, in the form a colleague could read later.
Now re-run the method on a second simulated fault of your own invention (for example, 'a laptop suddenly cannot reach Wi-Fi after a Windows update'). Force yourself to write a theory before proposing any action.
For each of your two worked faults, underline the single step where you were tempted to jump straight to a fix. That temptation is exactly what the method exists to discipline.
Optional and safe: on your own machine, physically reseat a monitor or peripheral cable and confirm it still works, so you have performed a real 'test the theory' action, not only a written one.
What you should see
Two written fault worksheets that each walk cleanly through identify, theory, test, plan, implement/verify, and document — with a theory written before any action. You should be able to feel the method slowing you down in a good way, steering you toward cheap, likely, reversible checks first.
This lab practices the best-practice troubleshooting methodology and the applied hardware/display/network diagnosis that the Hardware and network troubleshooting domain of the official A+ Core 1 (220-1201) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: This is primarily a paper exercise on fictional scenarios. Any physical verification you choose to do should be on a machine you own, powered off and unplugged before touching internal parts, with basic anti-static care (see the Operational procedures domain). Do not experiment on production or work machines.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 2 of 9 · 220-1201 domain 3 · 25% of the exam
Hardware
Core 1 (220-1201), 25%. The second-largest Core 1 domain and the tangible heart of A+ — the physical parts every later troubleshooting question assumes you can name.
This is the domain most people picture when they hear 'A+': the physical guts of computers. At 25% it is the second-heaviest Core 1 domain, and it is the one that most rewards hands-on familiarity. It covers the components inside desktops and laptops, the peripherals that plug into them, printers, and — crucially for a support technician — how to tell whether two parts will actually work together. If you have never opened a computer, this domain is where the abstractions of computing finally become objects you can hold.
Begin with the connectors and cables, because they are the vocabulary everything else uses. The domain expects you to recognize the common ports and the cables that mate with them — the video connectors, the several generations and shapes of USB, storage and power connectors inside the case — and to know what each carries. This sounds like rote memorization, but it is really pattern recognition: a technician glances at a cable and knows its job. Flashcards help, but handling real cables helps more.
The core components are the domain's center of gravity. You should be able to explain, in plain terms, what each major part does and how to choose a compatible one: the motherboard and its form factor, the CPU and the socket it must match, memory in its various types and speeds, storage in its spinning and solid-state forms and their interfaces, the power supply and why its wattage and connectors must fit the build, expansion cards, and cooling. The recurring skill — the one the exam probes hardest — is compatibility. A CPU must fit its socket; memory must match the type the board accepts; the power supply must deliver enough clean wattage with the right connectors. Getting one of these gates wrong is how real builds fail to boot, and recognizing the gate before you buy is the professional habit this domain builds.
Peripherals and expansion round out the non-printer hardware: input and output devices, external storage, docking and port replication, and the add-in cards that extend a system. The theme is the same — identify the device, know its interface, and reason about whether it fits the machine in front of you.
Printers earn a large, distinct place in this domain, and career changers often underestimate them. You are expected to understand the major print technologies — laser, inkjet, thermal, impact, and 3D — well enough to describe how each forms an image, what consumables each needs, and the outline of how each is maintained. Laser printing in particular has a multi-step imaging process the exam expects you to understand conceptually. Configuration matters too: connecting printers over USB and the network, sharing them, and managing drivers. Printers generate a disproportionate share of real help-desk tickets, so this material is unusually job-relevant.
The most effective way to study hardware is to make purchasing decisions you never execute, which is exactly what the lab does: spec a complete, compatible build with a free parts picker and let the tool flag the compatibility gates for you. Reading that a CPU must match its socket is forgettable; watching a configurator refuse an incompatible pairing is not. Supplement that by opening any computer you are allowed to open (a personal or retired machine, powered off and unplugged, with basic anti-static care) and naming each part out loud against this domain's list. Read the official A+ objectives page for this domain's exact topic list — our explanation paraphrases the scope rather than reproducing CompTIA's component wording.
Learn it free
Official · Official exam objectives
CompTIA A+ (Core 1 & 2 V15) exam objectives (on the certification page)The authoritative component and printer topic list for this domain — worth reading in full given its 25% Core 1 weight. The downloadable PDF is partner-login-gated; the public objectives live on this page. (captured 2026-06-14)
Lab: spec a compatible PC build and find the compatibility gates
Use a free online parts picker to assemble a complete desktop on paper, deliberately trip its compatibility warnings, and learn to see the gates that make or break a real build: CPU socket, RAM type, and power-supply wattage. Nothing is purchased.
Free tools
A free web-based PC parts compatibility picker (for example, PCPartPicker's free build tool — no account required to build a list). Any free 'system builder' that flags incompatible parts works; you are using only the free planning feature, buying nothing.
Steps
Open a free PC parts picker in your browser and start a new empty build. You are only planning — do not add anything to a cart or check out.
Add a CPU. Note the socket it uses (the tool lists it — for example an AMD AM5 or an Intel LGA-style socket). Write the socket name down; it is the first gate.
Add a motherboard, but first deliberately try to pick one with a DIFFERENT socket than your CPU. Watch the tool warn you that they are incompatible. Read the warning, then swap to a board with the matching socket so the warning clears.
Add memory (RAM). Try a type the board does not accept (for example DDR4 on a DDR5-only board). Note the compatibility flag, then correct it to the RAM type and speed the board supports. RAM type is the second gate.
Add storage. Note the interface (a SATA drive versus an NVMe M.2 drive) and confirm the board has the matching slot or port — a subtle gate people miss.
Add a power supply. Look at the build's estimated wattage that the tool now shows, and deliberately pick a PSU rated below it. Note that the build is now under-powered, then choose a PSU comfortably above the estimate with the right connectors. Wattage and connectors are the third gate.
Add a case and confirm the tool is not warning about motherboard form-factor fit (an ATX board will not fit a case built only for a smaller form factor).
Read the tool's overall compatibility summary. It should now report no conflicts. Screenshot or copy your parts list into a note.
In your note, write the three gates you tripped and fixed, in your own words: 'CPU socket must match the motherboard; RAM type/speed must match the board; PSU wattage and connectors must exceed the build's draw.'
Optional: build a second, cheaper list for a different socket family and compare which parts had to change together. You will see that socket choice cascades into board and RAM choices — the compatibility web this domain tests.
What you should see
A complete, conflict-free parts list plus a written record of the exact moments the tool warned you: a mismatched socket, a wrong RAM type, and an undersized power supply. You have experienced the compatibility gates as refusals from a real tool, which is far stickier than reading about them.
This lab practices the component-identification and compatibility-selection skills (CPU/socket, memory type, storage interface, power supply) that the Hardware domain of the official A+ Core 1 (220-1201) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: This is a paper/planning exercise — you are using a picker's free build feature and buying nothing. If you later open a physical machine to identify parts, power it off, unplug it, and use basic anti-static precautions (an ESD strap or at least touching bare metal to discharge), covered in the Operational procedures domain.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 3 of 9 · 220-1201 domain 2 · 23% of the exam
Networking
Core 1 (220-1201), 23%. The second-heaviest Core 1 domain, and the vocabulary the Hardware-and-network-troubleshooting domain assumes you already speak — study it before that troubleshooting domain.
This Core 1 domain teaches how computers find and talk to each other. At 23% it is one of the heavier Core 1 domains, and it is the one career changers most often fear, because it introduces a stack of acronyms all at once. The reassuring truth is that A+ networking is support-technician networking, not network-engineer networking: you are learning enough to connect a device, recognize why it cannot reach the network, and speak the vocabulary confidently — not to design a data center.
The foundation is addressing. Every device on a network needs an identity, and the domain expects you to understand IP addresses in both their common forms, the difference between a private address used inside a home or office and a public one used on the internet, the role of the subnet mask in deciding what counts as 'local,' and the default gateway as the doorway out. A crucial practical thread is how devices normally get addresses automatically through DHCP — and what it means when that fails and a machine falls back to a self-assigned address that cannot reach anything. Recognizing that specific symptom is one of the most useful things this domain teaches.
Next comes name resolution. Humans use names like a website address; machines need numbers. DNS is the translator, and a huge share of everyday 'the internet is down' tickets are really DNS problems in disguise. The tell you should internalize: if a device can reach a server by its number but not by its name, suspect name resolution, not connectivity. That single distinction separates confident troubleshooters from people who reimage machines that were never broken.
Then the physical and logical plumbing. The domain covers the cabling and connectors that carry signals — the common twisted-pair categories, fiber, and the connectors on each — plus the devices that move traffic around: switches that connect a local network, routers that join networks together, access points that add wireless, and the roles of firewalls at the boundary. You should be able to tell these devices apart by job, and understand ports and protocols at the level of 'which well-known port does web or email or remote-desktop traffic use,' because blocked or misconfigured ports are a recurring support cause.
Wireless gets real attention, because most support happens over Wi-Fi now. The domain expects familiarity with the common wireless standards and frequency bands, the trade-off between range and speed, and — importantly — wireless security: the encryption standards that protect a network and why an open or weakly secured network is a problem. Small-office and home-office setup rounds this out: configuring a consumer router, its wireless settings, and basic protections is a genuinely common first-job task.
The way to make this domain stick is to stop reading and start looking at your own network, which is exactly what the lab does. Run the address-inspection commands on your own machine, read what your IP, mask, and gateway actually are, and trace the path your traffic takes to a public site. Every acronym becomes concrete the moment you see it describing your own connection. Pair that with narrating tickets: when someone's device 'has no internet,' practice asking in order — does it have a valid address, can it reach the gateway, can it resolve names, can it reach the destination — because that ordered questioning is both the exam's logic and the job's. Read this domain's section on the official A+ objectives page for the authoritative topic list; our explanation paraphrases that scope rather than copying CompTIA's wording.
RoleMath glossary: firewallA cited definition of the boundary device this domain expects you to place and reason about.
Lab: map your home network with ipconfig, ping, and tracert
Turn networking acronyms into things you have seen on your own connection: read your machine's IP address, subnet mask, and default gateway; confirm you can reach your gateway and the internet; and trace the hops your traffic takes to a public site.
Free tools
Your own computer's built-in terminal — free (Windows: Command Prompt or PowerShell; macOS/Linux: Terminal)
The built-in commands ipconfig/ifconfig/ip, ping, and tracert/traceroute — free, already installed
Steps
Open a terminal (Windows: press the Windows key, type cmd, press Enter; macOS: open Terminal; Linux: open your terminal app).
Windows: run ipconfig /all. macOS/Linux: run ifconfig or ip addr. Find your active network adapter (the one with an IP address, typically starting 192.168 or 10. at home).
Write down three values for that adapter: the IPv4 address (your device's local identity), the subnet mask (which decides what is 'local'), and the default gateway (usually your router — the doorway to everything else).
Ping your own gateway: run ping <gateway-address> using the gateway you just recorded. Replies mean your device can reach your router — the first hop works.
Ping a public server by number: run ping 1.1.1.1 (a public DNS service). Replies mean your device can reach the internet at the address level, independent of name resolution.
Ping the same service by name: run ping one.one.one.one (or ping google.com). If the number worked but the name fails, you have just reproduced the classic DNS-versus-connectivity distinction — the name step is a separate system.
Windows: run tracert 1.1.1.1. macOS/Linux: run traceroute 1.1.1.1. Watch the numbered list of hops: the first line is almost always your gateway, and each line after is a router your traffic passes through on the way out.
Read the round-trip times (in milliseconds) beside each hop. Notice they generally grow as hops get farther away — you are watching distance turn into latency.
Optional: run tracert to a website you use and compare the number of hops with the trace to 1.1.1.1. Different destinations, different paths, same tracing tool.
Write two sentences summarizing what you found: your device's address/mask/gateway, and where (if anywhere) a name-versus-number difference appeared. That summary is a mini network map of your own connection.
What you should see
Concrete values for your own IP, subnet mask, and gateway; successful pings to your gateway and to a public address by number; a working (or tellingly failing) ping by name; and a numbered hop list from tracert that starts at your router and walks outward with rising latency. The acronyms are now things you have measured.
This lab practices the IP addressing, DNS/name-resolution, gateway, and connectivity-verification skills that the Networking domain of the official A+ Core 1 (220-1201) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: Run these commands only against your own network, your own gateway, and well-known public services as shown. ping and tracert are read-only diagnostics; do not aim scanning or flooding tools at networks or hosts you do not own or have permission to test.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 4 of 9 · 220-1201 domain 1 · 13% of the exam
Mobile devices
Core 1 (220-1201). The lightest-weighted Core 1 domain at 13%, and a gentle place to start Core 1 because almost everyone already owns and uses the hardware it describes.
This Core 1 domain is about the small computers most people carry all day: laptops, tablets, and phones. It asks you to treat them as real systems a technician installs, configures, connects, and repairs — not as sealed appliances. Because it carries the smallest Core 1 weight (13%), it is a comfortable on-ramp, but do not mistake light weight for trivial: mobile support is a large share of real help-desk tickets, so the skills here pay off on day one of an actual support job.
Start with the physical side of laptops. Unlike a desktop where parts are roomy and standardized, laptop components are miniaturized, keyed to a specific chassis, and often shared across a hinge or a ribbon cable. The domain expects you to recognize and reason about the parts you can service — memory modules in their small-outline form, storage in its several shapes, batteries, keyboards, wireless cards, and displays — and to understand that a replacement part must match the specific model, not merely the general category. The recurring skill is compatibility judgment: will this part physically fit and electrically work in this exact machine?
Then the features built into portable hardware. Laptops and tablets pack in capabilities a desktop rarely needs: multiple display and docking arrangements, physical or function-key toggles for wireless radios and screen brightness, fingerprint and facial readers, and rotation or touch sensors. You should be able to explain what each feature does and, more usefully, how to fix it when it misbehaves — a screen that will not auto-rotate, a laptop that will not output to an external monitor, a wireless radio that a function key has quietly switched off.
Connectivity is the domain's busy center. Mobile devices reach the world through cellular data, Wi-Fi, Bluetooth, NFC, and increasingly hotspots and tethering, and each has its own setup story and failure modes. A large slice of this domain is email and account configuration — getting a device to talk to a mail service with the right server settings and security, which is exactly the kind of ticket new technicians face constantly. Bluetooth pairing, its own small ritual of discoverability and confirmation, shows up here too.
The final strand is mobile security and management, and it is where this domain quietly connects to the whole certification. Phones and tablets carry corporate data out of the building, so organizations enforce controls on them: screen locks and biometrics, remote-wipe and remote-locate capability, encryption, and centralized policy pushed through mobile device management. The exam expects you to see why a company would require these controls before a device touches company data, and to configure the device-side settings that satisfy them. Notice that this previews the Core 2 Security domain from the mobile angle — the same protect-the-data logic, applied to hardware that lives in a pocket.
A practical way to study this domain is to treat your own phone and laptop as the lab bench, which is exactly what the lab below does. Walk the settings menus deliberately: find where backup and sync live, where the screen-lock and biometric controls are, where email accounts are added, where the wireless radios toggle. Say out loud what each setting protects or enables. When a friend or family member has a mobile problem, resist the urge to just fix it — narrate which of this domain's areas the symptom falls into first (hardware, connectivity, configuration, or security), because naming the category is the exam skill. For the authoritative topic list, read this domain's section on the official A+ objectives page; this explanation deliberately paraphrases that scope rather than reproducing CompTIA's wording.
Learn it free
Official · Official exam objectives
CompTIA A+ (Core 1 & 2 V15) exam objectives (on the certification page)The exam's own topic list — read the Mobile devices section directly rather than relying on any summary, including ours. The downloadable objectives PDF is partner-login-gated; the public objectives live on this page. (captured 2026-06-14)
Lab: audit a phone's backup, sync, and security settings
Treat your own phone as a device a technician has to secure and support: locate and document its backup/sync, lock-screen, biometric, encryption, and find-my-device settings, and reason about which corporate control each one satisfies. No apps to install, no purchases.
Free tools
Your own smartphone (Android or iPhone) — free, already in your pocket
A plain-text note or spreadsheet on your computer to record findings — any free editor or Google Sheets
Steps
Open your phone's Settings app. Create a note titled 'Mobile audit' on your computer with columns: Setting area, Current state, What it protects/enables.
Find the backup and sync section (iPhone: your name at the top → iCloud; Android: Settings → Google → Backup, or Settings → System → Backup). Record what is being backed up (photos, contacts, app data) and whether backup is on.
Find the screen-lock settings (Face/Touch ID & Passcode on iPhone; Security or Lock screen on Android). Record the lock type in use (PIN, password, pattern, biometric) and the auto-lock timeout.
Locate the biometric enrollment (fingerprint or face). Record whether it is set up and what it is allowed to authorize — unlock only, or also app logins and payments.
Find the device-encryption indicator (iPhone: 'Data protection is enabled' at the bottom of the Face ID & Passcode screen; modern Android: Settings → Security → Encryption, usually on by default). Record whether encryption is active.
Find the remote find/lock/wipe feature (Find My iPhone; Find My Device on Android). Record whether it is enabled — this is the remote-wipe capability employers require.
Open the email/accounts section and note how many accounts are configured and what type each is (personal, work). Do not change anything — just observe how accounts attach to the device.
Open the Wi-Fi and Bluetooth screens. Record how many saved Wi-Fi networks the phone remembers and whether Bluetooth is discoverable right now — both are attack-surface facts a technician would flag.
Now reason across your notes: for each setting, write one sentence on which corporate requirement it would satisfy (for example, 'remote wipe protects company data if the phone is lost').
Optional: identify one setting you would tighten if this were a work phone (a longer passcode, a shorter auto-lock, removing an old saved network) and note why. You have just performed the same posture review an MDM policy automates.
What you should see
A short written audit of your own device showing which protections are active (lock, biometric, encryption, remote wipe, backup) and which account and radio settings widen its exposure. The point is not to change your phone but to be able to look at any mobile device and name its security and support posture out loud.
This lab practices the mobile configuration, connectivity, and mobile-security/management skills that the Mobile devices domain of the official A+ Core 1 (220-1201) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: Only inspect a device you own. This lab is read-only — record settings, do not change security controls on a device you did not set up (especially a work-managed phone), and never disable a remote-wipe or lock feature to 'test' it.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 5 of 9 · 220-1201 domain 4 · 11% of the exam
Virtualization and cloud computing
Core 1 (220-1201), 11%. The lightest domain on either exam, but its ideas — VMs and shared responsibility — recur throughout modern IT support, so learn it well even though it is small.
This Core 1 domain is the smallest on either A+ exam at 11%, but it introduces two ideas that increasingly define the whole industry: running computers inside other computers (virtualization) and renting computing from someone else over the internet (cloud). For a support technician, the value is not deep architecture; it is understanding the vocabulary and the practical responsibilities well enough to support users who live in these environments every day.
Start with virtualization, because it is the more hands-on half and the one you can practice immediately. A virtual machine is a guest computer that exists as software on top of a host, managed by a hypervisor. The domain expects you to understand what problems this solves: running several separated guest systems on one physical box, creating a disposable environment for controlled testing, or running an operating system your hardware would not otherwise host. That separation reduces risk but is not an absolute security boundary. Crucially, a VM still needs real resources allocated to it — processor time, memory, storage, and a network connection — carved from the host. That resource-budgeting reality is a favorite exam theme, and it is why a laptop bogs down when a VM is given too much.
The most important practical concept in the virtualization half is the snapshot: a saved point-in-time state of a VM you can return to. Snapshots make virtual machines useful learning and testing environments because harmless guest changes can be rolled back, but a snapshot is not a host backup and virtualization is not an absolute security boundary. The lab below has you feel the rollback behavior directly, because reading about a snapshot and using one are very different levels of understanding.
The cloud half asks you to reason about renting instead of owning. The domain expects familiarity with the common service models — where the provider hands you infrastructure to build on, or a platform to develop on, or finished software you just use — and the deployment models, from public shared environments to private and hybrid arrangements. Around these sit the properties that make cloud distinctive: resources you can scale up or down on demand, capacity that is measured and often paid for by use, and access from anywhere over the network.
The single most important cloud idea for a support technician is shared responsibility. When an organization uses a cloud service, the provider secures and maintains part of the stack, but the customer remains responsible for the rest — most often their own data, their user accounts, and their configuration choices. This is why 'we moved to the cloud so security is handled' is a dangerous half-truth: misconfiguration and account mismanagement remain the customer's job, and therefore the support technician's job. This idea connects straight to the Core 2 Security domain and to real incidents you will read about for the rest of your career.
The best way to study this domain is to build a VM and use a snapshot yourself, which is exactly what the lab does with free, open-source software. Once you have created a virtual machine, taken a snapshot, deliberately changed something, and rolled it back, the entire virtualization half stops being abstract. For the cloud half, practice explaining shared responsibility in one sentence for a specific example ('the provider keeps the servers patched, but our team still has to configure who can see the files'). Read this domain's section on the official A+ objectives page for the authoritative topic list; our explanation paraphrases that scope rather than reproducing CompTIA's wording.
Lab: build a Linux VM in VirtualBox and use snapshot/restore
Create a real virtual machine with free, open-source software, take a snapshot, make a harmless guest change, and roll back to demonstrate a reversible practice environment — useful for controlled learning, but not a host-safety guarantee.
Free tools
Oracle VirtualBox — free and open source (GPL); official builds for Windows, macOS, and Linux from the VirtualBox project site
A free Linux distribution ISO (for example, Ubuntu Desktop — free, downloaded from the official Ubuntu site). This lab uses only free/open-source software; nothing here is trial-ware.
A current host backup plus the Linux publisher's checksum instructions, used before the VM is created
Steps
Before downloading the guest, update the host operating system and VirtualBox to supported patched versions, confirm a current host backup exists, and do not continue on a work-managed or shared computer.
Install VirtualBox from its official site, download a current Linux ISO from the distribution's official site, and verify the file against the publisher's documented checksum before attaching it.
Open VirtualBox and click New. Give the VM a name, select Linux as the type, and accept the suggested version.
Allocate resources deliberately: give the VM a portion of your RAM (for example 2048-4096 MB, staying well under your total) and create a new virtual hard disk of the suggested size. Notice you are budgeting host resources to a guest — the domain's key idea.
Before first boot, set networking to NAT rather than bridged mode. Leave shared folders, shared clipboard, drag-and-drop, USB passthrough, and other host-device integration disabled unless an owned-lab step explicitly needs one; do not place host secrets or credentials in the guest.
In the VM's settings, attach the Linux ISO you downloaded to the virtual optical drive, then start the VM. It boots from the ISO exactly as a physical machine boots from a USB installer.
Follow the Linux installer to a working desktop (a minimal install is fine). When it finishes, you have a separate guest computer running as software on your machine; treat the isolation as risk reduction, not a guarantee that the guest cannot affect the host.
Shut the VM down cleanly. In VirtualBox, select the VM, open the Snapshots view, and click Take. Name the snapshot 'clean install'. You have just saved a point-in-time state.
Start the VM again and change something obvious and reversible: create a few files on the desktop, change the wallpaper, or install a small application. Confirm the changes are really there.
Shut the VM down again. In the Snapshots view, select your 'clean install' snapshot and choose Restore.
Start the VM once more and confirm your changes are gone — the files, wallpaper, or app you added have vanished, because the system rolled back to the saved state. That instant reversibility is the whole point of a snapshot.
Optional: take a fresh snapshot, make one harmless guest-only change (rename a setting or remove a shortcut), and restore again. When practice is complete, shut down the guest, detach the ISO, remove unneeded snapshots/VM files, and confirm no shared integration features were left enabled.
What you should see
A running Linux guest, a saved snapshot, and — after restore — guest state that has returned to the earlier point with the harmless test changes erased. This demonstrates guest rollback; it does not prove that a VM cannot affect its host or replace a separate host backup.
This lab practices the client-side virtualization concepts — hypervisors, resource allocation, and VM use for testing/sandboxing — that the Virtualization and cloud computing domain of the official A+ Core 1 (220-1201) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: A VM reduces risk but does not guarantee host isolation. Use a supported patched hypervisor on a machine you own, keep a current host backup, verify the official ISO checksum, use NAT rather than bridged networking, disable shared folders/clipboard/drag-and-drop/device passthrough by default, keep real secrets out of the guest, snapshot before changes, and remove unneeded VM files and attachments afterward. Never attach an unknown or unverified image.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 6 of 9 · 220-1202 domain 1 · 28% of the exam
Operating systems
Core 2 (220-1202), 28%. Tied for the heaviest Core 2 domain and the natural anchor for the exam — the other Core 2 domains all assume this operating-system fluency.
This is the largest Core 2 domain at 28%, and it is where A+ shifts from hardware to the software that makes hardware usable. It is heavily weighted toward Windows because Windows dominates the business desktops a support technician manages, but it also expects awareness of macOS, Linux, and the mobile operating systems. If Core 1 taught you the body of a computer, this domain teaches its operating mind — how to install it, configure it, keep it healthy, and drive it from both the graphical interface and the command line.
Windows is the center of gravity. The domain expects working familiarity with the everyday administration a technician performs: the settings and control-panel areas that configure a system, user and account management, networking configuration from the OS side, and the built-in tools for managing disks, tasks, services, performance, and devices. You should know these not as trivia but as a toolbox — given a problem, which utility do you open? Installation and setup matter too: the methods of installing or reinstalling Windows, the concepts of clean versus in-place approaches, partitioning and file-system choices, and what it means to prepare a machine for a user.
The command line is a distinct and important strand, and it is one career changers can turn into an advantage. The domain expects comfort with basic commands for navigating and managing files, working with disks and networking, and running tasks with appropriate privileges — on Windows and, at a basic level, on Unix-like systems. The value is not memorizing dozens of flags; it is losing the fear of a text prompt and understanding that the command line often does precisely and repeatably what clicking does slowly. A technician who can navigate directories, inspect a network setting, and manage a file from the command line is measurably more capable.
Cross-platform awareness rounds the domain out. You are expected to recognize the major features and tools of macOS and Linux — how software is installed, where system settings live, the idea of a package manager, and the basic file and permission model — plus the fundamentals of the mobile operating systems from Core 1's mobile domain. The goal is not mastery of every OS; it is not being lost when a ticket involves something other than Windows.
Two practical threads run throughout: file and permission management, and system maintenance. Permissions — who can read, change, or run what — are both an operating-system topic here and a security topic in the next domain, and understanding how users, groups, and access rights combine is one of the most transferable skills on the exam. Maintenance covers the unglamorous habits that keep systems healthy: updates, disk housekeeping, backups, and the built-in tools that support them.
The most effective way to study this domain is at a real prompt, which is what the lab does — safely, inside the VM you built in the virtualization domain, plus your own Windows machine. Practice the same small tasks on both Windows and Linux: create a folder, create a file, list contents, move and copy, view a permission, and create or inspect a user. Doing a task both graphically and from the command line, on two operating systems, cements the concept beneath the syntax. Narrate which built-in Windows tool you would open for a given problem, because that 'which utility?' reflex is exactly what the exam checks. Read this domain's section on the official A+ objectives page for the authoritative topic list; our explanation paraphrases that scope rather than reproducing CompTIA's wording.
Lab: command-line file and user tasks on Windows and Linux
Build command-line confidence by performing the same small file, directory, and user tasks two ways — on your own Windows machine and inside your Linux VM — so you understand the concepts beneath the different syntaxes.
Free tools
Your own Windows computer's PowerShell or Command Prompt — free, built in
The Linux VM you created in the Virtualization and cloud computing lab (VirtualBox + a free Linux distro) — free/open source; its terminal is built in
Steps
On Windows, open PowerShell (press the Windows key, type powershell, press Enter). Run cd $env:USERPROFILE\Desktop to move to your Desktop.
Create a working folder: run mkdir aplus-oslab, then cd aplus-oslab. You have made and entered a directory from the command line.
Create a file and list it: run 'hello' | Out-File note.txt then dir. Confirm note.txt appears. You just created and listed a file without a mouse.
Copy and move: run copy note.txt note-backup.txt then mkdir sub and move note-backup.txt sub\. Run dir and dir sub to confirm where each file now lives.
View a permission: run icacls note.txt. Read the access entries it prints — which users or groups can read or modify the file. This is the OS permission model in text form.
Inspect users: run net user (lists local accounts) and whoami (shows who you are). Do not create or delete real accounts on your main machine — just observe.
Now start your Linux VM and open its terminal. Run cd ~ then mkdir aplus-oslab and cd aplus-oslab — the same task, slightly different syntax.
Create and list a file: run echo hello > note.txt then ls -l. Read the ls -l output: the leading characters show the read/write/execute permissions for owner, group, and others — Linux's permission model side by side with the one you saw in icacls.
Copy and move: run cp note.txt note-backup.txt, then mkdir sub and mv note-backup.txt sub/. Run ls and ls sub to confirm, exactly mirroring the Windows steps.
Inspect identity and users: run whoami and id (your account and its groups), and cat /etc/passwd (a readable list of accounts). Write two sentences comparing how Windows and Linux each expressed 'this file's permissions' and 'who am I' — the concept is the same beneath the syntax.
What you should see
The same set of tasks — make a directory, create a file, list, copy, move, view a permission, and identify the current user — completed on both Windows and Linux, with the two permission views (icacls and ls -l) sitting side by side. The syntax differs; the operating-system concepts do not.
This lab practices the Windows and cross-platform command-line, file-management, and permission concepts that the Operating systems domain of the official A+ Core 2 (220-1202) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: Do the exploratory and account-listing steps on your own Windows machine but do NOT create or delete real user accounts there. Do any experimentation with creating or removing users inside the disposable Linux VM, where a snapshot can undo mistakes. Never run commands you do not understand from untrusted sources with administrator/root privileges.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 7 of 9 · 220-1202 domain 2 · 28% of the exam
Security
Core 2 (220-1202), 28%. Tied for the heaviest Core 2 domain. If you plan to continue toward Security+, this domain is your on-ramp — study it thoroughly.
This Core 2 domain is tied for the heaviest on the exam at 28%, a signal that CompTIA treats security as core to entry-level support, not a specialty. It is also the natural bridge to the Security+ certification many A+ holders pursue next. The framing here is practical and defensive: how a support technician recognizes threats, applies everyday protections, hardens the systems they manage, and helps users behave safely — not deep security engineering, but the security literacy every technician now needs.
The domain opens with the threat landscape at a support-technician's altitude. You should recognize the common categories of malware by their behavior — software that holds data hostage, programs that masquerade as legitimate tools, self-spreading infections, quiet watchers that log activity, and stealthy code that hides itself — and, just as importantly, the everyday social-engineering attacks that target people rather than machines. Phishing and its relatives, along with tactics like tailgating, impersonation, and manipulation through urgency or authority, are exam staples because they are what real users actually face. The skill is recognition from a description, and it connects directly to the Software troubleshooting domain, where you remediate the infections that get through.
The heart of the domain is the protections a technician configures. This is where Core 1's mobile-security preview and the whole certification's protect-the-data logic come home: authentication and the case for multi-factor authentication, the principle of least privilege and why users should not be administrators, account and password practices, and the access controls that decide who can touch what. On Windows specifically, you are expected to understand the built-in security machinery — user account control, the local security settings, defender-style protections, firewalls, and encryption options — and to know how to configure a workstation to a reasonable baseline.
Hardening and secure configuration form the next strand. The exam expects you to know the routine steps that shrink a system's exposure: keeping software updated, disabling or removing what is not needed, using strong authentication, encrypting where appropriate, and configuring browsers and systems to sensible secure defaults. Wireless and small-office security reappear here from the security angle — choosing strong wireless encryption, changing default credentials on network gear, and segmenting guest access.
Two more strands round the domain out. Physical and facility security reminds you that a locked door, a cable lock, a privacy screen, and proper visitor handling are security controls as real as any software setting — and that a stolen device can defeat elegant digital defenses. And data destruction and disposal covers doing the end of a device's life responsibly: the difference between deleting, wiping, degaussing, and physically destroying media, and why 'I dragged it to the recycle bin' is not secure disposal. This is a surprisingly common real-world responsibility and a frequent exam topic.
The best way to study this domain is to configure protections on a system you control, which is what the lab does — safely, by creating a standard user and inspecting Windows' own access and prompt behavior. Once you have felt user account control challenge an administrative action, and seen what a non-administrator account can and cannot do, least privilege stops being a slogan. Pair that with practicing threat recognition: for each malware type and social-engineering tactic, write a one-line description of how you would spot it. Read this domain's section on the official A+ objectives page for the authoritative topic list; our explanation paraphrases that scope rather than reproducing CompTIA's wording.
Lab: create a standard user and inspect UAC and permissions
See least privilege and Windows access control in action: create a standard (non-administrator) account, watch User Account Control challenge privileged actions, and observe what a limited account can and cannot do — the everyday protections this domain configures.
Free tools
A Windows computer you own and administer, OR a Windows VM — free, built-in Settings and tools. If you prefer maximum safety, do this inside a Windows evaluation VM or your own machine where you can reverse changes.
Built-in Windows tools: Settings → Accounts, User Account Control settings, and the Local Users and Groups / net user views — free, already installed
Steps
On a Windows machine you own, open Settings → Accounts → Other users (wording varies slightly by version). Note that you are currently signed in as an administrator.
Create a new local account and set its type to Standard user (not Administrator). Give it a clear name like 'testuser'. This is least privilege in practice — a day-to-day account without admin power.
Sign out and sign in as the new standard user (or use Switch user). You are now operating with limited privilege, the way security best practice says most users should.
Try an action that requires administrative rights — for example, open Settings and attempt to change a system-wide setting, or try to install software. Observe that Windows blocks it or prompts for an administrator's credentials. That prompt is User Account Control (UAC) enforcing the privilege boundary.
Note exactly what the UAC prompt asks for: it wants an administrator's approval, which the standard account cannot supply on its own. Write down one action that was allowed and one that was blocked.
Sign back in as the administrator. Open the UAC settings (search 'Change User Account Control settings') and read the slider levels — from always notify to never notify. Do not lower it; just understand that it controls when the privilege prompt appears.
View the account landscape: open PowerShell as administrator and run net user to list accounts, and net localgroup Administrators to see which accounts have admin power. Confirm your test account is NOT in the Administrators group.
Optional and instructive: inspect a file's permissions with icacls on a system folder versus a folder in the standard user's profile, and note that the standard user's rights are scoped to their own space.
Write two or three sentences explaining, in your own words, why running as a standard user limits the damage of malware or a stolen session — the least-privilege argument this domain makes.
Clean up: sign in as administrator and delete the 'testuser' account you created (Settings → Accounts → Other users → Remove), so you leave the machine as you found it.
What you should see
A working standard (non-admin) account that is stopped by a UAC prompt when it tries a privileged action, an Administrators group that does not include your test account, and a clear felt sense of what least privilege means: the limited account can do its work but cannot silently make system-wide changes. That boundary is exactly what protects a real workstation.
This lab practices the Windows security configuration, User Account Control, account/permission, and least-privilege concepts that the Security domain of the official A+ Core 2 (220-1202) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: Do this only on a Windows machine you own and administer, or in a VM. Creating and deleting a local account is reversible, but do not perform account changes on a work-managed or shared computer. Never lower UAC or disable security protections on a machine other people rely on.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 8 of 9 · 220-1202 domain 3 · 23% of the exam
Software troubleshooting
Core 2 (220-1202), 23%. Study it after Operating systems and Security, because it applies both — it is the diagnosis half of the software knowledge those domains build.
This Core 2 domain is the software counterpart to Core 1's hardware-and-network troubleshooting: at 23%, it tests whether you can diagnose and fix problems in operating systems, applications, mobile devices, and — importantly — security incidents like malware. It leans on the same methodical mindset as its Core 1 sibling, applied now to software symptoms, and it is deeply practical because these are the tickets a support technician sees most.
The first area is operating-system problems. You should be able to recognize and reason about the ways Windows misbehaves: systems that will not boot or boot slowly, crashes and stop errors, services that fail, sluggish performance, update problems, and profiles that misbehave. The skill is connecting a symptom to a likely cause and choosing an appropriate recovery tool — the built-in repair, startup, and recovery options — while preserving the user's data wherever possible. That last instinct, fixing without needless data loss, is both a professional value and a recurring exam theme.
The second area is application problems. Software crashes, fails to install or open, throws errors, or misbehaves for one user but not another. The domain expects structured diagnosis: checking versions and recent changes, comparing behavior across user profiles, reading logs and error messages rather than ignoring them, and deciding when to repair, reinstall, or escalate. The throughline is 'what changed?' — the single most productive question in software troubleshooting, because most breakage follows an update, an install, or a configuration change.
The third and most attention-grabbing area is malware symptoms and removal, and it is where this domain and the Security domain interlock. You are expected to recognize the signs of an infected system — unexpected pop-ups, browser redirects and rogue extensions, performance collapse, security tools mysteriously disabled, files or settings changing on their own — and to know the recommended remediation approach at a conceptual level: identify and verify the symptoms, quarantine or isolate the machine so it cannot spread, disable anything that lets the malware restart, remediate with appropriate tools (often after booting into a limited environment where the malware is not active), then educate the user and re-enable protections. Understanding why each step exists — especially isolation and disabling persistence — matters more than memorizing the order.
The fourth area is mobile and browser problems, which carry a security flavor. Mobile devices bring their own symptoms — apps that crash or will not update, battery and performance issues, connectivity failures, and security concerns like unexpected data use or a device behaving as if compromised. Browsers get specific attention because they are a common infection and annoyance vector: unwanted toolbars and extensions, hijacked search and home pages, certificate warnings, and redirects. Recognizing a browser that has been hijacked, and knowing the safe way to clean it up, is a genuinely everyday support skill.
The best way to study this domain is to rehearse the malware-remediation sequence as a concept and to practice structured software diagnosis on your own harmless issues, which is what the lab does — a safe, no-real-malware walkthrough of the remediation steps plus using safe mode. Whenever an app or system misbehaves in your own life, force yourself through the questions this domain rewards: what changed, does it affect one user or all, what do the logs say, and what is the least destructive fix. Read this domain's section on the official A+ objectives page for the authoritative topic list; our explanation paraphrases that scope rather than reproducing CompTIA's wording.
Learn it free
Official · Official exam objectives
CompTIA A+ (Core 1 & 2 V15) exam objectives (on the certification page)The authoritative topic list for this domain's OS, application, malware, and mobile/browser troubleshooting. The downloadable PDF is partner-login-gated; the public objectives live on this page. (captured 2026-06-14)
Lab: walk the malware-remediation sequence and boot into safe mode
Learn the recommended malware-remediation steps as a concept — with no real malware anywhere — by writing out the sequence against a scenario and then safely practicing the one hands-on skill it relies on: booting Windows into safe mode, a limited environment where most software does not auto-start.
Free tools
A plain-text editor or paper for the written walkthrough — free
A Windows machine you own OR a Windows VM, only for the safe-mode practice — free, built-in recovery options. A VM with a snapshot can reduce rollback risk, but it is not an absolute host-isolation guarantee.
Steps
Read this scenario (authored by RoleMath — not from any exam, and involving no real malware): 'A user's laptop shows constant pop-ups, the browser redirects searches to an unfamiliar site, new extensions appeared after they installed a free video downloader, and the antivirus icon is gone.' Write it at the top of a worksheet.
Step 1 — Identify and verify the symptoms. List the concrete signs in the scenario that suggest an adware/malware infection (pop-ups, redirects, unrequested extensions, disabled security tool). Naming the evidence is the first remediation step.
Step 2 — Quarantine/isolate. Write what you would do to stop spread: disconnect the machine from the network and shared drives. Explain in one sentence why isolation comes before cleanup.
Step 3 — Disable persistence. Write that you would disable anything that lets the malware relaunch — suspicious startup entries and scheduled tasks — and note that booting into a limited environment (safe mode) helps because most malware does not auto-start there.
Step 4 — Remediate. Write that you would update and run reputable anti-malware tools, remove the rogue browser extensions and unwanted software, and re-check startup items. Note that a limited/offline scan environment is often used so the malware is not running during removal.
Step 5 — Verify and re-protect. Write that you would confirm the symptoms are gone, re-enable and update the security software, and restore normal connectivity.
Step 6 — Educate the user. Write one sentence of user guidance (for example, why 'free downloader' bundles are a common infection source) — closing the loop so the same ticket does not recur.
Now practice the one hands-on skill this relies on, safely. On a Windows machine you own (ideally a VM with a snapshot), open Settings → System → Recovery → Advanced startup → Restart now (or hold Shift while clicking Restart).
From the recovery menu, choose Troubleshoot → Advanced options → Startup Settings → Restart, then select the option to boot into Safe Mode. Windows starts with a minimal set of drivers and services — the limited environment step 3 described.
Confirm you are in safe mode (the screen corners usually say 'Safe Mode'), open Task Manager and note how few startup programs are running compared with normal, then restart normally to exit. You have now safely used the environment real malware remediation depends on — without any malware involved.
What you should see
A written remediation worksheet that walks identify, isolate, disable persistence, remediate, verify/re-protect, and educate — plus a controlled boot into Windows safe mode where you can see how few programs auto-start. You have rehearsed the professional malware-response sequence without introducing real malware and with an explicit recovery plan.
This lab practices the malware-symptom recognition and best-practice removal process, plus the OS recovery/safe-mode skills, that the Software troubleshooting domain of the official A+ Core 2 (220-1202) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: This lab involves NO real malware — never download or run actual malicious software to 'practice.' Do the safe-mode step only on a machine you own, ideally a VM with a snapshot you can restore, and return the system to normal boot afterward. Do not experiment on work or shared computers.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Module 9 of 9 · 220-1202 domain 4 · 21% of the exam
Operational procedures
Core 2 (220-1202), 21%. The most human domain on the exam. Career changers from service, admin, or coordination work often find it the friendliest — its skills are professionalism, documentation, and safety.
This Core 2 domain is the one that turns a person who can fix computers into a professional a workplace trusts. At 21% it is a substantial slice of Core 2, and it is often the most reassuring domain for career changers, because its core skills — safety, documentation, communication, and professional conduct — are exactly the workplace competencies many people bring from previous careers. It covers how a technician works safely, records their work, communicates well, handles data responsibly, and behaves ethically.
Safety leads the domain, and it is genuinely important, not box-ticking. You are expected to know how to protect equipment and yourself: electrostatic-discharge precautions that keep static from silently damaging components (straps, mats, proper handling, and equipment grounding), safe handling of the electrical and physical hazards inside equipment, proper lifting technique, and awareness of the toxic and flammable materials in some devices. Environmental responsibility sits alongside safety here — proper disposal of batteries, toner, and other hazardous components, and awareness of the temperature, humidity, and power conditions equipment needs. The ESD material in particular connects back to every hands-on hardware task in Core 1.
Documentation and change management form the domain's professional backbone. The exam expects you to value the paperwork that keeps IT sane: asset inventories and ticketing systems that track what exists and what was done, knowledge-base articles that capture solutions, network and procedure documentation, and — importantly — change management, the discipline of proposing, approving, testing, and recording changes rather than making them ad hoc. A recurring theme is that undocumented or uncommunicated changes are how shared environments break themselves; documentation is a technical control, not bureaucracy.
Backup, recovery, and business continuity appear here as procedures a technician supports: the types and rotation of backups, the difference between backing up and being able to actually restore, and the basic idea that organizations plan for disruption in advance. This overlaps with the operating-system and security domains but is framed here as operational discipline — the habits that mean a failure or an infection is a bad day rather than a catastrophe.
The human strands are where this domain shines and where prior-career skills transfer directly. Communication and professionalism cover how a technician interacts with users and colleagues: clear language without unnecessary jargon, active listening, managing difficult or upset users, setting expectations, punctuality, and respecting confidential material a technician inevitably encounters. Closely related is the incident-response-and-conduct material: recognizing and properly handling prohibited content or activity, preserving evidence and chain of custody when required, and following the licensing, privacy, and regulatory rules that govern data. Scripting and remote-support basics round the domain out — enough awareness of automation and remote-access tools to use them responsibly.
The best way to study this domain is to build the very artifacts it values, which is what the lab does — an asset-and-incident documentation checklist plus a hands-on ESD safety review. Because so much of this domain is procedural, turning it into a checklist you would actually use makes it concrete and memorable. Pair that by connecting each topic to your own prior experience: if you have handled customers, kept records, or followed safety rules in any job, you already understand the spirit of this domain and only need the IT-specific specifics. Read this domain's section on the official A+ objectives page for the authoritative topic list; our explanation paraphrases that scope rather than reproducing CompTIA's wording.
Learn it free
Official · Official exam objectives
CompTIA A+ (Core 1 & 2 V15) exam objectives (on the certification page)The authoritative topic list for this domain's safety, documentation, communication, and disposal coverage. The downloadable PDF is partner-login-gated; the public objectives live on this page. (captured 2026-06-14)
Lab: build an asset/incident documentation checklist and ESD safety review
Make this procedural domain concrete by producing two artifacts a real technician uses: a reusable asset-and-incident documentation checklist, and an ESD/electrical safety review you can run before any hardware work.
Free tools
Any free spreadsheet or document editor: LibreOffice (free), Google Docs/Sheets (free with an account), or a plain-text editor — paper works fine too
No hardware purchase required; the ESD review is a written checklist plus optional inspection of gear you already own
Steps
Open a new document titled 'A+ operational procedures artifacts'. It will hold two sections: an asset/incident checklist and an ESD safety review.
Section 1 — Asset record. Create a small table with columns a real inventory uses: Asset tag/ID, Device type, Serial number, Assigned user, Location, Purchase/warranty date, Status. Add two example rows for devices you own so the fields feel real.
Add an incident/ticket table with columns: Ticket ID, Date/time, Reported symptom, Affected user/asset, Diagnosis, Action taken, Resolution/verify, Follow-up. This mirrors a help-desk ticket's lifecycle.
Write a short change-management note: three questions to answer before making any significant change (What is the change and why? Who approved it and who is affected? What is the rollback plan if it goes wrong?). This is change management in miniature.
Add a communication checklist of professional habits: use plain language, confirm you understood the user's problem, set expectations for timing, respect confidential data, and close the loop when done. These transfer straight from many prior careers.
Section 2 — ESD safety review. Write a pre-work checklist for any hardware task: power off and unplug the device; use an anti-static strap or touch bare metal to discharge; work on a hard, non-carpeted surface; keep components in anti-static bags; avoid working in low-humidity static-prone conditions.
Add an electrical/physical safety line: know which components hold dangerous charge and should not be opened (power supplies, CRT-style displays), lift heavy equipment with proper technique, and keep liquids away from equipment.
Add an environmental/disposal line: dispose of batteries, toner, and other hazardous parts per local rules and organizational policy — not in the regular trash — and record the disposal.
Optional inspection: look at any hardware gear you own (a desktop, an anti-static strap if you have one) and note which safety-review items you could actually satisfy today and which you would need to acquire. This turns the checklist into a real readiness gap list.
Save both artifacts. In two sentences, note how a shift handover, an audit, or a new colleague would benefit from these records — the reason this domain treats documentation and safety as core professional skills.
What you should see
Two reusable artifacts: an asset and incident/ticket documentation template with example rows, plus an ESD and safety review checklist you could actually follow before opening a machine. Producing them makes this domain's procedural material concrete instead of abstract, and both are things a real technician keeps and uses.
This lab practices the documentation/change-management, communication/professionalism, and safety/ESD/environmental procedures that the Operational procedures domain of the official A+ Core 2 (220-1202) objectives covers — see the official objectives page for the exam's own wording.
Stay safe & legal: This is a documentation and planning exercise. If you later apply the ESD checklist to real hardware, follow it strictly: power off and unplug first, and never open high-voltage components such as power supplies or CRT displays. If you adapt the asset/incident templates to a real organization, treat the records as confidential.
Check yourself
2RoleMath-original concept checks for this domain — written by us against cited public sources, never taken from any exam. They confirm understanding; they don’t predict a pass.
Skills you’ll build
Studying CompTIA A+builds transferable skills that carry across employers and platforms, not just toward this one exam. Each has a free, source-cited RoleMath primer — what it is, a step-by-step free learning path, clearly labeled free resources, and a safe hands-on exercise:
Work through the modules above, then get a personalized read on where you stand: the readiness check maps your background against these same published domains and suggests what to study first — no score, no pass prediction.
Certification structure: Two separate exams are required — Core 1 (220-1201) and Core 2 (220-1202). You must pass BOTH to earn the A+; passing only one does not certify you. Official CompTIA A+ (Core 1 & 2 V15) page
Certification validity: 3 years, renewed through CompTIA's continuing-education (CE) program (20 CEUs per 3-year cycle) or by passing a qualifying higher CompTIA certification CompTIA CE renewal fees page
CE program fee: $75 USD per 3-year cycle (waived if you renew by passing a higher CompTIA certification) CompTIA CE renewal fees page
A free, source-cited study companion built on CompTIA's published exam objectives — not official training, not a pass guarantee. Verify the current objectives on the official page before your exam.
Certification and vendor names are used only to identify the program this independent study companion refers to. RoleMath is not affiliated with, endorsed by, or sponsored by CompTIA.