CompTIA A+ Core 2
Validates foundational IT skills in operating systems (28%), security (28%), software troubleshooting (23%), and operational procedures (21%). Covers ability to install, configure, and manage operating systems (Windows, Linux, macOS), implement cybersecurity mitigations including encryption and access controls, troubleshoot software and mobile device issues, and follow operational best practices including documentation, change management, and backup/recovery. V15 launched March 25, 2025 with increased security emphasis reflecting modern cybersecurity requirements. One of two required exams for CompTIA A+ certification.
Exam domains
- Security28%
Implement physical security (access control vestibule, badge readers, video surveillance, alarm system, motion sensor, door locks, equipment locks, USB locks, privacy screens, magnetometers, demilitarized zones, fence) and physical security for staff (key fobs, smart cards, biometrics including retina/iris/face/fingerprint/palmprint/voice recognition, hard tokens, soft tokens, SMS, voice call, authenticator app), logical security (principle of least privilege, ACLs, MFA, mobile device management, AD account types, group policy/updates, login script, organizational units, home folder, folder redirection, security groups), wireless security protocols and authentication methods (WPA2, WPA3, AES, TKIP, RADIUS, TACACS+, Kerberos, multifactor), malware detection/removal, social engineering attack types and methods (phishing, vishing, shoulder surfing, whaling, tailgating, impersonation, dumpster diving, evil twin), Windows OS security settings (Defender Antivirus, firewall, users and groups, login OS options including username/password, PIN, biometrics, single sign-on, NTFS vs share permissions, run-as administrator vs standard user, BitLocker, encrypted file system), Active Directory configurations and security (login script, domain, OU, home folder, folder redirection, security groups), workstation security best practices (data-at-rest encryption, password best practices, end-user best practices, account management, change default administrator/user passwords, disable AutoRun/AutoPlay), mobile/embedded device security (screen locks, remote wipes, locator apps, OS updates, device encryption, remote backup, antivirus/antimalware, firewalls, profile security requirements, BYOD vs corporate-owned, IoT and physical access), and methods for securing data and disposal/destruction (physical destruction including drilling, shredding, degaussing, incinerating; recycling/repurposing best practices including erasing/wiping, low-level format, standard format, certificate of destruction).
- Operating Systems28%
Identify common OSes including Windows (10/11 features, editions, requirements), Linux (distributions, file system, common commands ls, cd, pwd, mv, cp, rm, mkdir, chmod, chown, grep, ps, su/sudo), macOS (system features, Time Machine, FileVault, Keychain), and mobile OSes (Android, iOS). Use Windows command-line tools (ipconfig, ping, tracert, netstat, nslookup, sfc, chkdsk, gpupdate/gpresult, winver, format, diskpart, dir, copy, xcopy, robocopy), administrative tools (Task Manager, Microsoft Management Console snap-ins, Resource Monitor, Performance Monitor, Services, System Configuration, Disk Management, Print Management, Group Policy Editor), Control Panel utilities, Settings app, and configure Microsoft Windows networking (workgroup/domain, mapped drives, sharing local resources, Windows Defender Firewall, network connection types, network locations, proxy settings, VPN), application installation and configuration concepts (system requirements, OS requirements, installation methods, distribution methods).
Sources
Questions are grounded in 150 references from official and authoritative materials.