0% found this document useful (0 votes)

37 views

Comptia A+

Uploaded by

M Hs

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

37 views

Comptia A+

Uploaded by

M Hs

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 128

CompTIA A+

Study Notes

CompTIA A+
● A+
▪ CompTIA A+ certified professionals are proven problem solvers. They
support today’s core technologies from security to networking to
virtualization and more. CompTIA A+ is the industry standard for
launching IT careers into today’s digital world. (CompTIA.org)

● Exam Description
CompTIA A+ 220-1102 covers operating systems, security, software and
operational procedures.
● Four Domains
o 31% Operating Systems
o 25% Security
o 22% Software Troubleshooting
o 22% Operational Procedures

● Exam Details
o Up to 90 questions in 90 minutes
▪ Multiple-choice
▪ Drag and drops
▪ Performance-based/Simulations
● Requires a 700 out of 900
● Recommended Experience:
● 9 to 12 months hands-on experience in the lab or field

o Released: April 2022

● Are You Ready?

o Take practice exams
o Did you score at least 85% or higher?
o If you need more practice, take additional practice exams to hone your skills
before attempting the exam

● What kind of jobs can I get?

-1-

https://www.DionTraining.com © 2022
Dion Training Solutions, LLC is a Platinum Delivery Partner for CompTIA. CompTIA ® is a registered trademark of the Computer and Computing Technology Industry Association. All rights reserved.
V1.0
CompTIA A+
Study Notes

Operating System Types

Objective 1.8

● Operating System Types

● Windows

o Windows
▪ A graphical operating system developed and published by Microsoft
▪ One of the most popular operating systems in the world
● windows 1.01
o The very first version

▪ Windows 1.01
▪ Windows 2.01
▪ Windows 3.01
▪ Windows 95
▪ Windows 98
▪ Windows 2000
▪ Windows Me
▪ Windows XP
▪ Windows Vista
▪ Windows 7
▪ Windows 8
▪ Windows 8.1
▪ Windows 10
▪ Windows 11

▪ The oldest one that we're going to support is known as windows 8.1

▪ Windows 10 support is going to continue to operate until October of

2025

▪ When you're dealing with windows server 2016, this'll be supported by

Microsoft up until January of 2027

-2-

▪ Windows server 2019 will be supported all the way up through January
of 2029

▪ Windows server 2022 will be supported all the way up until October of
2031

o Windows used to have a 90% market share when it came to home computer
operating systems

● Linux

o Linux
▪ Made by lots and lots of different companies, organizations, and
individual people
▪ Known as an open-source operating system
▪ You have access to all the underlying code and you can make any changes
you want

● Unix
o A different type of operating system
▪ Some distributions use a subscription based model with they only give
you access to their code

● Ubuntu
o A free software you can install on your desktop or your
server

● Fedora, Debbie and mint, arch or cent OS

o Community supported distributions

o Two different formats for lifecycle support

▪ Standard release model

● A version number associated with

▪ Rolling release model

-3-

● There is no long-term support version and there's no version

numbers at all because you're dealing with this constant update
Android
● Android
o Android operating system
▪ A specific operating system that was designed to be able to support the
smartphone and tablet market
▪ Originally released by the open handset Alliance, which is primarily
backed and driven by Google
▪ Uses a much shorter lifecycle than does desktop or server environments
▪ Older devices can't necessarily support the newer operating systems
● Android is based on Linux
● Each manufacturer can make their own version of Android
● Chrome
o Chrome OS
▪ Proprietary operating system developed by Google
▪ Developed to run specifically on laptops and desktop hardware created
by Google
▪ This hardware was designed to keep costs very low
▪ Chrome OS devices have built-in virus protection and firewalls
▪ Chrome OS is extremely safe and secure
▪ Automatic updates

1. Proprietary operating system created by Google

2. Designed to run on specific hardware
3. Stripped down operating system
4. Primarily uses web applications and supports Android apps

● macOS
o macOS
▪ Operating system used on Mac computers, built by Apple
● iMac
● Mac desktop
● MacBook

▪ macOS was previously called OSX

-4-

▪ Desktop operating system that only operates on Apple devices

● iOS and iPadOS

o iOS and iPad iOS
▪ Developed by apple for their smartphones and tablets
● iOS operating system
o Developed as a closed source operating system
o Have a very high percentage of total market share for
mobile devices
● iPad iOS
o Developed as a fork of the mean iOS branch

● Filesystem Types
o Organize data and information on a hard drive, solid state drive, or other storage
device
o File systems have to be created before you can install an operating system or
storage device like a hard disk drive
o Windows operating systems use NTFS, FAT32, or exFAT
o Linux will use ext3, ext4, or exFAT for your filesystem
o macOS uses the Apple file system known as APFS

1. New technology filesystem, also known as NFTS

o Linux and macOS cannot read NTFS by default, you would have to use third party
utilities to read and write NTFS

-5-

o NTFS is considered a 64-bit filesystem that allows for large volumes and very
large file sizes
o NTFS has a lot of key features such as journaling, snapshots, security, POSIX
compliance, indexing, and dynamic discsJournaling allows forfaster recovery
from power outages and crashes
o Snapshots allow you to make a read-only copy of a file, even if it is already
locked
o NTFS has a higher security level and allows you access to audit trails, quota
management, and an encrypting filesystem
o Each file can be protected against unauthorized access
o POSIX supports Unix and Linux compatibility between NTFS and a Unix or Linux
filesystem
o Windows and NTFS are not case sensitive
o JASON and jason would be the same file to NTFS
o Windows doesn't rely on case sensitivity when reading NTFS but Linux and Unix
will
o Indexing is a catalog of file and folder locations to help speed up searches
o Dynamic discs can combine physical discs into one larger disc that is understood
by the operating system

2. File allocation table 32, also known as FAT32

o You can only have a total drive size of up to 2 TB and the maximum file size is 4
GB
o FAT is limited due to it being a 32-bit allocation table, where the maximum file
size is around 4.2 billion bytes or 4 GB
o FAT is supported by Windows, Unix, Linux, and macOS
o FAT32 is usually used on removable drives like external hard drives or USB flash
drives

3. Extended file type system, also known as ext3 and ext4

o These are supported by Linux and Unix systems, but not by Windows or macOS
by default
o ext3 has a maximum volume size of 32 TB and maximum file size of 2 TB
o ext4 has a maximum volume size of 1 EB and maximum file size of 16 TB

-6-

4. Apple file system or APFS

o APFS has been the default file system of macOS since 2018
o APFS is considered a journaled filesystem, and provides same journaling benefits
as in NTFS
o APFS has a higher level of performance when dealing with SSD than a traditional
HDD

5. Extensible file allocation table, also known as exFAT

o exFAT supports large volumes of up to 128 PB in size and file sizes of up to 16 EB

o exFAT is considered cross platform capable and can be used on Windows, Unix,
Linux, or macOS

▪ Windows
● NTFS
▪ Linux
● ext4
▪ macOS
● APFS

● Compatibility Concerns

o Every software application is coded to run on a specific operating system

o Devices that are running different operating systems can communicate on the
same data network
o Most computers can talk the same language using TCP/IP

-7-

o The ability of end users to use different operating systems

o A traditional user may be used to work with just one or two operating systems
o Train users to understand how to use your operating system

-8-

Windows Version
Objective 1.1 and 1.7

● OBJ 1.1: Identify basic features of Microsoft Windows editions

● OBJ 1.7: Given a scenario, apply application installation and configuration concepts

● Windows Versions

o 64-bit vs 32-bit Versions

● Windows 11
o 64-bit version
● Windows 10
o 32-bit or 64-bit version

● 32-bit Version
o 32-bit programs
● 64-bit Version
o 32-bit or 64-bit programs

▪ Each piece of hardware will be 32-bit or 64-bit based on the processor

▪ Choose the version of the operating system that will align with your
processor
▪ 32-bit version of Windows has lower memory requirements
▪ Have a minimum of 4 GB of RAM to run Windows
▪ Check if your processor can support 32-bit or 64-bit operations

-9-

o Windows Home
▪ Windows Home
● Basic edition of the Windows operating system
● Not designed to be used in a business environment
● Upgrade to Windows Pro or Windows Enterprise for additional
business features
● Storage device encryption
● Support for WIP
● Business management features
● Windows 11 Home edition is only in 64-bit version
● Windows Home edition support multi-core processors
● A multi-core processor has 2, 4, 6, 8, or even up to 64 cores
● It does support hyper-threading
● 64-bit can support large amounts of memory

o OEM
▪ The OEM license is used by the original
manufacturers
o Retail

● You can move up from Windows 10 to 11 using the same edition

o Windows Pro
▪ Windows Pro
● Windows operating system that focuses on business use
● Windows Pro can be used in a domain environment
▪ BitLocker
● Full disk drive encryption schema that is provided inside of
Windows Pro and Windows Enterprise editions
▪ Group Policy Editor
● Creates and applies operating system and software application
settings across all the users
● The group policy editor is not available within the Home edition
▪ Remote Desktop Protocol (RDP)

- 10 -

● Remotely connect to your Windows Pro machine from anywhere

in the world
▪ Windows Information Protection (WIP)
● Helps identify and protect against potential data leakage or data
exfiltration

▪ OEM is the original equipment manufacturer license

▪ Retail license allows you to buy one license for one particular piece of
hardware
▪ Windows Pro is designed to be used by small and medium-sized
businesses
▪ Windows Pro for Workstations is an improved version of the Windows
Pro edition
● It provides support for additional hardware
● Windows Pro for Workstations can support up to four-way
multiprocessing

o Windows Enterprise and Education

▪ Windows Enterprise is a fully featured version of Windows
▪ Enterprise edition can only use volume licensing
▪ Application virtualization under a tool known as App-V
● App-V protects the rest of the operating system from any kind of
malware
▪ UE-V is used to capture, save, and manage Windows 10 operating system
▪ Allows multiple people to use the same machine but separates all their
settings
▪ Direct access is used to allow connectivity for remote users without the
use of a VPN
▪ Credential guard allows for virtualization-based security and only grants
access to privileged systems
▪ Windows To Go creates an image version of a corporate Windows 10
environment that can be run on a user's personal computer
▪ Windows Enterprise edition has a limit of 6 TB of memory
▪ Windows Enterprise supports up to 4 physical processors
▪ Both are only going to be using a volume licensing
▪ Windows Education and Windows Pro Education are the same as
Windows Enterprise and Windows Pro editions

- 11 -

o Upgrading Windows
▪ In-place upgrade means the setup program for the new version will be
launched within the current operating system
▪ Verify the system meets the minimum requirements for the new
operating system
▪ Download the Windows 11 installation media and place it on a USB drive
▪ Launch the setup program from that USB within Windows 10 and then
perform a full upgrade
▪ Data-only upgrade keeps all personal files, but not any applications or
settings
▪ Clean install will delete all personal settings, files, and folders

- 12 -

Windows Installation
Objective 1.9

● OBJ 1.9: Given a scenario, perform OS installations and upgrades in a diverse OS

environment

● Windows Installation
o Installation Types
▪ Clean installation
● When an operating system is installed onto a new computer
● In this type of installation, all data, user settings, and programs
will be deleted
▪ In-place upgrade
● Changes the current version of the operating system into a newer
version
● Clean installation does not bring over any of your data,
applications, or user settings
▪ Attended installation
● Requires a system administrator to sit in front of the computer
during the installation process
▪ Unattended installation
● Used by the system administrator when multiple machines needs
the installation
▪ Image deployment
● Copies an image file of a hard drive onto the new system
● This image can be stored on a DVD or USB media
▪ Remote network installation
● The image to be used will be sent over the network

o Upgrade Considerations
▪ Look at the system requirements
● Hardware compatibility
● Application support
● Backup files and user preferences
● Third-party drivers

- 13 -

▪ Make sure the processor, chipset, and memory can support the new OS
● In Windows 11, 64-bit edition, the hardware requirements are
doubled from Windows 10
● x86 or x64
▪ Verify the new operating system has support for the peripherals that you
need
▪ Run the PC Health Check app before performing an in-place upgrade

1. Remain with the older operating system

2. Replace the peripheral to something supported by the new operating
system

▪ Run a backup first

▪ Obtain any third-party drivers that you may need
▪ Make sure to obtain the right third-party drivers

o Product Lifecycle
▪ Mainstream support is for every version of the operating system for a
minimum of five years
▪ Extended support is the additional period for some of the products that
can extend another three to five years
▪ End of life means that product is no longer supported

▪ Legacy Operating System

● A product that is no longer supported and considered abandoned
or orphaned

● Windows 10 and 11 get mainstream support for at least five years

● Feature updates usually occur every 6 to 12 months
● Feature updates are not going to change the requirements for
that operating system
● Every product, including operating systems, has a defined life
cycle
● Windows will provide at least five years of mainstream support
● Once that operating system reaches end of life, there will be no
more security patches

- 14 -

o Boot Methods
▪ Optical media
▪ USB drives
▪ SSDs
▪ Flash drives
▪ External/Hot swappable
▪ Network boot
▪ Internet boot
▪ Internal partitions

▪ Optical Media is any type of disk that uses laser or light to read and
write data
● Many newer computers don't have optical drives, so using optical
media is less common

▪ USB connected drives can be many types of drives

● USB connected drives can be CDs, DVDs, Blu-ray, solid state
drives, flash drives, or hot swappable hard drives
● To make sure your USB device is bootable, you need a media
creation tool to create the installation media

▪ Network boot devices take advantage of something inside your BIOS or

UEFI
● This allows you to read boot media over the network
● Windows generally use the PXE environment to boot up the setup
program to install Windows
● If you rely on network boot, you need to ensure you have DHCP
enabled to get an IP address assigned to your server

▪ Internet-based boot method allows the system to boot up its system

over the Internet
● The computer will boot up a minimalist version of an operating
system that is used to download the setup files

▪ Internal hard disk drive partition is a hidden device partition created by

your manufacturer

- 15 -

● If your purchased Windows 11 laptop gets corrupted, do a clean

install by booting from the internal hidden partition

▪ Configure your BIOS or UEFI to have the proper boot order

▪ If booting from a USB drive, you need to place it above the hard disk in
the boot order

o Partitioning Storage Devices

▪ Once you boot up the setup program, ensure the storage devices are
properly partitioned

● Hard Disk Drives

o Also known as HDDs
● Solid State Devices
o Also known as SSDs

▪ Both HDDs and SSDs require partitioning and formatting before using
them to store an operating system
▪ By default, at least one partition on a fixed disk is needed before you can
perform a high-level disk format for your file system

▪ There are two styles of partitioning

● Master Boot Record (MBR)
o The traditional style of doing partitions on a particular
fixed storage device
o The first 512 byte sector on a disk contains the MBR, which
has the info about the physical disk on it
o Inside the MBR, you will be able to carve up the physical
disk into four primary partitions
o Any of these partitions can be marked as active, which
signals the system to look for the operating system to boot
up
o When booting up initially, it will read the first 512 byte
sector from the hard disk which will have the MBR on it
o That will be partition zero, but the boot loader will ask
which device would you like to boot up, Windows or Linux

- 16 -

o You can also use partitioning to make multiple areas of

storage instead of just having one single drive
o One drive for the operating system and one for the data in
two different partitions
o MBR has limitations, such as only able to run four primary
partitions and only supports a disk size of 2 TB

● GUID Partition Table (GPT)

o Provides a more up-to-date schema to address MBR
limitations
o Windows can support up to 128 partitions with GPT
o GUID partition table can support drives over 2 TB,which is
good for its 128 partitions
o The system must support UEFI as its boot method to be
able to use GPT
o Most systems use UEFI for its 64-bit processors since BIOS
only supports 32-bit processors
o Windows supports NTFS, macOS supports APFS, and Linux
supports either ext3 or ext4 (depending on the distribution
used)
o Choose the file system that works best with your operating
system, like Windows with NTFS or macOS with APFS
o This may be a good reason to have two partitions, if you
are using macOS and Windows, or Linux and Windows
o It is important to understand what limitations you have
when choosing file systems

o Recovery and Reset

▪ Recovery and Reset is used when your Windows has been corrupted with
malware, or there is a system issue
● Recovery and reset is helpful when there is some malware or you
are going to sell your machine
● Normally, a message will pop up with the required key, such as
F11 or CTRL + F11
● A text or graphics display will walk you through how to do a full
recovery or repair

- 17 -

▪ With a full recovery, all files will be lost, unless you have them saved on a
backup drive to bring back into the system
▪ The factory recovery only works if you have the original hard drive in the
system
● A disadvantage of a full recovery is you lose everything on the
system
● This can be an advantage when you're going to sell the machine
though
o Example, if you bought a laptop with Windows 8.1, and
upgraded to Windows 10 before a full recovery, it will go
back to Windows 8.1

▪ Under refresh or repair mode, your machine will reset and try to repair
itself without doing a full recovery
▪ To repair instead of factory reset, you go to the same menu and just
choose the repair/reset options
▪ With Windows, most hardware will include a recovery partition that you
can boot up from

o Using a Recovery Partition

- 18 -

Application Configuration
Objective 1.7

● OBJ 1.7: Given a scenario, apply application installation and configuration concepts

● Application Configuration
o Application Requirements
▪ Every application is going to have different processing requirements
● 32-bit or 64-bit processor

● Processor speed and cores available

● Memory available for that application
● Have more than the minimum required for best performance
● Amount of storage space available

▪ Graphic requirements
● Dedicated graphics card or integrated graphics card
● VRAM available

▪ Graphics cards can be embedded into the motherboard or into the

processor
▪ Integrated GPU can handle most day-to-day applications in an office
environment
▪ Dedicated graphics card is for more high-end graphics and intense
applications
● 8 to 16 gigabytes of RAM available
● External Hardware Token
● Digital key that can unlock an application

o Distribution Methods
▪ Download from the app store
▪ Purchase on physical media
- 19 -

▪ Download from the Internet

▪ These app stores will handle all the installation process for you
▪ These app stores take precautions to ensure that the software is of good
quality
▪ Not all applications can be found inside the app store
▪ Physical copy of the software
▪ CD or DVD as a distribution method is known as Physical Media
▪ Physical media is not the most convenient way to install sotware

1. Requires to be picked up at some retail location

2. Software is not going to be the most up to date version

▪ Downloadable software directly from the manufacturer

▪
ISO File
● Digital file format used to replicate a physical CD, DVD or Blu-ray
Disc
o Windows
▪ Right click and select "Mount"
o Mac
▪ Use the Disk Utility
o Business Impacts
▪ Licensing
▪ Support
▪ Training

▪ Single user license means you can install one copy of that application on
one system
● Some applications will support multiple copies being installed on
multiple systems for use by a single user
● Never install an application on a system without a valid license
● Understand the terms of a software license
▪ Provide support for that application
● Manufacturer's Support
o Extended support agreement between the company and
the manufacturer

- 20 -

▪ How are you going to be training your users?

● Third-party manufacturer who made that software to train your
users
● Make sure to budget for that in terms of time and costs

o Operational Impacts
▪ Single component
▪ Larger network
▪ Larger enterprise system

▪ Send a technician to every machine to manually update it

▪ Use automation to push that software over the network to all the clients

▪ The user doesn't have to be logged into the system and the administrator
doesn't have to go to that system

▪ What clients are on the network

▪ What servers are being used
▪ Windows Deployment Service
▪ Microsoft Deployment Toolkit

▪ Apple Business Manager

▪ Private repositories

o Device Impacts
▪ Processing power
▪ Memory
▪ Storage

▪ Some applications are going to slow down the system

▪ Some applications are going to be memory intensive
▪ Some applications are going to take a lot of storage space
▪ Test the applications on a sample system

o Network Impacts
▪ Some applications will rely heavily on the network
▪ What network impacts would there be when installing certain tools

- 21 -

▪ Backup tools will steal a lot of the network's performance by

overwhelming the connection
▪ Consider the actual installation of the application itself

▪ Break down the deployment into small groups

▪ Use times that are the least impactful for the users

- 22 -

Windows Networking
Objective 1.6

● OBJ 1.6: Given a scenario, configure Microsoft Windows networking features on a

client/desktop

● Windows Networking
o Wired Connections
▪ Wired connections can come in the form of copper or fiber
▪ Fiber connects directly into a network interface card
▪ Copper connection uses a Cat 5, Cat 6, Cat 7, or Cat 8 connector using a
UTP or STP cable

o WWAN Connections
● Connects to a wide area network over a wireless connection, and
is most commonly seen with cellular modems or cellular hotspots
● Be aware of how much data your plan has as service providers can
have different limits
● Some are done on a monthly basis, some are unlimited, and some
are allocated over a given time period
● Additionally, some plans will cap your transferable data and cut
off your connection

● Overage Fees
o Some cellphone carriers charge $10 to $20 per GB beyond
the data cap
● Throttling
o With throttling, you will still be able to use data, but at a
much lower speed
● Unlimited
o Unlimited plans have no data cap, you can use as much as
you want and at the highest levels of speed

o VPN Connections
▪ Used to connect anyone or any resources from one private network to
another over a public network

- 23 -

▪ VPNs will allow you to connect back to your office and access your data in
a secure manner

o Network Client Configuration

▪ Anytime you connect to a network, whether wired or wireless, you need
to make sure the device has four basic items
● IP address
● Subnet mask
● Gateway
● DNS server

- 24 -

Windows Control Panel

Objective 1.4

● OBJ 1.4: Given a scenario, use the appropriate Microsoft Windows 10 Control Panel
utility

● Windows Control Panel

o Devices and Printers
▪ Provide you with a wizard and an interface to add devices manually and
create shortcuts to the different configuration pages
▪ There is a lot you can do with devices, which are things like mice,
keyboards, webcams, etc.
▪ This area of the control panel is where you can edit the functionality of
mice, keyboards, monitors, etc.

o Internet Options
▪ An older legacy applet that can be used to configure the old legacy web
browser Internet Explorer
▪ Most places don't use Internet Explorer anymore, and use things like
Microsoft Edge or Google Chrome, but some places still rely on Internet
Explorer
▪ When using the Internet Options, you are only configuring Internet
Explorer

o Network and Sharing Center

▪ Status of any network adapter
▪ Change settings
▪ Configure media streaming

o Windows Defender Firewall

▪ Software-based/ Host-based Firewall
▪ Determines which processes, protocols, and hosts are allowed to
communicate over a network

● Public Networks
o Airports, hotels, etc.
● Private Networks
- 25 -

o Business/home networks

o Mail
▪ Configures Microsoft Outlook, but not other mail apps like Thunderbird
or web-based mail like Gmail
▪ Mail only works with Microsoft Outlook and allows for the configuration
of email clients under different profiles

o Sound
▪ Used to select your input such as your microphone or your output

o System
▪ The exam objectives list the system as part of the control panel

o Device Manager
▪ Allows for the viewing and editing of properties of the different pieces of
hardware installed on a system
▪ Device Manager is a separate program that lets you view and edit the
properties of hardware
▪ installed on a given system

o Administrative Tools
▪ Different tools that can be used for more in depth configuration or
troubleshooting

o Indexing Options
▪ Configures how the search capability inside File Explorer is going to work
▪ Indexing options configure how things will be indexed to increase search
speeds

o Power Options
▪ Allows to control the power management on a Windows system
● Turn off or reduce the power
● Use less energy

▪ Advanced Configuration and Power Interface

- 26 -

▪ Industry standard for power management services designed to allow

software and hardware to have compatibility

▪ S3
● Most of the devices are going to lose power
▪ S4
● Power will be maintained to the memory
▪ S5
● This applet conserves energy or maximizes performance by
choosing how the computer will manage power

o Ease of Access
▪ Gives access to all sorts of settings to configure the input and output
options
▪ Accessibility area

- 27 -

Windows Settings
Objective 1.5

● OBJ 1.5: Given a scenario, use the appropriate Windows settings

● Windows Settings
o Windows Settings
▪ Windows Setting
● Used to administer and configure the Windows 10 and 11
operating systems
● The Windows Setting application provides easy to use applets

- 28 -

Windows Tools
Objective 1.3

● OBJ 1.3: Given a scenario, use features and tools of the Microsoft Windows 10 operating
system (OS)

● Windows tools

o Task Manager
▪ Monitors the computer's key resources, like processing, memory,
storage, and network capacity
▪ Task Manager is used to monitor the computer's key resources, things
like processing, memory, storage and network capacity

o Device Manager
▪ A tool used for investigating and troubleshooting system hardware,
components, and peripherals
▪ Device manager is used to investigate and troubleshoot all sorts of
system hardware, components, and peripherals

o Disk Management Console

▪ Provides a summary of all the fixed and removable disks on the system,
including HDDs, SSDs, and optical drives
▪ This is a tool that formats disk drives, creates partitions, shrinks volumes,
creates RAIDs, and more

o Disk Maintenance Tools

▪ Fragmentation
▪ Capacity
▪ Damage

▪ Disk fragmentation only truly affects hard drives, and this is because of
the way data is written
▪ Capacity is the cap of data you are able to have on your disk
▪ Damage can happen when you cut off power to a disk being read or
written, or if you drop the device
- 29 -

● Disk defragmenter
● Disk cleanup utility

o Task Scheduler
▪ Used to run commands and scripts automatically in the background at
any given interval

o Event Viewer
▪ Allows you to go through log files and see what has happened on a given
Windows system

● Information
● Warning
● Verbose
● Error
● Critical

o Performance Monitor
▪ Provide real-time information about system resources by keeping track of
what things are happening in the operating system
▪ Monitor performance over time and find the issue by looking at some key
counters

o Local Users and Groups

▪ Provides the ability to create, modify, disable, and delete user accounts
along with the setting or resetting of passwords

o Group Policy Editor

▪ Provides a way of configuring different Windows settings across all
machines in the network

o Certificate Manager
▪ Looks at the different digital certificates installed on the system and
provides a way of requesting and importing new certificates
▪ Certificate manager provides the ability to manage all digital certificates
on the system

- 30 -

o System Information
▪ Produces a comprehensive report on the different pieces of hardware
and software inside a Windows system

o Resource Monitor
▪ Gives a better version of the type of monitoring provided by the task
manager
▪ Resource Monitor is essentially an enhanced or better version of the
snapshot and overview monitoring inside the Task Manager

o System Configuration
▪ Used to modify various settings and files that affect the way a computer
boots up and loads Windows

o Registry Editor
▪ Windows Registry
● A database which has all the different settings and configurations
across the entire operating system

o Microsoft Management Console

▪ A container for plugins or snap-ins that can be used to create custom
admin tools to configure a system

- 31 -

Windows Command
Objective 1.2

● OBJ 1.2: Given a scenario, use the appropriate Microsoft command-line tool

● Windows Command
o Windows Command Line Tools
o
o Using the GUI
▪ Command Line
▪ Graphical User Interface

o Using the Command Prompt

▪ Command Prompt
● Allows to run a series of different text-based commands and be
able to run different tools or utilities
● An administrative user can do a lot of things that may not be
available to a standard user
o Create a new user account
o Access files or folders
● Use the regular command prompt first

o Copying Commands
▪ Copying commands
▪ Movement commands

o Shutdown
▪ This command can run at various times when the user is not at the
computer

o System File Checker

▪ Provides a manual interface for verifying system files and restoring them
from the cache

o Network Troubleshooting Commands

▪ IPConfig
● IPConfig provides information about own network connection
- 32 -

▪ Ping
● Ping verifies there is good connectivity between the client and the
remote destination
▪ Tracert
● Tracert shows each and every stop along the way by using
multiple pings all the way out and all the way back
▪ Path ping
● Path ping gives a more accurate round-trip time being calculated

o Name Resolution Commands

▪ Host name
▪ NS Lookup

o The netstat Command

▪ Netstat is really helpful for malware removal or threat hunting against
bad actors

- 33 -

Windows Share
Objective 1.2, 1.6 and 2.5

● OBJ 1.2: Given a scenario, use the appropriate Microsoft command-line tool
● OBJ 1.6: Given a scenario, configure Microsoft Windows networking features on a
client/desktop
● OBJ 2.5: Given a scenario, manage and configure basic security settings in the Microsoft
Windows OS

● Windows Shares

o Domain-Based
▪ Used for larger environments
o Workgroup-Based
▪ Used in a single computer environment

● Workgroups and Domains

o Workgroups and Domains

▪ Represent the two different methods for organizing workstations inside
of a Windows-based computer network
▪ The main difference between the two is how workstations and resources
on the network are going to be managed

● Workgroup
o Decentralized model
● Domain
o Centralized architecture

▪ When dealing with a workgroup, you're dealing with a decentralized

model of administration, so there is no main computer in control

▪ Workgroups are better used with smaller sized networks, all on the same
network of less than about 15 to 20 computers

- 34 -

▪ Domains are used for large scale networks, one or more computers
acting as a server, which makes it easier to automatically connect to the
network from anywhere

▪ Domains can support hundreds of thousands of computers on a single

domain

● Printer Sharing
o Sharing a printer over a network is easier in a small office environment

- 35 -

macOS
Objective 1.10

● OBJ 1.10: Identify common features and tools of the macOS/desktop OS

● macOS
o macOS generally has same features and functionality like Windows

▪ Time Machine
● A backup feature in macOS
▪ Finder
● macOS file management app (file explorer)
▪ Dock
● Used for managing applications from the desktop (taskbar)
▪ Spotlight
● Search function
▪ .pkg (Package)
● macOS installer that supports complex setup tasks using a setup
wizard
▪ .dmg (Disc Image)
● macOS installer for copying self-contained apps to an app folder

● Mission Control
o Enables the user to set up multiple virtual desktops with different sets of
applications and backgrounds

● File Vault
o Disk encryption tool that encrypts the data that's stored on the hard drive or
solid-state device

● Remote Disc
o Utility that allows to access an optical disc drive over the network
o Most Mac computers don't have an internal optical drive
o One requires CD or DVD drive installed on the network

● Keychain
o Application designed to help manage passwords for all the different accounts
- 36 -

● iCloud and Apple ID

o Apple's online storage solution for all its users

● System Preferences
o Provides a centralized and standard location for mail, contacts, calendar, photos,
notes, reminders, and more
o The free account gives 5GB worth of storage

▪ Apple ID
● Account with Apple used across the entire Apple ecosystem

● Managing macOS Applications

o Mac App Store
▪ Central area that Apple and developers can use to distribute free and
paid apps

● Best Practices for macOS

o Antivirus
o Backups
o Updates
o Force quit apps

o Always have antivirus or antimalware on the system

o Mac doesn't run the same types of software as Windows
o There is no built in antivirus software for Mac system

o Apple Business Manager

▪ Supervises the use of macOS systems, restricts which apps can be
installed, locates any systems, and ensures they're up to date with the
latest security patches

- 37 -

Linux
Objective 1.11

● OBJ 1.11: Identify common features and tools of the Linux client/desktop OS

● Linux
o ls
▪ Used for listing file system objects
o pwd
▪ Used to print the current directory
o cd
▪ Used to change the directories
o mv
▪ Used to move files from one location to another
o cp
▪ Used to copy files from one location to another
o rm
▪ Used to delete files

o The mv, cp, and rm commands are used in both files and directories in Linux

o df
▪ Used to display the amount of free disk space
o du
▪ Used to estimate the file space usage
o nano
▪ Easy to use command line text editor
o vi
▪ Old command that supports modal editing
o vim
▪ Supports normal, visual, insert, and command line mode
o pico
▪ Text editor that provides less features and less complexity
o cat
▪ Used to create, view, or concatenate files
o find
▪ Used to search the file system or directory
- 38 -

o grep
▪ Used to search for characters within the specified file using regular
expressions
o su
▪ Used to switch users
o sudo
▪ Used to switch to the root user
o usermod
▪ Used to modify the user's account
o userdel
▪ Used to delete a user's account
o passwd
▪ Used to change or reset the password of the user's account
o groupadd
▪ Used to add a new group
o groupmod
▪ Used to modify a group
o groupdel
▪ Used to delete a group
o chmod
▪ Used to change the access permissions
o chown
▪ Used to change the owner
o apt-get
▪ Used to install and remove software on Debian
o yum
▪ Used to install and remove software on Red Hat
o dnf
▪ Updated version of yum command and used to install and remove
software on Red Hat
o rpm
▪ Low-level tool that is used to install and remove software on Red Hat
o ps
▪ Used to display a list of currently running processes
o top
▪ Task manager that is used to display information about CPU and memory
o ip

- 39 -

▪ Used for configuring network interfaces

o ping
▪ Used to test a host's reachability on an IP-based network
o traceroute
▪ Used to display the route and transmit time across an IP-based network
o dig
▪ Used to query the DNS to get information about the different DNS
records
o man
▪ Used for accessing and searching online reference manuals
o --help
▪ Written after the name of a command to give information on how to use
a specific command
o Samba
▪ Cross-platform file sharing protocol that supports the SMB

● Linux Navigation
o When it comes to Linux terminal environment, can use the LS, PWD, and CD
commands

● Disk Usage Commands

o DF
o DU

o Free space
o Filesystem
o Total size
o Space used
o % used
o Mount point

o The DU command shows the disk usage and how the device is used

● Text Manipulation
o Nano and Pico are both considered visual editors and are easy for anyone to use
o VI and VIM are more difficult to use, but they have a lot more capabilities if you
are able to use them

- 40 -

o The cat command is used for concatenating or displaying the contents of a file to
the screen

● Search Commands
o Find
▪ Search for a file
o Grep
▪ Search for content within a file

● Resource Management Commands

o PS and top are the two commands you should be aware of for resource
management

● Best Practices for Linux

o Update and patches
o Antivirus
o Backups
o Samba

o Debian
▪ apt-get
o Red Hat
▪ rpm, yum, dnf

o Linux and Windows malware do not affect each other's systems

o Linux is more secure, but it is not risk-free

o Clam AntiVirus
o Snort
o IDS/IPS

o Use a Task Scheduler to run a backup

o Cron is the Linux scheduling service

o tar
o gzip

- 41 -

o Install samba on a Linux device to communicate with a Windows host or server

- 42 -

Threats and Vulnerabilities

Objective 2.4

● OBJ 2.4: Explain common social-engineering attacks, threats, and vulnerabilities

● Threats and Vulnerabilities

● CIA Triad
● Vulnerabilities
● Zero-day Attack
● DoS and DDoS
● Spoofing
● On-path Attack
● SQL Injection
● Cross-site Scripting
● Password Cracking
● Insider Threat

- 43 -

Malware
Objective 2.3

● OBJ 2.3: Given a scenario, detect, remove, and prevent malware using the appropriate
tools and methods

● Malware
o Software that is designed to infiltrate and damage a system
▪ Viruses, Worms, and Trojans

● Viruses, Worms, and Trojans

o Viruses require user action in order to reproduce and spread

o Boot sector
▪ Viruses that are stored in the first sector of a hard drive and are loaded
into memory upon boot
o Macro
▪ Virus embedded into a document and is executed when the document is
opened by the user
o Program
▪ Program viruses seek out executables or application files to infect
o Multipartite
▪ Virus that combines boot and program viruses to first attach itself to the
boot sector and system files before attacking other files on the computer
o Encryption
▪ This virus is gonna use a cipher to encrypt the contents of itself to avoid
detection by any antivirus software
o Polymorphic
▪ Advanced version of an encrypted virus that change its code each time
it's executed by altering the decryption module in order for it to evade
detection
o Metamorphic
▪ Viruses that are able to rewrite themselves entirely before it attempts to
infect a file
o Stealth
▪ Stealth viruses are a category of a virus protecting itself
o Armored
- 44 -

▪ Virus that has a layer of protection to confuse a program or a person

who's trying to analyze it
o Hoax
▪ Hoax virus tries to trick a user to infect their own machine
o Worm
▪ Malicious software, like a virus, but can replicate itself without any user
interaction
▪ Worms can spread and replicate really fast
o Trojan
▪ Are a piece of malicious software that are disguise as a piece of harmless
or desirable software
o Remote Access Trojan (RAT)
▪ Provides the attacker with remote control of a victim computer

● Ransomware
o Malware that restricts access to a victim’s computer system until a ransom is
received
o Keep backups of all the systems and files
o Ransomware uses a vulnerability in your software to gain access and then
encrypts your files
● Spyware
o Malware that secretly gathers information about the user without their consent
▪ Adware
● Displays advertisements based upon its spying on you
▪ Grayware
● Software that isn’t benign nor malicious and tends to behave
improperly without serious consequences

● Rootkits
o Software designed to gain administrative level control over a system without
detection

▪ DLL injection is commonly used by rootkits to maintain their persistent

control

● DLL Injection

- 45 -

o Malicious code is inserted into a running process on a

Windows machine by taking advantage of Dynamic Link
Libraries that are loaded at runtime

● Driver Manipulation
o An attack that relies on compromising the kernel-mode
device drivers that operate at a privileged or system level

● Shim
o A piece of software code that is placed between two
components to intercept calls and redirect them

● Botnets and Zombies

o A collection of compromised computers under the control of a master node

o DDoS
▪ Occurs when many machines target a single victim and attack them at the
exact same time

o Botnets can be utilized in other processor intensive functions and activities

● Symptoms of Infection
o Your computer might have been infected if it begins to act strangely
o Hard drives, files, or applications are not accessible anymore
▪ Strange noises
▪ Unusual error messages
▪ Display looks strange
▪ Jumbled printouts
o Double file extensions are being displayed, such as textfile.txt.exe
o New files and folders have been created or files and folders are
missing/corrupted
o System Restore will not function

● Removing Malware
o Scan the computer

1. Identify the symptoms of a malware infection

- 46 -

2. Quarantine the infected systems

3. Disable System Restore
4. Remediate the infected system
5. Schedule automatic updates and scans
6. Enable System Restore and create a new restore point
7. Provide end user security awareness training

o If a boot sector virus is suspected, reboot the computer from an external device
and scan it
o Remove the hard drive from the victimized machine, connect it to a clean
workstation as a secondary drive, and then scan it

● Preventing Malware
o Continually doing your service packs and updates for your operating system
o Have a good host-based Firewall
o Worms, Trojans, and Ransomware are best detected with anti-malware solutions

o Root kits are a type of malware that installs itself and tries to bypass the
operating
o system functions

o Scanners can detect a file containing a rootkit before it is installed

o Re-image the machine from a known good baseleine

o Verify your email servers aren’t configured as open mail relays or SMTP open
relays

1. Remove email addresses from website

2. Use allowlist and blocklists
3. Train and educate end users

1. Update your anti-malware software automatically and scan your computer

2. Update and patch the operating system and applications regularly
3. Educate and train end users on safe internet surfing practices

- 47 -

Social Engineering
Objective 2.3 and 2.4

● OBJ 2.3: Given a scenario, detect, remove, and prevent malware using the appropriate
tools and methods
● OBJ 2.4: Explain common social-engineering attacks, threats, and vulnerabilities

● Social Engineering
o Broad range of malicious activities accomplished through human interactions

● Phishing Attacks
o Phising
o Spearphishing
o Whaling
o Smishing
o Vishing
o BEC
o Pharming

o Social Engineering
▪ Any attempt to manipulate users to reveal confidential information or
perform actions detrimental to a system's security
▪ End users and employees are the weakest link in an organization's
security

o Phishing
▪ A social engineering attack where the malicious actor communicates with
the victim from a supposedly reputable source to lure the victim into
divulging sensitive information
▪ 60-70% response rate

o Spearphishing
▪ Uses the same technology and techniques but is a more targeted version
of phishing

o Whaling

- 48 -

▪ Focused on key executives within an organization or other key leaders,

executives, and managers in the company

o Short Message Service (SMS)

▪ The text message service component on cellphones, smartphones,
tablets, and other mobile devices

o Multimedia Messaging Service (MMS)

▪ A form of text messaging that also allows pictures, sounds, or videos to
be sent

o Vishing
▪ Occurs when the message is being communicated to the target using the
voice functions of a telephone

o Business Email Compromise (BEC)

▪ Occurs when an attacker takes over a high-level executive's email
account and orders employees to conduct tasks

o Pharming
▪ Tricks users into divulging private information by redirecting a victim to a
website controlled by the attacker or penetration tester

● Spam
o The abuse of electronic messaging systems, most commonly through email
o Spammers often exploit a company's open mail relays to send their messages
o CAN-SPAM Act of 2003

● Impersonation
o The act of pretending to be someone else in order to gain access or gather
information
o The goal is to use people's trust on a person in authority and people in uniform

▪ Elicitation
● The ability to draw, bring forth, evoke, or induce information from
the victim

- 49 -

● Pretexting
o Train your employees not to fall for pretext and to not fill in the gaps for
people when they're calling you or even in person

● Social Engineering Attacks

o Tailgating
o Piggybacking
o Shoulder Surfing
o Eavesdropping
o Dumpster Diving

o Social Engineering
▪ Any attempt to manipulate users into revealing confidential information
or performing other actions that are detrimental to that user or the
security of our systems
▪ The weakest link is our end users and employees

o Tailgating
▪ When an attacker attempts to enter a secure portion of a building by
following an authorized person into that area, without their knowledge
o Piggybacking
▪ Similar to tailgating, but happens with the knowledge or consent of the
employee
o Shoulder Surfing
▪ Using direct observation to obtain information from an employee
▪ Not as obvious as standing over your shoulder, but it can be a quick
glance at your screen
o Dumpster Diving
▪ Actually looking in garbage or recycling bins for personal or confidential
information
● Evil Twin
o A fraudulent Wi-Fi access point that appears to be legitimate but is set up to
eavesdrop on your wireless communication

▪ Karma Attack
● Exploits the behavior of Wi-Fi devices due to a lack of access point
authentication protocols being implemented

- 50 -

▪ Preferred Network List (PNL)

● A list of the SSIDs of any access point the device has previously
connected to and will automatically connect to when those
networks are in range

Captive Portal ▪
● A web page that the user of a public-access network is obligated
to view and interact with before access is granted
● Software Firewalls
o Personal Firewall
▪ Software application that protects a single computer from unwanted
Internet traffic
▪ Host-Based Firewall

o Windows Firewall
o PF and IPFW
o iptables

o Many anti-malware suites contain software firewalls

o It is better to run a personal software-based firewall and a network-based
firewall to provide you with two layers of protection

● User Education
o I can install all the technology I want, but if I don't fix the user, it's all gonna be
for nothing
o Never share your authentication information

▪ Clean Desk Policy

- 51 -

● By end of day, employees clean their desks and leave nothing out
that may be taken as a password or a PIN

o Train users how to encrypt emails and data

o Follow organizational data handling and disposal policies

- 52 -

Security Controls
Objective 2.3 and 2.4

● OBJ 2.1: Summarize various security measures and their purposes

● Security Controls
o Physical Controls
▪ Implemented to increase physical security posture
o Logical Controls
▪ Implemented through hardware or software to prevent or restrict access

● Auditing
o One-time
● Monitoring
o Ongoing

o Managerial Controls
▪ Implemented to manage the organization's personnel and assets

● Data classification and labelling

● Personnel supervision
● Security awareness training

● Perimeter Defense
o Fences
▪ Designed in different formats, including see-through or not
▪ See-through fences allow outsiders to see what's inside
▪ Non-see-through fences prevent employees and guards from seeing
incoming threats
▪ Fences keep people away from areas that are under your control

o Bollards
▪ Type of barricade used to prevent terrorist attacks
▪ Think about the type of aesthetic fence and bollards to install
▪ Make sure that it is still friendly and inviting

o Lighting
- 53 -

▪ Use well-designed lighting around your perimeter

● Always ON
● Motion sensor

o Guards
▪ Protect the outside or inside of the building

● Surveillance
o Video Surveillance
▪ Used inside or outside of a building using cameras and CCTV
● Motion
● Sound
● Light

o Circuit-based System
▪ Alarm system that sounds anytime the circuit is open or closed

o Motion Sensors
▪ Allows to play motion sensor in different areas

● Proximity
o Alarm that turns off when there is a movement in one of
the tagged objects within the area

● Duress
o Alarm that can be triggered by someone when there is a
threat

o Magnetometer
▪ Type of metal detector that is deployed at airports and public buildings
▪ Walk-through magnetometer detects the presence of metal

● Physical Access Controls

o Door locks
▪ Key Operated
● Uses a key to lock or unlock the door
▪ Mechanical Operated

- 54 -

● Uses a PIN to lock or unlock the door

● Mechanically operated lock is usually referred to as a cipher lock

▪ Electronic Operated
● Requires a PIN entered on an electronic keypad to unlock

o Mechanical
o No power needed
o Electronic
o Needs power

▪ Badge Reader
● Uses a token to unlock the door
● Badge reader can be combined with two-factor authentication

▪ Biometric Door Lock

● Uses biometric data to unlock the door

o Fingerprint readers are considered a hygiene issue

o Palm Print Scanner

▪ Uses a camera to scan the palm print by using
infrared lights
▪ Palm print scanners are much larger in size

o Retina Scanner
▪ Uses infrared light that is shown into an eye

o Equipment locks
▪ Prevents theft and unauthorized physical access to servers, network
appliances

● Lockable Rack Cabinet

o Controls access to servers, switches, and routers installed
in standard networking racks
▪ Chassis Locks
▪ Faceplates

- 55 -

o Lockable rack cabinet protects all the devices in one server

rack

● Kensington Lock
o A cable that uses a tie to secure smaller devices

o Access control vestibules

▪ Serves as a way to limit the people that go in or out of an organization

o Badge readers
▪ Badge readers can be used as a way to log in to a computer
● Magnetic Strip
● Smart Card
● RFID
▪ Badge reader systems use contact-based badge reading

● Security Principles
o Least Privilege
▪ Uses the lowest level of permissions needed to complete a job function

o Role-based Access
▪ Discretionary Access Control (DAC)
● Access control method where access is determined by the owner
of the resource
1. Every object in a system has to have an owner
2. Each owner must determine the access rights and permissions for
each object

▪ Mandatory Access Control (MAC)

● Access control policy where the computer system decides who
gets access
o Unclassified
o Confidential
o Secret
o Top secret

- 56 -

● MAC is reserved for highly classified information within the

military

▪ Role-Based Access Control (RBAC)

● Access model that is controlled by the system that focuses on a
set of permissions versus an individual's permissions
● Creating groups makes it easy to control permissions based
around actual job functions

o Power User
▪ User who is not a normal user and also not a normal administrator
o
o Zero-Trust
▪ Security framework that requires the users to be authenticated,
authorized, and validated
1. Reexamine all default access controls
2. Employ a variety of prevention techniques and defense in depth
3. Enable real-time monitoring and controls to identify and stop
malicious activity
4. Ensure the network's zero-trust architecture aligns with a broader
security strategy

● Multifactor Authentication
o Multifactor Authentication (MFA)
▪ Uses two or more factors to prove a user's identity
● Knowledge
o Something you know
● Ownership
o Something you have
● Characteristic
o Something you are
● Location
o Somewhere you are
● Action
o Something you do

o High security systems often use multifactor authentication

- 57 -

o Time-Based One-Time Password (TOTP)

▪ Computes password from a shared secret and the current time

o HMAC-Based One-Time Password (HOTP)

▪ Computes password from a shared secret and is synchronized across the
client and the server

o In-Band Authentication
▪ Relies on an identity signal from the same system requesting the user
authentication

o Out-of-Band Authentication
▪ Uses a separate communication channel to send the OTP or PIN

o Implement 2FA or MFA that relies on OOB authentication system

● Enterprise Mobility Management (EMM)

o Enables centralized management and control of corporate mobile devices
▪ Tracking
▪ Controlling
▪ Securing

o EMM
▪ Policies and tools

o MDM
▪ Technical controls

● Application Control
● Passwords and passcode functionality
● MFA Requirement
● Token-based Access
● Patch Management
● Remote Wipe

o Remote Wipe

- 58 -

▪ Used to send remote commands to a mobile device from an MDM

solution to delete its data settings
▪ A device must have an Internet connection to receive the remote wipe
▪ Incorrect password or passphrase entered too many times
▪ Device tries to connect to a network and does not meet the baseline
requirements

o Firmware Update
▪ Updates the baseband of the radio modem used for cellular, Wi-Fi,
Bluetooth, NFC, and GPS connectivity

● Active Directory Security

o Domain-based
o Security Group
o Organizational Unit
o Group Policies
o Login Scripts
o Home Folders
o Folder Redirection

o Have at least one Windows server as a domain controller

o Active Directory (AD)

▪ Allows to get information from the network about the systems, users,
and computers
● Users
● Groups
● Computers
▪ Use Active Directory inside Windows-based networks for high levels of
security

o Security Group
▪ Allows to easily assign permissions to a set of users or worskstations
▪ Groups have different permissions applied using ACLs, group policies, and
login scripts

o Organizational Unit (OU)

- 59 -

▪ Way of dividing the domain into different administrative realms

o Group Policies
▪ Allows to configure computer settings and user profile settings for the set
of users
▪ Settings can be templated

o Home Folder
▪ Private drive that is mapped to a network share

o Folder Redirection
▪ Allows to change the target of a personal folder

- 60 -

Wireless Security
Objective 2.3 and 2.4

● OBJ 2.3: Given a scenario, detect, remove, and prevent malware using the appropriate
tools and methods
● OBJ 2.4: Explain common social-engineering attacks, threats, and vulnerabilities

● Wireless Encryption
o Pre-Shared Key
▪ Same encryption key is used by the access point and the client
o Wired Equivalent Privacy
▪ Original 802.11 wireless security standard that claims to be as secure as a
wired network
▪ WEP’s weakness is its 24-bit IV (Initialization Vector)
o Wi-Fi Protected Access (WPA)
▪ Replacement for WEP, which uses TKIP, Message Integrity Check (MIC),
and RC4 encryption
▪ WPA was flawed, so it was replaced by WPA2
o Wi-Fi Protected Access version 2 (WPA2)
▪ 802.11i standard to provide better wireless security featuring AES with a
128-bit key, CCMP, and integrity checking
▪ If we make operations easier, then security is reduced
o Wi-Fi Protected Setup (WPS)
▪ Automated encryption setup for wireless networks at a push of a button,
but is severely flawed and vulnerable
▪ Always disable WPS
▪ Encryption and VPNs are always a good idea

● WPA3
o Wi-Fi Protected Access 3 (WPA3)
▪ Latest and most secure version of wireless network encryption currently
available

● Updated cryptographic protocols

o Enterprise
▪ 192-bit
o Personal
- 61 -

▪ 192-bit or 128-bit

● Galois Counter Mode Protocol (GCMP)

● “Enhanced open”
o Opportunistic Wireless Encryption (OWE)

● Management protection frames

● Simultaneous authentication of equals (SAE)

o A secure password-based authentication and password
authenticated key agreement that relies on forward
secrecy

● Forward Secrecy
o Assures the session keys will not be compromised even if
the long-term secrets used in the session key exchange
have

1. AP and client use a public key system to generate a pair of long-

term keys
2. AP and client exchange a one-time use session key
3. AP sends client messages and encrypts them using the created
session key
4. Client decrypts received messages using the same one-time use
session key
5. Process repeats for each message being sent, starting at Step 2

● Wireless Authentication
o Remote Authentication Dial-In User Service (RADIUS)
▪ Cross-platform protocol that authenticates and authorizes users to
services, and accounts for their usage

● Supplicant
● Authenticator
● Authentication server

- 62 -

o Terminal Access Controller Access Control System Plus (TACACS+)

▪ Cisco-proprietary protocol that provides separate authentication,
authorization, and accounting services

o Diameter
▪ Peer-to-peer protocol created as a next-generation version of RADIUS

o Lightweight Directory Access Protocol (LDAP)

▪ Cross-platform protocol that centralizes info about clients and objects on
the network

o Single Sign-On (SSO)

▪ Enables users to authenticate once and receive authorizations for
multiple services across the network

o Kerberos
▪ Uses symmetric encryption and the Key Distribution Center to conduct
authentication and authorization functions

o 802.1x
▪ Used for port-based authentication on both wired and wireless networks
▪ Utilize 802.1x as part of your defense
- 63 -

o Extensible Authentication Protocol (EAP)

▪ Allows for numerous different mechanisms of authentication

● EAP-MD5
o Utilizes simple passwords and the challenge handshake
authentication process to provide remote access
authentication
● EAP-TLS
o Uses public key infrastructure with a digital certificate
being installed on both the client and the server
● EAP-TTLS
o Requires a digital certificate on the server and a password
on the client for its authentication
● EAP Flexible Authentication via Secure Tunneling (EAP-FAST)
o Uses a protected access credential to establish mutual
authentication between devices
● Protected EAP (PEAP)
o Uses server certificates and Microsoft’s Active Directory
databases to authenticate a client’s password
● Lightweight EAP (LEAP)
o A proprietary protocol that only works on Cisco-based
devices

● Wireless Network Security

o Service Set Identifier (SSID)
▪ The name of the wireless network

1. Name the network after something that is easy to recognize

o Do not use any personally identifiable information
2. Random naming scheme
o Many textbooks recommend to disable the broadcast of
the SSID

▪ Disabling the broadcast SSID just makes it harder for your authorized
users to be able to connect to the network
▪ Enabling encryption can give you a lot of security
▪ Never use WPA or WEP

- 64 -

▪ Enable wireless network encryption by configuring your wireless access

point
▪ A strong passphrase will serve as the password or symmetric key for this
encryption

o Guest Access
▪ Allows someone who is visiting your area to connect to your wireless
access point and access the Internet
▪ Disable guest access

o 2.4 GHz networks are going to operate on channels 1-11

▪ The most distance between channels 1-11 are channels 1, 6, and 11
o With 5 GHz and 6 GHz, you can use the auto channel selection

- 65 -

Mobile Device Security

Objective 2.7

● OBJ 2.7: Explain common methods for securing mobile and embedded devices

● Securing Wireless Devices

o Wi-Fi
▪ Used by mobile devices to make a connection to high-speed Internet
▪ WPA3 is the highest level of encryption available for mobile Wi-Fi at this
time

o Bluetooth
▪ Used by mobile devices to connect peripherals to the device
▪ Bluetooth requires two devices to make a connection or link

o Check specifications to see if the device uses at least AES encryption with a
strong key
o Software firewalls are common for larger devices, but not so much for mobile
devices
o The firewall must have root or administrative privileges on the mobile device in
order to successfully protect it
o A VPN connection between a mobile device and a centralized server is safer
o Remote backups automatically go to places like iCloud for Apple, Google Sync, or
OneDrive from Microsoft
o Always ensure you have secured the wireless connectivity first, then implement
a mobile firewall

● Mobile Device Unlocking

o PIN
o Password
o Pattern
o Fingerprint
o Face ID

o Swipe Gesture
▪ Someone can simply take the mobile device and swipe the screen open
to unlock it, without using anything to secure it
- 66 -

o PIN codes and passwords are the simplest types of authentications

o Personal Identification Number (PIN Code)

▪ Normally 4-8 digits long, depending on your smartphone or device
▪ PIN codes are easy to guess as there are only 10,000 possible codes for a
four-digit PIN
▪ Shoulder surfing attacks are easy if you use a PIN code as it's just a few
digits to remember
▪ PIN codes are only numbers, whereas passcodes are numbers, letters,
and symbols
▪ Passwords can also be easily used by others, due to shoulder surfing and
other attacks
▪ Wrong passcode entered 10 times can lock you out and make you wait 30
minutes before you're able to try again

o Remote wipe, wipes of all data after 10 failed attempts to login

o Pattern
▪ The screen shows you nine different dots for you to swipe and make a
pattern with
▪ Pressing and removing your finger off the touch scanner several times is
how you set up Touch ID

o Facial Recognition
▪ Touch ID has a fail rate of about1 in every 50,000 attempts
▪ Face ID has a fail rate of about 1 in every 1,000,000 attempts
▪ Both of these are much more secure than a PIN or password
▪ Smartphones like to use biometrics first and then PIN or passcode, if you
have all of that set up
▪ Face ID wasn't helpful in 2020 when everyone was wearing masks, so the
PIN or password fallback is very helpful

● Mobile Malware
o Ensure your mobile device is patched and updated
o Only install apps from the official App Store or Play Store

- 67 -

o Do not jailbreak/root device

o Don't use custom firmware/ROM
o Only load official store apps
o Always update your software

● Mobile Device Theft

o Always ensure your device is backed up
o Don't try to recover your device alone if it is stolen

o Remote Lock
▪ Requires a PIN or a password before someone can use the device

o Remote Wipe
▪ Allows to remotely erase the contents of the device to ensure that no
information can be recovered

● Mobile App Security

o Only install apps from the official mobile stores

o Transport Layer Security (TLS)

▪ Put an encryption layer and a tunnel between your device and the server
to ensure you have confidentiality

o Mobile Device Management

▪ Centralized software solution that allows system administrators to create
and enforce policies across its mobile devices
▪ Turn location services off to ensure privacy

o Geotagging
▪ Embedding of the geolocation coordinates into a piece of data, such as a
photo
▪ Geotagging should be considered when developing your organization's
security policies

● Deployment Options
o Corporate Owned/ Business Only (COBO)

- 68 -

▪ Purchased by the company and only used by the employee for work-
related purposes
● Most secure
● Most restrictive
● Most expensive

o Corporate Owned/ Personally Enabled (COPE)

▪ Company provides a device used for work and/or personal use by
employees

o Choose Your Own Device (CYOD)

▪ Allows employees to choose device from an approved list of vendors or
devices

o Bring Your Own Device (BYOD)

▪ Allows employees to bring their own devices, and connect to the
corporate network
▪ BYOD is the most difficult to secure

o Storage Segmentation
▪ Creates a clear separation between work and personal data on a device

o Mobile Device Management

▪ Centralized software solution for remote administration and
configuration of mobile devices
▪ MDM can prevent certain applications from being installed on the device
▪ Ensure your organization has a good security policy for mobile devices

● Hardening Mobile Devices

1. Update your device to the latest software
2. Install Antivirus
3. Train users on proper security and use of their device
4. Only install apps from the official app stores
5. Do not jailbreak or root your devices
6. Only use Version 2 SIM cards for your devices
7. Turn off all unnecessary features on your device
8. Turn on encryption for voice and data

- 69 -

9. Use strong passwords or biometrics

10. Don't allow BYOD

o Ensure your agency has a good security policy for mobile devices

● Implementing Mobile Device Security

o iPadOS will be similar to iOS and similar but not quite the same with Andriod
o Remember to set up how you want to use your device with locking, unlocking,
password, Touch ID, Face ID, and more

● IoT Vulnerabilities
o S in IoT stands for security
o Most IoT devices uses an embedded version of Linux or Android as their OS
o Many Manufacturers uses outdated or insecure hardware components
▪ Insecure defaults
▪ Hard-coded configurations
▪ Cleartext communication
o Attackers also monitors Bluetooth frequencies being transmitted and conduct
eavesdropping
▪ Data modification
▪ Data exfiltration
o Be careful in which exploits you since you can inadvertently cause the device to
go offline, crash or malfunction

- 70 -

Windows Security
Objective 2.5

● OBJ 2.5: Given a scenario, manage and configure basic security settings in the Microsoft
Windows OS

● Login Options
o Local Sign-in
▪ Uses Local Security Authority (LSA) to compare the submitted credentials
▪ Local sign-in is also known as interactive login

o Network Sign-in
▪ Uses Kerberos to perform network authentication

o Remote Sign-in
▪ Allows users to access the local network by using a VPN or a web portal
(SSL/TLS)

o Username and Password

o PIN
o Fingerprint
o Facial Recognition
o Single sign-on

o Username and Password

▪ Oldest type of authentication that uses single-factor authentication
▪ Knowledge-based factor

o Windows Hello
▪ Allows the user to configure an alternate means of authentication
▪ Windows Hello PIN can be used to enter the system and authenticate
▪ Windows Hello subsystem is considered more secure
▪ Windows Hello Fingerprint uses biometric authentication
▪ Windows Hello Face uses facial recognition

o Single sign-on

- 71 -

▪ Users can authenticate on the device or network to gain access to

multiple apps or services
▪ Using SSO is considered more secure than having different accounts

● Users and Groups

o
● Encrypting Windows Devices
o Administrators
o Users
o Guests
o Power users

o Local Account
▪ Account that exists on a single workstation or computer
● Security Account Manager (SAM)
o HKEY_LOCAL_MACHINE registry hive
▪ Local account cannot be used to log into different computers

o Microsoft Account
▪ Created through an online cloud-based portal at account.microsoft.com
▪ Microsoft account can be synchronized between devices using the same
portal
▪ Domain-based users can also create an account as part of the domain
environment

o User
▪ Able to change their own settings
▪ When creating a new user on a system, it should be placed into the
standard user group

o Administrator
▪ Gives additional security permissions
▪ By default, the first user on a system is placed in the Administrator group

o Guest
▪ Account is disabled and gives a higher level of security
▪ Guest accounts are disabled on Windows 10 and 11

- 72 -

o Power User
▪ Gives the user an intermediate permission level, but less than an
administrator
▪ Power user group has the same permission level as the standard user
group
▪ Administrator mode works at a higher level of permissions that can cause
a lot of system damage

o User Account Control (UAC)

▪ Windows security feature used to protect the system against malicious
programs, scripts, and attacks

▪ Administrator runs a program using the user credentials, not the

administrative credentials

▪ Click the Change Account Type button within UAC

▪ UAC settings can be configured from "always notify" to "never notify"
▪ Change the UAC configuration in the control panel and select "user
account control" settings

● File Permissions
o New Technology File System (NTFS)
▪ Uses file permissions on all files and folders
▪ NTFS permissions can be assigned to a file or folder by using a user's
account or group
▪ Each object has an implicit deny to prevent using a permission
▪ Explicit permissions set an allow or deny action
▪ Permissions are cumulative

o Share Permissions
▪ Applies only to files that were shared using a network connection
▪ Share permissions that are used in NTFS permissions will be applied
locally and over the network
▪ Share permissions are set at the root of the share and its subdirectories
▪ The most restrictive will apply to files and folders that are accessed over
the network

- 73 -

o Inheritance
o Happens with all of the sub folders and files underneath that folder

- 74 -

Securing Workstations
Objective 2.6 and 2.8

● OBJ 2.6: Given a scenario, configure a workstation to meet best practices for security
● OBJ 2.8: Given a scenario, use common data destruction and disposal methods

● Account Management
o User permissions
o Admin user account
o Disable guest accounts
o Restrict login times
o Failed login attempts
o Concurrent logins
o Timeouts and screen locks

o Give user the least amount of permissions to be able to do their job

o File permission control allows to change whether the user can read, modify, or
delete data file or folder

o Set a good, long, and strong password for the administrator account

o Disable the default admin account and create a new user account for better
security

o Guest accounts represent a significant security vulnerability

o Disable the guest account and create a regular user account

o Restrict your login times if you want to have better security

o Consider this based on your organization and the needs of your employees
▪ Account disabled
▪ 15-min cool off

o Account disabled means the user cannot login until they contact help desk
- 75 -

o With the lockout timer, the user has to wait 15 minutes to be able to re-login

o Every Windows user can log into multiple systems using the same account in a
domain environment

o You can set the number of concurrent logins allowed

o Limit of only one concurrent login

o Find the right amount of time that makes it work

● AutoRun and AutoPlay

o This can lead to a huge vulnerability
o Disable autoplay or autorun to increase security

● Passwords Best Practices

o Complexity requirements
o Expiration requirements
o Use of passwords

● Encryption Best Practices

o Unencrypted Data (Cleartext/Plaintext)
▪ Stored, transmitted, or processed in an unprotected format that anyone
can view and read
o Encrypted Data (Ciphertext)
▪ Scrambled up and unreadable to anyone without the proper encryption
or decryption key
▪ Encryption is a form of risk mitigation
o Data State
▪ Location of data within a processing system
o Data at Rest
▪ Any data stored in memory, a hard drive, or a storage device
● Full disk encryption
● Folder encryption
● File encryption
● Database encryption

- 76 -

o Data in Transit/Motion
▪ Any data moving from one computer or system to another over the
network or within the same computer
● TLS or SSL
● IPSec or L2TP
● WPA2 with AES

o Data in Use/Processing
▪ Any data read into memory or is currently inside the processor and being
worked on or manipulated
● Data at rest
● Data in motion
● Data in processing

● End-user Best Practices

o Anytime you're not using a system, you should log off or lock your computer
o A screensaver lock will lock your desktop after a period of inactivity
o Secure personally identifiable information
o Clean desk policy ensures everything on your desk is put away by end of day
o Log off if you will be gone for more than a few minutes
o Critical hardware like laptops must be in your possession or properly secured at
all times
o You want to make sure that data is always protected

● Data Destruction
o Asset disposal occurs whenever a system is no longer needed

o Degaussing
▪ Exposes the hard drive to a powerful magnetic field which in turn causes
previously-written data to be wiped from the drive

o Purging (Sanitizing)
▪ Act of removing data in such a way that it cannot be reconstructed using
any known forensic techniques

o Clearing

- 77 -

▪ Removal of data with a certain amount of assurance that it cannot be

reconstructed

o Data remnants are a big security concern

o Ensure all data remnants had been removed using overwriting procedures

o Possible reuse of the device will influence the disposal method

1. Define which equipment will be disposed of

2. Determine a storage location until disposal
3. Analyze equipment to determine disposal method
4. Sanitize the device and remove all its data
5. Throw away, recycle, or resell the device

● Data Destruction Methods

o Sanitizing
o Purging
o Overwriting
o Zeroing

o Recycling or repurposing electronics methods: Erasing/wiping (Standard

formatting or Low-level formatting)
o Physical destruction methods: drilling, shredding, incinerating, and degaussing

o Erasing or Wiping
▪ The process of destroying old data by writing over the location on the
hard drive or solid-state device with new data

o Forensic experts can recover some hidden data overwritten with a series of ones
and zeros
o Erasing and wiping don't work as well with solid state devices
o Use Format from the Windows command line to erase the contents of the hard
drive
o Using a standard formatting procedure, you will have better data destruction
than you have with a simple erasing or wiping

o Low-level Format

- 78 -

▪ Procedure provided by the manufacturer which will reset the disk back to
its factory condition
● Secure erase
● Crypto erase

o If you don't let this procedure actually finish, you'll have a drive that is no
longer functional and no longer usable for anything

o Self-Encrypting Drive
▪ A particular type of hardware that will encrypt and decrypt the entire disk
▪ By erasing the key, you have now made all the data on it unusable and
unreadable

o Degaussing
▪ Exposing hard disk drives to powerful electromagnets that are going to
disrupt the magnetic patterns on those hard disks and cause them to lose
their state
▪ This does not work if you're using optical media or solid state drives

1. Electronic method: will allow you to reuse or recycle those different

drives
2. Physical method: drilling, shredding, incinerating, degaussing

- 79 -

Securing Web Browsers

Objective 2.10

● OBJ 2.10: Given a scenario, install and configure browsers and relevant security settings

● Web Browser Installation

o Download from the official app stores either on Windows or Mac, or go to the
official websites

● Extensions and Plug-ins

o Extensions and plug-ins are often used interchangeably, but on different web
browsers they are used differently
▪ Extensions
▪ Plug-Ins
▪ Apps
▪ Search Providers
▪ Themes

o Plug-ins that work in the background to help you do things like video streaming
o Themes that change your browser's look
o You can change your default search engine
o Applications to keep things like document editing in your browser, even for
offline use

● Password Managers
o Password Manager
▪ Helps you secure different passwords and stores them so you can use
them easily
▪ Memorizing a master passcode while the rest are saved for you is a much
better method than using the same password everywhere

● Encrypted Browsing
o You need to ensure that the website is secure before you access it and enter any
kind of personal details

● Private Browsing
o Private Browsing
- 80 -

▪ A special mode in web browsers that ensures the caching features are
not being used
▪ Even in private browsing, you are still being watched online

● Pop-up and Ad Blockers

o Some fake ads will bring you to fake websites to urge you to buy fake products
online
o Ad blockers aren't for being annoyed with advertising, rather because criminals
have been using ads to get to people

● Cache and History Clearing

o Cache allows you to view the same website multiple times without having to
redownload images or videos on that site
o History keeps track of all websites you've been to, unless you clear it
o All of this is stuff people can use to get an idea of what you do, so it is also a
good idea to clear your browser history sometimes

● Profile Synchronization
o Profile
▪ You make this for different setting preferences, but it doesn't work across
all Internet browsers
▪ A way to keep your personal and work life separate to avoid problems in
the future

- 81 -

Supporting Network Operations

Objective 4.1 and 4.2

● OBJ 4.1: Given a scenario, implement best practices associated with documentation and
support systems information management
● OBJ 4.2: Explain basic change-management best practices

● Ticketing System
o Ticketing Systems
▪ Used to manage requests, incidents, and problems submitted by users
▪ Ticketing system shows user information
● Phone
● Email
● Chat
● Ticket

▪ Newly created tickets show user history

● Name
● Contact Details

● User information
● Device information

o Incidents happen one time or are isolated issues

o Problems are recurrent and happen to multiple users or devices with the same
characteristics

o Problem description
▪ Gather more details or information about the problem

o Ticket categories
▪ Three basic ticketing types
● Requests
● Incidents
● Problems

- 82 -

o Problem
▪ A collection of incidents or recurrent issues
▪ Every organization configures different categories based on their own
business needs

o Assigning severity levels can be done individually or with modern ticketing

systems

o Severity
▪ Classifying tickets in a prioritized order
● Urgent
● High
● Medium
● Low

● Tier 3 (1-3%)
● Tier 2 (20-30%)
● Tier 1 (70-80%)
● Tier 0

o Shifting Left
▪ Gives us more freedom and more ability to solve problems at an earlier
level

o What you should be writing in your tickets

▪ Problem Description
▪ Progress Notes
▪ Problem Resolution

● Knowledge Base Articles

o Solution Articles
o FAQs
o Product Manuals
o Tutorials
o Videos
o Demonstrations
o Troubleshooting Guides

- 83 -

o Internal knowledge base for the support agents

▪ Internal/Private
● Staff
▪ External/Public
● End-user

o Ensure knowledge base is properly tagged, categorized, and searchable

o The kind of information should you include depends on your industry and what
you're doing inside of your organization

o Difference between a problem and an incident

1. Knowledge base reduces the support workload

2. Provide good self-service
3. Lower the amount of work
4. Lower the product cost
5. Quick onboarding and training experience

● Asset Management
o Asset Management
▪ Systematic approach to the governance and realization of value of things
over their life cycle
● Tangible Assets
● Intangible Assets

● Development
● Operation
● Maintenance
● Upgrade
● Disposal

▪ A database system allows for the detailed management and

configuration of assets
▪ Allows the system to associate the user with the workstation that is
having the issue

- 84 -

o Unique Asset Tag and Unique Asset ID

▪ Assigned to that particular device and labeled onto it
▪ Having an asset tag with unique ID ensures having a good asset
governance
▪ Establish good change management practices

o Procurement Lifecycle
▪ Birth to death of an asset

o Change management procedures

▪ Change Request
● Verifies the impacts
▪ Procurement
● Determines the budget
▪ Deployment
● Implements procedures in a secure configuration
▪ Maintenance/Operations
● Implements procedures for monitoring and support
▪ Disposal
● Implements procedures for sanitizing data remnants

o Warranty
o Licensing

● Change Management
o Change Management
▪ Maximizes the number of successful IT changes
▪ The scope of change management is defined by each organization

o Change
▪ Addition, modification, or removal that may have a direct or indirect
effect on IT services
o Standard changes
▪ Preauthorized and can be implemented without any additional
authorization
o Normal changes

- 85 -

▪ Changes where the authorization is gained

▪ Major changes need a higher level of approval
o Emergency changes
▪ Changes that need to be expedited
▪ Emergency Change Advisory Board (ECAB)
▪ Emergency is when something is broken and needs to get back online
quickly

o Change Authority is the person or group that authorizes changes

o Pair Programming/Coding
▪ One person codes and the other person reads it and approves it

o When working with large system networks, use normal change

o Change Schedule
▪ Helps plan the changes and assists in communicating such changes to the
stakeholders to avoid conflicts
▪ The change schedule informs everybody what's happening
▪ Ensures we have the resources to implement the changes

● Conducting Change Management

o Fault to be fixed
o New business need/process
o Planned improvement

o Write the changes to be made and justify

o Change Advisory Board (CAB)

▪ Technical experts
▪ Business experts
▪ Senior leaders

o Back Out/Rollback Plan

▪ Plan of action to take if something goes wrong
▪ Always have a rollback plan
▪ Use sandbox testing

- 86 -

o End-user acceptance
▪ Make sure that people understand how to use that new system

● Documentation Types
o Acceptable use policies
▪ Employees' set of policies for a service or resource
▪ Each organization sets up rules based on workflow and company values
▪ Acceptable use policy is enforced by the organization to govern its
employees and users
▪ Regulatory Compliance Requirements
▪ A splash screen shows up when someone tries to log into a computer

o SOPs
▪ New user set-up checklist and procedures
▪ End-user termination checklist and procedures
▪ Software installation procedures

o Standard Operating Procedure (SOP)

▪ Step-by-step list of actions to comply with the policy
▪ SOPs will vary depending on the organization

o End-user Termination Checklist and Procedures

▪ Used as part of the employee offboarding process

o Follow the SOP checklist for new users and end users
▪ Verify the system requirements
▪ Validate the download source
▪ Verify files
▪ Verify software license
▪ Ensure proper installation
▪ Provide training and support

o Incident Report/After Action Report (AAR)

▪ Gathers the opinions of all involved users, customers, technicians,
managers, and stakeholders
▪ Figure out the cause

- 87 -

▪ Incident report is a writeup based on what happened, the cause, and how
to prevent it in the future

o Network topology diagrams

▪ One diagram for logical connections and another one for physical
connections

o Network topology diagram shows network connections in a logical or physical

manner

- 88 -

Backup, Recovery, and Safety

Objective 4.3, 4.4 and 4.5

● OBJ 4.3: Given a scenario, implement workstation backup and recovery methods
● OBJ 4.4: Given a scenario, use common safety procedures
● OBJ 4.5: Summarize environmental impacts and local environmental controls

● Backup, Recovery, and Safety

o Backup
▪ Process of creating and storing copies of data to protect against data loss
o Recovery
▪ Process of restoring data backup during data or system loss

● Backup and Recovery

o Full backups
▪ The backup job is going to create a file that contains all the data from the
source
▪ Full backup takes up a lot of space
▪ Full backups take a long time

o Incremental backups
▪ Will only back up things that have changed since the last backup

o Differential backups
▪ Backs up all the data that has been changed since the last full backup

o Synthetic backups
▪ An optional type of backup that can create full backups with lower data
transfer requirements
▪ You're not tying up the server by doing a lot of read/write operations,
and to copy everything off of the server

o Archive Attribute
▪ Archive attribute flags are set to on anytime you modify a file

o Anytime we do an incremental backup, we're also going to clear the flag

o On a differential backup, the flag does not get cleared
- 89 -

o It's going to get cleared when you do a full backup or an incremental backup

● Backup Schemes
o Frequency
▪ The period between backup jobs
▪ When it comes to determining this frequency, it is all going to depend on
how much work you can afford to lose

o On-site
▪ The backup storage mechanism is located in the same location as the
system they're backing up
o Off-site
▪ Backing up to some system not inside the same physical building where
your workstations are

o Grandfather-Father-Son (GFS)
▪ Tape media rotation scheme that allows some of your backup media to
be taken to an offsite storage
▪ The son tapes will store your most recent data and they have the
shortest retention period
▪ The father is considered the middle generation
▪ The grandfather tapes will have the longest retention period

- 90 -

▪ GFS can be modified based on your own needs for retention, as well as
for frequency of backups

o 3-2-1 Backup Rule

▪ States that you should have three copies of your data, including your
production copy on your servers, two different types of media, and one
copy being held offline and off-site

▪ You can use GFS in combination with the 3, 2, 1 backup rule

▪ A backup can never be called good until you've tested that it actually
works

● Power Continuity
o A redundant power supply mitigates a single point of failure

o Surges
▪ An unexpected increase in the amount of voltage that's being provided
o Spikes
▪ A short, transient voltage that can be due to a short circuit, a trip circuit
breaker, a power outage, or even a lightning strike
o Sags
▪ An unexpected decrease in the amount of voltage provided
o Brownouts
▪ Occurs when the voltage drops low enough that it causes the lights to
dim and can cause a computer to shut off
o Blackouts
▪ Occurs when there is a total loss of power for a long period of time
▪ Proper backup power and line conditioning

- 91 -

o Uninterruptible Power Supply (UPS)

▪ Combines the functionality of a surge suppressor with a battery backup

o Backup Generator
▪ An emergency power system used when there is an outage of the regular
electric grid power
● Portable gas engine
● Permanently installed
● Battery inverter

o How do you decide which one's right for your organization?

▪ Need
▪ Budget
▪ Downtime
▪ Fuel source

● Electrical Safety
o Equipment Grounding
▪ Ensures every electrical device has a path to the ground, which is a path
that provides the least amount of resistance for electrical current to flow
away harmlessly
▪ Make sure equipment is properly grounded when installing racks of
servers or equipment
▪ Never disconnect the ground wire

o Proper Power Handling

▪ Keeps the technician safe when working on electrical equipment
▪ Never work on a power supply unless you are certified and properly
trained to do it
▪ Never insert anything into the power supply area of a computer

● Component Handling and Storage

o Electrostatic Discharge (ESD)
▪ Occurs whenever there's a path that allows electrons to rush from a
statically charged body to a component that has no charge
▪ To prevent ESD from happening, you need to ensure you take the proper
safety precautions

- 92 -

1. Work in a room that is set up properly to reduce ESD

2. Take out anything that can help create static electricity
3. Always properly handle components by using ESD safe equipment

o Another large cause of ESD is anything that has a mechanical motor

o Try and reduce static electricity as much as possible

● HVAC Systems
o Make sure HVAC systems are running to protect the servers, workstations, and
other equipment
o Sensitive computer equipment, including servers, computers, and networking
gear, releases a lot of heat during their operations
o HVAC systems also helps with the humidity levels in server rooms and
communication closets
o Humidity level of around 40% to 60% using your HVAC systems
o Many organizations will connect their HVAC systems to their ICS or SCADA
networks
o Depending on your system's capabilities, you may have to make some choices as
to which servers can remain online
o Place systems and servers in the right location and provide adequate power and
cooling

● Proper Handling and Disposal

o Compliance with government regulations

▪ Health and safety laws

▪ Building codes
▪ Environmental regulations

o This ensures we keep our workplace hazard-free and everything is safe and
sound
▪ Occupational Safety and Health Administration (OSHA)

o Building codes are something that are defined at the local, state, and national
level

- 93 -

o Material Safety Data Sheet

▪ Contains all the information about the ingredients, health hazards,
precautions, and first aid information

o How you can properly dispose of those components

▪ Batteries are made up of chemicals that are dangerous to the
environment
▪ Swollen or leaking batteries should be bagged and properly stored in an
appropriate container
▪ You need to dispose of it using the proper waste management methods
or recycling
▪ Most vendors that you buy your toner from will have some sort of
recycling program
▪ Whenever you're disposing a toner cartridge or recycling it, you should
always wrap it up
▪ Take them to the proper recycling location or waste management area
▪ Make sure you're in compliance with government regulations

● Personal Safety
o One of the most common injuries is caused by lifting things improperly
o If you do happen to cause an electrical fire, immediately remove the power

o PC Vacuum Cleaner
▪ Specialized vacuum cleaner that doesn't create an electrostatic charge

o Disconnect the power

o Prevent any kind of trip hazards
o Lift with your legs and not with your back
o Follow proper electrical fire safety
o Use the proper safety equipment
o Use PC safe vacuum

- 94 -

Policy and Privacy Concepts

Objective 4.6

● OBJ 4.6: Explain the importance of prohibited content/activity and privacy, licensing,
and policy concepts

● Incident Response
o Incident Response
▪ A set of procedures an investigator follows when examining a computer
security incident
o Incident Management Program
▪ Consists of monitoring and detection of security events on a computer
network and the use of proper responses to those security events

● Preparation
o Ensure that it has a well-planned incident response
procedure
● Identification
o Process of recognizing if an event should be classified as an
incident
● Containment
o Focused on isolating the incident
● Eradication
o Remove the threat or attack
● Recovery
o Data restoration, system repair, and re-enabling any
servers or networks taken down during the incident
● Lessons Learned
o A process is used to document the instant response
process, any changes to the procedures and the processes
and make sure we do better next time

● Chain of Custody
o The record of evidence history from collection to court presentation and disposal

o Specialized evidence bags ensure electronic media cannot be damaged or

corrupted by electronic discharge (ESD)
- 95 -

o Faraday Bag
▪ Shields devices from outside signals to prevent data from being altered,
deleted, or added to a new device
▪ Criminal cases or internal security audits can take months or years to
resolve

o Legal Hold
▪ Preserves all relevant information when litigation is reasonably expected
to occur
▪ Have spare hardware and good backups of your systems

● Order of Volatility
o Data Acquisition
▪ Creates a forensically sound copy of the data from a source device

o Do I have the right to search or seize this legally?

▪ Any evidence gathered without proper authority or permission can be
inadmissible in court

o Order of Volatility
▪ Collecting evidence that could be easily tampered or destroyed first

1. Registers and cache

2. Routing tables, ARP caches, process tables and kernel statistics, and memory
3. Temporary file systems
4. Disks
5. Remote logging and monitoring data
6. Physical configurations and network topologies
7. Archival media

o Registers and cache can only be collected when the computer is powered on
o Contents of the RAM will be lost if the computer is turned off
o These temporary files are often overwritten during system operation
o Any data that's persisted on mass storage devices and disc
o Collect remote logging and monitoring data
o Data on physical configuration and network topologies helps provide context to
an investigation

- 96 -

o Offline and archival media

o Some key areas (like HKLM\Hardware) are only stored in the memory, so
analyze the registry using a memory dump

● Data Collection Procedures

o Create a forensic disk image of the data as evidence

o Capture and hash system images

o Analyze data with tools
o Capture screenshots
o Review network traffic logs
o Capture video
o Consider Order of Volatility
o Take statements
o Review licensing and documentation
o Track man-hours and expenses

o FTK and EnCase are popular forensic tools

● Licensing, EULA, and DRM

o Proprietary Software
▪ Original developer retains all rights and ownership of a software code,
where you pay them a fee and you receive a license in return
o Open-Source License
▪ Makes software free to use, modify, and share
▪ There are lots of open-source projects that are not free

o Personal License
▪ Allows one individual user to use a piece of software on their given
machine
o Corporate License
▪ A license for each individual machine or person who is actively using that
license

- 97 -

▪ Active users are people who are actually logged in at this moment using
that piece of software
▪ Licenses provide the legal access to use a software, and also the privilege
of getting all the updates and security patches
▪ Once you lose that valid license, you will no longer be able to get updates
to that software or its security patches
▪ Most software licenses are going to be issued out for a certain period of
time
▪ Use trusted software that comes with a valid license

o End User License Agreement

▪ Dictates the terms of the license for a software
▪ Always understand what is covered inside the EULA

o Digital Rights Management

▪ Ensures copy protection for music and video that is being used in an
online or digital manner
▪ DVDs were region-locked and only allowed to be sold in certain regions
based on the licensing
▪ You may come across issues where some of your users aren't able to play
a certain type of file because there's DRM enabled
▪ There are many digital formatted files that are protected by DRM

● Data Classification
o Data classification is based on its value to the organization and the sensitivity of
the information if it were to be disclosed

▪ Public Data
● No impact to the company if released and is often on a company's
website
▪ Sensitive Data
● Minimal impact if released and includes things like a company's
finances
▪ Private Data
● Contains information like personnel records, salaries, and other
data only used in the organization
▪ Confidential Data

- 98 -

● Contains items such as trade secrets, intellectual property data,

source code, and things that would harm the company if disclosed

▪ Unclassified
● Can be released to the public under the Freedom of Information
Act
▪ Controlled Unclassified Information (CUI)
● Includes unclassified information that should be protected from
public disclosure
▪ Confidential Data
● Includes data such as trade secrets that would hurt the
government if disclosed
▪ Secret Data
● Includes data such as military deployment plans and other things
that would damage national security if disclosed
▪ Top Secret Data
● Includes blueprints for weapons or other information that could
gravely damage national security if known by those unauthorized
to know

● Data Retention
o Data Retention
▪ Maintains and controls certain data to comply with business policies and
applicable laws and regulations
o Data Preservation
▪ Keeping information for a specific purpose outside of an organization's
data retention policy

o Short-Term Retention
▪ A term by how often the newest or youngest media sets are overwritten
o Long-Term Retention
▪ Any data moved to an archive to prevent being overwritten

o All of your backups are going to take up valuable storage space

o Back up everything you're legally required to based on your retention policies
o Back up what you need based on corporate policies or operations

- 99 -

o Recovery Point Objective (RPO)

▪ The maximum amount of time that can be lost from a recovery after a
disaster, failure, or other event
▪ RPO helps drive the recovery window or the redundancy decisions made
in your business

● PII, PHI, and PCI-DSS

o Data Type
▪ A tag or a label to identify a piece of data under a subcategory of a
classification
● B-I-G-O-T
o British Invasion of German Occupied Territory

o Health Data
▪ Data related to health conditions, reproductive outcomes, causes of
death, or quality of life for individuals or the population
● HIPAA
o Health Insurance Portability and Accountability Act of 1996

o Financial Data
▪ Consists of pieces or sets of information related to the financial health of
a business
● Payment Card Industry Data Security Standard (PCI DSS)
o An agreement that any organization that collects, stores,
or processes credit card customer information must abide
by

o Intellectual Property
▪ A type of data that includes intangible creations of human intellect
● Copyright
● Patent
● Trademark
● Trade Secret

o Personally Identifiable Information (PII)

▪ Any data that could potentially identify a specific individual
● Microsoft's data loss prevention system (DLP)

- 100 -

o Data Format
▪ This is the organization of the information into preset structures or
specifications
o Structured Data
▪ Something like a comma separated value list
o Unstructured Data
▪ Things like PowerPoint slides, emails, text files, chat logs

o Three main types of data you should be aware of as an A+ technician are PII, PHI,
PCI DSS

● Security Policies
o Privacy policies govern the labeling and handling of data

o Acceptable Use Policy (AUP)

▪ Defines the rules that restrict how a computer, network, or other systems
may be used

o Change Management
▪ Defines the structured way of changing the state of a computer system,
network, or IT procedure

o Separation of Duties is a preventative type of administration control

o Job Rotation
▪ Different users are trained to perform the tasks of the same position to
help prevent and identify fraud that could occur if there was only one
user with the job

o Mandatory vacations
▪ Require every employee take a vacation at some point during the year

o Onboarding and Offboarding Policy

▪ Dictates what type of things need to be done when an employee is hired,
fired, or quits

- 101 -

▪ Terminated employees are often not cooperative

o Due Diligence
▪ Ensuring that IT infrastructure risks are known and managed properly
o Due Care
▪ Mitigation actions that an organization takes to defend against the risks
that have been uncovered during due diligence
o Due Process
▪ A legal term that refers to how an organization must respect and
safeguard personnel's rights
▪ Due Process protects citizens from their government and companies from
lawsuits

- 102 -

Scripting
Objective 4.8

● OBJ 4.8: Identify the basics of scripting

● Scripting
o .bat (Batch File)
▪ Used within Windows inside the command prompt environment
o .ps1 (PowerShell)
▪ Used within Windows inside the PowerShell environment
o .vbs (Visual Basic)
▪ Used within Windows inside Visual Basic
o .sh (Bash Script)
▪ Used within Linux
o .js (JavaScript)
▪ Used for automations in webpages and macOS systems
o .py (Python)
▪ Generic scripting language used in Windows, Linux, and Mac
o Pseudocode
▪ Generic language used to teach new learners how to program a
computer

● Script File Types

o Shell Script
▪ Text-based file that contains commands that can be interpreted and
presented to the computer
o Batch File (.bat)
▪ Text-based file containing Windows commands and is interpreted from
the command line environment
▪ Batch files can be used on any Windows-based computer and can be
operated from the command line environment
● net use
o Map drives
● Xcopy/Robocopy
o Copy

o PowerShell (.ps1)
- 103 -

▪ Allows for more complex scripts

▪ PowerShell can change and interact with Windows components and
features,and also Active Directory
▪ Commandlets use a basic verb-noun naming scheme

o Visual Basic Script (.vbs)

▪ Scripting language based on the Visual Basic programming language
▪ .vbs runs from other applications, such as MS Word, MS Excel, and other
MS Office products

o Linux Shell Script (.sh)

▪ Works a lot like a batch script inside of Windows

o JavaScript File (.js)

▪ Scripting language designed to be implemented inside of a web-based
interface
▪ JavaScript is used on websites and web applications as well as in scripting
languages on macOS desktops and servers

o Python (.py)
▪ General-purpose scripting and programming language that is used to
develop automation scripts and full-fledged software applications
▪ Python runs on Windows, Linux, and Mac systems
▪ Python is considered an interpreted language because it is cross-platform
in nature

● Variables
o Used to store values and data for different data types

- 104 -

o Boolean
▪ A form of data with only two possible values (True or False)
o Pseudocode
▪ A made-up language that isn't representative of any singular
programming language
o Integer
▪ A variable that stores an integer or a whole number that may be positive
or negative

o Float/Decimal/Real Number
▪ A variable that stores a decimal number

o Character
▪ A variable that can only store ASCII character

o String
▪ A variable that can store multiple characters

o In Pseudocode, no need to define the data type for each variable

o Variables can change throughout the execution of the program

o Constant
▪ Like a variable, but cannot be changed within the program once defined
▪ How do we define the value of variables and constants?

● Loops
o Loop
▪ A type of flow control that controls which order the code will be executed
in a given program
o For Loop
▪ Used when the number of times to repeat a block of code is known
o While Loop

- 105 -

▪
Used when the number of times to repeat a block of codes is not known
and will only stop until something happens
o Do Loop
▪ Used when there’s an indefinite iteration that need to happen and will
only stop until some condition is met at the end of the loop

● Logic Control
o Used to provide conditions based on different logical tests

● Bash Script Example

o Identify the basics of scripting
▪ echo
● Printing on screen
▪ if [condition]
● Logical construct
▪ $1
● Variable

● Automation Scripting
o Basic Automations
▪ Simple or routine task

o Machine Restart
▪ Restart machines using scripts

o Network Drive Remapping

▪ Done within normal command line interface using a batch file (.bat) or
PowerShell

o Application Installation
▪ Can use a batch file or PowerShell in Windows or a shell file in Linux

o Update and Security Patch Installation

▪ PSWindowsUpdate
● PowerShell
▪ Wusa.exe file
● Batch File

- 106 -

▪ apt or yum
● BASH script

o Backup Automation
▪ copy; xcopy; Robocopy
● PowerShell or Batch Script
▪ copy (cp)
● BASH Script (Linux)

▪ Windows Task Scheduler

● Windows
▪ Crontab
● Linux

o Information Gathering
▪ Use scripts for is to be able to gather information or data from various
systems across your network

o Using automation and scripting can make life easier

▪ Makes life easier by being able to reach out and touch different assets
across your network

● Scripting Considerations
o Unintentionally introducing malware
o Inadvertently changing system settings
o Causing browser or system crashes due to mishandling resources

o Read the scripts and understand what they do before running them
o Inadvertently changing system settings disables system protection
o When running a script, use the least permissions needed
o Depleting hard drive storage space occurs because log files or temporary files are
created as part of the scripting process
o Faulty loops could lose network resources or memory resources
o Incorrect API calls can cause the web browser's file explorer or command
interpreter to crash

- 107 -

Remote Access Support

Objective 4.9

● OBJ 4.9: Given a scenario, use remote access technologies

● Remote Access Protocols

o These different methods allow a client to access a server or a network device
remotely over the network

▪ Telnet Port 23
● Sends text-based commands to remote devices and is a very old
networking protocol
● Telnet should never be used to connect to secure devices

▪ Secure Shell (SSH) Port 22

● Encrypts everything that is being sent and received between the
client and the server

▪ Remote Desktop Protocol (RDP) Port 3389

● Provides graphical interface to connect to another computer over
a network connection

▪ Remote Desktop Gateway (RDG)

● Provides a secure connection using the SSL/TLS protocols to the
server via RDP

▪ Create an encryption connection

● Control access to network resources based on permissions and
group roles
● Maintain and enforce authorization policies
● Monitor the status of the gateway and any RDP connections

▪ Virtual Private Network (VPN)

● Establishes a secure connection between a client and a server
over an untrusted public network

▪ Virtual Network Computing (VNC) Port 5900

- 108 -

● Designed for thin client architectures and things like Virtual

Desktop Infrastructure (VDI)

▪ Virtual Desktop Infrastructure (VDI)

● Hosts a desktop environment on a centralized server
● Desktop as a Service (DaaS)

▪ In-Band Management
● Managing devices through the use of Telnet or SSH protocols over
the network

▪ Out-of-Band Management
● Connecting to and configuring different network devices using an
alternate path or management network

● To prevent a regular user’s machine from connecting to the

management interfaces of your devices
- 109 -

● Out-of-band networks add additional costs to the organization

▪ Authentication
● Confirms and validates a user’s identity

▪ Authorization
● Gives the user proper permissions to access a resource

▪ Password Authentication Protocol (PAP)

● Sends usernames and passwords in plaintext for authentication
▪ Challenge Handshake Authentication Protocol (CHAP)
● Sends the client a string of random text called a challenge which is
then encrypted using a password and sent back to the server
▪ Extensible Authentication Protocol (EAP)
● Allows for more secure authentication methods to be used
instead of just a username and a password

▪ Use EAP/TLS in conjunction with a RADIUS or TACACS+ server

● Remote Monitoring and Management (RMM)

o A centralized tool used by managed service providers to manage groups of users
and workstations remotely

● Microsoft Remote Assistance (MSRA)

o Will allow a user to ask for help from a technician or a coworker by using a
passcorde-protected imitation file

● Other Remote Access Tools

o Screen-Sharing Software
▪ Type of software that lets you allow somebody else remotely to view
what's going on on your screen
▪ Screen sharing doesn't have the ability to control what others are seeing
on the screen
▪ You can use a non-persistent web application in order to be able to do
the remote screen-sharing

o Video conferencing software do similar functions

- 110 -

o File Transfer Software

▪ An important type of software used by technicians to get files to or from
a system they're troubleshooting
▪ Nearby sharing is Microsoft's version of AirDrop and it works by using
Bluetooth and Wi-Fi direct connections between devices
▪ For Bluetooth-enabled sharing on Android devices, you'll use a function
known as Nearby Share
▪ If you're located across the world, you'll have to use a file transfer
software like FTP, SFTP, or SSH in order to send those files

● Desktop Management Software

o Desktop Management Software (Unified Endpoint Management)
▪ Designed for the deployment by an enterprise organization that allows
them to understand all the access controls and authorization involved
with all of their different systems
▪ UEM is essentially the desktop or laptop version of MDM
▪ Having an agent installed on each and every individual workstation or
laptop

o Endpoint Detection and Response (EDR)

▪ Allows for the scanning of the desktops and laptops that are being
managed by the EDM
▪ Gives the ability to use push deployment techniques for any upgrades,
updates, or security definitions
▪ Gives the ability to create access control rules that will prevent different
workstations from being able to join the network

- 111 -

Troubleshooting Windows
Objective 3.1

● OBJ 3.1: Given a scenario, troubleshoot common Windows OS problems

● Boot Issues
o BIOS or UEFI will go through and do a power on self-check to verify that all
system components are working properly
▪ BIOS
● Master Boot Record
▪ UEFI
● GUID Partition Table
o The firmware will look through the storage device and identify where MBR is,
which is always going to be located in the first sector of that disk
o It will then be able to identify which operating system is supposed to be booted
from that master boot record and then turn over control to it
▪ bootmgr.exe
▪ winload.exe

▪ Kernel
▪ Hardware abstraction layer
▪ Boot device drivers
o UEFI boot uses GPT
▪ \EFI\Microsoft\ contains BCD and bootmgfw.efi files
● Kernel
● Hardware abstraction layer
● Boot device drivers
▪ Failure to boot
▪ No OS found
▪ GUI failing to load or a black screen
▪ This used to happen because the boot order inside the BIOS or UEFI was
set incorrectly
▪ Remove any external devices
▪ Set the boot order to always go to the internal storage drive first
▪ "No OS Found"
▪ That disk drive doesn't have an operating system installed

- 112 -

▪ Use a startup repair tool to open up the recovery command prompt, and
then use bootrec in order to be able to repair the drive's boot
information
● bootrec /fixmbr
● bootrec /fixboot
● bootrec /rebuildbcd

o Diskpart Command
▪ A command line disk partitioning tool that can be used to mark the
system partition as active
▪ It usually indicates that there's some kind of an issue with the graphics
driver or the system has some kind of a misconfiguration or corruption
▪ Reboot the system into safe mode
▪ START+CTRL_SHIFT+B
● Check Disk command: chkdsk
● System file checker: sfc
o Failure to boot
o No OS found
o GUI failing to load or a black screen

● Boot Recovery Tools

o Advanced Boot Options
o Startup Repair
o WinRE
o You have a few different options for boot recovery tools, including advanced
boot options, startup repair, and the WinRE

● Update or Driver Rollback

o Sometimes system updates may cause problems for your device, and to fix that,
we roll back the updates

● System Restore
o System restore allows you to create multiple different points to restore data on
your system

- 113 -

● System Reinstall or Reimage

o When you're doing a system restore, you're only restoring the configurations
and the files for the system itself
o In a system reinstall, you're reinstalling a brand new version of Windows, and
then you'd have to bring in your files afterwards from a known good backup
o System Image
▪ A snapshot of how a system looks right now, including all personal files,
applications, and installations

● Performance Issues
o Your profiles are gonna contain all the information for a particular user on a
Windows system

● System Instability Issues

o Memory
o System files
o USB devices
o System Instability
▪ System freezing, shutting down, failing to respond, rebooting, or
powering off without an error message
▪ Hardware
● Overheating, power, processor
▪ Software
● Corrupted kernel files
o Windows Memory Diagnostic Tool
▪ Provides the ability to do memory diagnostics
▪ Control panelàAdministrative tools
▪ Windows recoveràMemory diagnostic tool
▪ Shut down the computer, take out the memory, and put it back
o System File Checker (SFC)
▪ sfc C:
▪ sfc C: /F
▪ Use the Windows Update tool or the vendor's website for the latest
chipset or system drivers
▪ Go to device manager and uninstall the USB host controller device
▪ Disable the USB selective suspend power management

- 114 -

▪ Powered hub gets its power from the USB, as well as when plugged into a
wall outlet
● Memory
● System files
● USB devices

● Application and Service Issues

o Application Crashes
▪ Uninstall the program, reboot, and re-install
o Service Startup Failures
▪ Event Viewer
▪ Service Tool
● Manually start the service from the Services Tool
● Some services are interlinked and work together
● Two services conflict with each other
● Core functions inside Windows run as services
● Use the Registry Server (regsvr32) to register the DLL (dynamic
link library)
o Time drift within the OS
▪ CMOS
▪ Real-time Clock (RTC)
● Real-time clock (RTC) is powered by a battery on the motherboard
● Time drift is an indication that the battery on the motherboard
has died
o Application crashes
o Service startup failures
o Time drift within the OS

- 115 -

Troubleshooting Workstation Security

Objective 3.2 and 3.3

● OBJ 3.2: Given a scenario, troubleshoot common personal computer (PC) security issues
● OBJ 3.3: Given a scenario, use best practice procedures for malware removal

● Troubleshooting Workstation Security

o Software Troubleshooting
▪ Investigate and identify malware symptoms
▪ Quarantine the infected systems
▪ Disable system restore in Windows
▪ Remediate the infected system
▪ Schedule scans and run updates
▪ Enable system restore and create a restore point in Windows
▪ Educate the end-user
o Which is step two in the malware removal process?
▪ Schedule scans and run updates

● Malware Removal Process

o PUA
▪ Potentially Unwanted Application
● Nmap
● Netcat
o Investigate and verify malware symptoms
▪ Having a root kit means it has already infected the OS where the anti-
malware solution runs
o Quarantine infected systems
▪ Move the system into a logically or physically isolated secure segment of
the network
▪ Sandbox protects the rest of the systems from getting infected
▪ Scan the computer on a trusted system in a sandbox environment
o Disable system restore in Windows
▪ Turn off automated backup systems, such as cloud and external disk
backups
o Remediate infected systems
▪ A. Update anti-malware software
▪ B. Scanning and removal techniques
- 116 -

● Reboot in safe mode and run the scanning and removal tools
● Run task manager, regedit, and msconfig to turn off different
services and background tasks
● Boot the computer using a Windows recovery media disc or a
Windows installation disc
● Re-image or re-install the system from a good backup or
installation disc
o Schedule scans and run updates
▪ Schedule scans on a daily basis
▪ Configuring scanning on access allows to scan downloaded files
o Enable system restore and create a restore point in Windows
▪ Re-enable system restore and create a restore point
● Restore point after malware removal
● Restore point clean
▪ Turn on automated backups again and validate critical services
o Educate the end user
▪ How to set up and configure a password manager
▪ How to verify if a website is actually a website
▪ Proper use of social networking and how to tell if something is a scam or
trustworthy
▪ Educate on the proper use of VPNs
▪ Provide anti-phishing training

● Infected Browser Symptoms

o Browser redirection
o Certificate warnings
▪ Redirection happens in conjunction with phishing and pharming
o Wrong address
▪ Manual redirection or typo squatting
o Automatic redirection
o Host file infection
▪ Host file is what we had before DNS
▪ Scan the system, uninstall, and reinstall the browser
▪ Check proxy settings and verify no proxy is being used

- 117 -

● Alerts and Notifications

o Stage 1 dropper
o Stage 2 payload
▪ Rogue Antivirus

● OS Update Failures
o Backup
o System File Checker
▪ Turn off the services and run the system file checker to fix it
▪ Go through the seven-step malware removal process to remove malware

- 118 -

Troubleshooting Mobile Issues

Objective 3.4

● OBJ 3.4: Given a scenario, troubleshoot common mobile OS and application issues

● Troubleshooting Mobile Issues

o Software Troubleshooting

● Resetting or Rebooting
o Many issues can be solved by simply rebooting the device
▪ Reboot into safe mode on the Android device
o Reset
▪ Used to remove all of the user's data, applications, and settings
▪ After the factory reset is complete, the device will reboot and bring you
into a setup menu for you to be able to do an initial configuration
● Device reset
● Factory reset

● Mobile OS Update Failure

o Adding new features
o Fixing vulnerabilities and bugs
▪ What can you do to solve this?
● You may be trying to install an update that isn't available
o Check what are the minimum requirements for that
version of the OS
o Apple will support devices for about three to five years
o Always verify the update you're trying to install is
compatible with the device model
● Check if you have enough power to install that update
● Check your network connectivity
● The server you're trying to download from can just be really busy
● You don't have enough storage space available
o Remove some of your files in order to free up some
storage space
o Make sure you troubleshoot and solve the issue quickly

- 119 -

● Mobile Performance Issues

o The device can either randomly reboot or be slow to respond
▪ Overheating
▪ Low battery
▪ Faulty hardware component
o The device will actually try to reboot itself
o The device may just shut itself off and not turn itself back on until the device
cools down
o A faulty piece of hardware can cause the kernel inside of that operating system
to panic
o Use a third-party diagnostic application that can run a report on the hardware to
determine if there's any kind of issue
▪ Storage space
▪ Failed update
▪ Faulty app
o A device that is operating slowly can be caused by different things, including
processor throttling
o The device will slow down first, and then if you don't solve the problem, it will
escalate into the device randomly rebooting
o See how many applications are open, and then close out the ones that are not
needed
o If a code was written in a less efficient way, this can cause applications and
programs to run much more slowly
o Find a different application that does the same function or uninstall that
application
o The device starts to operate slowly, and if it progresses, it can turn into random
reboots

● Mobile App Issues

o Applications that fail to launch
o Applications that fail to close
o Applications that crash
▪ When apps don't launch or operate properly, clear out the cache for
those applications
▪ Verify the application works on your version of the OS
▪ Running out of storage space on your device

- 120 -

▪ An application will fail to update if you don't have a valid network

connection
▪ Delete the application and then re-install it
▪ Application issues could sometimes be caused by your company
▪ Some mobile device management software can also turn off certain
functions or features

● Mobile Connectivity Issues

o Cellular
o Wi-Fi
o Bluetooth
o NFC
o Wireless file sharing
▪ Verify that you have the correct settings for your cellular device
▪ Check your network selection
▪ Verify that you're not in airplane mode
▪ It is important to check that your Wi-Fi is still enabled
▪ You'll often get a weaker signal strength when communicating over Wi-Fi
on a mobile device
▪ Using a thick type of protective case on a smartphone will also reduce the
amount of distance that a signal can travel
▪ Bluetooth does provide a shorter coverage area
▪ Bluetooth can cover between 10 feet and 30 feet of distance
▪ Remove the Bluetooth pairing by forgetting that Bluetooth device and
then reconnecting to it and re-pairing with it
o Near-Field Communication (NFC)
▪ Very short distance wireless communication technology that only
operates within a couple of inches of your device
▪ Verify that your airplane mode is not activated
▪ Check if airplane mode is enabled
▪ Forget that connection and then re-pair with the access point or device
that you're trying to communicate with
▪ For issues with NFC, simply close the distance and hold the phone there
longer
▪ Verify that the sender is listed in your recipient's contacts list

- 121 -

● Mobile Battery Issues

o Application configuration is set incorrectly
o The lower in brightness, the longer the battery lasts
o Extreme temperature
o Keep batteries and other electronic devices to 10-38°C
o Batteries last from 3-5 years
o Proper charging and discharging of battery
o Let the battery drain to about 20% before recharging to increase the battery's
lifespan
o Smart charge initiates a slow trickle charge

● Screen Autorotation Issues

o Portrait
o Landscape
▪ Rotation lock is enabled
● iOS
o Control center
● Android
o Notification drawer
▪ User is not touching any other part of the screen
▪ Some applications only work in one mode
▪ Accelerometer or motion sensor detects which way the phone is held
▪ If the sensor stops working, the device will no longer be allowed to
autorotate
● Rotation lock is disabled
● Check the applications
● Defective accelerometer or motion sensor

- 122 -

Troubleshooting Mobile Security

Objective 3.5

● OBJ 3.5: Given a scenario, troubleshoot common mobile OS and application security
issues

● Rooting and Jailbreaking

o Rooting
▪ Android
o Jailbreaking
▪ iOS or iPad OS

o Rooting
▪ Allows to get administrative rights on an Android device

▪ Android devices are based on Linux

▪ Custom firmware gives a new version of the Android OS
▪ Custom firmware, or rooting, introduces lots of vulnerabilities
▪ Rooting can lead to significant security vulnerabilities

● Sideloading Apps
o Android
▪ APK
o iPhone or iPad
▪ Jailbreaking, Developer tools

o APK Sideloading
▪ Installing an application outside of the official store

● Settings
o Allow third-party applications

▪ Sideloading is considered a dangerous practice

o Application Spoofing
▪ Occurs when an application passes as a legitimate app

- 123 -

● Managed Google Play

o Android
● Apple Business Manager
o iPhone

▪ Third-party app stores have spoofed applications that contain malware

▪ Enterprise organizations use sideloading to install applications to access
private applications
▪ Bootleg application stores have pirated versions of legitimate apps
▪ Applications from bootleg app stores usually have malware embedded in
them

● Mobile Malware Symptoms

o High number of ads
▪ Check phone settings and verify that privacy settings are enabled
o Fake security warnings
o Slow performance
▪ Crypto Mining
▪ Sending Data
o Limited network connectivity
▪ Corrupted DNS
▪ Redirection attack
▪ Proxy installed

o An on-path attack tries to collect information and see what you see

● Unexpected Application Behavior

o Bootleg or spoofed application
o High amount of network traffic
▪ DDoS
▪ Mass email campaign
▪ Cryptomining

● Leaked Mobile Data

o Leaked Mobile Data
▪ Data from a mobile device going into the public Internet
▪ The device is well protected and has an updated OS

- 124 -

▪ Use long and strong passwords

▪ Enable two-factor authentication (multifactor authentication)
▪ Quarantine and investigate as part of an incident response for that data
breach
▪ Check the cloud service and mobile device

- 125 -

Professionalism
Objective 4.7

● OBJ 4.7: Given a scenario, use proper communication techniques and professionalism

● Professionalism
o Learn the best practices for dealing with end-users
o Show up and dress up accordingly
o Avoid distractions
o Based on the rules of the organization

● Professional Appearance
o Formal
▪ Gray suit
▪ Black suit
▪ Navy Blue suit
o Business Casual
▪ Khaki pants
▪ Polo shirt
▪ Button-down shirt

o Business formal attire is dressing to impress

o Business professional attire is dressing up but not wearing a full suit
o Business Casual
▪ No need to wear a suit, but you still need to dress up a little bit
o Small-business casual is the basic uniform for a tech startup
▪ Small-business casual allows people to be comfortable as long as it is
presentable

● Respect Other's Time

1. Always be on time
▪ Be on time or early to ensure customer is not waiting on you
2. Don't waste other people's time
▪ Give customer a timeline and expectation
3. Don't get easily distracted
▪ Give customer your full attention

- 126 -

▪
Always keep your cellphone in your pocket and do not use it at work
unless necessary
4. Do not interrupt people
▪ When dealing with high-level leaders, work on their schedule
5. Set expectations and meet those expectations
▪ Set expectations upfront with the customer and give status updates

● Proper Communication
o Maintain positive attitude and project confidence
o Actively listen and take notes
o Use proper language
o Be culturally sensitive
o Communicate the status

o Maintain a positive attitude and make the customer see that you're there to help
them
o Active listening is a skill
▪ Open-ended Question
● Questions that need a valid response
o "Can you tell me what you saw on your screen before the
computer rebooted?"

● Close-ended Question
o Questions that are answered with a yes or no, or a simple
answer

▪ Start with open-ended questions, then follow up with close-ended

questions to get final details

o Use proper language and avoid jargon, acronyms, and slang

▪ People from the same country can have different cultural differences
▪ Use people's professional titles and treat people with respect and dignity

o Offer repair or replacement

o Provide proper documentation
o Follow up with the customer

- 127 -

▪ Cost
● Repair is, what the likely
▪ Timeframe
● Repair that option and how long that repair would likely last

o Customer Satisfaction (CSAT)

▪ Customer experience metric

● Dealing with Private Data

o Private Data
▪ End users' confidential and private materials

▪ "Is there anything you don't want me to see on this device?"

▪ "Is there anything I should stay away from?"

▪ Ask if there's anything they don't want you to see

▪ Do not open anything that stores confidential or private information
▪ Do not use a customer's device for your own personal use
▪ Keep the working area clean and tidy

● Difficult Situations
o Do not personalize the support issues

1. Don't argue with customers

2. Avoid dismissing the customer's problems
3. Avoid being judgmental
4. Clarify customer's statements
▪ Ask open-ended questions
▪ Actively listen
5. Do not disclose experiences in social media outlets
▪ Do not share experiences on social media

- 128 -

SY0-701 Lab Setup Guide
100% (1)
SY0-701 Lab Setup Guide
14 pages
Full Download Mike Meyers' CompTIA Security+ Certification Guide, Second Edition (Exam SY0-501) Mike Meyers PDF
No ratings yet
Full Download Mike Meyers' CompTIA Security+ Certification Guide, Second Edition (Exam SY0-501) Mike Meyers PDF
56 pages
Complete A+ Guide to IT Hardware and Software: CompTIA A+ Exams 220-1101 & 220-1102, 9th Edition Cheryl A. Schmidt & Christopher Lee All Chapters Instant Download
100% (4)
Complete A+ Guide to IT Hardware and Software: CompTIA A+ Exams 220-1101 & 220-1102, 9th Edition Cheryl A. Schmidt & Christopher Lee All Chapters Instant Download
48 pages
CompTIA A+ Core 1 (220-1101) Study Guide
No ratings yet
CompTIA A+ Core 1 (220-1101) Study Guide
26 pages
220-1101 Updated Dumps - CompTIA a+ Certification Exam Core 1
No ratings yet
220-1101 Updated Dumps - CompTIA a+ Certification Exam Core 1
9 pages
CompTIA Network+ (N10-008) Dumps
No ratings yet
CompTIA Network+ (N10-008) Dumps
5 pages
COMPTIA A+ Core 1 Exam Tenth Edition (Author of Comptia Network+ Guide To Networks) Jill West All Chapter Instant Download
100% (7)
COMPTIA A+ Core 1 Exam Tenth Edition (Author of Comptia Network+ Guide To Networks) Jill West All Chapter Instant Download
53 pages
PESianity PES2016 Edit Mode Guide For PS4
100% (6)
PESianity PES2016 Edit Mode Guide For PS4
44 pages
Networking Technologies (C - ITNT021.C - ITNT121 V1.0) Study Guide PDF
100% (1)
Networking Technologies (C - ITNT021.C - ITNT121 V1.0) Study Guide PDF
180 pages
Comptia 220-701: Exam Name: Comptia A+ Essentials (2009) Q & A: 511 Q&As
No ratings yet
Comptia 220-701: Exam Name: Comptia A+ Essentials (2009) Q & A: 511 Q&As
5 pages
Ict1531 2010 6 e 1
No ratings yet
Ict1531 2010 6 e 1
21 pages
EnCase Forensic Imager v7.06 User's Guide
No ratings yet
EnCase Forensic Imager v7.06 User's Guide
37 pages
CompTIA A 220-1102 Study Guide
100% (1)
CompTIA A 220-1102 Study Guide
128 pages
CompTIA Network+ N10-009 Exam-Prep
From Everand
CompTIA Network+ N10-009 Exam-Prep
Abound Academy
No ratings yet
Ccna Notes by Rima
No ratings yet
Ccna Notes by Rima
115 pages
Comptia A 220 1101 Exam Objectives (6 0)
No ratings yet
Comptia A 220 1101 Exam Objectives (6 0)
19 pages
Mike Meyers' Comptia A+ Core 2 Certification Passport (Exam 220-1102) Mike Meyers 2024 scribd download
88% (8)
Mike Meyers' Comptia A+ Core 2 Certification Passport (Exam 220-1102) Mike Meyers 2024 scribd download
66 pages
CompTIA a+ 900 Series
No ratings yet
CompTIA a+ 900 Series
813 pages
CompTIA a+ 220-1001 Core 1 Course Notes by Professor Messers_109-111
No ratings yet
CompTIA a+ 220-1001 Core 1 Course Notes by Professor Messers_109-111
3 pages
ITF+ CompTIA IT Fundamentals All-in-One Exam Guide, Second Edition (Exam FC0-U61) Mike Meyers - Ebook PDF 2024 Scribd Download
100% (5)
ITF+ CompTIA IT Fundamentals All-in-One Exam Guide, Second Edition (Exam FC0-U61) Mike Meyers - Ebook PDF 2024 Scribd Download
51 pages
CompTIA A+ 220-1001 Core 1 Course Notes by Professor Messers_019-021
No ratings yet
CompTIA A+ 220-1001 Core 1 Course Notes by Professor Messers_019-021
3 pages
Comptia 220-1001 and 220-1002 Exam Study Guide - July 2020 Edition
No ratings yet
Comptia 220-1001 and 220-1002 Exam Study Guide - July 2020 Edition
7 pages
Mike Meyers' Comptia A+ Guide To Managing and Troubleshooting Pcs Lab Manual, Seventh Edition (Exams 220-1101 & 220-1102) Mike Meyers
100% (2)
Mike Meyers' Comptia A+ Guide To Managing and Troubleshooting Pcs Lab Manual, Seventh Edition (Exams 220-1101 & 220-1102) Mike Meyers
79 pages
Aindumps 2023-Aug-05 by Kevin 224q Vce
No ratings yet
Aindumps 2023-Aug-05 by Kevin 224q Vce
13 pages
PDF CompTIA Linux+ XK0-005 Exam Cram William “Bo” Rothwell download
100% (4)
PDF CompTIA Linux+ XK0-005 Exam Cram William “Bo” Rothwell download
66 pages
CompTIA+Network++ (N10 008) + (Study+Guide)
No ratings yet
CompTIA+Network++ (N10 008) + (Study+Guide)
244 pages
CertMaster Network N10009 Module 5_Presentation Slides (1)
No ratings yet
CertMaster Network N10009 Module 5_Presentation Slides (1)
48 pages
N+ Syllabus
50% (2)
N+ Syllabus
3 pages
Casp Comptia Advanced Security Practitioner Certification Exam Guide Exam Cas 003 Second
No ratings yet
Casp Comptia Advanced Security Practitioner Certification Exam Guide Exam Cas 003 Second
851 pages
Technical University
No ratings yet
Technical University
847 pages
CompTIA 220-902 Free Practice Exam & Test Training - 1-100
No ratings yet
CompTIA 220-902 Free Practice Exam & Test Training - 1-100
30 pages
Adobe Connect Installation and Configuration Guide
No ratings yet
Adobe Connect Installation and Configuration Guide
64 pages
Downloadable_Official_CompTIA_CySA+_Exam_CS0_003_Student_Guide
No ratings yet
Downloadable_Official_CompTIA_CySA+_Exam_CS0_003_Student_Guide
394 pages
Download Complete (Ebook) professor-messer-comptia-exam-hacks-v107 by professor-messer PDF for All Chapters
100% (5)
Download Complete (Ebook) professor-messer-comptia-exam-hacks-v107 by professor-messer PDF for All Chapters
60 pages
Comptia A 220 901 Exam Objectives PDF
No ratings yet
Comptia A 220 901 Exam Objectives PDF
19 pages
000 CCNA 200-301 - Full Workbook (1) - Part-20-Part-12
100% (1)
000 CCNA 200-301 - Full Workbook (1) - Part-20-Part-12
6 pages
CompTIA 220_1101 1_150 M.C.Q (3)
No ratings yet
CompTIA 220_1101 1_150 M.C.Q (3)
65 pages
Website: Vce To PDF Converter: Facebook: Twitter:: Fc0-U61.Vceplus - Premium.Exam.75Q
No ratings yet
Website: Vce To PDF Converter: Facebook: Twitter:: Fc0-U61.Vceplus - Premium.Exam.75Q
22 pages
Professor Messer Sec+ Domain 3
No ratings yet
Professor Messer Sec+ Domain 3
102 pages
CompTIA Security+ Certification Exam SY0-601 Cryptographic Concepts Quiz
No ratings yet
CompTIA Security+ Certification Exam SY0-601 Cryptographic Concepts Quiz
15 pages
Network+ Lesson 2
No ratings yet
Network+ Lesson 2
70 pages
A+ Certification Exam Guide 9th Edition With 220-902 Section Titles
100% (1)
A+ Certification Exam Guide 9th Edition With 220-902 Section Titles
1,438 pages
Professor Messer Sec+ Domain 2
No ratings yet
Professor Messer Sec+ Domain 2
87 pages
CompTIA A+ Core 1 Lesson 7 PowerPoint Notes
100% (1)
CompTIA A+ Core 1 Lesson 7 PowerPoint Notes
17 pages
CompTIA 220-1102 v2023-02-27 q36
No ratings yet
CompTIA 220-1102 v2023-02-27 q36
11 pages
CompTIA A+ 220-1001 Core 1 Course Notes by Professor Messers_004-006
No ratings yet
CompTIA A+ 220-1001 Core 1 Course Notes by Professor Messers_004-006
3 pages
00-
No ratings yet
00-
15 pages
CompTIA A+ Certification, Exam 220-801 SM - Modulos 1-6
No ratings yet
CompTIA A+ Certification, Exam 220-801 SM - Modulos 1-6
225 pages
CCNA Dumbs Part 1
100% (1)
CCNA Dumbs Part 1
90 pages
CompTIA N+ eBook
No ratings yet
CompTIA N+ eBook
554 pages
Pages From CompTIA - 220-901
No ratings yet
Pages From CompTIA - 220-901
33 pages
Comptia Security Sy0 501 Exam Objectives
No ratings yet
Comptia Security Sy0 501 Exam Objectives
20 pages
[Ebooks PDF] download CASP Practice Tests 1st Edition Nadean H. Tanner full chapters
100% (1)
[Ebooks PDF] download CASP Practice Tests 1st Edition Nadean H. Tanner full chapters
62 pages
Comptia Cyber
No ratings yet
Comptia Cyber
552 pages
SY0-701-Demo
No ratings yet
SY0-701-Demo
25 pages
pt0 002 01
No ratings yet
pt0 002 01
28 pages
Course_ CompTIA Security+ (SY0-701) Practice Exams Set 1 _ Udemy2
0% (1)
Course_ CompTIA Security+ (SY0-701) Practice Exams Set 1 _ Udemy2
1 page
CompTIA+A++220-1101 StudyGuide
No ratings yet
CompTIA+A++220-1101 StudyGuide
143 pages
CompTIA SecurityPlus601 Acronyms
100% (1)
CompTIA SecurityPlus601 Acronyms
4 pages
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet
Incident response team Third Edition
From Everand
Incident response team Third Edition
Gerardus Blokdyk
No ratings yet
MCSA Windows 10 Study Guide: Exam 70-698
From Everand
MCSA Windows 10 Study Guide: Exam 70-698
William Panek
No ratings yet
Revision en 2024
No ratings yet
Revision en 2024
13 pages
Configuring Local Storage
No ratings yet
Configuring Local Storage
22 pages
K 1000C Instructions
No ratings yet
K 1000C Instructions
9 pages
File Systems
No ratings yet
File Systems
44 pages
给windows 7分配驱动器号码
100% (1)
给windows 7分配驱动器号码
6 pages
Question Bank Cyber Forensics in Engineering Study
No ratings yet
Question Bank Cyber Forensics in Engineering Study
10 pages
Recoverit User Manual
100% (1)
Recoverit User Manual
68 pages
INTRODUCTION TO OS (1)
No ratings yet
INTRODUCTION TO OS (1)
58 pages
Lecture # 28: Extended Partitions
No ratings yet
Lecture # 28: Extended Partitions
6 pages
Research Examples in Computer Forensics (Michael M. W. de Silva, 2009)
No ratings yet
Research Examples in Computer Forensics (Michael M. W. de Silva, 2009)
29 pages
DC-30 - System Recovery Guide - V2.0 - EN
No ratings yet
DC-30 - System Recovery Guide - V2.0 - EN
12 pages
Windows File Systems
No ratings yet
Windows File Systems
8 pages
Using SD Card PDF
No ratings yet
Using SD Card PDF
17 pages
FALLSEM2023-24 CSE4004 ETH VL2023240103594 2023-09-08 Reference-Material-I
No ratings yet
FALLSEM2023-24 CSE4004 ETH VL2023240103594 2023-09-08 Reference-Material-I
31 pages
Opencore 2022 05 29 030514
No ratings yet
Opencore 2022 05 29 030514
58 pages
WS-011 Windows Server 2019 Administration
No ratings yet
WS-011 Windows Server 2019 Administration
67 pages
FDA Expectation On Software Validation
No ratings yet
FDA Expectation On Software Validation
40 pages
Icitss v-1 Question
No ratings yet
Icitss v-1 Question
24 pages
2022 - MSX Top Secret 3 - Complete - en
100% (1)
2022 - MSX Top Secret 3 - Complete - en
1,234 pages
IAT-III Question Paper with Solution of BCS303 Operating Systems March-2024-Attar Mahay Sheetal
No ratings yet
IAT-III Question Paper with Solution of BCS303 Operating Systems March-2024-Attar Mahay Sheetal
13 pages
Working With Embedded Multimediacard (Emmc)
100% (1)
Working With Embedded Multimediacard (Emmc)
15 pages
Inside Hard Disks
No ratings yet
Inside Hard Disks
23 pages
Paper Implementation of Low Cost Data Logger
No ratings yet
Paper Implementation of Low Cost Data Logger
7 pages
Ntfs Vs Fat
No ratings yet
Ntfs Vs Fat
2 pages
Full form 2
No ratings yet
Full form 2
11 pages
SD Group, SD Card Association - SD Specifications - Part 2 - File System Specification - Version 3.00 (2009)
No ratings yet
SD Group, SD Card Association - SD Specifications - Part 2 - File System Specification - Version 3.00 (2009)
136 pages
Module 2 v2
No ratings yet
Module 2 v2
21 pages
Hardware and Software Installation and Support
No ratings yet
Hardware and Software Installation and Support
120 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.