A+1102 Exam Review Flashcards
Pass the first time
ls
Linux Command: List directory contents
pwd
Linux Command: show what directory you are in
mv
Linux Command: move or rename a file
cp
Linux Command: copy a file
rm
Linux Command: remove a file
chmod
Linux Command: change permissions
chown
Linux Command: change owner
su/sudo
Linux Command: switch user/superuser do (something)
apt-get
yum
Linux Command: tool to manage applications & updates
Based on Linux distribution (version)
ip
Linux Command: show ip address
df
Linux Command: shows disk free space
grep
Linux Command: look inside a file for text
ps
Linux Command: process status
man
Linux Command: the Linux help manual
top
Linux Command: shows top running programs
find
Linux Command: search for a file
dig
Linux Command: used to lookup DNS information
cat
Linux Command: view a file
nano
Linux Command: file editor
AAA Model
Authentication
Who Are you?
ex: I am user student and my password validateme proves it.
AAA Model
Authorization
What can you do?
ex: What can you access host serverXYZ using Telnet.
AAA Model Accounting
What did you do? How long did you do it? How often did you do it?
ex: User student accessed host serverXYZ using Telnet for 15 minutes.
CIA Triad
Confidentiality
Confidentiality prevents unauthorized disclosure of information
CIA Triad
Integrity
Integrity assures that data cannot be modified in an unauthorized manner.
CIA Triad
Availability
Information should be readily available for the authorized users.
Malware
Bugs
A type of error, flaw or failure that produces an undesirable or unexpected result. Bugs typically exist in a website’s source code and can cause a wide range of damage.
Malware
Worms
A worm relies on security failures to replicate and spread itself to other computers. They are often hidden in attachments and will consume bandwidth and overload a web server
Malware
Virus
A piece of code that is loaded onto your website or computer without your knowledge. It can easily multiply and be transmitted as an attachment or file.
Malware
Bots
A software program created to perform specific tasks. Bots send spam or be used in a DDoS attack to bring down an entire website.
Malware
Trojan Horse
Much like the myth, a Trojan disguises itself as a normal file and tricks users into downloading it, consequently installing malware.
Malware
Ransomware
Ransomware denies access to your files and demands payment through Bitcoin in order for access to be granted again.
Malware
Adware
A type of malware that automatically displays unwanted advertisements. Clicking on one of these ads could redirect you to a malicious website.
Malware
Spyware
A type of malware that functions by spying on a user’s activity. This type of spying includes monitoring a user’s activity, keystrokes, and more.
NTFS File and Folder Permissions
Action: Moving files and folders on the same NTFS volume
Effect: ?
Destination folder: Write permission
Source folder: Modify permission
NTFS permissions are retained
NTFS File and Folder Permissions
Action: Moving files and folders to a different NTFS volume
Effect: ?
Destination folder: Write permission
Source folder: Modify permission
NTFS permissions are inherited from the destination folder and the user becomes the Creator/Owner
NTFS File and Folder Permissions
Action: Copying files and folders on the same NTFS volume or different NTFS volumes
Effect: ?
Destination folder: Write permission
Source folder: Read permission
NTFS permissions are inherited from the destination folder and the user becomes the Creator/Owner.
NTFS File and Folder Permissions
Action: Moving files and folders to a FAT or FAT32 partition.
Effect: ?
Source folder: Modify permission.
All permissions and NTFS attributes (such as encryption) are lost.
NTFS
New Technology File System
Uses log file and checkpoint info to restore consistency of the file system after a system failure
Uses ACLs (Access Control List) to set permissions on files and folders, can use Bitlocker
Handles 8 petabytes on new versions of Windows
Supports per-file compression and encryption, which helps in saving space and securing data
/?
Windows Command: This command is also known as the HELP command. When placed after any command, it will give a help list of how to use that specific command! This is placed AFTER the command.
ex: ipconfig /?
Help
Windows Command: The same as /?, but it will be placed BEFORE a command.
ex: Help ipconfig
Ipconfig
Windows Command: A command line tool used to control the network connections on Windows! It will show most of the network information you’ll need. Network configuration, including IP addresses, subnet masks, and default gateways
Ipconfig /all
Not only will ipconfig /all show you your basic network settings, it will also show you Mac addresses, detailed IPv6 information, IP address leases and DHCP connection information
Windows 10 Editions: Home
Designed for home users, with basic features like Cortana and the Edge web browser, but lacks some business-oriented features like domain access, Remote Desktop Protocol (RDP), and Bitlocker
Windows 10 Editions: Pro
Designed for small businesses, with added features like domain access, Remote Desktop Protocol (RDP), and BitLocker
Windows 10 Editions: Pro for Workstations
Designed for power users and professionals with high-end hardware, with features like support for up to 6 TB of RAM, ReFS file system, and support for non-volatile memory (NVMe) and persistent memory
Windows 10 Editions: Enterprise
Designed for large organizations with advanced security features, including Windows Defender Application Guard and Credential Guard.
Feature Differences: Domain Vs Access Group
Home and Pro editions can only join a workgroup, while enterprise edition can join a domain
Feature Differences: Desktop styles/user interface
The Home edition does not support the ability to change the desktop wallpaper, and it does not include the Group Policy Editor (gpedit.msc) tool
Feature Differences: Availability Of Remote Desktop Protocol (RDP)
Only the Pro, Pro for Workstations, and Enterprise editions support RDP
Feature Differences: RAM support limitations
Home and Pro editions have limitations on the amount of RAM they support, while Pro for Workstations, and Enterprise editions support larger amounts
Feature Differences: BitLocker
Only the Pro, Pro for Workstations, and Enterprise editions support BitLocker drive encryption
Feature Differences: gpedit.msc
Only the Pro and Enterprise editions include the Group Policy Editor tool
Upgrade Paths for Windows 10
All editions of Windows 10 can be upgraded to a higher edition through an in-place upgrade, except for Enterprise Edition, which requires a clean install
Windows Command: cd
Changes the current directory to another directory
Windows Command: dir
Displays a list of files and folders in the current directory
Windows Command: md
Creates a new directory
Windows Command: rmdir
Deletes a directory
Windows Command: Drive navigation inputs of C: or D: x::
Changes the current drive to the specified drive
Windows Command: ping
Tests network connectivity by sending an ICMP echo request to a destination IP address or hostname
Windows Command: hostname
Displays the name of the current computer
Windows Command: netstat
Shows active network connections, protocol statistics and network interface information
Windows Command: nslookup
Queries the DNS server to obtain domain name or IP address mapping information
Windows Command: chkdsk
Checks a disk for errors and repairs them if possible
Windows Command: net use
Connects to or disconnects from shared resources, such as network drives and printers
Windows Command: net user
Manges user accounts on the local computer or a remote computer
Windows Command: tracert
Traces the path that a packet takes from the local computer to a remote destination
Windows Command: format
Formats a disk drive or a partition
Windows Command: xcopy
Copies files and directories, including subdirectories and files that match specified file types
Windows Command: copy
Copies one or more files from one location to another
Windows Command: robocopy
Copies files and directories with advanced options, including the ability to resume interrupted transfers and copy permissions and attributes
Windows Command: gpupdate
Updates group policy settings on the local computer or a remote computer
Windows Command: shutdown
Shuts down or restarts the local computer or a remote computer
Windows Command: sfc
Scans and repairs system files
Windows Command: (Command Name) /?
Displays help for the specified command
Windows Command: diskpart
Manages disk partitions and volumes
Windows Command: pathping
Traces the path that a packet takes from the local computer to remote destination, showing the round-trip times for each router along the way
Windows Command: winver
Displays the version of Windows installed on the computer
Task Manager: Services
This tab displays the list of services that are currently running on the computer, along with their status, startup type, and description. You can start, stop, or restart services from this tab.
Task Manager Startup
This tab displays the list of applications and processes that are configured to start automatically when the computer boots up. You can enable or disable startup items from this tab.
Task Manager: Performance
This tab displays real-time information about the computer’s hardware usage, including CPU, memory, disk, and network usage. You can use this tab to monitor the performance of the computer and identify any bottlenecks.
Task Manager: Processes
This tab displays the list of running processes on the computer, including their names, CPU and memory usage, and status. You can use this tab to end processes that are consuming too many resources or causing problems
Task Manager: Users
This tab displays the list of users who are currently logged on to the computer, along with their session ID and status. You can use this tab to log off or disconnect users, or to view the processes and resource usage of each user.
Microsoft Management Console (MMC) snap-in: Event Viewer
It is a tool to view and manage system event logs.
Microsoft Managment Console (MCC) snap-in: Disk Management
diskmgmt.msc
It is a tool to manage disks, partitions, and volumes
Microsoft Management Console (MMC) snap-in: Task Scheduler
taskschd.msc
It is a tool to create and manage automated tasks or scripts
Microsoft Management Console (MMC) snap-in: Device Manager
devmgmt.msc
It is a tool to manage system devices and drivers
Microsoft Management Console (MMC) snap-in: Certificate Manager
certmgr.msc
It is a tool to manage digital certificates
Microsoft Management Console (MMC) snap-in: Local Users and Groups
lusrmgr.msc
It is a tool to manage local user and group accounts
Microsoft Management Console (MMC) snap-in: Performance Monitor
perfmon.msc
It is a tool to monitor and analyze system performance
Microsoft Management Console (MMC) snap-in: Group Policy Editor
gpedit.msc
It is a tool to manage system policies and configurations
System Information
msinfo32.exe
It is a tool to view detailed system information, including hardware and software components
Resource Monitor
resmon.exe
It is a tool to monitor system resources such as CPU, memory, disk, and network usage
System Configuration
msconfig.exe
It is a tool to manage system startup setting, services and boot options
Disk Cleanup
cleanmgr.exe
It is a tool to free up disk space by removing unnecessary files
Disk Defragment
dfrgui.exe
It is a tool to optimize disk performance by rearranging fragmented files
Registry Editor
regedit.exe
It is a tool to view and manage the system registry, which contains configuration settings for the system and installed applications
Control Panel: Internet Options
allows you to manage various internet settings, such as security, privacy, content, and connections
Control Panel: Devices and Printers
allows you to view and manage the devices connected to your computer, including printers, cameras, and smart phones
Control Panel: Programs and Features
Allows you to view and manage the installed programs and features on your computer, including uninstalling programs
Control Panel: Network and Sharing Center
allows you to view and manage your network connections and sharing options, such as file and printer sharing
Control Panel: System
allows you to view and manage system settings, including system information, device manager, and performance settings
Control Panel: Windows Defender Firewall
allows you to manage the Windows Firewall settings, including enabling or disabling the firewall, creating firewall rules, and configuring notifications
Control Panel: Mail
allows you to manage your email accounts and settings, including adding and removing email accounts, changing email settings, and setting up email signatures
Control Panel: Sound
allows you to manage your computer’s audio settings, including playback and recording devices, volume, and sound effects
Control Panel: User Accounts
allows you to manage user accounts on your computer, including creating and deleting user accounts, changing account settings, and managing passwords
Control Panel: Device Manager
allows you to manage hardware devices installed on your computer, including updating drivers, enabling or disabling devices, and troubleshooting device issues
Control Panel: Indexing Options
allows you to manage the Windows search indexing settings, including adding or removing indexed locations and optimizing the search indexing
Control Panel: Administrative Tools
Provides access to various administrative tools including Even Viewer, Task Scheduler, and Services
Control Panel: File Explorer Options: Show hidden files
This option allows you to see files and folders that are normally hidden from view. These files may include system files, hidden files, and other files that Windows does not want you to see by default
Control Panel: File Explorer Options: Hide Extensions
This option hides the file extensions (e.g., .docx, .pdf, .jpg) for known file types in File Explorer. This can help to keep the file names cleaner and easier to read, but can also make it harder to identify different file types
Control Panel: File Explorer Options: General options
this section contains general settings for the File Explorer, such as changing the default folder view, opening File Explorer to this PC instead of Quick Access, and clearing the File Explorer history
Control Panel: File Explorer Options: View options
this section contains more detailed settings for customizing the way File Explorer displays files and folders. This includes options for changing the icon size, enabling or disabling file and folder thumbnails, changing the default sorting order, and more. You can also choose to apply these settings to all folders or just the current folders
Control Panel: Power Options: Hibernate
This option allows you to save all open files and running programs to the hard drive, and then turn off your computer completely. When you turn your computer back on, all open files and programs will be restored to their previous state. This can be useful if you need to leave your computer for a period of time but want to resume your work quickly when you return
Control Panel: Power Options: Power plans
this option allows you to choose from pre-set power plans that control how your computer uses energy. These plans include Balanced, Power Saver, and High performance, and can be customized to suit your needs
Control Panel: Power options: Sleep/suspend
This option puts your computer into a low-power state, saving energy while still keeping the computer running. All open files and programs are saved to memory, and the computer can be quickly resumed from this state by pressing a key or moving the mouse
Control Panel: Power options: Standby
this option is similar to sleep/suspend, but the computer uses even less power and takes longer to resume. Standby is rarely used on modern computers, as sleep/suspend provides a better balance between energy savings and speed of resuming
Control Panel: Power Options: Choose what closing the lid does
this option lets you choose what happens when you close the lid of your laptop. You can choose to do nothing, turn off the display, put the computer to sleep, or shut down the computer
Control Panel: Power Options: Turn on fast startup
this option allows your computer to start up more quickly by saving system information to a file when you shut down your computer. This information is then used to quickly restore the system state when you turn your computer back on
Control Panel: Power Options: Universal Serial Bus (USB) selective suspend
this option allows you to save power by suspending power to USB devices when they are not in use. This can be useful for laptops and other portable devices, as it can help to extend battery life
Control Panel: Ease of Access
allows you to manage accessibility settings, including visual, auditory, and input assistance, to make the computer easier to use for people with disabilities
Windows Settings: Time and Language
Allows users to configure their time zone, date and time formats, and language settings
Windows Settings: Update and Security
Provides access to Windows Update, device security settings, and recovery options
Windows Settings: Personalization
allows users to customize the appearance and behavior of their desktop, taskbar, and Start menu
Windows Setting: Apps
Allows users to manage and uninstall their installed applications, and configure app related settings
Windows Settings: Privacy
Provides access to settings for managing how apps and services collect and use data
Windows Settings: System
Provides access to settings for managing system-wide features and configuration options, such as storage, display, power, and notifications
Windows Settings: Devices
Provides access to settings for managing and configuring external devices, such as printers, scanners, and Bluetooth devices
Windows Settings: Network and Internet
Provides access to settings for managing network connections and Wi-Fi settings
Windows Settings: Gaming
Provides access to settings for managing game-related features, such as Game Bar, Game DVR, and Xbox Game pass
Windows Settings: Accounts
Allows users to manage their Microsoft account settings, sign-in options, and user account preferences
Workgroup vs. Domain setup: Workgroup
A workgroup is a collection of computers on a network that share resources, such as files and printers. In a workgroup setup , each computer manages its own user accounts, and users need to provide separate usernames and passwords to access shared resources on other computers
Workgroup vs. Domain Setup: Domain
A domain is a centralized network setup managed by a server computer called a domain controller. Users log in to the domain controller to access shared resources, and administrators can manage user accounts and security from a single location
Workgroup vs Domain setup: Shared resources, printers, and file servers
In a network setup, shared resources such as printers and file servers are made available to other computers on the network. This allows users to access and share resources from different computers
Local OS firewall settings
The firewall in Windows is designed to block incoming traffic that might be harmful to your computer. The firewall can be configured to allow or block specific applications, and expectations can be created for certain types of traffic
Client network Configuration: IP addressing scheme
IP addresses are used to identify and communicate with other devices on a network. In a client desktop, IP addressing can be configured using DHCP (Dynamic Host Configuration Protocol) or by assigning static IP addresses manually
Client network configuration: DNS settings
DNS (Domain Name System) resolves domain names to IP addresses, DNS settings can be configured to automatically obtain DNS server addresses from the network or to use specific DNS servers.
Client network configurations: Subnet mask
A subnet mask is used to define the network address and the host address in an IP address. It is used to determine the network segment to which an IP address belongs
Client network configuration: Gateway
A gateway is a device that connects two different networks. It allows devices on one network to communicate with devices on another network
Client Network configuration: Static vs. dynamic
Static IP addresses are manually assigned and do not change, while dynamic IP addresses are automatically assigned and can change
Establish network connections: VPN
A virtual private network (VPN) allows a user to connect to a remote network securely over the internet
Establish network connections: Wireless
A wireless connection allows a client desktop to connect a network wirelessly
Establish network connection: Wired
A wired connection allows a client desktop to connect to a network using an Ethernet cable.
Establish network connections: WWAN
Wireless wide area network (WWAN) is a wireless network that provides internet access to mobile devices using cellular networks
Proxy settings
Proxy settings are used to configure the client desktop to use a proxy server to access the internet
Public network vs. private network
In Windows, a public network is one that is not trusted and has limited access to shared resources, while a private network is a trusted network with access to shared resources
File Explorer navigation
network paths: File Explorer can be used to navigate to and access shared resources on a network using network paths
Metered connections and limitations
Metered connections are network connections that have a limited data allowance, such as cellular networks. Windows can be configured to limit data usage on metered connections to reduce the risk of exceeding data allowance
System requirements for applications: 32 bit vs. 64 bit
These refer to the type of software that can run on the operating system. Windows 10 Home, Pro, and Enterprise all come in both 32-bit and 64-bit versions, while Windows 10 Pro for Workstations only comes in 64-bit. Most newer applications are designed to run on 64-bit operating systems, which offer better performance and more memory support
System Requirements for applications: Dedicated graphics vs. integrated graphics
This refers to the type of graphics processing unit (GPU) that a computer has. A dedicated graphics card is a separate component that is designed solely for graphics processing, while integrated graphics are built into the CPU and share system resources with the rest of the computer. Dedicated graphics cards are generally more powerful and offer better performance for tasks such as gaming and video editing
System Requirements for applications: Video random-access memory (VRAM) requirements
This refers to the amount of memory that a graphics card has for storing textures and other data related to rendering images on a display. More VRAM generally means better performance, especially for higher-resolution displays
System Requirements for applications: RAM requirements
This refers to the amount of memory (RAM) that a computer needs to run an operating system and its applications smoothly. Windows 10 Home requires at least 1 GB of RAM for 32-bit versions and 2 GB for 64-bit versions, while Windows 10 Pro, Pro for Workstations, and Enterprise require at least 2 GB of RAM for 32-bit versions and 4 GB for 64-bit versions. However, more RAM is generally better for running multiple applications or working with large files
System Requirements for Applications: Central Processing Unit (CPU) requirements
This refers to the type of processor that a computer has, and the speed and number of cores it has. Windows 10 requires a minimum of a 1 GHz or faster processor, but faster and more powerful processors can improve performance, especially for multitasking and running resource-intensive applications
System Requirements for Applications: External hardware tokens
These are physical devices used for authentication and security purposes, such as smart cards or USB security keys. Windows 10 supports a variety of hardware tokens and has built-in support for biometric authentication through fingerprint readers and webcams
System Requirements for Applications: Storage requirements
This refers to the amount of disk space that an operating system and its applications need to be installed and run. Windows 10 Home requires at least 16 GB of free space for 32-bit versions and 20 GB for 64-bit versions, while Windows 10 Pro, Pro for Workstations, and Enterprise require at least 32 GB of free space for 64-bit versions. However, more storage is generally needed for storing data and installing additional applications
OS requirements for applications: compatibility between windows versions
The compatibility between an application and the operating system it is installed on is crucial for the application to function correctly. An application designed for Windows 10 may not work on Windows 7, for example
OS requirements for applications: bit version
Another important aspect is the bit version of the operating system. Applications designed for a 32-bit OS may not work on a 64-bit OS, and vice versa. It is essential to know which bit version the application is designed for before installing it on an OS
OS requirements for applications: Bit memory
Furthermore, a 64-bit OS can handle larger amounts of memory and data than a 32-bit OS, So applications that require more memory or process larger amounts of data may require a 64-bit OS to operate efficiently. However, not all applications require a 64-bit OS, and a 32-bit OS can run many applications without issue. It is important to check the application’s system requirements to determine if it requires a 32-bit or 64-bit OS
Distribution Methods
Windows can be distributed to users through different methods, including physical media and downloadable files
Distribution Methods: Physical Media
refers to the use of CD’s, DVD’s, or USB flash drives to install or distribute Windows. This method is often used for retail sales, as users can purchase a physical copy of the Windows software and install it on their computer
Distribution Methods: Downloadable files
are often provided by Microsoft or other authorized sources, allowing users to download the Windows installation files directly from the internet. This method is convenient as users can download the files from anywhere with an internet connection and install them on their computer
Distribution Methods: ISO mountable
refers to the ability to mount the Windows installation files onto a virtual drive in order to install or distribute the software. This method is often used by IT professionals who need to install Windows on multiple computers, as it allows them to create a master copy of the installation files and easily distribute it to other computers without the need for physical media
Other Considerations for new applications: Impact on device
The installation of new applications can have an impact on the performance of the device. The new application may require additional system resources, which can lead to slower performance and longer boot times. Additionally, the new application may conflict with existing software or cause instability
Other considerations for new applications: Impact to network
New applications may require access to the network, either to download updates or to communicate with other devices. This can impact network performance and security, as the new application may introduce new vulnerabilities or require additional network bandwidth
Other considerations for new applications: Impact to operation
The installation of new applications can impact the day-to-day operations of a device. Users may need to learn how to use the new application, which can require additional training or documentation. Additionally, the new application may change the way that users interact with the device or with other software, which can impact productivity
Other Considerations for New Applications: Impact to business
Installing new applications can have a significant impact on a business. The new applications can have a significant impact on a business. The new application may require changes to existing workflows or business processes, which can impact productivity and profitability. Finally, the new application may introduce new security risks or compliance concerns, which can impact the reputation of the business
Boot Methods: USB
USB booting involves creating a bootable USB drive, which contains the necessary files to start up a computer. This method is often used to install a new operating system or to run a live operating system from the USB drive
Boot Methods: Optical media
This method involves using a bootable CD or DVD to start up the computer. This is an older method that has largely been replaced by USB booting
Boot Methods: Network
Network booting allows a computer to start up from a remote server over a network connection. This method is often used in enterprise environments where administrators need to quickly and easily deploy new operating systems to multiple computers
Boot Methods: Solid-state/flash drives
Similar to USB booting, this method involves using a bootable solid-state drive or flash drive to start up the computer. This is often used in embedded systems or other devices where there is no traditional hard drive.
Boot Methods: Internet-based
Internet-based booting involves downloading the necessary files to start up the computer from a remote server over the internet. This method is often used in thin client environments or in situations where the operating system needs to be quickly and easily deployed to multiple computers
Boot Methods: External/hot-swappable drive
This method involves using an external hard drive or other removable storage device to start up the computer. This is often used in situations where the internal hard drive has failed or is being replaced
Boot Methods: Internal hard drive (partition)
This is the most common boot method and involves installing the operating system on the computer’s internal hard drive. The hard drive is partitioned to create a boot partition, which contains the necessary files to start up the computer
Types of installations: Upgrade
This type of installation allows the user to upgrade their existing operating system to a newer version. During the upgrade process, the old operating system is replaced with the new one, and the user’s files and applications are preserved. However, it’s important to note that not all hardware and software are compatible with newer operating systems, so there may be compatibility issues to consider
Types of installations: Recovery Partition
Many computer manufacturers include a recovery partition on their devices, which can be used to restore the device to its factory settings. This type of installation wipes all data and applications from the device and reinstalls the operating system and any pre-installed software
Types of installations: Clean install
A clean install involves completely wiping the device’s hard drive and installing a fresh copy of the operating system. This is usually done when the device is experiencing problems that cannot be resolved through other means, or when the user wants to start fresh with a clean slate
Types of installations: Image deployment
Image deployment involves creating a master image of a computer’s operating system and software configuration, and then deploying that image to multiple computers. This is a common method used by businesses and organizations to quickly and efficiently deploy the same software configuration across multiple devices
Types of installations: Repair installation
A repair installation is a type of installation that allows the user to repair or reinstall the operating system without losing their personal files or installed applications
Types of installations: Remote network installation
This type of installation allows the operating system to be installed on a remote computer over a network connection. This is useful for businesses or organizations that need to install the same operating system on multiple devices
Types of installations: Third-party drivers
Third-party drivers are drivers that are created by a company other than the manufacturer of the hardware or software. These drivers may be necessary for the hardware or software to function properly, but they may not be included in the operating system installation. In this case, the user may need to manually install the third-party drivers after the operating system installation is complete
Partitioning
Partitioning is the process of dividing a hard disk into separate logically distinct sections. This allows users to separate operating systems, applications, and data, and to manage them independently. Two commonly used partitioning types are GUID Partition Table (GPT) and Master Boot Record (MBR)
Partitioning (GPT: GUID Partition Table)
GPT is a newer partitioning scheme that is part of the Unified Extensible Firmware Interface (UEFI) specification. GPT can support hard dries larger than 2 TB and allows for up to 128 partitions on a single disk. GPT also includes a backup partition table at the end of the disk, making it more resilient to damage
Partitioning (MBR: Master Bood Record)
MBR is an older partitioning scheme that is used with legacy BIOS systems. MBR can only support hard drives up to 2 TB in size and allows for up to four primary partitions or three primary partitions and one extended partition. Extended partitions can then be divided into logical partitions.
Drive format
Drive format, also known as file system, refers to the method in which a storage device such as a hard drive, solid state drive, or flash drive is organized and structured to store and retrieve data. Each system has its own rules for how data is stored, named, and accessed.
Ex: NTFS (New Technology File System) used by Windows OS
HFS+ (Hierarchical File System Plus) used by macOS
Ext4 (Fourth Extended File System) used by Linux. When formatting a drive, it erases all data on the drive and creates a new file system structure for the operating system to use. The choice of file system can affect the performance and compatibility of the drive with different operating systems and devices
Upgrade considerations
Upgrading an operating system or software involves replacing an older version with a newer one. This can have a significant impact on the system and its components.
Upgrade considerations: Backup files and user preferences
Before upgrading, it is essential to create a backup of all critical files and user preferences. This can be done manually by copying files to an external drive or by using a backup utility. In case of any errors during the upgrade process, the backup will ensure that important files and settings are not lost
Upgrade considerations: Application and driver support/backward compatibility
It is important to ensure that all the applications and drivers installed on the system are compatible with the new operating system version. Some applications may require updates or patches to work with the new OS. Drivers for hardware components such as printers, scanners, and graphics cards may also need to be updated or replaced to ensure compatibility with the new OS.
Upgrade considerations: Hardware compatibility
Upgrading to a newer version of an operating system may require newer hardware components or more system resources. For example, if the new operating system version requires more RAM or faster processor, it may not work on older systems. It is important to ensure that the system meets the minimum hardware requirements for the new OS version
Feature updates
A feature update is a major release of an OS that includes significant changes and new features. In the case of Windows 10, feature updates are released twice a year and are typically accompanied by a version number change (e.g. from version 21H1 to version 21H2). Feature updates are free to download and install for users who have a valid license for the operating system
Logical Security: Principle of least privilege
This is a security principle that dictates that users should only be granted the minimum access rights or permissions to perform their job functions. This helps to limit the potential damage that can be caused by insider attacks or external threats that may gain access to user accounts
Logical Security: Access control lists (ACLs)
is a set of rules that define the permissions or access rights that are granted to users or groups for a specific resource such as a file or folder. This allows for fine-grained control of access to resources and helps to prevent unauthorized access or modifications
Logical Security: Multifactor authentication (MFA)
This is can include something the user knows (such as a password), something the user has (such as a smart care or token), or something the user is (such as biometric data)
Logical Security: Email
security measures include measures such as encryption, anti-spam filters, anti-malware scanners, and content filtering to help prevent unauthorized access or disclosure of sensitive information
Logical Security: Hard token
A hard token is a physical device such as a smart card or USB drive that generates a one-time password or PIN for authentication
Logical Security: Soft token
A software-based authentication mechanism that uses an app or mobile device to generate a one-time password or PIN for authentication
Logical Security: Short message service (SMS)
sends a one-time code via text message to a user’s mobile device for authentication purposes
Logical Security: Voice call
Voice call authentication sends a one-time code via a voice call to a user’s mobile or landline phone for authentication purposes
Logical Security: Authenticator application
An authenticator application is a software-based authentication mechanism that generates a one-time code for authentication on a mobile device or computer. Ex: include Google Authenticator, Microsoft Authenticator, and Authy
Mobile Device Management (MDM)
a type of security software designed to manage, monitor, and secure mobile devices such as smartphone, tablets, and laptops used in an enterprise environment
Mobile Device Management (MDM) purpose
to ensure the security and manageability of mobile devices in the enterprise by allowing IT administrators to manage device settings, enforce security policies, deploy applications, and control access to enterprise resources
Mobile Device Management (MDM) IT administrators
can remotely manage devices, monitor devices usage and data access, configure device settings and enforce security policies, and wipe or lock lost or stolen devices. This helps organizations ensure that sensitive data is protected, and that devices accessing corporate resources are secure and comply with corporate policies and regulations
Mobile Device Management (MDM) solutions
typically provide features such as mobile device inventory and content management, security and compliance enforcement, and device monitoring and reporting. MDM can also help streamline device deployments, reduce the risk of data breaches, and improve overall device performance and reliability
Active Directory (AD)
a directory service developed by Microsoft that is used to manage network resources, including users, computers, and applications, on a Windows domain network.
Active Directory (AD): Login Script
a set of instructions that run automatically when a user logs in to a computer. In AD, login scripts can be used to map network drives, set up printers, or perform other tasks that need to be done when a user logs in
Active Directory (AD): Domain
A domain is a logical grouping of network resources, including computer, users, and other devices. AD uses a domain model to manage network resources and provides centralized management of network security, resources, and services
Active Directory (AD): Group Policy/updates
Group Policy is a feature of AD that allows administrators to set policies that govern the behavior of computers and users on the network. Group Policy can be used to enforce security settings, set up software installation, and configure user settings
Active Directory (AD): Organizational Units
OU is a container used to group objects in AD. OUs can be used to delegate administrative control and apply Group Policy settings to specific groups of users or computers
Active Directory (AD): Home folder
is a user’s designated storage area on a network file server. In AD, administrators can set up a user’s home folder to automatically map to a network drive when the user logs in
Active Directory (AD): Folder redirection
a feature that allows administrators to redirect certain folders, such as the documents folder, to a network location. This helps ensure that users’ files are backed up and provides easy access to files from multiple computers
Active Directory (AD): Security Groups
used to control access to network resources to network resources. In AD, administrators can create security groups that include specific users or computers and then assign permissions to those groups for specific resources on the network
Social Engineering
is a type of attack that targets human behavior and psychology rather than technical vulnerabilities in order to manipulate individuals into divulging sensitive information or performing an action that would be detrimental to an organization’s security.
Social Engineering: Whaling
This is a type of phishing attack that targets high-level executive or other individuals with access to sensitive information
Social Engineering: Tailgating
This involves following someone into a restricted area without proper authorization, by pretending to be an authorized person or simply following them closely
Social Engineering: Impersonation
This involves pretending to be someone else in order to gain access to restricted information or perform a certain action
Social Engineering: Evil twin
This involves setting up a fake wireless access point that looks identical to a legitimate one, in order to trick users into connecting to it and revealing sensitive information
Threats: Distributed denial of service (DDoS) attack
a type of cyber attack in which multiple compromised computer systems target a website, server, or other network resources to make it unavailable for its intended users. This is done by overwhelming the target system with a flood of traffic from multiple sources, rendering it inaccessible
Threats: Denial of Service (DoS) attack
A type of cyber attack that makes a server or network resource unavailable to its intended users by overwhelming it with traffic or sending it information that triggers a crash or shutdown
Threats: Zero-day attack
A type of cyber attack that exploits an unknown vulnerability in software or hardware. Attackers use these vulnerabilities to gain access to a system and steal data or cause harm
Threats: Spoofing
A type of cyber attack in which an attacker masquerades as a trusted entity to gain access to sensitive information. Spoofing can occur via email, websites, phone calls, or text messages
Threats: On-path attack
A type of cyber attack where an attacker intercepts and alters network traffic between two parties. The attacker could steal data, manipulate the data being sent, or even launch additional attacks
Threats: Brute-force attack
A type of cyber attack where an attacker tries to guess a password or encryption key by trying different combinations of characters until the correct one is found
Threats: Dictionary attack
A type of cyber attack where an attacker uses a list known passwords or commonly used passwords to try and gain access to a system or device
Threats: Insider threat
A type of threat where an individual within an organization has access to sensitive data or systems and intentionally or unintentionally causes harm or theft
Threats: Structured Query Language (SQL) injection
A type of cyber attack where an attack inserts malicious code into a website or application that uses SQL allowing them to access or manipulate sensitive data
Threat: Cross-site scripting (XSS)
A type of cyber attack where an attacker injects malicious code into a website or application that allows them to steal sensitive information such as login credentials or personal information, from users who visit the site
Vulnerabilities: Non-compliant systems
Non-compliant systems refer to systems that do not adhere to security policies and standards set by an organization. For example, a system that does not have the latest security patches installed or does not have the necessary security controls in place can be considered non-compliant. Such systems can be exploited by attackers to gain unauthorized access or steal or steal sensitive information
Vulnerabilities: Unpatched systems
systems that have not been updated with the latest security patches released by the vendor. Attackers can exploit vulnerabilities in unpatched systems to gain unauthorized access or perform malicious activities. Organizations should regularly update their systems to protect against known vulnerabilities
Vulnerabilities: Unprotected systems (missing antivirus/missing firewall)
Unprotected systems are systems that do not have the necessary security controls in place to prevent or detect malicious activities. For example, a system without antivirus software can be vulnerable to malware attacks, while a system without a firewall can be vulnerable to network attacks. Organizations should implement appropriate security controls to protect their systems and data
Data-at-rest encryption
a security measure used to protect sensitive data stored on digital devices such as hard drives, solid-state drives, or other storage devices. It involves encrypting the data while it is at rest (not being accused or used) to prevent unauthorized access, theft, or modification
Data-at-rest encryption: encryption process
involves converting the original data into a coded form that cannot be read or understood without the proper decryption key. The encryption key is only available to authorized users who possess the correct credentials to access the data
Data-at-rest encryption encryption
can be implemented at various levels, including the device level, or even individual field level. It can be done using software based encryption services. Some examples of data-at-rest encryption methods include BitLocker, VeraCrypt, and LUKS
Data-at-rest benefits
organizations can ensure that their sensitive data is protected even if the physical device or storage media falls into the wrong hands. It is an essential security measure for safeguarding confidential information such as financial records, medical records, intellectual property, and personal data
Password best practices: Complexity requirements
Length and Character types: Passwords should have a minimum length of eight characters and should be a combination of upper and lower case letters, numbers, and special characters. Longer passwords are better, as they are harder to crack
Password best practices: Expiration requirements
Passwords should be changed regularly, typically every 90 days. This helps ensure that compromised passwords are not used to access systems for an extended period.
Password best practices: Basic Input/Output System (BIOS)/Unified Extensible Firmware Interface (UEFI) passwords
BIOS/UEFI passwords are used to secure the boot process of a computer. They can prevent unauthorized users from booting the computer from an external device. BIOS/UEFI passwords should be set and should be kept confidential
End-user best practices: Use screensaver locks
Screensaver locks can automatically lock the screen after a specific period of inactivity. This helps to prevent unauthorized access to the system
End-user best practices: Log off when not in use
Users should log off their accounts when they are not using the system. This ensures that no one else can access their account and the information on the system
End-user best practices: Log off when not in use
Users should log off their accounts when they are not using the system. This ensures that no one else can access their account and information on the system
End-user best practices: Secure/protect critical hardware:
such as laptops, are protected and secured when not in use. This includes using a password-protected screen lock, storing the device in a secure location, and using a cable lock to prevent theft
End-user best practices: Secure personally identifiable information (PII) and passwords:
Users should secure their personally identifiable information (PII) and passwords by creating strong passwords, not sharing them with others, and avoiding using the same password across multiple accounts
Account Management: Restrict user permissions:
Users should only be given permissions necessary to perform their job duties. This helps to limit the potential damage that could be caused if a user’s account is compromised
Account Management: Restrict login times
If users only need to access the system during specific times. This can help prevent unauthorized access outside of business hours
Account Management: Disable guest accounts
The guest account is a built-in account in many operating systems that allows users to log in without a password. It should be disabled, as it provides an easy entry point for attackers
Account Management: Use failed attempts lockout
To prevent brute-force attacks on user accounts, lockout policies should be implemented. ex: after a certain number of failed login attempts, the account should be locked for a specified period of time
Account Management: Use timeout/screen lock
Users should be encouraged to lock their screens or log out of the system when they step away from their computer, even short periods of time. This helps to prevent unauthorized access to their account in their absence
Account Management: Change default administrators user account/password
This best practice is aimed at changing the default administrator account credentials that are set up by the system manufacturer or software provider. This is because many hackers and attackers are aware of the default usernames and passwords, and may attempt to exploit these to gain access to the system. Therefore, changing the default administrator’s user account/password will help prevent unauthorized access to the system.
Account Management: Disable Autorun
This is a Windows feature that automatically launches programs or applications when a new device or removable media is connected to the computer. However, this feature can also be exploited by malware or other malicious programs to automatically execute code without the user’s knowledge or consent. Therefore, disabling AutoRun can help prevent the automatic execution of malicious code
Account Management: Disable AutoPlay
AutoPlay is a feature that launches a menu of options when a new device or removable media is connected to the computer. This menu allows users to choose what they want to do with the device or media, such as open files, import pictures, or play music. However, this feature can be exploited by malware or other malicious programs to automatically execute code without the user’s knowledge or consent. Therefore, disabling AutoPlay can help prevent automatic execution of malicious code
Home router settings: Change default passwords
Routers come with default passwords that are easy to guess, so it’s crucial to change the default passwords to a strong, unique password
Home router settings: IP filtering
This setting allows you to specify which devices can access your network by filtering traffic based on IP addresses
Home router settings: Firmware updates
Regularly updating your router’s firmware can ensure that it has the latest security patches and features
Home router settings: Content filtering
Content filtering can block malicious or unwanted websites and protect your devices from malware and other cyber threats
Home router settings: DHCP reservations
Allows you to assign a fixed IP address to a specific device on your network, so it always receives the same IP address
Home router settings: Static WAN IP
A static WAN IP address is a permanent IP address assigned to your router by your ISP. It’s recommended to use a static IP address instead of a dynamic one to prevent your IP address from changing frequently
Home router setting: Universal Plug and Play (UPnP)
UPnP allows devices on your network to automatically configure the router and access the internet without manual configuration. However, UPnP can also be a security risk if attackers exploit it to gain access to your network
Home router settings: Screened subnet
A screened subnet is a DMZ (Demilitarized Zone) that is set up to isolate public-facing servers from the rest of the network. This provides an additional layer of security to protect your network from external attacks
Wireless specifics: Changing the service set identifier (SSID)
the name of the wireless network, and it is visible to anyone within range. Changing the default SSID to a unique name makes it harder for attackers to identify and target the network
Wireless specifics: Disabling SSID broadcast
When SSID broadcast is enabled, the network name is included in the signal broadcast by the wireless access point. Disabling this feature means that users must manually enter the SSID to connect to the network, making it less visible to potential attackers
Wireless specifics: Encryption settings
Encryption is used to protect wireless traffic from eavesdropping and unauthorized access. Common encryption methods include Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), WPA2, and WPA3. Of these, WPA3 is the most secure and recommended method for wireless networks
Wireless specifics: Disabling guest access
Disabling guest access means that only authorized users can connect to the wireless network. This prevents unauthorized individuals from accessing the network and its resources
Wireless specifics: Changing channels
Wireless networks use different channels to broadcast signals. Changing the channel can help to avoid interference from other networks and reduce the risk of attacks targeting specific channels. Non-overlapping on the 2.4 GHz frequency are 1,6,11. 5 GHz frequencies have more channels and less interference
Firewall settings
Firewalls are network security systems that monitor and control network traffic. They can be hardware-based or software-based and can be configured to block to allow specific types of traffic based on rules and policies. Two important firewall security settings are disabling unused ports and port forwarding/mapping
Firewall settings: Disabling
Unused ports involves closing off network ports that are not being used. This is important because unused ports can be exploited by attackers to gain access to a network. By disabling unused ports, organizations can reduce the attack surface of their network and limit the number of potential entry points for attackers
Firewall settings: Port forwarding/mapping
involves redirecting network traffic from one port to another. This is commonly used to allow external access to a specific service or application running on a device on the internal network. However, port forwarding can also be used by attackers to bypass firewalls and gain access to a network. It is important for organizations to carefully consider the risks of port forwarding and ensure that it is only used when necessary and that it is properly configured to prevent unauthorized access
Windows Common Symptoms: Blue screen of death (BSOD)
It is an error screen displayed when the system encounters a critical error that it can’t recover from. This can be caused by faulty hardware, corrupt drivers, or software issues
Windows Common Symptoms: Sluggish performance
This is when the computer is slow to respond or perform tasks. This can be caused by a lack of memory, outdated drivers, or malware
Windows Common Symptoms: Boot problems
This is when the system fails to boot up. This can be caused by hardware failure, corrupt system files, or malware
Windows Common Symptoms: Frequent Shutdowns
This is when the system shuts down unexpectedly. this can be caused by overheating, a failing power supply, or malware
Windows Common Symptoms: Services not starting
This is when system services fail to start. This can be caused by corrupt system files, malware, or a lack of available memory
Windows Common Symptoms: Applications crashing
This is when applications close unexpectedly. This can be caused by outdated software, corrupt system files, or malware
Windows Common Symptoms: Low memory warnings
This is when the system warns of low memory availability. This can be caused by a lack of available memory, too many programs running, or memory leaks in applications
Windows Common Symptoms: USB controller resource warnings
This is when the system warns of low USB controller resources. This can be caused by too many USB devices connected, outdated drivers, or hardware issues.
Windows Common Symptoms: System instability
This is when the system behaves erratically or unpredictably. This can be caused by malware, outdated drivers, or hardware failure
Windows Common Symptoms: No OS found
This is when the system can’t find the OS. This can be caused by failing hard drive, corrupt system files, or malware
Windows Common Symptoms: Slow profile load
This is when it takes a long time for a user profile to load. This can be caused by a large number of files in the user’s profile, corrupt user profile files, or a lack of available memory
Windows Common Symptoms: Time drift
This is when the system clock is inaccurate. This can be caused by a failing battery on the motherboard, incorrect time zone settings, or malware
Common Troubleshooting Steps: Reboot
Restarting the computer is often the first step in troubleshooting many issues. It can help clear the memory and fix minor issues.
Common Troubleshooting Steps: Restart services
If a particular service is causing issues, you can try restarting it to see if it resolves the problem
Common Troubleshooting Steps: Uninstall/reinstall/update applications
If an application is causing issues, you can try uninstalling it and reinstalling it or updating it to the latest version
Common Troubleshooting Steps: Add resources
If the computer is running slow, you can try adding more resources like RAM, hard drive space, or a better processor
Common Troubleshooting Steps: Verify requirements
Make sure that the computer meets the minimum requirements for the software or application that is causing issues
Common Troubleshooting Steps: System file check
Use the built-in System File Checker tool to scan for and repair any corrupted or missing system files
Common Troubleshooting Steps: Repair Windows
You can use the built-in Windows Repair tool to fix common issues with the operating system
Common Troubleshooting Steps: Restore
You can restore the system to a previous state using System Restore if the issue occurred after a recent change or update
Common Troubleshooting Steps: Reimage
In some cases, it may be necessary to reimage the computer to restore it to a working state
Common Troubleshooting Steps: Roll back updates
If an update caused the issue, you can try rolling back the update to a previous version
Common Troubleshooting Steps: Rebuild Windows profiles:
If the user profile is causing issues, you can try rebuilding it by creating a new profile and copying the data over
Common PC security issues: Unable to access the network
This could be caused by a malware infection that is blocking network access. Try running a malware scan and checking network settings to ensure they are configured correctly
Common PC security issues:
