comptia a+ cheat sheet, Cheat Sheet of Computer Security

Download comptia a+ cheat sheet and more Cheat Sheet Computer Security in PDF only on Docsity! A+ CERTIFICATION CHEAT SHEET From CompTIA A+ Certification All-in-One For Dummies, 4th Edition By Glen E. Clarke, Edward Tetz, Timothy Warner WINDOWS RECOVERY TOOLS FOR THE A+ CERTIFICATION EXAMS One of the hardest tasks to perform when troubleshooting a system is fixing a system that will not boot. The A+ Certification Exams expect you to be comfortable with the different recovery tools available in Windows. This table reviews popular recovery tools and specifies where you can find the recovery tool — be sure to know these for the A+ Exam. Utility Description Access Recovery Console Command line interface for troubleshooting disk issues and boot problems Boot off the Windows installation CD or using the boot menu if preinstalled Repair Mode Provides access to GUI and command line recovery tools Boot off the Vista installation CD Restore points A snap-shot of a system’s configuration; used to revert to a system’s state before a driver or software was installed From the Start menu, select All Programs→Accessories→System Tools→System Restore. Select Restore My Computer to an Earlier Time and click Next. Choose your desired restore point and click Next, and then click Next again. Windows will now boot to that restore point. Windows 7 and Vista allow you to boot your operating system to a restore point which allows you to revert back to that system configuration — very useful if your system has been hit with a virus. In order to boot to a restore point, you boot off the Windows 7/Vista Installation CD/DVD and choose Repair Your Computer, then System Restore from the System Recovery dialog box. You can also get to restore points through Safe Mode, which could prove useful if you have been hit with a virus and are unable to launch System Restore normally. Safe Mode Loads the operating system with minimal drivers An advanced startup menu option (F8) Last Known Good Configuration Loads the configuration from the last time you successfully booted and logged on An advanced startup menu option (F8) Automatic System Recovery (ASR) An automated installation and restore of Windows Press F2 during bootup RAID TYPES FOR THE A+ CERTIFICATION EXAMS You will need to know types of RAID for the A+ Certification Exam. RAID (Redundant Array of Inexpensive Disks) is a method of implementing redundancy (duplicated information) on your hard drives — if one disk fails, the other disk(s) can provide the missing information. There are many different levels of RAID, but the following are the only RAID levels pertinent to the A+ Exam:  RAID 0: Disk striping (striped volume). With RAID level 0, the data is split across drives with no data redundancy. RAID level 0 improves read and write performance by writing to multiple drives at the same time. You need a minimum of two drives.  RAID 1: Disk mirroring/duplexing (mirrored volume). With disk mirroring, the data is written to both drives involved in the mirror in order to provide data redundancy. Windows 7 supports disk mirroring.  RAID 5: Disk striping with parity (RAID 5 volume). With RAID 5 volumes, the data is written to multiple drives along with parity information that is used to help recover data if a single drive fails. RAID 5 volumes need a minimum of three disks.  RAID 10: Mirrored disk striping. RAID level 10 is also known as RAID 1+0 because it is a disk striping while mirroring the data written in the stripe. WINDOWS BOOT FILES FOR THE A+ CERTIFICATION EXAMS Windows utilizes four boot files, and you will need an understanding of all four of them for the A+ Exam. The four boot files for Windows are:  bootmgr: Operating system loader code; similar to ntldr in previous versions of Windows.  Boot Configuration Database (BCD): Builds the operating system selection menu and data resides in the BCD store. You can edit the boot configuration data with the bcdedit utility.  winload.exe: Loads the Windows operating system if selected from the operating system selection menu provided by BCD.  winresume.exe: Resumes the Windows operating system if the system is started from a hibernate state. POWER-ON SELF-TEST (POST) ERROR CODES CATEGORIES FOR THE A+ CERTIFICATION EXAMS Each hardware manufacturer has its own diagnostic codes that identify specific POST errors and you will need to know these for the A+ Certification Exam. You need to consult the manufacturer documentation for the diagnostic codes for your hardware, but the general breakdown of the code categories is as follows:  100–199: Motherboard error  200–299: Memory error  300–399: Keyboard error  600–699: Floppy drive error  1400–1499: Printer error  1700–1799: Hard drive error WINDOWS TROUBLESHOOTING UTILITIES FOR THE A+ CERTIFICATION EXAMS As an A+ Certified Professional you will troubleshoot a number of different problems on the system — this information outlines some of the popular utilities you will use to support or troubleshoot a system. Be sure to know these before taking the A+ Exam! Filename Name Description chkdsk.exe Check Disk Check your hard drive for problems with the file system and for bad sectors. regedit.exe Registry Editor Make changes to Registry values; can be used to make selective backups. Prior to Windows XP, there were two editors: regedit.exe and regedt32.exe. defrag.exe Disk Defragmenter Used from the command line, or graphically through the Microsoft Management Console (MMC) and dfrg.msc. sfc.exe System File Checker Verifies that system files have not been modified; or, if they have, replaces them with the original. It works with the hidden C:\windows\system32\dllcache directory and the original operating system CD. taskmgr.exe Task Manager See running programs and services, terminate problems, and view rudimentary performance information about the system. perfmon.exe Performance Console View detailed performance information msconfig.exe System Configuration Tool Reconfigure the boot process for troubleshooting and diagnosing the boot process. msinfo32.exe System Information View hardware and configuration information for your computer. tasklist.exe Task List Display a list of running applications or services on a computer. taskkill.exe Task Kill Terminate a running application or service on a computer. gpupdate.exe Group Policy Update Re-process Active Directory (AD) Group Policy Objects (GPO) on the computer. gpresult.exe Group Policy Results Evaluate the resultant policy results and list all GPOs which apply to the current computer or user. eventvwr.msc Event Viewer Logging component of the operating system; the central location for all logging activity. WINDOWS NETWORK TROUBLESHOOTING UTILITIES FOR THE A+ CERTIFICATION EXAMS You will need to know certain troubleshooting utilities for the A+ Certification Exam. When problems arise on a Windows network, you can use the following utilities to do your troubleshooting. Having a clear understanding of all of them will help you on the A+ Exam.  ipconfig: Display basic TCP/IP configuration, such as IP address, subnet mask, and default gateway.  ipconfig /all: Display TCP/IP settings, including your Media Access Control (MAC) address, domain name system (DNS) server, and lease information.  ipconfig /release: Release your IP address.  ipconfig /renew: Renew your IP address.  ping <IP address> or ping <host name>: Send four test messages to the IP address or host name you specify; verify whether the other system is up and running.  netstat: Display TCP/IP protocol statistics and connection information. Can be used to see who is connected to your system; what ports are open; and if you use an -o switch, what the process ID is of the program that opened the port.  nbtstat: Troubleshoot NetBIOS over TCP/IP. For example, you can view a remote NetBIOS name table using nbtstat -a <IP address>.  nslookup: Troubleshoot DNS problems. For example, you can get a listing of all the records in DNS using nslookup.  arp: Troubleshoot ARP. For example, you can use arp -a to view your Address Resolution Protocol (ARP) cache.  Tasklist: View a list of running processes. the printer is gauging the toner level by the number of pages printed. Find out how to reset the page count on your printer to get rid of the low toner error.  Administrative shares versus Local shares: Administrative shares are default shares on a Windows machine that allow an administrator to remotely connect to the machine while a local share is any shared resource that the administrator has created. Examples of administrative shares are the root of each hard drive being shared as C$ or D$ and the Windows directory being shared as Admin$.  Permission propagation: Permission propagation is when you set permissions on a parent folder and you want those settings to apply to all sub folders as well. To propagate the permissions to sub folders you will choose the Advanced button when setting NTFS permissions and choose to replace permission entries for all child objects.  Avoid trip hazards: You may create trip hazards when doing things like testing a replacement network cable by using a network jack which is further away or laying out tools and computer components in a walkway by a desk. Always ensure that you are not needlessly risking the safety of yourself or others.  Heavy devices: Most computer equipment is light enough for a single person to handle while many servers and UPSs will require two people to move or place in a server rack. Always ensure that you have help for these and other heavy items and bend with your knees to prevent injury.  Hot components: As equipment is used, many components will build up heat, which can injure you. This is especially true of both computer and printer components. When servicing equipment, ensure that you exercise proper care when hot components are present.  Odors: When troubleshooting system components be aware of unexpected odors or smells that may lead you to the source of the problem or signal an immediate danger. For example, burned smells could identify overheating components or melted connectors.  Alerts: A function found within Performance Monitor (perfmon.msc) which allows you to monitor performance counters and perform an action when the counters are beyond a desired threshold. The action could be logging in the Event Log, generating a network message, starting a performance data log, or running a custom command.  Taskbar: The bar at bottom of the Windows desktop which displays the Start menu, all open applications and documents, and contains the system tray (systray).  Systray: The systray (or system tray) is on the right side of the taskbar and displays many running processes, known as background processes, that run in the background but do not have a visual interface until you click on the icon in the system tray. Most of these processes are accessed by clicking or right-clicking on the icon in the system tray so that you can change the settings of the running program or terminate the process by choosing quit or exit from the menu that appears. If there are too many items to display, they can be shown by clicking on an arrow on the left of the systray.  Removal of peripherals: One of the processes in the systray is the Safely Remove Hardware tool. When you insert devices such as a USB flash drive an icon appears in the systray for the removable hardware. By clicking on this icon you will see a list of devices that can be stopped and safely removed when you are ready to unplug the drive. WIRELESS NETWORKING FOR THE A+ CERTIFICATION EXAMS Wireless networking is a topic you are sure to be tested on when taking the A+ Exam. You are responsible for knowing the wireless standards and the common security steps you should take to help secure a wireless network. WIRELESS STANDARDS Standard Description 802.11a Runs at the 5 GHz frequency range and has a speed of 54 Mbps. 802.11b Runs at the 2.4 GHz frequency range and has a speed of 11 Mbps. 802.11g Runs at the 2.4 GHz frequency range and has a speed of 54 Mbps. 802.11n Runs at the 2.4 GHz or 5 GHz frequency range and has a practical speed of approximately 150 Mbps. 802.11ac Runs at the 2.4 GHz or 5 GHz frequency range and has a speed of potentially 866 Mbps or more. WIRELESS SECURITY Feature Description MAC Filtering You can control which clients can connect to the wireless network by their MAC address. To do this, simply enable MAC address filtering and then add the MAC address of any authorized devices. Change SSID Change the SSID of your wireless network so that it is not so obvious. Clients will need to know the SSID in order to connect. Disable SSID Broadcasting After changing the SSID, disable SSID broadcasting, which allows you to hide your wireless network from clients. Enable WPA2 Enable WPA2 as the encryption protocol as it is the more secure protocol of WPA2, WPA, and finally WEP. Ensure that you use a complex key (mix of letters, numbers, and case) when setting the key. Set Admin Password Be sure to set an administrator password for your device so others cannot connect to it and change the settings.