Objectives:

https://partners.comptia.org/docs/default-source/resources/comptia-a-220-1102-exam-objectives
-(3-0)
Primary resources: https://www.certlibrary.com/exam/220-1002
https://exampremium.com/comptia-a-220-1102/
https://www.examtopics.com/exams/comptia/220-1102/view/
Look at:
https://www.professormesser.com/free-a-plus-training/220-1102/220-1102-video/windows-
command-line-tools-220-1102/
https://quizlet.com/718643148/windows-commands-for-comptia-a-core-2-1102-flash-cards
/

Chapter 1
What customers want
●​ Be dependable and reliable always making sure to call to reschedule, have a positive
and helpful attitude, listen without interrupting, use appropriate wording like nothing too
technical, express patience
●​ Portray credibility and like you know what you’re doing, try to correct your errors and
explain them, dress in business casual at work and formal in interviews
Plan for Good Service
●​ Initial contact might come from a customer coming to you, going to a website, calls, or
you are assigned a ticket (entering a request)
●​ Always identify yourself and the organization then obtain licensing or warranty and
personal information
●​ Ask open-ended questions after that are not attacking, reproduce the problem, and take
notes of what happened
●​ Then create a timeline saying what likely needs to happen and when it will be done and
give them decisions about repair
●​ If a customer is now knowledgeable be very specific with instructions, try to be less
intrusive, frequently ask what their computer looks like
●​ If a customer is overly confident slow the conversation down and ask them to repeat
things
●​ After you have solved everything try rebooting another time, print a test page, sign into
the network and access data, and verify that the data is there
Escalation
●​ Escalating is trying to assign a problem to someone with more experience if you can’t
figure it out, follow company guidelines
Types of support systems
●​ A knowledge base is a collection of information that give info about a network, product,
or service
●​ Asset management tracks physical and digital assets, using a asset tag with a barcode
that can be scanned by a laser scanner is the norm
 ●​ Procurement life cycle is the data needed to replace an aged asset it includes
information about suppliers, contract terms, invoices, etc.
●​ The network topology diagram refers to the pattern in which devices on the network are
connected
Documentation
●​ A ticketing system is used to track support calls and to write notes and might track by
category, severity, and escalation
●​ AUP documents the code of conduct for employees and standard operating procedure
details how things function in an organization
●​ New-user setup is installing, creating a password, hooking them up to all software and
end-user termination means logging them off everything (anything to make sure they
can’t access anything)
●​ Regulatory compliance rules dictate the relevant laws and regulations like personal data,
the splash screen is the launch screen
Change
●​ Change management is the smooth transition from start to end goal
●​ Documented business processes are activities that lead to a desired business goal
●​ A change request form states what needs to be updated and changed, CAB go based off
this
●​ Risk analysis is the process of identifying potential risks in changing stuff, you must have
a rollback plan to do this (what activities need to be done to go to normal)
●​ To gain end-user acceptance of the change make sure they receive training like with
software changes they can test it in a sandbox prior, and user feedback can be got by
RFC
What all OSs are
●​ An operating system is software that controls the computer, it si between the user and
applications and the hardware
●​ All OSs provide a user interface, a way to manage files, they can manage hardware and
apps
●​ Every OS has a command-driven interface and almost all have GUIs which is the
interface for graphical things (servers don’t require it)
Popular OSs
●​ Windows is created by Microsoft and is installed on almost every desktop, macOS has
beautiful graphics and is reliable because the hardware can be controlled
●​ Linux is secure and extremely stable and does not take up much space and it comes in
many different flavors
How OSs manage hardware
●​ OS kernel is the part that is responsible for hardware and/or firmware
●​ Device drivers are small programs stored on the hard drive that tell the OS how to
communicate with specific hardware
●​ All modern motherboards use firmware called UEFI, which is the newer version of BIOS
and it stores its info on the motherboard and hard drive
●​ The legacy version is BIOS, and is stored on the motherboard
 ●​ System B/U contains instructions for running essential hardwarme devices before an OS
starts, startup B/U starts the computer and finds a boot device, setup B/U is used to
change stuff like settings
How OSs manage the hard drive
●​ Low-level formatting organizes all bits (32 or 64) into a series of logical blocks or LBA,
these LBAs are then partitioned
●​ Master boot record partitions partition by keeping a map in a table of partitions that is
stored at the start of the drive called MBR
●​ There can be up to 3 primary partitions which are called volumes, and the fourth is the
extended partition which can hold volumes called logical drives (tracked in own table)
●​ GPT is for higher-end and can have 128 partitions and is more than 2.2 TB but requires
64-bit
How file systems work
●​ Before a partition can be accessed there must be a file system installed (overall structure
the OS uses to manages files)
●​ A volume is when a hard drive partition is assigned a drive letter like C: (it can have
multiple partitions - but needs its own file system
●​ Installing a file system on a volume is called formatting (high-level) and this drive format
can happen when OS is installed
Hierarchal structure of a file system
●​ Every OS manages a storage device with a directory (folder), subdirectory, then files
●​ The root directory is at the top of subdirectories and can be written like C:.
●​ The drive and directories that point to the local of a file is called the path
●​ A file extension indicates how the file is organized like .docx
●​ A subirectory in the /media directory (access point to volumes on storage devices like
USB) is called the mount point
Types of file systems
●​ NTFS is the file system that the OS is installed on and it supports encryption and disk
quotas, it was designed to replace FAT32
●​ FAT32 is for small hard drives or USB drives because it does not contain as much
overhead and is 32 bit
●​ exFAT is for large external devices and is 64 bit
●​ Ext3 was developed by Linux and was the first to support journaling (tracks and stores
changes on a hard drive)
●​ Ext4 is the current Linux file system and is used by default when the OS is installed and
another file system is not in place
●​ APFS is the file system for macOS and it allows multiple volumes on a single partition

Chapter 2
Choosing Windows 10
●​ Windows 10 Home is intended for desktops computers in a home and Windows 10 Pro
is for a corporate setting
 ●​ Windows 10 Pro has windows domain to secure all computers, Bitlocker to encrypt
volumes, EFS encrypts files and folders, group policy controlers what can be done on a
computer, and Hyper-V allows the creation of virtual machines
●​ A hypervisor is the software used to create and manage virtual machines
●​ Windows 10 Pro for Workstations is a version that improves on NTFS with ReFS which
better encrypts things, SMB direct improves the performance when sharing files, PMem
is a memory technology that retains its contents
●​ Windows 10 Enterprise allows for volume licensing and offers UWF and endpoint
32 vs. 64 bit
●​ 64 bit architecture allows for more memory, in the TBs compared to GBs, you cannot
install a 32 bit OS unless you do a clean install (which formats the disk, erasing stuff)
What qualifies for Windows 10
●​ 1 Ghz or faster processor is required, 2 GB for 64 bit RAM, 20 GB free space, 800x600
resolution, and DirectX 9 or later graphics card
●​ To understand what system is installed use System Information, Windows 11 is much
stricter in order to only qualify 4 years earlier than it was released
Windows workgroup
●​ A network that doesn’t have centralized control (like a SOHO or home) is called peer to
peer (P2P)
●​ A workgroup is a logical group of computers that share resources, also every workstation
controls only it
Windows domain
●​ A windows domain is implemented on a large, private network that share a centralized
server
●​ Client/server is a network where resources are managed by a centralized computer
Active directory
●​ Windows Server controlling a network using a directory database is called active
directory
●​ All users on a network using AD must have a domain user account, and remote users
can join using a VPN or DirectAccess
●​ Azure AD manages users in the cloud to create a virtual network and is primarily for
work-owned devices
●​ BYOD is joining a personal device to Azure AD
Types of user accounts
●​ A local account is created on the local computer and is only recognized by the local
computer
●​ Network ID are used to create and maintain Windows domain in AD
●​ A Microsoft Account is an email address used to register for Microsoft products and can
access the cloud
●​ Any of these three types of account can be assigned the privilege of a standard account
which is used for normal productivity or an administrator account and is used by people
responsible for the system
Public and private networks
 ●​ A public network is hidden and you can’t share files, a private one is discoverable and
you can share items, domain networks allow AD
Size of a partition
●​ During a clean install you might not use all space because you plan to create a dual-boot
or install more than one OS
●​ Some people do partitions exclusive for one thing, like installing Windows or one or apps
on another
Windows product key
●​ The product key is typically emailed, or it is printed on the USB flash drive
●​ After Windows is activated the first time with the product key a digital license is assigned,
which is stored alongside the hardware signature
●​ Media Creation Tool can create a bootable USB or DVD
●​ An ISO file is an image of an optical disc, including its file system and all files, you can
also mount the file
Going from Windows 10 to 11
●​ Make sure Secure Boot is enabled, verify that the TPM chip is a high enough version,
use PC health checkup to verify everything is good
●​ To manually force an update or perform a clean installation of Windows 11, run Windows
11 Installation, create Windows 11 installation media
Verifying Windows is active and product keys
●​ Windows should be active when entering a product key
●​ An OEM license provides a license for another company to use their product, and is less
expensive than retail(it cannot be transferred to a new motherboard)
●​ A retail license is more expensive but can be transferred to another PC
●​ If a device skips asking for the product key you can select default product key
●​ The diskpart command wipes a partition system, and can upgrade MBR to GPT
First 3 things to do after installation
●​ Verify that the network cable is plugged in for wired connections, to verify TCP/IP
settings go to control panel and open network and sharing center
●​ Always check for updates before attempting to install applications
●​ Verify that Windows Defender is up to date
●​ Hardware can now be installed, or install the drivers
Control panel and device manager
●​ Control Panel is a window containing utility programs, called applets, that are used to
manage software and hardware and the system
●​ Device Manager is the primary tool for managing hardware, you can also undo a driver
update called a rollback
●​ UAC dialog box is the box that asks if you want to make changes to a device
Installing an application
●​ Some apps requiring high security use a hardware token that authentices a user
●​ Consider the impact on the network or the activity a software would use
●​ Prioritizing applications on a network is called Quality of Service
Deployment strategies
●​ Deployment strategies is how you install things in an enterprise
 ●​ Automating in-place upgrades is called MDT and provisioning packages joins AAD and
MDM when it is not implemented and is a standard image is a copy of everything
“MDT can be used to automate in-place upgrades. If MDT isn’t implemented,
provisioning packages may be used instead to join a device to Azure AD and MDM. A
standard image contains the full OS, apps, drivers, and configurations.”
Deploying a standard image
●​ A standard image contains the entire Windows volume on a WIM file, installing Windows
via a standard image is deployment imaging
●​ A standard image is created through a process called device imaging
●​ To boot via deployment imaging enable it on BIOS, make sure you enable the network
stack and enable PXE which is programming contained in BIOS that can start up a
computer and search for a network and provide a bootable system
●​ Installation of image deployment uses push automation, and so the entire remote
network installation is automated (like MDT)
●​ An unattended installation does not require responses because they are stored in an
answer file (like time zones, preferences, etc.)
USMT
●​ USMT can be used when deploying Windows in a Window domain to copy user files and
settings from one computer to another.
●​ Scanstate copies user settings and files to a safe location, loadstate applies the settings
and files to the destination computer, usmtutils provides encryption and hard drive
management

Chapter 3
Settings
●​ Install any important Windows updates, verify the anti-malware software is turned on,
make sure the network security type is correct, create backups, and uninstall any
unneeded things
●​ Accounts includes the account information and link your account to Microsoft, gaming
contains the setting sof most major gaming stuff and Game Mode prioitizes the system
for gaming
●​ The two applets in the control panel that are important: Sound, which is used to select a
default speaker and microphone and adjust how sound is handled, along with Mail which
controls Outlook
Power options
●​ Power options applet in control panel controls conserving power for the battery
●​ Sleep mode saves all the files to the hard drive then everything is shut down except for
memory and the minimal of the system, it will only start if you interact
●​ Hibernation saves all work to the hard drive then powers down the system, when you
press turn on it will go back to its original state.
Disaster recovery
●​ You can create your own backup on Windows Backup and Restore, but it can not be
recovered in the case of a disaster
 ●​ Cloud services can back up your data in case of a disaster, another more extreme option
is to keep your entire data on the cloud (the only copy)
●​ Data can also be kept on a local server to share then backed up on private media, or
you can make a backup by putting it on the local server then cloud
●​ 3-2-1 is the operation standard where there are three copies of your data (the original
data then two backups), two media, then one copy off site
Backup types
●​ Full backup backs all the data designated for the backup
●​ Incremental backup backs up only data that has been created or changed since the last
backup
●​ Differential backup backs up files that have been created or changed since the last full
backup
●​ The GFS plan rotates and reuses backup media where the son backup is every day (six
a week, reused), a father backup is weekly (weekly full backup), and then a grandfather
backup is monthly (monthly full backup)
Backup user data
●​ A system image is a backup of the entire Windows volume and it uses the “.wim”
extension
●​ File History scans for files and folders every hour and keeps a generation of it
Backup and Restore
●​ Backup and Restore backs up any folder on a hard drive and creates a system image
●​ Once you enter it it will ask to setup a full backup which is then saved to a location, it
also automatically creates a system image
●​ Restore my files can restore items from a backup
System Protection
●​ System Protection is a utility that automatically backs up system files and stores them on
the hard drive weekly
●​ Restore points are the versions of system protection, System Restore will restore to the
point
Cleaning a hard drive
●​ Disk Cleanup deletes temporary files on the drive
Optimizing a hard drive
●​ Defragment and Optimize Drives is used to automaticalyl defrag HDDs and to trim an
SSD
●​ Defragment is used by HDDs rearranges fragments to store on clusters (a group of
sectors)
●​ Slack is the unused space at the end of the last cluster and is wasted free space
●​ Trimming is erasing a block on the drive with unused data so write does not have to read
it, thus shortening its life span
●​ Indexing Options manages an index of the hard drive to help searches of the hard drive
Disk management
●​ Trimming is erasing a block on the drive with unused data so write does not have to read
it, thus shortening its life span
●​ Disk Management can be used to shrink partitions to free up space for a new partition
 ●​ Disk Management can be used to prepare a drive for use
Mounting
●​ A mounted drive is a volume that can be accessed by way of a folder on another volume
Dynamic Disks
●​ A Dynamic Disk works with other hard drives to hold data
●​ Dynamic disks are used to improve reliability so it is not a simple volume, to span or
extend a volume across multiple drives, and to work RAID
●​ When a dynamic disk is used for RAID it is called software RAID, it is more reliable to
use BIOS to make hardware RAID though
Command line interface
●​ Elevated command prompt can use administrator privileges, so press “Run as
Administrator”
Common commands

Important
●​ Help gets information about any command, winver displays the About Windows box
which gives information about the Windows edition, last update, and registered owner
●​ Wildcard characters in a file name apply a command to a group of files, some examples
are ? is for one character, * for multiple
●​ Dir lists files and directories, it can be displayed in different ways
●​ Cd changes the current default directory, it does not go from one drive to another where
you have to type the drive letter
●​ Md, also called mkdir, creates a directory, del deletes files you can also use wildcards
with it to delete multiple files
●​ Attrib changes the system and hidden attributes, rmdir deletes a directory but it has to be
empty unless you use /s
●​ Copy copies a single file or group of files, xcopy is like copy but with more options,
robocopy is similar to xcopy but offers more options
●​ Mkdir makes a directory, chdir, and rmdir (cd) cango to a different directory, hostname shows
the name of the system
●​ Format is a way to properly format a disk for use when it is created, it will effectively erase a
drive also
●​ When do you do copy /v it verifies that the new files are written correctly, /y it suppresses
asking you if you want to confirm to overwrite an existing file destination
●​ Xcopy /s copies multiple files form multiple directories to one destination, robocopy is
supposed to be better than xcopy with more options
●​ Shutdown shutdowns the computer, /s /t nn waits nn seconds, then shutdown, /r does
restart, shutdown /a stops it
●​ Diskpart creates partitions from the available disk, basically managing disk configurations,
list works with that to list things
●​ Winver specifies the version of Windows used
●​ Gpupdate forces a group policy update, target:user can specify a specific user, gpresult
specifies policy settings for users
Commands to manage hard drives
 ●​ Chkdsk fixes file system errors and recovers data from bad sectors, with the /f parameter
it searches and fixes two additional types of file system errors
●​ Format installs a file system on the device and erases all data on the volume
●​ Diskpart is used to manage partitions on a hard drive, shutdown can shut down the
computer or another remote one

Chapter 4
Shell and Kernel
●​ A shell is the portion of an OS that relates to a user and to applications, providing
commands and procedures that applications can call on to do actions
●​ The kernel is responsible for interacting with the hardware, and it is the HAL (closest to
hardware) and executive services (between shell and HAL)
Directory Services
●​ Every user has a user profile namespace and a user dat file that contains the user’s
settings, program files are stored in the C:\Program Files folder
●​ The registry stores information for when an OS is first loaded and when needed by
applications, which are stored in initialization files
●​ When an application is launched the program is copied from the hard drive into memory,
which is calles a process, and when it makes a request for resources that makes a
thread
Windows tools and troubleshooting
●​ Administrative Tools is an applet in the Control Panel, you need to be signed in with
administrative privileges to use it
●​ Event Viewer should be first thing you do, it provides a log about hardware or any other
failures (eventvwr.msc)
●​ Go to Resource Monitor if you suspect one thing is causing your computer to slow down
●​ Performance Montior (perfomn.msc) tracks how resources are used in real time, and has
the ability to save collected data from logs
●​ Task manager lets you view activities of everything and you can end processes,
processes tab show running things, details shows everything about them in detail,
performance tab monitors key things
●​ Service console (services.msc) adjusts when services run in the background, here you
can make sure services are running and reset if it is not
●​ System File Checker (sfc /scannow) replaces and fixes corrupt files like drivers
●​ System configuration (msconfig.exe) is in Administrative Tools controls Windows startup,
a clean boot stops all third-party software if you suspect an exploit you can also run Safe
Boot here
●​ System Restore (rstrui.exe) restores a system to a joint just before it was bad
Registry Editor
●​ Regedit.exe manually changes the Registry, and it is a treelike structure for organizing
everything and windows continuously reads the subkeys in the registry
 ●​ HKLM contains hardware, software, and security data, HKCC identifies every hardware
device, HKCR stores information on which applications to open when a user
double-clicks a file, HKU has data about users, HKCU has data about the current user
●​ Always back up the key you plan to edit because it makes drastic changes, navigate to
the subkey and right click to find “Export” and save it it will be under .reg

●​
Problems
●​ Time drift hapepns when WIndows does not report an accurate time to time-sensitive
applications
●​ To synchroinze a Windows clock it can request via W32Time which utiliezs NTP, use the
Services tab to set it up via command w32tm /query /status

Chapter 5

Different ways of booting

●​ A hard boot involves turning the power on/off (unplugging the cable) and then pressing
the power on button
●​ A soft boot involves using the OS to reboot
Startup steps
1.​ Startup BIOS reads the RAM and then surveys the hardware devices
2.​ BIOS runs POST to check for errors with any devices
3.​ Startup UEFI loads UEFI boot manager and device drivers then goes to Windows,
OS/Windows problems will show here
4.​ Windows Boot Manager runs BCD and boot loader is started
 5.​ Boot loader loads the memory onto the hardware and registry, and then looks for the
drivers
6.​ The kernel builds up the memory on the registry and starts critical services
7.​ The Session Manager loads the graphical interface and loads commands like Windows
Update
8.​ The sign-in-screen appears, loads Group Policy and the desktop once approved
WinRE
●​ If the OS will not boot, you may be able to repair it using WinRE and a recovery boot
media where it is instructed on how to access it
System Repair Disc and Recovery Drive
●​ A system repair disc is a bootable DVD with Windows, but requires an optical drive
●​ OEM recovery partition contains a copy of the factory settings and you can back this up
to a recovery drive
●​ A recovery drive is a bootable USB flash driven and can be accessed by going to Control
Panel
●​ A System Image backup has everything, including your files, but needs to be packed up
regularly
Solving Windows startup problems
●​ From the Windows startup menu press shift and restart which will open up Command
Prompt and do shutdown /r /o which opens up WinRE upon restart
●​ If you can get to the sign-in screen only press shift, power, and restart, if it only gets to
the Windows screen each time you see it turn off power wait then do that several times,
press F8 if enabled, or use a recovery drive
●​ In WinRE press Startup Repair, which is a built-in diagnostic tool
Startup settings
●​ Can be accessed by WinRE on a hard drive or normally
●​ F1 enables debugging by moving the System Boot Log from one computer to another if
they are connected by a serial port
●​ F2 enables boot logging records what did and did not boot and creates a log
●​ F3 enables low-resolution video if say a video driver is corruptedso the screen can be
seen well enough
●​ F4 enables safe mode (which can sometimes solve a startup problem) as it is the most
basic state of Windows
●​ F5 enables safe mode with networking if you need a network, for example downloading
updates
●​ F6 enables safe mode with command prompt which doesn’t show graphics if Safe Mode
won’t work, just the command prompt and you can verify files by doing sfc /scannow
●​ F7 disables driver signature enforcement, which is put on during installation, and can be
used for conflicting drivers or if you want sketchy drivers
●​ F8 allows anti-malware software to launch a driver before any others are launched
●​ F9 disables automatic restart after failure, for example if you have a BSOD which keeps
continually rebooting
Uninstall updates
●​ You can roll back updates if they are recent enough by clicking this
 ●​ This also works well if the system fails to start because a critical driver is corrupted
Command prompt in WinRE
●​ SFC or DISM restores critical Windows system files
●​ Chkdsk /r repairs a corrupted file system, which would cause failure to boot
●​ Diskpart totally wipes a hard drive if you decide it is too corrupted
●​ Wpeinit enables networking, initializing Windows PE is preinstallation
●​ If a BCD is corrupted you can manually repair it with bootrec, or bootsect for dual system
Repair installation
●​ Repair installation is a nondestructive installation of Windows over a previous installation
if you can still boot to Windows
●​ Essentially, it tricks the machine into thinking its being upgraded while trying to repair
Windows installation
Reimaging
●​ If a system restore point has been regularly updated, it can go back to a version
●​ A deployment image can be installed on an entire network by enabling PXE support in
BIOS which then loads Windos PE that then provides the deployment image
Recovering data
●​ You can usb a SATA-to-USB converter kit which you can temporarily plug to a USB port
on another computer and the other end to the drive
Startup errors on a blackscreen
●​ Most errors that are white text on a black screen are due to hardware
●​ Research the error message, if there are spinning white dots it might be installing
updates if it hangs the update is the problem and you can roll it back on WinRE
●​ If windows stalls on a black screen it is probably a video error and you can go to Safe
Mode and use Device Manager, if you can’t do that use WinRE and do chkdsk /r
Problems with user profiles
●​ If it bogs down right after a user signs in, it is probably a problem with that
●​ Use sfc /scannow to fix system files, apply a restore point, perform a repair installation
●​ If the user profile service fails you can sometimes delete the user and make a new one
by going to Control Panel, if that doesn’t work use the Registry
Errors on BSOD
●​ A BSOD happens when processes in the kernel encounter a problem
●​ Disconnect any peripheral devices (they might be corrupting), reboot the system, enable
boot logging and chekck if the driver files are correct, use Safe Mode with Networking
and examine the log
●​ If the device or driver is named in the error message update Windows, try to roll back
updates, delete a driver on Device Manager
Improper or frequent shutdowns
●​ These can be caused by overheating from the power supply, a hardware problem, or the
kernel
●​ Event Viewer might records these errors, then consider if Windows is corrupted
●​ If Windows installation is beyond repair you can reimage or roll back updates
Chapter 6
Malicious software
●​ A viruses attaches itself to other programs, a worm copies itself throughout the network
without a host program, and a Trojan substitutes itself for a legitimate program
●​ Rootkits hide itself in programs that are needed to boot, boot sector viruses infect the
first sector of the MBR and can affect the partition, a rainbow table contains a long list of
plaintext passwords and a password hash list
Steps for dealing with malware
1.​ Identify the malware symptoms like if theree is slow performance or a certificate is given
as invalid
2.​ Quarantine the infected system, do not use the Internet and make sure it is isolated from
the regular network
3.​ Turn off System Protection to clean folders but it also deletes restore points
4.​ Use microsoft Ativirus, make sure to update for the latest malware signatures
5.​ Use Windows RE if the infected computer will not boot and use the Startup Repair
process
6.​ Once the system is clean make sure you always set up a software firewall, keep
Windows updated, and use anti-malware
7.​ Enable System Protection and create a restore point
8.​ Educate the end user
Licensing
●​ When someone gets a software yhey only have a license, the copyright still belongs to
the owner and you agree to measures called the EULA
●​ It is called software piracy when you make unauthorized copies of the software in
violation of the EULA, a commercial use license allows multiple copies to be made by an
organization
●​ DRM controls the use of software, regulated data is data that canonly be released atht
he employer’s discretion
Data destruction and disposal
●​ A zero-fill utility can overwrite all data on the drive with 0s, a degausser destroys a
magnetic device
●​ ATA Secure Erase wipes clean a solid-state device, which can sanitize the drive

Chapter 7
Passwords and pins
●​ Do not use words and try to keep passwords above 16 characters
●​ Windows Hello allows the use of biometrics to sign in
Local group policy editor
●​ Local group policy contains a subset of policies in Group Policy, it only applies to the
computer and user (gpedit.msc in Windows search)
●​ Local security policy contains a subset of policies in Group Policy, it only applies to the
computer’s security settings (secpol.msc)
 ●​ Gpupdate command refreshes local group policies set in Active Directory
●​ Gpresult pulls a list of all the groups a user belongs to
File and folder encryption
●​ Data-at-rest encryption can be accomplished using EFS, which encrypts it in NTFS and
makes it green
●​ Bitlocker to Go encrypts data on a USB flash drive, it is intended to work with file and
folder encryption
●​ The TPM chip holds the Bitlocker encryption key, however, if the motherboard fails you
would need a backup TPM chip to access the data
●​ The startup key can be accessed on a USB drive if there is no TPM, then making it
require a pin
User groups
●​ Administrators are in the Administrator group, while standard accounts are in the Users
group
●​ Guests group is given a temporary profile that is deleted when the user signs out
●​ Older editions of Windows had Power Users group that could read and write and do
some administrative tasks
●​ Authenticed user group is all accounts except Guest users, Everyone group includes
everybody
Assigning permission to files and folders
●​ On a peer-to-peer network each workstation shares its files and folders
●​ Private data should be kept on the C:\ folder as only admins can access it
●​ Share permissions grants permissions to only people on the network, applying only to
folders
●​ NTFS permissions apply to local (managed by single PC) and network user, only works
on NTFS but can be customized more than share
●​ Inherited permissions are permissions that are attained from a parent folder (when
moved, it gains permissions form parent folder)
●​ Explicit permissions apply to an object that has inherited disabled (when moved, it
retains its original permissions)
Mapping a network drive
●​ A mapped drive makes one computer appear to have a new drive that is really hard drive
space on another computer (basically allowing you to access another computer)
●​ A shared printer is installed locally and can be shared with other computers, network
printers can be accessed by each networked device
Hidden network resources
●​ You can do hidden sharing by adding a $ too the end of the shared name in Advanced
Sharing
●​ Users can only then access that file if they know the network path
●​ Administrative shares are folders share dby default that only administrator accounts can
access
●​ admin$ accesses Remote Admin Share
Active Directory Domain Services
 ●​ Active Directory Domain Services authenticates users and authorizes what accounts can
do
●​ Users and resources managed by AD are called a forest which then has a domain
●​ Organizational units are created to make it easy for technicians to assign privileges, and
can contain groups called security groups
Managing users in AD
●​ You need Windows Server and be a domain controller, then you go to Server Manager
(Remote Desktop if remote or Windows Admin Center)
●​ Users belong to security groups, security groups belong to organizational units (when a
policy is applied to an OU, it applies to everyone in a security group)
●​ Home folder is the default folder, usually C:, which can be changed called folder
rederiction
Group policy objects
●​ Group Policy objects contains policies that apply to an OU, and by extent a security
group
●​ On Group Policy Management in Server Manager create a GPO
●​ Local policies are applied first, then site, then domain, then OU, then enforced
●​ Rsop.msc opens RSoP to see the policies enabled on a user or gpresult /v

Chapter 8
Updating OS
●​ When a devage ages out of when a manufacturer sends updates it is called End Of Life
Mobile app development
●​ To write and test Android apps a group of tools called SDK is used and also includes an
emulator (similar to virtualization)
Backup and Recovery
●​ File-level backups is syncing files (each file is backed up individually), but don’t include
OS settings or configurations
●​ Image-level backups include everything on the device, however, mobiles only do partial
as third-party apps are not included
●​ A USB cable can transfer files between an Android device and a computer
Securing mobile devices
●​ Make sure to always apply OS updates for security patches, route SMS things through a
firewall, and use a locator apps like Find My or you can do a remote wipe (must be
logged in to iCloud account though)
●​ Device encryption is offered to encrypt all stored data
●​ .apk package is the collection of software files that you have developed
Security threats
●​ Bootlegged apps are illegal apps that can’t be used (for iOS, third party)
●​ Rooting or jailbreaking is escalating privileges to all files and folders, which makes it so
Apple can get any app
●​ Application spoofing presents a user an app pretending to be legitimate but is really
malicious
 ●​ A security profile with MDM is a set of policies and procedures to restrict how a user can
access and edit an organization’s resources
Update, repair, or restore a system
●​ Safe Mode in Android can eliminate third-party software from the equation, only apps
native to Android can be used
●​ You can then restore form a backup, or you can reinstall the iOS (if it won’t turn on
recovery mode has to be used)
●​ iTunes should be downloaded on the host, connect the phone to the computer while in
iTunes and use the buttons required, which will then go to Recovery Mode to update
●​ Factory reset should be the last resort, on Android if you can do a hard boot and you will
get to the Bootloader menu
●​ Restore/factory reset is done the same as update for iOS by using remote iTunes
Common problems
●​ If the OS fails to update it is probably because there isn’t enough freespace or remove a
failed update
●​ If the apps are slow to respond or won’t go then it is probably a failing battery, but make
sure you close apps
●​ If the signal keeps dropping updating the firmware, it might be due to a baseband update

Chapter 9
Internet options and proxy
●​ Internet options is an applet that can enable things like Internet Explorer for Windows 11
●​ A proxy server is a server between the client and the internet to provide an extra level of
security
Downloading browsers
●​ A hash is a value generated by downloading a specific algorithm to a file, you can
compare the hash before and after downloading to see if it is without errors
●​ Hashing algorithms are usually MD5 which is 128-bit, and SHA-2 for larger files
Create a VPN
●​ A VPN protects data by encrypting it from the time it leaves the remote computer until
the server, calling tunneling
●​ A VPN is virtual meaning you set up the tunnel over an existing connection on the
Internet
Creating WWAN & Meter
●​ WWAN requires a contract with the cellular carrier and a USB or SIM slot
●​ To set an alert when you have almost reached the metered data limit select Network &
Internet, status, data, and then enter a limit
●​ Windows Defender Firewall is a personal firewall that protects a computer from intrusion
Securing IoT
●​ Z-Wave and Zigbee are two other wireless connection standards besides Wi-Fi and
Bluetooth
●​ Z-Wave ges up to 900 Mhz and has a larger range than Bluetooth with up to 100 metres
in air
 ●​ Zigbee is between 2.4 Ghz or 900 Mhz, and generally reaches a range of 20 metres and
is typically used for corporate
●​ Both protocols are mesh networks, meaning they can hop through other devices to reach
the destination, so it isn’t normally assigned an IP address
●​ For a thing to be an IoT device it must have the ability to control them on the Internet,
typically this requires a bridge
Securing a multifunction router
●​ A router is a device that manages traffic between multiple networks
●​ A SOHO router stands between the Internet and a LAN to connect it to an ISP (wider
area)
●​ As a switch it manages network ports, as a DHCP it can provide IP addresses, as a
WAP it enables wireless devices to connect to the network
●​ If it is used as a WAP make sure it is at a central point, it should be at a higher point
●​ To configure security on a router know the username and password and IP address of it,
sign in, change the password because anyone could use a WAP
●​ After that make sure all firmware is upgraded, configure for static IP if it is a website or
email service, you can also make DHCP reservations on the LAN tab, you can enable
UPnP if devices are having trouble communicating, QoS improves network performance
Firewall settings
●​ Some routers by default close all ports to minimize attacks, they can only be bypassed
by using port forwarding
●​ Port forwarding will allow requests from a normally blocked port and will forward a
request
●​ Port forwarding would be under WAN in most cases, and you can then configure which
ports to open and close
●​ For it work you must have a static IP address so the router knows where to send items
DMZ and screened subnets
●​ A DMZ means a network or computer is not protected by a firewall or has limited
protection, it can be used if port forwarding is not working
●​ A screened subnet is a variation of a DMZ, it is basically just another term for it
Content filtering and IP filtering
●​ Filtering can have blacklist (cannot access) or a whitelist (what can access)
●​ In the Firewall group you can IP filter apps, services
Securing a wireless network
●​ The most common method for securing is requiring a security key before a network can
be accessed, can be called “WPA Pre-shared key”
●​ SSID is the name of the wireless network, each band has its own one, you can change
the name
●​ If there is interference you cn select a channel and move them as far apart as possible in
bandwidth
●​ When a security key is set all wireless transmission is encrypted using either WPA,
WPA2 or WPA3: WPA used TKIP for encryption and is no longer secure, WPA2 uses
AES and is still in regular use, WPA3 is the more secure version of WPA2
 ●​ For larger networks the three security protocols are: RADIUS is for authentication and
AAA services and uses 1812 and UDP, TACACS+ specifically for AAA and to manage
Cisco devices and is TCP on 49, Kerberos authenticates a user in Active Directory using
AES, UDP, and 88 (also only to support two factor)
●​ RADIUS and TACACS+ extend authentication to non-Windows devices, for wireless
network they are also used, RADIUS is used for non-Cisco devices, Kerberos is for
already connected devices
Remote control tools
●​ RDC gives users access to a Windows desktop from anywhere (for example, accessing
a corporate network from home)
●​ For this to work it needs to have a static IP address and have it enabled on host
●​ MSRA is the same as RDC but a user on the server (remote) computer can remain
signed in, retain control of a session, and see the host’s screen
●​ EasyConnect is the easiest way to set up MSRA and you go to services.msc and start a
session then email that to the user
●​ For the user to initiate the session they have to go to System Protection and enable it
and type remote assistance
VNC
●​ VNC is a client/server software that remotely controls a computer, file transfers, and
screen sharing
●​ VNC uses port 5901 and Remote Framebuffer Protocol, however it can poor encryption
and large amount of data is transferred
SSH and RMM
●​ SSH is the protocol to remotely sign in and control another computer, Telnet can also
remotely access other computer but this is more secure
●​ SSH uses port 22 and uses a public key encryption with two SSH keys
●​ RMM is installed to monitor and manage systems remotely
●​ It is more secure to use a third-party tool because all these protocols open a port which
might allow outside traffic
●​ Important
Ping, hostname, ip config
●​ The ping command allows you to test connectivity by sending a request to a remote
computer, this verifies if the DNS is working
●​ Hostname displays the hostname of the computer
●​ Ipconfig can display network configurations and refresh the TCP/IP assignments
Nslookup, tracert, pathping
●​ Nslookup is used to test name-resolution problems with DNS servers (an IP and name
won’t match)
●​ Reverse lookup is using nslookup to find the host name when you know a computer’s IP
address
●​ Tracert resolves problems trying to reaching a destination host such as a website
●​ Pathping combines ping and tracert to help identify where on the network path the
network might be slow or have a problem
Net commands and netstat
 ●​ Net commands require administrator privilege: net use connects or disconnects a
computer from a shared resource, net user manges user accounts, for example enabling
built-in administrator
●​ Netstat gives statistics about network activity

Chapter 10
Mac computers
●​ The finder application helps look through apps and files
●​ The dock contains shortcuts to frequently used apps
●​ Launchpad shows all apps installed, the option key allows you to move the app then you
click X to uninstall it
●​ System preferences is similar to settings (FileVault secures data on a hard drive using
encryption), Spotlight is the search to locate a file or folder
●​ Mission Control gives a view of all windows and desktops, you can place the windows in
one desktop called Space
●​ Keychain is the password manager, Screen Sharing is like remote desktop, Remote Disc
accesses an optical drive on another computer
●​ Terminal is similar to command prompt except it uses UNIX commands
macOS directory
●​ macOS uses the APFS, FAT32, and exFAT file systems
●​ To see the directory structure on Finder click Go then Computer
●​ Common file types for macOS are .dmg which is a disk image file similar to ISO and can
mount, .pkg for package files for software installations, .app for application files like .exe
Backups
●​ Time Machine can back up everything on a USB or another Mac
●​ Time Machine can be used to restore the entire macOS startup disc
Reparing a Disk
●​ On Finder look for Disk Utility and click Info to manage drives
●​ First Aid in Disk Utility can scan a hard drive for errors
●​ Starting a computer in Safe Mode can solve some problems, loading only essential
kernel components
●​ macOS Recovery gives you options to restore
●​ To boot into safe mode you press and hold down the power button while holding down
the shift key, you can click Always Use in order to manage boot order, pressing and just
holding down power button gets to Apple Diagnostics/macOS Recovery
Safe mode
●​ Can help solve issues that won’t start due to file system order or corrupted start/log in,
only loading essential kernel

Chapter 11
Linux
 ●​ A swap partition holds virtual memory for Linux, it improves performance and can be
made before or after installation
●​ The current Linux file system is ext4, ext3 was used before to support journaling
●​ The principal user account is the root account, they are called the “superuser”
Linux commands
●​ Apt-get installs and removes other programs from a library of packages, cat views the
contents of a file
●​ Chmod changes modes/permissions, chown changes the owner of a file, cp copies a file,
df shows the amount of free disk space
●​ Dig queries for dns information, find walks through the file hierarchy, grep searches for a
specific pattern, ip displays ip addresses, ls displays a list of directories and files
●​ Man displays the online manual, mv moves a file or renames it, nano allows you to edit a
file, ps displays the process table, pwd shows the present directory
●​ Rm deletes a file, su switches to a different user account, sudo runs a command as a
superuser, top displays the linux processes, yum is for software packages
Nano editor
●​ Nano editor is a text editor that allows you to make edits to text-based files
●​ If you are upgrading to a new linux version make sure you have a clone of the disk
image
●​ Shell scripts can be made to create an archive of files
Telnet and SSH
●​ The primary tool for remote access in Linux is Telnet and SSH
●​ SSH is more secure so it is preferred
Scripts
●​ If you repeating the same set of commands, you might put it in a file to execute as a
batch, this is called a script
●​ A batch file contains a list of Windows commands that can be executed, a PowerShell
Script executes scrips on the platform using dynamic type checking
●​ A script is different from programs because they are interpreted (verified to work), and a
program is compiled
Scripting basics
●​ An environmental variable is information the OS makes available to the script
●​ Powershell ISE is where Powershell scripts are created and tested
Uses for scripting
●​ They can be used to restart systems and services remotely
●​ They can be used to do various administrative tasks like automate application installs
●​ Start-Process will install a program, Install-Module will install modules

Things I learned
●​ Certificates are only available for a certain amount of time, if they odn’t work change
BIOS date and time
●​ To install a virtual machine on a computer it is preferred to do an ISO, ZIP should only be
used for compression