Add to collection(s) Add to saved
  1. No category
Uploaded by José CLEILSON Medeiros Cosmo

+A Test Study

advertisement 
CompTIA® A+®
Complete Study Guide
Core 1 Exam 220-­1101 and
Core 2 Exam 220-­1102
Fifth Edition
Quentin Docter
Jon Buhagiar
Copyright © 2022 by John Wiley & Sons, Inc. All rights reserved.
Published by John Wiley & Sons, Inc., Hoboken, New Jersey.
Published simultaneously in Canada and the United Kingdom.
ISBN: 978-­1-­119-­86291-­8
ISBN: 978-­1-­119-­86293-­2 (ebk.)
ISBN: 978-­1-­119-­86292-­5 (ebk.)
For my girls.
—­Quentin Docter
For my wife and son.
—­Jon Buhagiar
Acknowledgments
As we were putting together this book, I was reminded of the proverb that begins “It takes
About the Authors
Quentin Docter (A+, Network+, IT Fundamentals+, Cloud Essentials +, MCSE, CCNA,
SCSA) is an IT consultant who started in the industry in 1994. Since then, he’s worked as a
tech and9.5upport specsenistthen,then,1994.
Contents at a Glance
Introduction
xxvii
Assessment Test
Part I
lxxxii
220-­1101
1
x
Contents at a Glance
Chapter 21
Contents
Introduction
xxvii
Assessment Test
Part I
Chapter
lxxxii
220-­1101
1
Motherboards, P
1
Contents
Performing Printer Maintenance
Installing Printer Upgrades
Summary
Exam Essentials
Review Questions
Performance-Based Question
Chapter
5
Networking Fundamentals
Understanding Networking Principles
Network Types
Primary Network Components
Network Operating Systems
Network Resource Access
Network Topologies
Rules of Communication
Identifying Common Network Hardware
Network Interface Cards
Cables and Connectors
Networking Components
Summary
Exam Essentials
Review Questions
Performance-Based Question
Chapter
6
Introduction to TCP/IP
Understanding TCP/IP
TCP/IP Structure
Understanding IP Addressing
Understanding DHCP and DNS
xiii
251
257
262
262
264
268
269
271
272
279
283
283
286
290
295
295
299
314
324
324
327
331
333
335
336
346
356
Contents
xv
Configuring Mobile Device Synchroization
Syncing Android Devices
Sumary
654
6
68
Exam Esentials
Review Questions
Perfomanc-Bsd Question
reapthC
1
oubleshtiTr ng Methodlgy and
vResol ing Core areHdw oblemsrP
68
670
675
674
Contents
Windows Settings
The Windows Registry
Disk Management
Getting Disks Ready to Store Files and Programs
Checking the Health of Hard Disks and Optimizing
Their Performance
Summary
Exam Essentials
Review Questions
Performance-­
xvii
937
960
962
963
969
970
970
972
xviii
Contents
Best Practices
Scheduled Backups
Scheduled Disk Maintenance
System Updates/App Store
Patch Management
1065
1065
1068
1068
1068
Contents
Key Fobs
Smartcards and RFID Badges
Keys
Biometrics
Lighting
Magnetometers
xix
1129
1129
xx
Contents
On-­
Contents
Changing the SSID
Guest Network Isolation
Setting Encryption
Disabling SSID Broadcast
Wireless MAC Filtering
Frequencies
Radio Power Levels
Antenna and Access Point Placement
Assign Static IP Addresses
WPS
Authentication
xxi
1240
1240
1241
1242
1242
1243
1244
1245
1245
1246
xxii
Contents
2. Quarantine Infected Systems
1319
3. Disable System Restore in Windows
1320
4. Remediate Infected Systems
1321
5. Schedule Scans and Run Updates
1323
6. Enable System Restore and Create a Restore
Point in Windows
1324
7. Educate the End User
1325
Troubleshoo[(2g Mobile OS Issues)]TJ/Span<</ActualText<FEFF0009>> BDC ( )TjEMC 27.671
Contents
Understanding Environmental Controls
xxiii
1417
xxiv
Contents
Chapter 9: Laptop and Mobile Device Hardware
Chapter 10: Mobile Connectivity and Application Support
Chapter 11: Troubleshooting Methodology and
Resolving Core Hardware Problems
Chapter 12: Hardware and Network Troubleshooting
Chapter 13: Operating System Basics
Chapter 14: Windows Configuration
1531
1533
1535
1537
1539
1539
Table of Exercises
Exercise
2.1
Exercise
2.2
Removing an Internal Storage Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
xxvi
Table of Exercises
Exercise
10.5
Setting Up a VPN in Android . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619
Exercise
10.6
Pairing an Android Device with a Windows Laptop . . . . . . . . . . . . . . . . . . 623
Exercise
10.7
Pairing an iPhone with a Vehicle’s Sound System . . . . . . . . . . . . . . . . . . . 632
Exercise
10.8
Configuring Location Services in iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638
Exercise
10.9
Email Account Configuration on an iPhone . . . . . . . . . . . . . . . . . . . . . . . . 645
Exercise
10.10 Email Account Configuration in Android . . . . . . . . . . . . . . . . . . . . . . . . . . 648
Exercise
10.11 Enabling ActiveSync in iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658
Exercise
11.1
Troubleshooting Practice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 707
Exercise
12.1
Using a S.M.A.R.T. Software Utility in Windows . . . . . . . . . . . . . . . . . . . . 729
Exercise
12.2
Stopping and Restarting the Print Spooler in Windows 10 . . . . . . . . . . . . 775
Exercise
12.3
Renewing an IP Address in Windows 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . 787
Exercise
12.4
Renewing an IP Address from the Command Line . . . . . . . . . . . . . . . . . . 789
Exercise
12.5
Using the net share Command in Windows . . . . . . . . . . . . . . . . . . . . . . . . 795
Exercise
13.1
Changing a Screen Saver in Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854
Exercise
13.2
Auto-­Hiding the Taskbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 856
Exercise
13.3
Starting a Program from the Run Window . . . . . . . . . . . . . . . . . . . . . . . . . 859
Exercise
14.1
Working with Task Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 887
Exercise
14.2
Working with Performance Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 896
Exercise
14.3
Changing the Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 908
Exercise
14.4
Showing Hidden Files and Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 913
Exercise
15.1
Command-­
Introduction
Welcome to the CompTIA A+ Complete Study Guide. This is the fifth edition of our best-­
selling study guide for the A+ certification sponsored by CompTIA (Computing Technology
Industry Association). Thank you for choosing us to help you on your journey toward
certification!
This book is written at an intermediate technical level; we assume that you already know
how to use a personal computer and its basic peripherals, such as USB devices and printers,
but we also recognize that you may be learning how to service some of that computer
equipment for the first time. The exams cover basic computer service topics as well as more
advanced issues, and they cover topics that anyone already working as a technician should
be familiar with. The exams are designed to test you on these topics in order to certify that
you have enough knowledge to fix and upgrade some of the most widely used types of
personal computers and operating systems.
In addition to the prose in the chapters, we’ve included a lot of extra material to help
your study prep. At the end of each chapter is a list of exam essentials to know as well as 20
review questions to give you a taste of what it’s like to take the exams. In addition, there are
xxviii
Introduction
are needed to provide capable support in the field of personal computers. It is similar to
other certifications in the computer industry, such as the Cisco Certified Technician (CCT)
Introduction
xxix
more money they make for their company. And, of course, the more money they make for
the company, the more valuable they are to the company. So, if an employee is A+ certified,
their chances of being promoted are greater.
Fulfills Training Requirements
Most major computer hardware vendors recognize A+ certification. Some of these vendors
apply A+ certification toward prerequisites in their own respective certification programs,
xxx
Introduction
room, you will need to leave everything outside; you won’t be able to bring any materials into the testing area.
■■
Read the questions carefully. Don’t be tempted to jump to an early conclusion. Make
Introduction
xxxi
Chapter 2: Expansion Cards, Storage Devices, and Power Supplies Chapter 2 presents
internal expansion options and popular forms of storage devices in use today, including
traditional hard drives, solid-­state drives, flash drives, and memory cards. Capacities,
form factors, and the makeup of the4 gnnsentsare also discusseds.Fionalay,
cChapte looktsat2 poviudingpowte to4 gupte 4 gnnsent.i
Introduction
Part II of the book, Chapters 13–22, covers all the topics on which you will be tested for
Exam 220-­1102:
Chapter 13: Operating System Basics Chapter 13 begins by covering the fundamentals
of understanding various operating systems. The chapter then shifts to focus on supporting applications installations. The chapter then concludes by introducing Windows 10
editions, features, the Windows interface, and file management.
Chapter 14: Windows Configuration Chapter 14 explores d trol Panel applets,
Microsoft Management d sole snap-­ ins, and Windows settings used to configure and
customize the Windows operating system. The chapter also covers the Windows Registry
and disk management.
Chapter 15: Windows Administration Chapter 15 guides you through the installation and upgrade of the Windows operating system. The chapter then explores the various command-­line tools used to administer Windows. Finally, the chapter covers the
administration and support of networking that is common with Windows.
Chapter 16: Working with macOS and Linux Chapter 16 covers common features
and tools found in both the macOS and Linux operating systems. The chapter concludes
by covering command-­line tools used on Linux operating systems.
Chapter 17: Security d cepts
Just when you think this book couldn’t get any better, - security on wired a
Introduction
xxxiii
Chapter 22: Documentation and Professionalism This chapter covers the “softer” side
of working with computers. Specifically, you learn to practice proper communication,
show professionalism, and implement best practices associated with documentation and
xxxiv
Introduction
you prepare for the certification exams and increase your chances of passing them the first
time! The test bank includes the following elements:
Sample Tests All the questions and answers in this book are provided, including the
assessment tests, which you’ll find at the end of this introduction, and the review questions at the end of each chapter. In addition, there are eight practice exams. Use these
questions to test your knowledge of the study guide material. The online test bank runs
on multiple devices.
Flashcards Four sets of questions are provided in digital flashcard format (a question
followed by a single correct answer). You can use the flashcards to reinforce your
learning and provide last-­minute test prep before the exam.
Glossary The key terms from this book and their definitions are available as a fully
searchable PDF.
eBooks Read eBook versions of this Study Guide in multiple formats on your
favorite device.
Audio Instruction Over 2 hours of recorded instruction from the authors to help you
Introduction
xxxv
Introduction
Objective
1.2 Compare and contrast the display components of mobile devices.
■■
Types
Liquid crystal display (LCD)
– In-­plane switching (IPS)
– Twisted nematic (TN)
– Vertical alignment (VA)
Organed light-­
emitting diode (OLED)
■fi
fl ■
xxxvii
Chapter(s)
Introduction
Objective
Data to synchronize
– Mail
– Photos
– Calendar
– Contacts
– Recognizing data caps
2.0 Networking
xxxix
Chapter(s)
Introduction
xli
Introduction
xliii
Introduction
xliv
Objective
■■
C
■■
L
■■
Chapter(s)
Introduction
Objective
■■
xlv
Chapter(s)
Hard drive cables
■■
Seriava1-28.n( d ( ( 5 1l)-8 (9-33.d T)66-33.8 (1)-25. ( 4-16.h (a4.98.n()-25.o)4-18.7()-65.o)-71l)-g( d
xlvi
Introduction
Obje.998ieOChapter(s)
Introduction
xlvii
xlviii
Objective
■Oebjctiv■
Introduction
Chapter(s)
Introduction
Objective
3.6 Given a scenario, deploy and configure multifunction devices/printers
and settings.
■■
xlix
Chapter(s)
l
Introduction
Objective
Chapter(s)
Introduction
Objective
4.0 Virtualization and Cloud Computing
4.1 Summarize cloud-­
Chapter(s)
li
lii
Introduction
Objective
5.0 Hardware and Network Troubleshooting
Chapter(s)
Introduction
Objective
■■
Burning smell
■■
Intermittent shutdown
■■
Application crashes
■■
Grinding noise
■■
Capacitor swelling
■■
Ina
Chapter(s)
liii
liv
Introduction
Introduction
Objective
■■
Chapter(s)
lv
Introduction
lvi
Domain
Percentage of exam
1.0 Operating Systems
31%
2.0 Security
25%
3.0 Software Troubleshooting
22%
4.0 Operational Procedures
22%
Total
100%
Objective Map
The following table lists where you can find the objectives covered in the book.
Objective
Chapter(s)
1.0 Operating Systems
1.1 Identify basic features of Microsoft
Windows editions.
■■
Windows 10 editions
■■
Hom1 Tf4/T1_5 79f-0.001 Tw 4.081 0 0 4.081 93.1056 295.4535 Tm(fi)4j-0.76140 Td(fl)Tj/T1_3 178T
Introduction
Objective
1.2 Given a scenario, use the appropriate Microsoft command-­line tool.
■■
Navigation
Chapter(s)
lvii
lviii
Introduction
Introduction
lix
lx
Introduction
Introduction
lxiii
Objective
■■
Types of installations
■■
Upgrade
■■
Recovery partition
■■
Clean install
■■
Im0.019 T 49073 (s)1-ee
Chapter(s)
lxiv
Objective
■■
Introduction
Chapter(s)
Introduction
Objective
1.11 Identify common features and tools of the Linux client/desktop OS.
■■
Common commands
■■
ls
■■
pwd
■■
mv
■■
cp
■■
rm
■■
chmod
■■
Chapter(s)
lxv
Introduction
lxvi
Objective
2.0 Security
2.1 Summarize various security measures and their purposes.
■■
Physical security
■■
Access control vestibule
■■
Badge reader
■■
Chapter(s)
Introduction
Objective
■■
■■
Mobile device management (MDM)
Chapter(s)
lxvii
lxviii
Introduction
Objective
Boot sector virus
Cryptominers
■■
Chapter(s)
Introduction
Objective
■■
Dictionary attack
■■
Insider thre t
■■
Structured Query Languge (SQL) injection
■■
Cross-
Chapter(s)
lxix
Introduction
Introduction
Objective
2.7 Explain common methods for securing mobile and embedded devices.
■■
Chapter(s)
lxxi
lxxii
Introduction
Introduction
lxxiv
Objective
■■
Repair Windows
■■
Restore
■■
Reimage
Chapter(s)
■
ObjectiveChapter(s)3.4 Given a scenario, troubleshoot common mobile OS and application issues.■■C1.2 (om)-29.8 (m)-1.1 25646TJ/eCC9t.001 Tc 0.001 T2 528.2466 494[(C)-2255
Introduction
lxxv
lxxvi
Introduction
Objective
4.0 Operational Procedures
4.1 Given a scenario, implement best practices associated with
documentation and support systems information management.
Chapter(s)
Introduction
Objective
4.2 Explain basic change-­management best practices.
■■
■■
■■
Documented
business processes
■■
Rollback plan
■■
Sandbox testing
■■
Responsible staff member
Change management
■■
Reques81 5.9 2 fees
lxxvii
Chapter(s)
lxxviii
Introduction
Introduction
Objective
■■
lxxix
Chapter(s)
lxxx
Introduction
Introduction
lxxxi
Objective
Chapter(s)
4.9 Given a scenario, use remote access technologies.
20
■■
Methods/tools
■■
RDP
■■
VPN
■■
Virtual network computer (VNC)
■■
Secure Shell (SSH)
■■
Remote monitoring and management (RMM)
■■
Microsoft Remote Assistance (MSRA)
■■
Third-­party tools
– Screen-­sharing software
– Video-­conferencing software
– File transfer software
– Desktop management software
Security considerations of each access method
lxxxii
þð
Ó
Assessment Test for Exam 220-­1101
6.
lxxxiii
Assessment Test for Exam 220-­1101
lxxxv
18. Which of the following protocols can be used by a client to access email on a server?
A.
DNS
B.
FTP
C.
SMTP
D.
IMAP
19. Which of the following protocols provide secure network transmissions? (Choose two.)
A.
SMTP
B.
SNMP
C.
SSH
D.
HTTPS
20. Which of the following is a company that provides direct access to the Internet for home and
business computer users?
A.
ASP
B.
ISP
C.
DNS
D.
Assessment Test for Exam 220-­1101
lxxxvi
24. Google Docs is an example of what type of cloud service?
A.
SaaS
B.
IaaS
C.
PaaS
D.
GaaS
25. Which type of software is required to run client-­side virtualization on your home network?
A.
Terminal emulation
B.
Process replication
C.
Hyperthreading
D.
Hypervisor
26. You are installing a new display for a laptop.
Assessment Test for Exam 220-­1101
lxxxviii
Assessment Test for ExamTssa­1101
36. A network cable has not been working properly. Another technician suggests testing the
cable. Which tool should be used that may be capable of doing this? (Choose two.)
A.
Loopback plug
B.
Network tap
C.
Cable tester
D.
Toner probe
Answers to Assessment Test 220-1101
xci
23. C. A proxy server can be configured to block access to websites containing potentially objectionable material. Web servers host websites. There is no specific security server, although
there are authentication servers that provide security. A DNS server resolves hostnames to IP
addresses. See Chapter 8 for more information.
24. A. Google Docs is software, so it is an example of software as a service (SaaS). IaaS is infrastructure as a service. PaaS is platform as a service. GaaS is not a test objective and is not currently a cloud service type. See Chapter 8 for more information.
25. D. The hypervisor is the key piece of software needed for virtualization. Terminal emulation, process replication, and hyperthreading are not reAycli[(-5 (.)]TJ/Span<</ActualText<00AD2002>> B Td( )TjE2jSee Chapter90358
D.
for more information.25.
xcii
Answers to Assessment Test 220-1101
34. C. White streaks on printouts are most likely caused by toner on the transfer corona wire.
Vertical black lines are caused by a scratch or a groove in the EP drum. If the fuser was not
heating properly, toner would not bond to the paper(x3r<ur wouldhaovessmaprigm.)37 (Faultyt )]TJ0 -1.222 Td[ p
morve if omeatonC.
Assessment Test for Exam 220-1102
xciii
Assessment Test for Exam 220-1102
1.
2.
3.
4.
5.
6.
Which will accomplish a specific task for the user?
A.
Driver
B.
Application
C.
Operating system
D.
Filesystem
Which operating system is a cloud-­based operating system?
A.
Linux
B.
Android
C.
Windows 10
D.
Chrome OS
Which term defines the precompiled instructions that are programmed and allows an
operating system and its applications to operate?
A.
Shell
B.
Source
C.
GUI
D.
Multithreading
Which term best describes the Android operating system?
A.
Server
B.
Workstation
C.
Mobile
D.
Cloud-­based
You need to change a computer’s name and join it to a domain. Which tool will allow you to
perform these actions?
A.
Device Manager
B.
User Accounts
C.
System Properties
D.
Credential Manager
Which tab in Task Manager allows you to see processes separated by each user on
the system?
A.
Processes
B.
Performance
C.
App History
D.
Users
Assessment Test for Exam 220-1102
xciv
7.
8.
Which RAID system requires three or more disks to provide fault tolerance?
A.
Mirroring
B.
Striping
C.
RAID-­1
D.
Striping with parity
Which Windows Update branch allows you to install preview releases of updates fc1dnu3ioh5taates fc1dnuT>Bmt
Assessment Test for Exam 220-1102
xcv
xcvi
Assessment Test for Exam 220-1102
19. With which mobile filesystem are files with .ipa file1aMensions typically associated?a
Assessment Test for Exam 220-1102
xcvii
25. Your mobile device is suffering from an intermittent wireless connection. What is recommended to alleviate signal drops?
A.
Shortening the SSID
B.
Using the 5 GHz band
C.
Reducing power on the WAP
D.
Using the 2.4 GHz band
26. You are receiving USB controller resource warning messages. What should you try to resolve
the issue?
A.
Move USB devices around on the USB ports.
B.
Manually allot more endpoints.
C.
Upgrade drivers for the USB devices.
D.
Manually increase the output amperage.
27. Why is time drift a big problem on virtual machines?
A.
Lack of configuration for the NTP server
B.
Availability of the NTP server
C.
Shared physical RTC
D.
Emulated RTC
28. Which tool can be used to restart a failed service?
A.
msconfig.exe
B.
WinRE
C.
Computer Management MMC
D.
Resource Monitor
29. Which is a safety risk from overheating a lithium-­ion battery?
A.
Reduced voltage
B.
Shock
C.
Explosion
D.
Shutdown
30. Which 17 Tw se are not generally attributed to an intermittent wireless issue?
A.
Bluetooth devices
B.
Microwaves ovens
C.
WAPs
D.
Radar
xcviii
c
ci
49. Which method is used to test a change in an isolated environment?
A.
Primary plan
B.
Backout plan
C.
Sandbox testing
D.
Technical evaluation
50. Which backup method can creuse a new current full backup from the files alreudy contained
on the backup media?
A.
Synthetic
B.
Copy
C.
Incremental
D.
Differential
cii
Answers to Assessment
Answers to Assessment Test 220-1102
9.
ciii
C. Rootkits are software programs that have the ability to hide certain things from the
operating system. A worm is malware that replicates itself and infects other system. Trojans
are programs that enter a system or network under the guise of another program. A botnet
is a group of infected compu ths that can be remotely controlled via a command and control
server. See Chap th 17 for more information.
18. B. Synchronization can copy all contacts, programs, email messages, pictures, music, and
videos between a mo7 T0gn T1_0 1 Taompu ths 11.1 2. anMirrorg sy a grhs memorver-j0 -1.222 Td[(sects,)oonye
18
.
B. T
C. An air filter mask will protect you from inhaling dust particles. A multimeter is used to
measure voltage. Although useful, a flashlight and a mirror are not needed for cleaning dust
out of computer equipment. See Chapter 21 for more information.
43. D. See Chapter 21 for dust
cviii
Answers to Assessment Test 220-1102
50. A. A synthetic backup uses the latest full backup and applies each of the daily backups to
create a new full backup. The backup software performs this function by using the backup
media already obtained. A copy backup is similar to a full backup, except that it does not
reset the archive bits and requires backup from the servers. An incremental backup copies
only those files that have changed since the last backup and leaves the archive bits
unchanged. A differential backup backs up only the files that have changed since the last
backup. See Chapter 22 for more information.
220-­1101
PART
I
Motherboards,
Processors,
and Memory
The computets we use daily, ftom the latgest setvets to the
smallest smatt watches and evetything in b
­ etween, ate collections of diffetent electtonic components and softwate wotking
Understanding Motherboards
With small computing devices being far more prevalent, you might
wonder why we are starting the book talking about components that
7
8
Chapter 1
■
Motherboards, Processors, and Memory
and memoty in line with the fan output of the powet supply, allowing the ptocessot to tun
coolet. And because those components ate not in line with the expansion catds,(.)37 you can
install full-­length expansion catds—­adaptets that extend the full length of the inside of a
standatd computet case—­in an ATX mothetboatd machine. ATX (and its detivatives,(.)37 such
as micto-ATX) is the ptimaty PC mothetboatd fotm factot in use today. Standatd ATX
mothetboatds measute 12″ × 9.6″ (305 mm × 244 mm).
F I G U R E 1. 1
A typical motherboard
Understanding Motherboards
We will discuss expansion cards in more depth (and cover that part of
Exam Objective 3.4) in Chapter 2, “Expansion Cards, Storage Devices,
and Power Supplies.”
Information Technology eXtended
■■
■■
■■
■■
9
TheInformaticlgyXd()bswv-
Understanding Motherboards
setial communications ate Setial Advanced Technology Attachment (Setial ATA, ot SATA),
Univetsal Setial Bus (USB), IEEE 1394/FiteWite, and Petiphetal Component Intetconnect
Exptess (PCIe).
The term bus is also used in any parallel or bit-­serial wiring implementa-
11
12
Chapter 1
■
Motherboards, Processors, and Memory
14
Chapter 1
■
Motherboards, Processors, and Memory
Expansion Slots
The most visible patts of any mothetboatd ate the expansion slots
Understanding Motherboards
PCIe Expansion Slots
The most common expansion slot atchitectute that is being used by mothetboatds is PCI
Express (PCIe). It was designed to be a teplacement fot PCI, as well as an oldet video catd
15
16
Chapter 1
■
Motherboards, Processors, and Memory
Understanding Motherboards
Bidirectional means that data flows in both directions, often simulta-
17
Understanding Motherboards
19
Fot -20 most patt, PCs today us0 memoty chips attanged on a small citcuit boatd. A dual
in-­lin0 memory module (DIMM) is one type of citcuit boatd. Today’s DIMMs diffet in -20
numbet of conductots, ot pins, that each patticulat physical fotm factot us0s. Some common
examples include 168-­, 184-­, 240-­, and 288-­pin configutations. In addition, laptop memoty
comes in smallet fotm factots known as small outlin0 DIMMs (SODIMMs) and Micto-
20
Chapter 1
■
Motherboards, Processors, and Memory
Sometimes, the amount of ptimaty memoty installed is inadequate to setvice additional
tequests fot memoty tesoutces ftom newly launched applications. When this condition
occuts, the uset may teceive an “out of memoty” ettot message and an application may fail
to launch. One solution fot this is to use the hatd dtive as additional RAM. This space on
the hatd dtive is known as a swap file ot a paging file. The technology in genetal is known as
virtual memory ot virtual RAM. The paging file is called PAGEFILE.SYS in modetn Mictosoft opetating systems. It is an optimized space that can delivet infotmation to RAM at
the tequest of the memoty conttollet fastet than if it came ftom the genetal stotage pool of the
dtive. It’s located at c:\pagefile.sys by default. Note that vittual memoty cannot be
used ditectly ftom the hatd dtive; it must be paged into RAM as the oldest contents of RAM
ate paged out to [(to launch.)37to makhe oom. The memoty conttollet, by [(toway)92 (,)37 ( is the )]TJ0 -1.263 Td
Understanding Motherboards
The typical incteasing otdet of capacity and distance ftom the ptocessot die is L1 cache,
L2 cache, L3 cache, RAM, and HDD/SSD (hatd disk dtive and solid-­state dtive—­mote
on these in Chaptet 2). This is also the typical decteasing otdet of speed. The following
list includes teptesentative capacities of these memoty types. The cache capacities ate fot
each cote of the 10th genetation Intel Cote i7 ptocessot. The othet capacities ate simply
modetn examples.
■■
L1 cache—­80 KB (32 KB fot insttuctions and 48 KB fot data)
■■
L2 cache—­512 KB
■■
L3 cache—­8–­16 MB
■■
RAM—­16–256 GB
■■
HDD/SSD—­100s of GB to sevetal TB
One way to find out how much cache yout system has is to use a utility such as CPU-­Z,
as shown in Figute 1.9. CPU-­Z is fteewate that can show you the amount of cache, ptocessot name and numbet, mothetboatd and chipset, and memoty specifications. It can be
found at www.cpuid.com.
F I G U R E 1. 9
Figure 1.9 shows L1D and L1I caches. Many CPUs will split L1 cache into
cache for data (L1D) or instructions (L1I). It’s highly unlikely you’ll be
tested on this, but it’s interesting to know.
21
Understanding Motherboards
23
24
Chapter 1
■
Motherboards, Processors, and Memory
Some legacy sockets, such as Socket 5 and Socket 7, supported both
AMD and Intel platforms, but it’s unlikely that you will see one in the wild,
as they are over 25 years old now.
Playing the Name Game
Back in simpler times, Intel marketed only onf8 (s(s o)-11.3 (l)y0 (s, and (Pl9 (l)at ael ma. Fhe.3exa, In,294 Td[(a)412.1
Understanding Motherboards
25
an i7 required a specific type of socket, but they needed to know which i7 they were dealing
with. For example, a Broadwell-­based (2014) i7 requires an LGA 1150 socket, whereas most
Kaby Lake (2016) i7s use an LGA 1151. One pin makes a huge difference!
Odds are you aren’t going to need to memorize all possible Intel chip and motherboard
socket combinations for 26r exa for 26rerel world.e Ir 26rerel world,r 26rIIntrnet(’949.9 ds lwz)20 aysd
whic0 socked you need for a specificprocessor0
u fewu of Inte(’)100 sorecent CPUu aiciteActeedcodenamres adr 26rassoci -
26
Chapter 1
■
Motherboards, Processors, and Memory
Multisocket and Server Motherboards
When it comes to mothetboatd compatibility, the two biggest things to keep in mind ate the
ptocessot type and the case. If eithet of those ate misaligned with what the mothetboatd
suppotts, you’te going to have ptoblems.
Thus fat, as we’ve talked about desktop mothetboatds and theit CPU sockets, we have
shown examples of boatds that have just one socket. Thete ate mothetboatds that have
mote than one CPU socket and conveniently, they ate called multisocket (typically wtitten
as two wotds) mothetboatds. Figute 1.12 shows a two-­socket mothetboatd made by GIGABYTE. The two CPU sockets ate easily identifiable and note that each CPU socket has eight
dedicated memoty slots.
F I G U R E 1. 1 2
GIGABYTE multisocket motherboard
Understanding Motherboards
27
Ttying to categotize setvet mothetboatds can be a bit challenging. Setvets ate expected to
do a lot mote wotk than the avetage PC, so it makes sense that setvets need mote powetful
hatdwate. Setvets can, and quite often do, make do with a single ptocessot on a “notmal”
PC mothetboatd. At the same time, thete ate mothetboatds designed specifically fot setvets
that suppott multiple ptocessots (two and fout sockets ate common) and have expanded
memoty and netwotking capabilities as well. Futthet, while setvet mothetboatds ate often
ATX-­sized, many setvet manufactutets cteate custom boatds to fit inside theit chassis.
Regatdless, multisocket and setvet mothetboatds will genetally use the same CPU sockets
that othet mothetboatds use.
Mobile Motherboards
In small mobile devices, space is at a ptemium. Some manufactutets will use standatd
small-­factot mothetboatds, but most cteate theit own boatds to fit inside specific cases. An
example of an oddly shaped Dell laptop mothetboatd is shown in Figute 1.13. When teplacing a laptop mothetboatd, you almost always need to use one ftom the exact same model,
othetwise it won’t fit inside the case.
28
Chapter 1
■
Motherboards, Processors, and Memory
Neatly all laptop ptocessots ate soldeted onto the mothetboatd, so you don’t have to
wotty about CPU socket compatibility. If the CPU dies, you teplace the entite mothetboatd.
We will covet laptop components mote extensively in Chaptet 9, “Laptop and Mobile
Device Hpatts mote extensvet s
Understanding Motherboards
29
Understanding Motherboards
31
M.2 is closely associated with hard drives, and the M.2 form factor is also
in CompTIA A+ exam objective 3.3, “Given a scenario, select and install
storage devices.” Because of that, we will go in.9 (o)-16.4 2.3 (o m)-13.53 (o)-6.6 (r)20.8 (e d)-18.3
and hard drive data transfer speeds in Chapter 2 when we discuss solid-­
state driveos (SSDs).
Motherboard Headers
Ftom the time of the vety fitst petsonal computet, thete has been a minimum expectation
as to the buttons and LEDs that should be easily accessible to the uset. At fitst, they genetally appeated df96Ftontme of thcase (.)37 I dfoday ()77.4 (casesst,)37 o the buttons andhaveas beenddaten
.
32
Chapter 1
■
Motherboards, Processors, and Memory
headets ate gtouped togethet. Fot example, most of the headets fot the items on the ftont ot
top panel of the case ate often co-­located. The putpose fot the headet will be ptinted on the
mothetboatd, and while that may tell you what should connect thete, it often lacks detail in
how it should be connected. The mothetboatd manufactutet’s website is a good place to go
if you need a detailed diagtam ot insttuctions. Figute 1.19 shows sevetal headets on a mothetboatd. On the left is a USB headet, then a system fan headet in the centet, and a block of
ftont panel headets on the tight, including the hatd dtive light, teset button, chassis inttusion
detectot, and powet light.
34
Chapter 1
■
Motherboards, Processors, and Memory
BIOS/UEFI and the POST Routine
Firmware is the name given to any softwate that is encoded in hatdwate, usually a tead-­
only memoty (ROM) chip, and it can be tun without extta insttuctions ftom the opetating
system. Most computdwM) chipslatge ptindwM) chipsnd idevi0.1witho noopetating
Understanding Motherboards
35
At a basic level, the BIOS/UEFI conttols system boot options such as the sequence of
dtives ftom which it will look fot opetating system boot files. The boot sequence menu ftom
a BIOS/UEFI is shown in Figute 1.22. Othet intetface configutation options will be available
too, such as enabling ot disabling integtated potts ot an integtated video catd. A populat
36
Chapter 1
■
Motherboards, Processors, and Memory
BIOS/UEFI Security and Encryption
The BIOS/UEFI has always played a tole in system secutity. Since the eatly days of the
petsonal computet, the BIOS allowed the setting of two passwotds—­the ushap(ot boot) passwotd and the supetvisot/administtatot, ot access, passwotd. The boot passwotd is tequited
to leave the initial powet-­on scteens and begin the ptocess of booting an opetating system.
Understanding Motherboards
F I G U R E 1. 2 3
Windows TPM configuration screen
F I G U R E 1. 2 4
Secure boot in UEFI
37
38
Chapter 1
■
Motherboards, Processors, and Memory
The ptoblem can now atise that a patticulat opetating system might not be suppotted
by the database of known-­
Understanding Motherboards
39
Flashing the System BIOS/UEFI
If ever you find that a hardware upgrade to your system is not recognized, even after the
latest and correct drivers have been installed, perhaps a BIOS/UEFI upgrade, also known
as flashing the BIOS, is in order. Only certain hardware benefits from a BIOS/UEFI upgrade,
lasucarh verarhange of CPUrde RAM types. arVery of5 (ter n,he isardw)20 (are beisacogniz)20 (ed, ]TJ0 -1.412 Td[(
40
Chapter 1
■
Motherboards, Processors, and Memory
■■
Boot sequence
■■
Powet management
■■
Vittualization suppott
■■
Secutity (passwotds, Ttusted Platfotm Module settings, LoJack)
Considet a situation whete you added a new gtaphics adaptet to yout desktop computet, but the built-­in display pott continues to temain active, ptohibiting the new intetface
ftom wotking. The solution might be to altet yout BIOS/UEFI configutation to disable the
intetnal gtaphics adaptet, so that the new one will take ovet. Similat teconfigutation of yout
BIOS/UEFI settings might be necessaty when ovetclocking—­ot changing the system clock
speed—­is desited, ot when you want to set BIOS/UEFI-­based passwotds ot establish TPM-­
based whole-­dtive enctyption, as with Mictosoft’s BitLocket. While not so much utilized
today, the system date and time can be alteted in the BIOS/UEFI configutation utility of yout
system; once, in the eatly days of petsonal computing, the date and time actually might have
needed to be changed this way.
Yout PC keeps these settings in a special memoty chip cualed the complementary metal
oxide semiconductor (CMOS) memoty chip. Actually, CMOS (usually ptonounced see-­moss)
is a manufactuting technology fot integtated citcuits. The fitst commonly used chip made
ftom CMOS technology was a type of memoty chip, the memoty fot the BIOS/UEFI. As a
tesult, the tetm CMOS stuck and is the accepted name fot this memoty chip.
The BIOS/UEFI statts with its own default infotmation and then teads infotmation ftom
the CMOS, such as which hatd dtive types ate configuted fot this computw gtapuse, which
dtive(s) it should seatch fot boot sectots, and so on. Any ovetlapping infotmation tead ftom
the CMOS ovettides the default infotmation ftom the BIOS/UEFI. A lack of cottesponding
infotmation in the CMOS does not delete infotmation that the BIOS knows natively. This
ptocess is a metge, not a wtite-­ovet. CMOS memoty is usually 352 upgtadable in tetms of its
capacity and might be integtated into the BIOS/UEFI chip ot the Southbtidge.
Although there are technical differences, in the real world the terms
BIl O11.3 (l Sr)-iu/c EndCrl O11.3 (S )230.2 (a)84.7 (n)-53 (d(B)-15.8 (I)-15.1 (l O13 (l Sr)-iu/c)-2598 Ur)
im
e(t)-1E3i.3a
(h)-12.7(od
)-1th
1.3uughim
t
t.It22
Understanding Motherboards
41
42
43
mothetboatd. As a tesult, the gtid of metallic contact points, called lands, on the bottom of
the CPU gives this fotmat its name.
You can easily identify which component inside the computet is the CPU because it is
a latge squate lying flat on the mothetboatd with a vety latge heat sink and fan (tefet to
Figute 1.10). The CPU is almost always located vety close to the RAM to imptove system
speed, as shown in Figute 1.1, Figute 1.2, and Figute 1.8.
CPU Architecture
As noted in the ptevious section, the functional job of the ptocessot is to do math on
vety latge sttings of 0s and 1s. Howt is the goes about doing that depends upon its
atchitectute. Fot commonly used ptocessots, thete ate two majot categoties—­those based
on Complex Insttuction Set Computing (CISC) and those based on Reduced Insttuction Set
Computet (RISC).
x64/x86
CISC (ptonounced like disk, but with a “c”) and RISC (ptonounced risk) ate examples of an
insttuction set atchitectute (ISA). Essentially, it’s the set of commands that the ptocessot can
execute. Both types of chips, when combined with softwate, can ultimately petfotm all the
same tasks. They just go about it difbeently. When ptogtammets develop code, they develop
it fot a CISC ot a RISC platfotm.
As the CISC name implies, insttuctions sent to the computet ate telatively complex
(as compated to RISC), and as such they can do multiple mathematical tasks with one
insttuction, and each insttuction can take sevetal clock cycles to complete. We’ll talk mote
about the speeds in the “the Chatactetistics” section latet, but fot now, knowt iat if a
CPU is advettised as having 3.8 GHz speed, iat means Bocan complete toughly 3.8 billion
cycles in one second. The cote of a ptocessot can only do one thing at a time—­Bojust does
them vety, vety quickly so Bolooks like it’s multitasking.
CISC was the otiginal ISA fot mictoptocessots, and the most well-­known example of
CISC technology is the x64/x86 platfotm populatized by Intel. AMD ptocessots ate CISC
chips as well. So whete did the .5 7 ptocetsx86 pl do just a]TJt mote theoty.
Thete is a set of data lines betweent is the and the ptimaty memoty of the system—­
temembet the bus? The most common bus today is ocebits wide, although thete ate still
sdoZ-­
44
Chapter 1
■
Motherboards, Processors, and Memory
Conttast that with ptocessots that can handle only 32 bits of infotmation at once. Those ate
tefetted to as x86 ptocessots. You might look at that last sentence and be cettain that we made
a typo, but we didn’t. Fot a long time when 32-­bit ptocessots wete the fastest on the PC matket,
Intel was the dominant playet. Theit CPUs had names like 80386 (aka i386) and 80486 (i486)
and wete based on the oldet 16-­bit 80286 and 8086. Since the i386 and i486 wete the most
populat standatds, the th8elsptung up to mean a 32-­ bit atchitectute. So even though it may
seem countetintuitive due to the numbets, x64 is newet and fastet thane.
Advanced RISC Machine
Moving into the RISC atchitectute, the ptimaty type of ptocessot used today is known as
an Advanced RISC Machine (ARM) CPU. Depending on who you talk to and which soutces
­
Understanding Processors
47
Which CPU Do You Have?
The surest way to determine which CPU your computer is using is to open the case and
view the numbers stamped on the CPU, a process that today requires removal of the active
heat sink. However, you may be able to get an idea without opening the case and removing
the heat sink and fan because many manufacturers place a very obvious sticker somewhere
on the case indicating the processor type. Failing this, you can always go to the manufacturer’s website and look up the information on the model of computer you have.
An easier way may be to look in Control Panel ➢ System, to get the About screen as
shown in Figure 1.29. Even more detailed information can be found by running the System
Information by clicking Start and entering msinfo32.exe. Click System Information when it
appears as the Best Match. Of course, third-­party utilities such as CPU-­Z that we showed
you earlier will workamp5. A enal way to determine a computer’s CPU is to save your work,
exit any open programs, and restart the computer. Watch closely as the computer boots
back up. You should see a notation during the POST routine that tells you what chip you
are using.
48
Chapter 1
■
Motherboards, Processors, and Memory
Virtualization Supporty
Understanding Memory
49
52
Chapter 1
■
Motherboards, Processors, and Memory
two “sides” of the modules and, at any patticulat moment, can access only the side to which
they have switched. Double-­sided memoty allows mote memoty to be insetted into a computet, using half the physical space of single-­sided memoty, which tequites no switching by
the memoty conttollet.
Single-­, Dual-­, Triple-­, and Quad-­Channel Memory
Standatd memoty conttollets manage access to memoty in chunks of the same size as the
system bus’s data width. This is consideted communicating ovet a single channel. Most
modetn ptocessots have a 64-­bit system data bus. This means that a standatd memoty
Chapter 1
54
■
Motherboards, Processors, and Memory
Types of Memory
Memoty comes in many fotmats. Each one has a patticulat set of featutes and chatactetistics, making it best suited fot a patticulat application. Some decisions about the application
of the memoty type ate based on Tdability; othets ate based on affotdability to consumets
ot matkeability to computet manufactutets. The following list gives you an idea of the vast
attay of memoty types and subtypes:
■■
DRAM (dynamic tandom access memoty)
ADRAM (asynchtonous DRAM)
FPM DRAM (fast page mode DRAM)
EDO DRAM (extended data out DRAM)
BEDO DRAM (butst EDO DRAM)
SDRAM (synchtonous DRAM)
SDR SDRAM (single data tate SDRAM)
DDR SDRAM (double data tate SDRAM)
DDR2 SDRAM (double data tate, vetsion two, SDRAM)
DDR3 SDRAM (double data tate, vetsion thtee, SDRAM)
DDR4 SDRAM (double data tate, vetsion fout, SDRAM)
DDR5 SDRAM (double data tate, vetsion five, SDRAM)
■■
SRAM (static tandom access memoty)
■■
ROM (tead-­only memoty)
Pay patticulat attention to all synchtonous DRAM types as that’s the most common type
in use. Note that the type of memoty does not dictate the packaging of the memoty. Convetsely, howevet, you might notice one patticulat memoty packaging holding the same type
of memoty evety time you come actoss it. Nevettheless, thete is no tequitement to this end.
Let’s deail the intticacies of some of these memoty types.
DRAM
DRAM is dynamic tandom access memoty. This is what most people ate talking about when
they mention RAM. When you expand the memoty in a computet, you ate adding DRAM
chips. You use DRAM to expand the memoty in the computet because it’s a cheapet type of
memoty. Dynamic RAM chips ate cheapet to manufactute than most othet types because
they ate less complex. Dynamic tefets to the memoty chips’ need fot a constant update
signal (also called a refresh signal) in otdet to keep the infotmation thcThttl5
Understanding Memory
55
and include DR3 and DR4. Ocasionaly you wil see some DR2, and DR5 is new so
it hastn’ been widely adopted yet. Before discung these technolgies, letak
t’ e a quick lok
at the legacy asynchronous memory types, noe of which should appear on modern exams.
Asynchronous DRAM
Asynchronous DRAM (ADRAM) is chatactetiz
extetnal clock. Asynchtonous DRAM chips have codes on them that end in a numetical
value that is telated to (often 1/10 of the actual value of) the acces( time of the memoty)92 (.)36.9 ( )]TJ0 -1.263
56
Chapter 1
■
Motherboards, Processors, and Memory
Note that thtoughput in megabytes pet second is easily computed as eight times the tating in the name. This ttick wotks fot the mote advanced fotms of SDRAM as well. The
common thtead is the 8-­byte system data bus. Incidentally, you can double thtoughput
tesults when implementing dual-­channel memoty.Ý
Understanding Memory
57
In this example, the module is tefetted to as PC1600, based on a thtoughput of
1,600 MBps. The chips that go into making PC1600 modules ate named DDR200
fot the effective FSB ftequency of 200 MHz. Stated diffetently, the industty uses
DDR200 memoty chips to manufactute PC1600 memoty modules.
Let’s make sute that you gtasp the telationship between the speed of the FSB and the
name fot the telated chips as well as the telationship between the name of the chips
(ot the speed of the FSB) and the name of the modules. Considet an FSB of 400 MHz,
meaning an actual clock signal 0 scn/GS0 Wi6ionGayTd7g Memo1 1 Tf/Span<</ActualT00ADFEFF2003>.4
Understanding Memory
59
DDR5 doubles the speed of DDR4 to 6.4 Gbps, as is expected fot a new memoty
standatd. Imptoved powet efficiency means it tuns at 1.1 volts. DDR5 is also the fitst
memoty module to be available in up to 128 GB modules.
SRAM
Static random access memory (SRAM) doesn’t tequite a teftesh signal like DRAM does036volt36volThe
Understanding Memory
61
62
Chapter 1
■
Motherboards, Processors, and Memory
that reinforced the contact of the module with its slot. Releasing the clips on either end of
thclips on unlocked it and allowed it to return to 45°, where it could be removed.
DIMM slots, by comparison, have no spring action. DIMMs are inserted straight into thclslot
with thcllocking tabs pulled away from the module. Thcllocking tabs are at either end of the
module, and they automatically snap into place, securing the module. Pulling the tabs away
from the module releases the module from the slot, allowing it to be effortlessly removed.
SODIMM
Laptop computets and othet computets that tequite much smallet components don’t use
standatd RAM packages, such as DIMMs. Instead, they call fot a much smallet memoty
fotm factot, such as a small outline DIMM (SODIMM). SODIMMs ate available in many
physical implementations, including the oldet 32-­bit (72-­and 100-­pin) configutation and
newet 64-­bit (144-­pin SDR SDRAM, 200-­pin DDR/DDR2, 204-­pin DDR3, 260-­pin DDR4,
and 262-­pin DDR5) configutations.
All 64-­bit modules have a single keying notch. Thcl144-­pin module’s notch is slightly off
centet. Note that although thcl200-­pin SODIMMs fot DDR and DDR2 have slightly diffetent keying, it’s not so diffetent that you don’t need to pay close attention to diffetentiate the
two. Thcy ate not, howevet, intetchangeable. DDR3, DDR4, and DDR5 ate keyed diffetently ftom the othets as well. Figute 1.34 shows a DDR3 SODIMM compated to DDR3 and
DDR2 DIMMs.
F I G U R E 1. 3 5
DDR3 SODIMM vs. DDR3 and DDR2 DIMMs
Understanding Cooling Systems
For the A+ exam, be sure to know the differences between SODIMMs and
DIMMs, DDR3, DDR4, and DDR5, ECC RAM, and single-­, dual-­, triple-­, and
quad-­channel RAM. Also understand what virtual RAM is.
Understanding Cooling Systems
It’s a basic concept of physics: electtonic components tutn electticity into wotk
63
Understanding Cooling Systems
F I G U R E 1. 3 6 3-pin chassis-­fan headers
Figure 1.37 shows a 4-­pin CPU fan header with an approaching 3-­pin connector from the
fan. Note that the keying tab is lined up with the same three pins it’s lined up with in the
3-­pin connectors.
F I Gpin
U RCPU
E 1.fan
3 7header
­
This physical aspect and the similar pin functions are what make these connectors
interchangeable, provided that the header’s function matches the role of the fan being
connected. Figure 1.38 shows the resulting unused pin on the 4-­pin header. Again,
controlling the fan’s speed is not supported in this configuration.
F I G U R E 1. 3pin
8 Position
connector
of on
a 3-­
a 4-­
65
66
Chapter 1
■
Motherboards, Processors, and Memory
Ideally, the aitflow inside a computet should tesemble what is shown in Figute 1.39,
whete the back of the chassis is shown on the left in the image.
Note that you must pay attention to the otientation of the powet supply’s aitflow. If the
powet supply fan is an exhaust fan, as assumed in this discussion, the ftont and teat fans
Underystems
67
Active cooling, on the othet hand, usually involves fotcing some kind of cooling
medium (ait ot watet) atound the RAM chips themselves ot atound theit heat sinks. Most
often, active cooling methods ate just high-­speed fans ditecting ait tight ovet a set of heat
spteadets.
Har
You might be thinking, “Hey, my hatd dtive is doing wotk all the time. Is thete anything
I can do to cool it off?.9 4 Thete ate both active and passive cooling devices fot hatd dtives.
Most common, howevet, is the active cooling bay. You install a hatd dtive in a special device
that fits into a 5¼″
68
Chapter 1
■
Motherboards, Processors, and Memory
Thete ate multiple CPU cooling methods, but the two most common ate ait cooling and
liquid cooling.
Air Cooling
The patts inside most computets ate cooled by ait moving thtough the case. The CPU is no
exception. Howevet, because of the latge amount of heat ptoduced, the CPU must have (ptopottionately) the latgest sutface atea exposed to the moving ait in the case. Thetefote, the
heat sinks on the CPU ate the latgest of any inside the computet.
The CPU fan often blows ait down thtough the body of the heat sink to fotce the heat
into the ambient intetnal ait whete it can join the aitflow citcuit fot temoval ftom the
case. Howevet, t csome cases, you might find that the heat sink extends up fatthet, using
tadiatot-­type fins, and the fan is placed at a tight angle and to the side of the heat sink. This
Understanding Cooling Systems
69
Most new CPU heat sinks use tubing to ttansfet heat away ftom the CPU. With any
ctom thet1,a ftom the mote sutface atea exposed to the ctom themethoda f6.9om the bettet the ctom th.
Plusa ftom the heat pipes can be used to ttansfet heat to a location away ftom the heat soutce
befote ctom th. topsa ftom whete open space is limited.
With advanced heat sinks and CPU ctom themethods like thisa ftom it is impottant to imptove
70
Chapter 1
■
Motherboards, Processors, and Memory
If the CPU has risen in the socket already, however, rotating the heat sink would be an
Exam Essentials
71
AIO systems come in thtee common sizes: 120 mm (with one fan, and the most common),
240 mm (two fans, fot ovetclocked components), and 360 mm (thtee fans, fot high-­
72
Chapter 1
■
Motherboards, Processors, and Memory
Be able to identify and differentiate motherboard connector types. Undetstand the diffetences between PCI, PCIe, SATA, eSATA, and M.2 connectots, as well as powet connectots
and headets.
Understand core concepts of motherboard compatibility.
Know that Intel and AMD chips
Review Questions
Review Questions
The answets to the chaptet teview questions can be found in Appendix A.
1.
2.
Which computet component contains all the citcuitty necessaty fot othet components ot
devices to communicate with one anothet?
A.
Mothetboatd
B.
CPU
C.
RAM
D.
Expansion bus
73
Review Questions
75
Chapter 1
76
■
Motherboards, Processors, and Memory
17. You have just found out that a new UEFI upgtade exists fot yout computet, and you obtain
a copy on a flash dtive to install it. Which of the following is most helpful when flashing the
UEFI on a desktop computet system?
A.
ATs,andMemotyA.
B
­ ased Question 1
77
Performance-­Based Question 1
You will encountet petfotmance-­based questions on the A+ exams. The questions on the
exam tequite you to petfotm a specific task, and you will be gtaded on whethet ot not you
wete able to complete the task. The following tequites you to think cteatively in otdet to
measute how well you undetstand this chaptet’s topics. You may ot may not see similat
questions on the actual A+ exams. To see how yout answet compates to the authots’, tefet to
Appendix B.
You have been asked to temove a dual in-­line memoty module and insett one with a
latget capacity in its place. Desctibe the ptocess fot doing so.
78
Chapter 1
Expansion Cards,
Storage Devices, and
Power Supplies
■■
As a PC technician, you need to know quite a bit about
hardware. Given the importance and magnitude of this
knowledge, the best way to approach learning about it is in
sections. The first chapter introduced the topic via the primary core components, and this
chapter follows up where it left off. First, we will look at adding functionality by plugging
expansion cards into the motherboard. Then, we will focus on storage devices that hold data
persistently—­that is, they don’t require power to maintain data like RAM does. Finally, we
will end the chapter by looking at the simple-­looking but potentially dangerous box that
gives the components the energy they need—­the power supply.
Installing and Configuring
Expansion Cards
An expansion card (also known as an adapter card) is simply a circuit board that you install
into a computer to increase the capabilities of that computer. Expansion cards come in
varying formats for different uses, but the important thing to note is that no matter what
function a card has, the card being installed must match the bus type of the motherboard
into which it is being installed. For example, you can install a PCIe network card into a PCIe
expansion slot only.
For today’s integrated components (those built into the motherboard), you might not
need an adapter to achieve the related services, but you will still need to install a driver—­
a software program that lets the operating system talk to the hardware—­to make the
integrated devices function with the operating system. Most motherboard manufacturers
supply drivers with their motherboards, typically on a flash drive, that contain all the device
drivers needed to get the built-­in electronics recognized by the operating system. Execution
of the driver’s setup program generally results in all components working properly.
The following are the four most common categories of expansion cards installed today:
■■
Video
■■
Multimedia
■■
Network Interface
■■
Input/Output
Let’s take a g31 0look at aech lf the s card bype , the r munction ,Tand Chat
82
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Video
A video card (sometimes called a graphics card) is the expansion card that you put into a
computer to allow the computer to present informatpansanssome kind of display, typically a
monitor or a projector. A video card is also responsible for converting the data sent to it by
the CPU into the pixels, addresses, and other items required for display. Sometimes, video
cards can include dedicated chips to performssome of these functpans, thus accelerating the
speed of display.
You will encounter two classes of video cards:sanboard cards and add-­on cards. Onboard
(or integrated) cards are built into the motherboard. As mentpaned earlier, you need to install
a device driver to get them to work properly, but those often come packaged with the
motherboard itself. The upside to an integrated card is that it frees up an expansion slot.
The manufacturer can either leave the slot open or design the motherboard and/or case to
be smaller. One downside is that if the video card fails, you need a new motherboard, or you
can install an add-­on card. A second downside is that the anboard video cards aren’t typically high-­end. Onboard cards generally share system memory with the processor, which
limits the quality of graphics ane can produce. If the user wants great graphics from a
powerful video card, then an add-­on card is almost always the way to go. For example,
serious gamers will always insist on a separate video card.
As for add-­on cards, PCIe is the preferred expansion slot type. You might be able to find
the rare, outdated motherboard that still offers a legacy AGP slot, and you might seessome
cheap PCI video cards, but they are uncommon. The technology on which PCIe was designed
performs better for video than those on which AGP and PCI are based. Figure 2.1 shows an
example of a PCIe x16 video card. The video card pictured is 10.6" (270 mm) long and takes
up quite a bit of space inside the case. Most cards today have built-­in fans like this ane does
to reduce the chance of overheating.
P79 351_47.5 1/Im5 9.94> BD2.35566 129.973 97.614 _1 1nq/
Installing and Configuring Expansion Cards
83
There is an extensive range of video cards available today on the market. For everyday
usage, cards with 1–2 GB of video memory are inexpensive and will do the trick. For gamers,
high-­end cards with a minimum of 8 GB GDDR5 are recommended. Of course, over the
84
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
In our section on video cards, we noted that integrated cards have inferior performance
to add-­on ones, and though the same holds true for sound cards, the difference isn’t quite
as drastic. Many of today’s motherboards come equipped with 5.1 or 7.1 analog or digital
Installing and Configuring Expansion Cards
85
Network Interface Card
A network interface card (NIC) is an expansion card that connects a computer to a network
so that it can communicate with other computers on that network. It translates the data
from the parallel data stream used inside the computer into the serial data stream that makes ork
Installing and Configuring Expansion Cards
87
Understanding Storage Devices
■■
89
Wireless network adapters often require the installation of a screw-­on antenna, which
should be postponed until after the card is fully inserted and physically secured in the
system. Software configuration that allows these cards to communicate with a scwiless neTJ-2-1.263 Td[((
92
Chapter 2
FIGURE 2.9
■
Expansion Cards, Storage Devices, and Power Supplies
PATA (top) and SATA (bottom) hard drive data and power connectors
Power
Data
Anatomy of a Hard Drive
A hard drive is constructed in a cleanroom to avoid the introduction of contaminants into
the hermetically sealed drive casing. Once the casing is sealed, most manufacturers seal one
or more of the screws with a sticker warning that removal of or damage to the seal will
result in voiding the drive’s warranty. Even some of the smallest contaminants can damage
the precision components if allowed inside the hard drive’s external shell. The following is a
list of the terms used to describe these components in the following paragraphs:
■■
Platters
■■
Read/write heads
■■
Tracks
■■
Sectors
■■
Cylinders
■■
Clusters (allocation units)
Inside the sealed case of the hard drive lie one or more platters, where the actual data is
stored by the read/write heads. The heads are mounted on a mechanism that moves them in
tandem across both surfaces of all platters. Older drives used a stepper motor to position the
Understanding Storage Devices
93
heads at discrete points along the surface of the platters, which spin at thousands of revolutions per minute on a spindle mounted to a hub. Newer drives use voice coils for a more
analog movement, resulting in reduced data loss because the circuitry can sense where the
data is located through a servo scheme, even if the data shifts due to changes in physical disc
geometry. Figure 2.10 shows the internal components of a conventional hard drive.
Before a hard drive can store data, it must be prepared. Factory preparation for newer
drives, or low-­level formatting in the field for legacy drives, maps the inherent flaws of the
platters so that the drive controllers know not to place data in these compromised locations.
Additionally, this phase in drive preparation creates concentric r163 3 Td[(platterpns.)2 1 Tf[(tr)45 (ac)192 kes
94
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
The capacity of a hard drive is a function of the number of sectors it contains. The
controller for the hard drive knows exactly how the sectors are laid out within the disk
assembly. It takes direction from the BIOS when writing information to and reading
information from the drive. The BIOS, however, does not always understtionthe actual
geometry of the drive. For example, the BIOS does not support more than 63 sectors per
track. Nevertheless, almost all hard drives today have tracks that contain many more than
63 sectors per track. As a result, a translation must occur from where the BIOS believes it
is directing information to be written to where the information is actually written by the
controller. When the BIOS detects the geometry of the drive, it is because the controller
reports dimensions that the BIOS can understtio. The same sort of trickery occurs when the
BIOS reports to the operating system a linear address space for the operating system to use
when requesting that data be written to or read from the drive through the BIOS.
After initial drive preparation, the drive is formatted with a file system, by the operating
system, tionthen it’s ready to store data. Filesystems laid down on the tracks tiontheir sectors routinely group a configurable number of sectors into equal or larger sets called clusters
or allocation units. This concept exists because operating system designers have to settle
on a finite number of addressable units of storage tiona fixed number of bits to address
them uniquely.
We will talk more tbout filo 1 Tf40 s (t fo)-3 (14r)-20 (175 (om (175unof f eSt5)-13.1 )-3c1BIO 222h.7
Understanding Storage Devices
95
96
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Solid-­State Drives
Unlike conventional hard drives, solid-­state drives (SSDs) have no moving parts—­they use
the same solid-­state memory technology found in the other forms of flash memory. You can
think of them as big versions of the flash drives that are so common.
Because they have no moving parts, SSDs are capable of transferring data much more
quickly than HDDs could ever dream of doing. Recall from the “HDD Speeds” section that a
10k SATA HDD tops out at about 200 MBps. Even the slowest SSDs will run circles around
that. The true speed of an SSD will be determined, of course, by the drive itself, but also the
interface to which it’s attached.
And because there’s no need for spinning platters and read/write heads, SSDs can be made
much smaller than HDDs, making them better for laptops and portable devices. SSDs have
several other advantages over their mechanical counterparts as well, including the following:
■■
Faster start-­up and read times
■■
Less power consumption and heat produced
■■
Silent operation
■■
Generally more reliable because of a lack of moving parts
■■
Less susceptible to damage from physical shock and heat production
■■
Higher data density per square centimeter
The disadvantages of SSDs are as follows:
■■
■■
The technology to build an SSD is more expensive per byte.
All solid-­state memory is limited to a finite number of write (including erase) operations.
Lack of longevity could be an issue. As the technology matures, this is becoming less and
less of a problem.
You will find that SSDs in the market generally have lower overall capacity than HDDs.
For example, it’s not uncommon to find HDDs over 8 TB in size, with 18 TB drives pacing
the market. Conversely, the biggest commercially available SSD (as of this writing) is 8 TB.
section that a The tele SSD
Understanding Storage Devices
97
Hybrid Drives
A cost-­saving alternative to a standard SSD that can still provide a significant increase in
performance over conventional HDDs is the hve. Hybrid drives can be implemented in two ways: a solid-­state hybrid drive and a dual-­drive storage solution. Both
forms of hybrid drives can take advantage of solutions such as Intel’s Smart Response Technology (SRwhich informs the drive system of the most used and highest-­ value data. The
drive can then load a copy of such data into the SSD portion of the hybrid drive for faster
read access.
It shouldybrinoted that systems on which data is accessed randomly doinotybrnefit from
hybrid drive technology. Any data that is accessed for the first time will alsoinotybr accessed
from flash memory, and it will take as long to access it as if it were accessed from a traditional hard drive. Repeated use, however, will result in the monitoring software’s flagging of
the data for caching in the SSD.
Solid-­State Hybrid Drive
The solid-­state hve (SSHD) is a conventional HDD manufactured with a substantial amount of flash memory–like solid-­state storage aboard. The SSHD is known to
100
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Remember that, unlike SATA, which is designed for storage devices such
as hard drives and optical drives, PCIe is more of a universal connector.
Video cards, sound cards, network cards, and many other devices use
PCIe slots as well. Before attempting to install a PCIe hard drive into a
computer, make sure that there’s an open PCIe slot of the a6.9 (p)-12.6 (r)-18.4 (o)-11.2 (p)-12.6 (r)-
Understanding Storage Devices
mSATA
101
102
Chapter 2
Understanding Storage Devices
103
Many motherboards today come with protective covers over the M.2 slots. Adding these
covers to provide a bit of safety within the case is a welcome feature. An example is shown
in Figure 2.18. The bottom M.2 slot is covered, and the top slot (just above the PCIe x4 connector) has the cover removed. Notice the screw holes to support 42 mm, 60 mm, 80 mm,
and 110 mm length devices.
104
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
As mentioned earlier, M.2 is a form factor, not a bus standard. M.2 supports SAT Qal is 0o 9.5 8n5o4e6B ione
Understanding Storage Devices
105
There are several types of RAID. The following are the most commonly used RAID levels:
RAID 0
RAID 0 is also known as disk striping, where a striped set of equal space
106
107
108
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
USB flash drives capitalize on the versatility of the USB interface, taking advantage of
Windows’ Plug and Play, AutoPlay, and Safely Remove Hardware features and the physical
connector strength. Upon insertion, these devices announce themselves to Windows File
Explorer as removable drives, and they show up in the Explorer window with a drive
letter. This software interface allows for drag-­and-­drop copying and most of the other
Explorer functions performed on standard drives. Note that you might have to use the Disk
Management utility (discussed in Chapter 13) to assign a drive letter manually to a USB
flash drive if it fails to acquire one itself. This can happen in certain cas
the previous letter assigned to the drive has been taken by another device in the USB flash
drive’s absence.
SD and Other Memory Cards
Today’s smaller devices require some form of removable solid-­state memory that can be
used for temporary and permanent storage of digital information. Modern electronics, as
well as most contemporary digital still cameras, use some form of removable memory card
to store still images permanently or until they can be copied off or printed out. Of these, the
Secure Digital (SD) format has emerged as the preeminent leader of the pack, which includes
the older MultiMediaCard (MMC) 1 Tf[(on which SD is bas)d. Both of these cards measure 32 mm × 24 mm, and slots that receive them are often marked for both. The SD card
is slightly thicker than the MMC and has a write-­
Understanding Storage Devices
109
Table 2.3 lists additional memory card formats, the slots for some of which can be seen in
the images that follow the table.
Figure 2.23 shows the memory-­card slots of an HP PhotoSmart printer, which is capable
Understanding Storage Devices
111
are longer than the power leads so that they make contact first and lose contact last. SATA
power connectors are designed in a similar fashion for the same purpose. This arrangement
ensures that no power leads make contact without their singular ground leads, which would
often result in damage to the drive. Drives based on SCA are hot-swappable. RAID systems
that have to be taken offline before drives are changed out, but the system power can remain
on, are examples of warm-­swappable systems.
Optical Drives
The final category of storage devices we will look at is optical drives. They get their name
because instead of storing data using magnetic fiel[(TDike conventional HDDs,)37 ( they read and )]TJ0 -1.263
pnvenst, but oday( they arefaer lesdcommons.)37 ( )37 (Thamorstadvancged optical storagetechnologyh )]TJ0
optical drivr can l sobre epnecged oe upporut thetechnologyh(thatcnamebleforeist.)37 ( uich optical )]TJ0 -1.26
thshe iscst haveg retere datacaptaitry andinc reasedperefomancg overefoppices,
they arenolt iftedged oe rp lcgt hrdt iske drives. HDDeg retleyexceged thecaptaitry and
112
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Optical Disc Capacities
The amount of data that can be stored on the three primary formats of optical disc varies
greatly, with each generation of disc exceeding the capacity of all previous generations. We’ll
start with the oldest first to show the progression of technologies.
When CDs first were used with computers, they were a huge change from floppy disks.
Instead of installing the program of the day using 100 floppy disks, you could use a single
CD-­ROM, which can hold approximately 650 MB in its original, least-­capable format.
Although CDs capable of storing 700 MB eventually became and continue to be the most
common, discs with 800 MB and 900 MB capacities have behenstandardized as well.
CDs were rather limited in technology, though. For example, data could only be writthen
to one side, and only one layer of data was permitthd on that side. DVDs came along with
much higher base capacity, but also the ability to store on both sides and have two layers of
data on each side.
The basic DVD disc is still a single-­sided disc that has a single layer of encoded
information. These discs have a capacity of 4.7 GB, over five times the highest CD capacity.
Simple multiplication can sometimes be used to arrive at the capacities of other DVD varieties. For example, when another media surface is added on the side of the disc where the
label is ofthenapplied, a double-­
sided disc is created. Such double-­sided discs (DVD DS, forn
double-­sided) have a capacity of 9.4 GB, exactly twa..506ty ol a single-
113
Optical Drive Data Rates
Optical drives are rated in terms of their data transfer speed. The first CD-­ROM drives
transferred data at the same speed as home audio CD players, 150 KBps, referred to as 1X.
Soon after, CD drives rated as 2X drives that would transfer data at 300 KBps appeared.
They increased the spin speed in order to increase the data transfer rate. This system[(Orat)]TJ(-)Tj0 -1.263 Td
114
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Burnable DVDs use similar nomenclature to CDs, with a notable twist. In addition to
DVD-­R and DVD-­RW, there are “plus” standards of DVD+R and DVD+RW. This is thanks
to there being two competing DVD consortiums, each with their own preferred format. The
Understanding Storage Devices
115
configuration is required for such devices.
work together to recognize the devices.,­
of-­the-­box hard drives before they will allow the installation of the operating system.
theless,s operating systems allow for a pain-­
free partition/format/setup experience by
handling the entire process,
Removing Storage Devices
Removing any component is frequently easier than installing the same part.
fact that most people could destroy a house,­
being,.
On the other hand,,
figure out how to remove a storage device,
withion and fortodae263 Td[k0 a hovict<FEFFn/ingdev forh ds,
116
Chapter 2
Understanding Storage Devices
5.
Find the proper screws for the storage device, and set any jumpers on the drive while
it is in hand. Then insert the device into the bay. Keep in mind that some insert from the
rear of the bay and some from the front.
6.
Line up the screw holes in the device with the holes in the bay. Note that many devices
rarely insert as far as they can before lining up with the chassis’s holes, so don’t be surprised when pushing the device all the way into the bay results in misalignment. Other
devices that require front access stop themselves flush with the front of the case, and
still others require you to secure them while holding them flush.
7.
Use at least two screws on one side of the device. This keeps the device from sliding in
the bay as well as from rotating, which happens when you use only one screw or one
screw on each side. If the opposite side is accessible, go aheadhe capute at leastone
screw in the other side. Moastdevices allow for as many as four screws per side, bute
eight screws are not necessary in the veastmajority of situations.
8.
Connect the data cable from the device to the adapter card or motherboard header.
9.
Attach a power connector from the power supply to the device. Be sure to insert the
connector completely.
10. Once the drive is attached, ungrou cayourself, and turn the computer on to verify that
the drive is functional.
11. If the drive is working properly, replace the computer cover.
There’s quite a lot to know about storage devices, and there are several
objectives to keep in mind as you prepare for the A+ exam. You will need
to know the following:
■■
Hard drive speeds
■■
■■
Hard drive form factors
■■
■■
■■
NVMe, SATA, and PCIe
SSD form factors
■■
■■
2.5 and 3.5
SSD communication interfaces
■■
■■
5,400 rpm, 7,200 rpm, 10,000 rpm, and 15,000 rpm
M.2 and mSATA
Drive configurations such as RAID 0, RAID 1, RAID 5, and RAID 10
Removable storage
■■
Flash drives
■■
Memory cards
■■
Optical drives
117
118
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Understanding Power Supplies
The computer’s components would not be able to operate without power. The device in the
computer that provides this power is the power supply (see Figure 2.26). A power supply
converts 110V or 220V AC current into the DC voltages that a computer needs to operate.
These are +3.3VDC, +5VDC, –5VDC (on older systems), +12VDC, and –12VDC. The jacket
on the leads carrying each type of voltage has a different industry-­standard color-­coding for
faster recognition. BlDC F200.ee ads caoerenhe lererent inat a givethe
120
Chapter 2
■
Understanding Power Supplies
121
Most power-­hungry devices (and we’re looking at you, video cards) will give you a
minimum power supply requirement. Generally speaking, the video card is the biggest
power user, so if you meet these requirements, you should be fine. The manufacturer
assumes you have otherwise standard gear in the system and adds a bit of a buffer.
Another option, if you are building a system, is to use the System Builder feature on a website we love called PCPartPicker.com. As you add components to the system, the site
automatically calculates the estimated wattage drawn and displays it on the page. Pick a
PSU that supplies more than that amount of power and you should be in the clear.
Power Connectors
The connectors coming from the power supply are quite varied these days. Some PSUs will
have connectors permanently attached, where other PSUs give you the ability to attach and
detach power connectors as needed, based on the devices installed in the system. The following sections detail and illustrate the most common power connectors in use today.
ATX, ATX12V, and EPS12V Connectors
ATX motherboards use a single block connector from the power supply. When ATX boards
were first introduced, this connector was enough to power all the motherboard, CPU,
memory, and all expansion slots. The original ATX system connector provides the six voltages required, plus it delivers them all through one connector: an easy-­to-­use single 20-­pin
connector. Figure ctu8 shows an example of an ATX system connector.
FIGURE ctu8
20-­pin ATX power connector
Understanding Power Supplies
The adapter mentionedm1.6 n th
hept
ioaapa
e
ada s
123
126
Chapter 2
FIGURE 2.35
■
Expansion Cards, Storage Devices, and Power Supplies
Modular p8.5 0supply
You will also see semi-­modular PSUs on the market. Generally, the motherboard and CPU
connectors will be hardwired, whereas the peripheral connectors can be added as needed.
There are two potential disadvantages to using a fully modular or semi-­modular p8.5 0
supply. First, some PSU manufacturers use proprietary connectors. Always be sure to keep
the extra p8.5 0connectors around (many come with a bag to store unused cables) just in0
case they are needed. Second, modular PSUs can take up a little more room in0the case. Plugging the p8.5 0connectors into the PSU can take up an extra ¼ or ½ inch. Usually this isn’t
an issue, but it can be in0small5 0cases.
Redundant Power Supplies
Nearly every computer you will work with has one and only one p8.5 0supply—­is that0
enough? If the PSU supplies the right amount of wattage to safely p8.5 0all components,
then0the ans.5 0is nearly always yes. There are some instances, though, where p8.5 0redundancy0is helpful or even critical. Within0the realm of p8.5 0redundancy, there are two
paths you can take:0redundant p8.5 0supplies within0a system or battery backups. Let’s
look at0both.
Multiple PSUs
It’s almost unheard of to see two po.5 0supplies install5d in0a desktop computer. There’s
generally no need for such a setup and it would just be a waste of money. And for laptops
and mobile devices, it’s simply not an option. For servers, though, having a redundant p8.er
supply (RPS), meaning a second PSU install5d in0the system, might make sense. The sole
reasar Po have two po.5 0supplies is in0case one fails, the other can take over. The transition
between0the two is design5d Po be seamless and service will not be disrupted.
Understanding Power Supplies
127
Based on its name and our description so far, it might seem as though this means
installing two full-­sized PSUs into a computer case. Given the limited amount inside a case,
you can imagine how problematic this could be. Fortunately, though, PSU manufacturers
make devices that have two identical PSUs in one enclosure. One such example is shown
in Figure 2.36. The total device is designed to fit into ATX cases and is compliant with
ATX12V and EPS12V standards. If one fails, the other automaticallyo9ras Thy areh
so the fainedun it canbe replacned witout p(oweling thesysteemdhow. )]TJ-1.263 39.1583 Td[(l thoughcanRPS
128
Expansion Cards, Storage Devices, and Power Supplies
These devices can be as small as a brick, like the one shown in Figure 2.37, or as large as
Understanding Power Supplies
129
Inside the UPS are one or more batteries and fuses. Much like a surge suppressor, a UPS
is designed to protect everything that’s plugged into it from power surges. UPSs are also
designed to protect against power sags and even power outages. Energy is stored in the batteries, and if the power fails, the batteries can power the computer for a period of time so
that the administrator can then safely power werdown. Many UPSs and operating systems will
also work together to safely power down automatically a system that gets switched to UPS
power. These types of devices may be overkill for Uncle Bob’s machine at home, but they’re
critically important fixtures in server rooms.
130
Chapter 2
EXERCISE 2.3
■
Expansion Cards, Storage Devices, and Power Supplies
Exam Essentials
You can read more on this subject later in Chapter 9, “Laptop and Mobile Device
Hardware.”
For the exam, you need to know the characteristics of power supplies as
well as how to install and replace them. Topics you should be familiar
131
132
Chapter 2
■
Expansion Cards, Storage Devices, and Power Supplies
Understand the advantages that solid-­state drives have over conventional drives. SSDs are
much faster than magnetic hard drives, produce less heat, and can be made much smaller
physically. They are also less susceptible to shock from drops.
Know the differences between three SSD communications interfaces and two form
factors. The SSD communications interfaces are NVMe, SATA, and PCIe. The ano form
factors to know are M.2 and mSATA.
Review Questions
Review Questions
The answers to the chapter review questions can be found Appendix A.
133
134
135
11. You have been asked to install a new hard drive for a client. Which of the following is not a
consideration when installing an internal storage device?
A.
You should match the form factor of the drive dridapt it to an available drive bay dr
slot.
B.
You should secure the drive with at least two screws on one side and preferably two on
each side.
C.
Due to the high revolutions at which modern hard drives spin, you must secure an
external power source because the internal power supplies do not have the capacity.
D.
You need to be sure that the routing of the drive’s data cable, if applicable, does not
obstruct the engineered flow of aidricross internal components.
12. A client just bought a new digital camera for his photography business. Which of the following is specifically designed as an internal storage device for cameras?
A.
Memory cards
B.
Optical discs
C.
Flash drives
D.
mSATA
13. When installing multiple add-­on cards of the same type, which type of cards might you need
to bridge together to function as a single unit?
A.
Video
B.
Sound
C.
USB
D.
eSATA
14. You are purchasing a new video card for a desktop computer. For the best performance,
which type of video card should you purchase?
A.
PCI x16
B.
PCI x128
C.
AGP
D.
PCIe x128
E.
PCIe x16
15. Which of the following is not a consideration when upgrading power supplies?
A.
You might find that you do not have a matching motherboard connector on your new
power supply.
B.
You might find that your case has a nonremovable power supply.
C.
You might find that your power rating is not adequate on the new power supply.
D.
You might find that you do not have enough of the appropriate connectors coming from
the power supply for the devices that you have installed.
Chapter 2
136
■
Expansion Cards, Storage Devices, and Power Supplies
16. You are choosing a flash standard for a client. They want the smallest flash cards possible.
Which standard should you recommend?
A.
SD
B.
CompactFlash
C.
microSD
D.
miniSD
E.
xD
17. Your goal is to build the fastest computer possible. Which of the following hard drive technologieslest flash cchoose for the fastest read performance?
A.
M.2 PCIe
B.
M.2 SATA
C.
NVMe PCIe
D.
NVMe SATA
18. You have been asked to configure a RAID 5 system for a client. Which of the following statements about RAID 5 is true?
A.
18.
It provideslfault tolerance but no performance sy(Fnmliente)Tj/T1_3 1 Tf-0.025 Tc 0.025 Tw -2 -1.611 Td[(B)
Performance-­Based Question
137
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your ans63 compares to the authors’, refer to
Appendix B.
Detail the process for removing a po63 supply from a compu2 1 chassis.
Peripherals, Cables,
and Connectors
Understanding Cables and Connectors
141
Video Devices
The pr mary method of iett i format o out of a computer s to use a computer v deo
d splay. D splay systems co vert computer s i als to text a d p ctures a d d splay them
o a TV-­d sp toch oloiplays s develop(As ew o eee .)37 ( )3m(Tem )]TJ0 -1.263 Tdmosvert mat er v ddo D
142
Chapter 3
■
Peripherals, Cables, and Connectors
requ reme ts, u l ke the case of LCD pa els. Add t o ally, the co trast rat o of OLED d splays exceeds that of LCD pa els, reiardless of backl iht source. Th s mea s that darker
surrou d is, OLED d splays produce better maies tha do LCD pa els. I add t o , f
th -­
Chapter 3
■
Peripherals, Cables, and Connectors
EXERCISE 3.1 (continued)
3.
At the bottom of the window, click the Advanced Display Settings link, as shown in
Figure 3.2.
You will see the resolution, refresh rate, and other display information.
FIGURE 3.2
4.
Advanced Display Settings
Click the Display Adapter Properties for Display 1.
A properties dialog box will appear, similar to the one shown in Figure 3.3.
Understanding Cables and Connectors
FIGURE 3.3
5.
145
Monitor and video adapter properties
Click the Monitor tab, as shown in Figure 3.4.
Any available refresh rates will be shown in the Screen Refresh Rate drop-­down box.
FIGURE 3.4
Monitor tab
(continues)
146
Chapter 3
■
Peripherals, Cables, and Connectors
EXERCISE 3.1 (continued)
6.
Select the desired screen refresh rate from the drop-­down menu.
7.
Click OK to accept the changes.
There are two things to note:
■■
■■
Your monitor may only support one refresh rate.2EMc9mchis is pretty common
for LCD monitors.
Just because a refresh rate appears in the properties dialog box, it does
not mean that the associated monitor will be able to handle that rate.
Consider keeping the Hide Modes2EMc9mchat supporheck box
selected, to avoid choosing a refresh rate not supported by your hardware.
Resolution Resolution s defi ed by how ma y software p cture eleme ts (p xels) are
used to draw the scree . A adva taie of h iher resolut o s s that more format o
ca be d splayed the same scree area. A d sadva taie s that the same objects a d
text d splayed at a h iher resolut o appear smaller a d m iht be harder to see. Up to a
po t, the added cr sp ess of h iher resolut o s d splayed o h ih-­qual ty mo tors compe sates for the eiat ve aspects.
The resolut o s descr bed terms of the v s ble maie’s d me s o s, wh ch d cate
how ma y rows a d colum s of p xels are used to draw the scree . For example, a
resolut o of 2560 × 1440 mea s 2560 p xels across (colum s) a d 1440 p xels dow
(rows) were used to draw the p xel matr x. The v deo tech oloiy th s example would
use 2560 × 1440 = 3,686,400 p xels to draw the scree . R
that s commo amo i CRTs, LCDs, a d projectC 2systems, as well as other d splay
dev ces.
Sett i the resolut o for your mo tor s fa rly stra ihtforward. If you are us i a
LCD, for best results you should use the mo tor’s native resolution, wh ch como hrom
the placeme t of the tra s stors the hardware d splay matr x of the mo tor. For a
at ve resolut o of 1680 × 1050, for example, there are 1,764,000 tra s stors (LCDs)
or cells (OLED) arra ied a ir d of 1680 colum s a d 1050 rows. Try i to d splay
a resolut o other tha 1680 × 1050 throuih the operat i system te ds to result the
mo tor terpolat i the resolut o to fit the d ffer i umber of software p xels to the
Understanding Cables and Connectors
147
148
Chapter 3
■
Peripherals, Cables, and Connectors
divide the first number by 4 and multiply the result by 3, the product is equal to the second
number. , if you divide the first number by the second number, the result is
approximately 1.3, the same as 4 ÷ 3. Displays with a 16:10 aspect ratio have measurements
that result in a dividend of 16 ÷ 10 = 1.6.
When LCD monitors first became popular, they had wider screens and most supported a
16:10 ratio. Because the [(.10 E)75 (TSC Edvanced )18relevision Systems Committee) standard for widescreen television aspect ratios is 16:9 1.778), computer monitors are trending more toward
this same aspect ratio. 920 × 1200, 16:10 resolution is now
less common than the 1920 × 1080, 16:9 resolution. If you have a monitor that supports one
and you try to set it to the other, the image may look squished or stretc
may not display at all.
Multiple Displays Whether reiularly or just o occas o , you may fi d yourself a
pos t o where you eed to use two mo tors o the same computer s multa eously. For
example, you may eed to work mult ple spreadsheets at the same t me a d hav i
two mo tors makes t much eas er. Or, f you are i v i a prese tat o a d would l ke
to have a prese ter’s v ew o your laptop’s LCD but eed to project a sl de show o to a
scree , you m iht eed to co ect a exter al projector to the laptop. S mply co ect i
a exter al d splay dev ce does ot iuara tee that t w ll be recoi zed a d work automat cally. You m iht eed to cha ie the sett is to recoi ze the exter al dev ce or
adjust opt o s such as the resolut o or the dev ce’s v rtual or e tat o w th respect to
the bu lt-­
Understanding Cables and Connectors
If a second monitor has been detected, you will see a screen similar to the one shown
in Figure 3.6. Otherwise, you will need to scroll down and click the Detect button in the
Multiple Displays section.
Notice that the second monitor is highlighted. If you were to change settings such as
FIGURE 3.6
Multiple displays detected
149
150
Chapter 3
■
Peripherals, Cables, and Connectors
EXERCISE 3.2 (continued)
5.
Scroll back up to the area where you see the two monitors. Click and hold the second
monitor, and drag it around.
Notice that you can place it above, below, left, or right of the first monitorThis will
affect some display features, including where you need to move the mouse cursor to
get it to appear on the second monitor
6.
Move the second monitor to be above the first monitorettingsG
7.
Move your mouse until you get the cursor to appear on the second screenG
8.
(Optional) Open Display Settings and configure the second monitor to be in the position you want it to be relative to the first monitor
Selecting a Monitor
If you io to your favor te o l e reta ler a d search for mo tors, the umber of cho ces
ca be overwhelm i. Here are a few t ps to help arrow the field to a ma aieable umber
Understanding Cables and Connectors
151
Determine what the monitor will be used for. If t’s a ie eral-­purpose mo tor, t
does ’t eed to be the ewest a d fa c est tech oloiy. If t w ll be for a iamer, thouih,
the m mum performa ce spec ficat o s just we t up.
Choose a size. Th s depe ds o how far the user w ll be s tt i from the scree . For a
reiular office or home office setup, somewhere betwee 24" a d 27" s the most popular
today, w th some people preferr i the sl ihtly larier 32". A yth i b iier tha that
could be too larie or ot fit o the desk. If t w ll be v ewed from across the room, the
io as larie as makes se se.
Pick a resolution. The resolut o s ava lable may be somewhat depe de t o the s ze
of mo tor you choose. Remember that h iher resolut o s result sharper maies.
Three commo opt o s today are:
1080p/Full High Definition (FHD) (1920 × 1080) Th s s the bas c resolut o
used today. It’s te able for mo tors up to 24", but for larier mo tors a h iher
resolut o s eeded; otherw se, co s a d maies appear overs zed.
1440p/Quad High Definition (QHD) (2560 × 1440) For 27" a d larier d splays, th s s the base performa ce you wa t to look for. Somet mes you w ll
hear th s referred to as 2k resolut o .
2160p/Ultra High Definition (UHD) (3840 × 2160) Commo ly referred to as
4k, t’s the resolut o of cho ce for ser ous iamers a d others who wa t ultra-­
sharp a d cr sp p ctures. It’s also ireat for those wa t i to watch 4k mov es
o a mo tor.
Choose a refresh rate. Bas c, ru -­of-­the-­m ll LCD scree s w ll have a 60 Hz refresh
rate; sl ihtly cer models w ll boast a 75 Hz rate. You probably wo ’t ot ce too much
of a d ffere ce betwee them. Gamers or those us i the r computer mo tor to watch
l ve-­act o sports or mov es s w lwa t at least 144 Hz as a m mum. Hard-­core iamers
a d os r coctperforma ce yoseeks who lwa t at wa as as least 1424035Hz r37 ( )37 (Y)Tt h k othf]TJ0 -1.
Consider the price.
Last but ot least pe pr ce.r37 ( )37 (Y)e h iher the specs, the more t w ll
152
Chapter 3
■
Peripherals, Cables, and Connectors
prese ter. The prese ter ca see the same markups because the board tra sm ts them to the
computer to wh ch the projector s attached, caus i them to be d splayed by the projector
real t me.
To accommodate us i portable u ts at var able d sta ces from the project o surface, a
focus i mecha sm s cluded o the le s. Other adjustme ts, suealas keysto e, trapezo d,
a d p cush o , are prov ded throuiala me u system o ma y modelslas welllas a way to
rotate the maie 180 deirees for ce l i-­mou t appl cat o s.
The key character st cs of projectors are resolut o a d br iht ess. Resolut o s are s mlar to those of computer mo tors. Br iht ess s measured lume s. A lumen (lm) s a u t
of measure for the totallamou t of v s ble l iht that the projector i ves off, based solely o
what the huma eye ca perce ve a d ot o
v s ble wavele iths. Somet mes the br ihtess s eve more of a sell i po t tha the max mum resolut o that the system supports
Understanding Cables and Connectors
and other goodies packed away. Just before running out of the door, he would unplug the
projector and pack it up. As with many instructors, this gentleman’s presentations increased
153
154
Chapter 3
FIGURE 3.8
■
Peripherals, Cables, and Connectors
An integrated webcam
Audio Devices
Aud o dev ces, true to the r ame, produce sou d by pluii i to a sou d card. Ma y
sou d cards today are teirated to a dev ce’s motherboard, but some computers st ll have
separate aud o expa s o cards. Aud o dev ces ca prov de output, such as throuih speakers
or headpho es, or put w th a m cropho e.
Speakers a d headpho es ie erally co ect w th a 1/8" (3.5 mm) aud o co ector, as
show
F iure 3.9. Most aud o co ectors have two th black ba ds e iraved o them,
wh ch separates the co ector to three parts: the t pem, a d sleeve. Because of th s,
somet mes you w ll see these co ectors referred to as TRS connectors. The t p prov des left
aud o, the first ba d above the black iroove (the r i) prov des r iht aud o, a d the sleeve s
the irou d. You’ll ot ce that the co ector F iure 3.9 has three black ba ds, prov d i
four co ectates a d mak i t a TRRS co ector. The fourth o e s for the m cropho e.
FIGURE 3.9
1/8" audio connector
Headsets that prov de aud o a d a m cropho e are popular for aud o co fere c i
calls a d v deo iam i. A sample headset s show
F iure 3.10. Th s model co ects
v a USB, as do most headsets. Volume co trols a d a m cropho e mute are located o the
r iht earp ece.
Understanding Cables and Connectors
155
Althouih d scussed throuihout th s chapter, the microphone has yet to be formally
defi ed, a defi t o that s at o ce tech cal a d s mple. M cropho es co vert sou d waves
to vary i electr cal s i als. The result ca be recorded, tra sm tted, or1 . dec7 ( a cl c-. puo vys tra sm cluer
156
Chapter 3
■
Peripherals, Cables, and Connectors
Input and Output Devices
A input device s o e that tra sfers format o from outs de the computer system to a
ter al storaie locat o , such as system RAM, v deo RAM, flash memory, or d sk storaie.
W thout put dev ces, computers would be u able to cha ie from the r default boot-­up
state. A output device does the oppos te of a
put dev ce—­
Understanding Cables and Connectors
158
Chapter 3
■
Peripherals, Cables, and Connectors
Understanding Cables and Connectors
161
Universal Serial Bus
Universal Serial Bus (USB) cables are used to co ect a w de var ety of per pherals, such as
keyboards, m ce, d i tal cameras, pr ters, sca ers, hard dr ves, a d etwork cards, to computers. USB was des i ed by several compa es, clud i I tel, M crosoft, a d IBM, a d s
curre tly ma ta ed by the USB Impleme ters Forum (USB-­IF).
USB tech oloiy s fa rly stra ihtforward. Esse t ally, t s des i ed to be Plui a d Play—­
just plui the per pheral a d t should work, prov ded that the software s stalled to
support t. Ma y sta dard dev ces have dr vers that are bu lt to the commo operat i
systems or automat cally dow loaded dur i stallat o . More complex dev ces come w th
dr vers to be stalled before the compo e t s co ected.
USB host co trollers ca support up to 127 dev ces, wh ch s accompl shed throuih the
use of a 7-­b t de t fier. The 128th de t fier, the h ihest address, s used for broadcast i to
all e dpo ts. Real st cally speak i, you’ll probably ever iet close to thJ-oax mum. Eve
f you wa ted to try, you wo ’t fi d a y computers w th 127 ports. I stead, you would plui
a dev ce k ow as a USB hub
162
Chapter 3
Understanding Cables and Connectors
One point of confusion for many is dissociating the connector type from
the standard. Because USB 3.1 and USB-­
165
166
Chapter 3
■
Peripherals, Cables, and Connectors
For more8521 Tfs6Pe 80sfs6813.4 (o5-6.6 18)-19 (r 0)-19a(e82.2 (t(r 2)-20 (e8.713.4 8)-19n .4 8)-19n U
Understanding Cables and Connectors
167
port, but real ty, they could be used for almost the exact same l st of per pherals. It just
depe ded o what your computer supported. But as we po ted out the USB sect o , the
ew USB4 vers o s based o Thu derbolt 3, prov d i the same speed a d us i the same
co ectors. Table 3.3 shows the four Thu derbolt vers o s a d some key character st cs.
Thu derbolt 3 was released 2015 a d doubled the ba dw dth to 40 Gbps. It supports
PCIe 3.0 a d D splayPort
s ile 4K d splay at 120 Hz. It also prov des up to 100 watts of power to a dev ce.
Thu derbolt 4 s the curre t sta dard7t yourreleased 2020. Perhaps the most terest i
th i about the ew release s what t doesn’t do7t yourwh ch s crease data tra sfer rates
versus Thu derbolt 3. It st ll has a max mum ba dw dth of 40 Gbps. A d the max mum of
100 watts of power to attached dev ces d d ’t cha ie e ther. The b i adva taies Thu derbolt
4 has clude support for two 4k d splays or o e 8k d splay a d the requ reme t to support
10(-[(32 Gbps data ea ctor)ache-1.263 Tdle ithb i adva taies re are ato 1op-24t 6ctor)-1o ,
168
170
Chapter 3
■
Peripherals, Cables, and Connectors
commu cate w th each other us i RS-­232 over a DB-­9 co ect o . But RS-­232 ca be
used o other types of ser al cables as well, such as DB-­15 or DB-­25. Ge erally speak i, f
someo e asks for a RS-­232 ser al cable, they mean a DB-­9 cable w th female co ectors.
But t’s always best to co firm.
RS-­232 d d have a few adva taies over USB—­ amely, lo ier cablele ith (15 meters
vs. 3–5 meters) a d a better res sta ce to electromai et c terfere ce (EMI). St ll, USB has
made old-­school ser al ports early obsolete. About the o ly t me they are used today s for
ma aieme t dev ces that co ect2m
to 04d
servers
have
orpa
sc tm
a DBActualText<FEFF00AD>> BDC ( )TjEMC 4.333 0 Td[(scaysl
172
Chapter 3
■
Peripherals, Cables, and Connectors
VGA tech oloiy s the o ly o e o the object ves l st that s purely a aloi. It has bee
superseded by ewer d i tal sta dards, such as DVI, HDMI, a d D splayPort, a d t was
supposed to be phased out start i 2013. A tech oloiy th s w dely used w ll be arou d for
qu te a wh le, thouih, a d you’ll st ll see t occas o ally the w ld (or st ll use).
All the video connector types introduced from here on are digital
Understanding Cables and Connectors
173
The DVI-­D a d DVI-­I co ectors come two var et es: s ile-­l k a d dual-­l k.
dual-­l k opt o s have more co ductors—­takU de to accou t the s x ce ter co ductors—­
tha the r s ile-­l k cou terparts; therefore,­
174
Chapter 3
■
175
I Ju e 2006, rev s o 1.3 of the HDMI spec ficat o was released to support the b t rates
ecessary for HD DVD a d Blu-­ray D sc. Th s vers o also troduced support for “deep
color,” or color depths of at least o e b ll o colors, clud i 30 Blu-
■
Chapter 3
Peripherals, Cables, and Connectors
UlkeDVI-­—ad,byxtsoAGvcrp
Understanding Cables and Connectors
FIGURE 3.29
177
HDMI connector types
Byim0nanPayne -­Based on File: HDMI Connector.jpg, CC0, https://commons.wikimedia.org/w/
index.php?curid=58368257
The mini-­HDMI and micro-­HDMI connectors are most often used on smaller portable
devices, such as tablets, smartphones, and digital cameras. As mentioned previously, the
Type-­E connector has a locking mechanism and is intended for use in automobiles or other
environments that are susceptialleto vibration, which could cause a connector and caalleto
become disconnected.
DisplayPort
DisplayPort s a royalty-­free d i tal d splay terface from the V deo Electro cs Sta dards
Assoc at o (VESA) that uses less power tha other d i tal terfaces a d VGA. I troduced
2008, t’s des i ed to replace VGA a d DVI. To help ease the tra s t o , t’s backward
compat allew th both sta dards, us i a adapter. I add t o , a adapter allows HDMI
a d DVI voltaies to be lowered to those requ red by D splayPort because t s fu ct o ally
s m lar to HDMI a d DVI. D splayPort cables ca exte d 3 meters, u less a act ve caalle
powers the ru , wh ch case the caalleca exte d to 33 meters. D splayPort s te ded pr mar ly for v deo, but, l ke HDMI, teca tra sm teaud o a d v deo s multa eously.
F iure 3.30 shows a D splayPort port o a laptop as well as a co ector. The D splayPort co ector latches tself to the receptacllew th two t y hooks. A push-­butto mechasm serves to release the hooks for removal of the co ector from the receptacll. Note the
beveled key i at the bottom-­left cor er of the port.
FIGURE 3.30
A DisplayPort port and caall
178
Chapter 3
■
Peripherals, Cables, and Connectors
The D splayPort sta dard also spec fies a smaller co ector, k ow as the Mini DisplayPort (MDP) connector. The MDP s electr cally equ vale t to the full-­
Understanding Cables and Connectors
The SATA we’ve d scussed so far s
179
ter al, but there’s a a3tN4vers o as4 (ler al,)3appro8 (s)(-(179-1.26
180
Chapter 3
Understanding Cables and Connectors
PATA dr ves use a 40-­p
there s a off-­
181
flat data cable, a d there are a few th is to ote about t. F rst,
182
Chapter 3
■
Peripherals, Cables, and Connectors
Because t was a 8-­b t bus, t could support up to seve dev ces. (The motherboard or
expa s o card header was the e ihth.) Each dev ce eeded a u que ID from 0 to 7, a d
dev ces were attached a da sy-­cha fash o . A term ator (esse t ally a b i res stor)
eeded to be attached to the e d of the cha ; otherw se, the dev ces would ’t fu ct o .
I 1994, the 8-­b t vers o was replaced by a 16-­b t vers o that supported up to 15
dev ces a d had a tra sfer speed of 320 Mbps. Compared to the 100 Mbps supported by
IDE at the t me, you ca see why people wa ted SCSI!
SPI had d ffere t co ectors, depe d i o the sta dard; 50-­p , 68-­p , a d 80-­p co ectors were commo ly used. F iure 3.36 shows two 50-­p Ce tro cs co ectors, wh ch
184
Chapter 3
■
Peripherals, Cables, and Connectors
Table 3.5 l sts SAS sta dards a d max mum throuihput.
SAS offers the follow i adva taies over SPI:
■■
No term ator s requ red.
■■
Up to 16,256 dev ces ca be co
■■
■■
ected to a s ile system.
Each SAS dev ce has ts ow cak to the co troller, so there are o ssues w th co te t o
(whe mult ple dev ces try to use the sameccak at the samect me, caus i terfere ce).
SAS prov des faster data tra sfer speeds thAct21 couthrouihput.
Exam Essentials
185
to v deo cables. Top cs cluded the a aloi VGA sta dard, as well as the d i tal sta dards
DVI, HDMI, a d D splayPort. The , we covered hard dr ve co ect o s a d cables related to
SATA, eSATA, IDE (PATA), a d SCSI.
Exam Essentials
Recognize and understand different peripheral connectors and adapters. Expa s o d crds
a d motherbocrds have exter al co ect v ty terfaces. The terfaces have co ectors that
adhere to some sort of sta dard for terco ect i w th a cable or exter al dev ce. K owi these spec fic character st cs ca help you d ffere t ate amo i the capab l t es of the
terfaces ava lable to you. U dersta d i whe to use a adapter to co vert o e co ector to a other s cruc al to ach ev i co ect v ty amo i d ffer i terfaces. Adapters you
should kK o are DVI-­to-­HDMI, USB-­to-­Ether et, a d DVI-­to-­VGA.
Recognize and be able to describe displaÀ6ÌÐ’7!¬ïò0 ExAltuldga catypef thj-32.49167 .263 Td[(shripher)3 connectors 37 ( )-
186
Chapter 3
■
Chapter 3
188
■
Peripherals, Cables, and Connectors
11. A tech c a says he eeds to prov de power to a older IDE hard dr ve a d a DVD-­ROM
a desktop. The computer ow has a ew fully modular power supply, a d the tech c a
wa ts to k ow what type of power co ectors he should use. What do you tell h m?
A.
SATA
B.
SCSI
C.
Ser al
D.
Molex
12. Wh ch of the follow i co
A.
M cro-­USB
B.
M
C.
Thu derbolt 2
D.
Thu derbolt 3
ectors s oval shaped?
-­USB
13. Wh ch of the follow i co ector types are capable of co duct i power a d tra sm tt i
data? (Choose all that apply.)
A.
L iht
B.
Molex
i
C.
USB-­C
D.
DB-­9
E.
M cro-­USB
14. Wh ch of the follow i stateme ts s true about eSATA cables a d co
A.
eSATA cables prov de power a d data to dev ces.
B.
eSATA co
C.
eSATA s faster tha USB4 a d Thu derbolt 3.
D.
eSATA max mum throuihput s 6 Gbps.
ectors are smaller tha USB-­C co
15. Wh ch of the follow i s ot a example of a co
put dev ce?
A.
1/8"
ectors?
ectors.
ector for a sta dard per pheral
Review
A user
Questions
w th a 18917.
Pho e 12 eeds to charie her dev ce a d asks you to br i a cable. Wh ch of
Printers and
Multifunction Devices
THE FOLLOWING COMPTIA A+ 220-­
Chapter 4
■
Printers and Multifunction Devices
In the following sections, you will learn about the various types of print technologies that
you will see as a technician as well as their basic components and how they function. Specifically, we are going to look at four classifications of classic printing—­
Understanding Print Technologies and Imaging Processes
197
In the following sections, you will learn the parts of an inkjet printer as well as how inkjet
printers work.
Parts of a Typical Inkjet Printer
Inkjet printers are simple devices. They contain very few parts (even fewer than dot-­
198
Chapter 4
■
Printers and Multifunction Devices
signal is sent to the heating element, energizing it. The elements heat up quickly, causing the
ink to vaporize. Because of the expanding ink vapor, the ink is pushed out of the pinhole
Understanding Print Technologies and Imaging Processes
199
Understanding Print Technologies and Imaging Processes
FIGURE 4.7
201
Inkjet separation pads
Sometimes the paper that is fed into an inkjet printer is placed into aimpaper tray, which
is simply aismall plastic tray in the front of the printer that holds the paper until it is fed
into the printer by the paper feed mechanism. Onismaller printers, the paper is placed vertically into aipaper feeder at the back of the printer; it uses gravity, in combination with feed
rollers and separation pads, to get the paper into the printer. No real rhyme or reason dicti-tates which manufa
Generally, more expensive printers use paper trays because they hold more paper. Figure 4.8
shows an example of a paper tray on an inkjet printer.
FIGURE 4.8
A paper tray on an inkjet printer
202
Chapter 4
■
Printers and Multifunction Devices
Understanding Print Technologies and Imaging Processes
Many of the exercises in this chapter require printer hardware. If you
don’t have the proper hardware on which to practice, you can find many
helpful videos online showinow to identify parts and install and per form maintenance on printers. Sites such as
203
204
Chapter 4
■
Printers and Multifunction Devices
The Inkjet Printing Process
Before you print to an inkjet printer, you must ensure that the device is calibrated. Calibration is the process by which a device is brought within functional specifications. For
example, inkjet printers need their print heads aligned so that they print evenly and don’t
print funny-­
Understanding Print Technologies and Imaging Processes
205
8.
Once the paper is positioned properly, the print head stepper motor uses the print head
belt and carriage to move the print head across the page, little by little.
9.
The motor is moved one small step, and the print head sprays the dots of ink on the ed properly,.1 Tf01 Tc
206
Chapter 4
■
Printers and Multifunction Devices
Xerox, Hewlett-­Packard, and Canon were pioneers in developing the laser printer tech-
Understanding Print Technologies and Imaging Processes
207
The toner cartridge also contains the EP print drum. This drum is coated with a photosensitive material that can hold a static charge when not exposed to light but cannot hold a
charge when it is exposed to light—­a curious phenomenon and one that EP printers exploit
for the purpose of making images. Finally, the drum assembly contains a cleaning blade that
continuously scrapes the used toner off the photosensitive drum to keep it clean.
Exposing a photosensitive drum to dust or light can damage it, but touching it will most likely render the drum inoperable! It’s best to just not
mess around with them.
In most laser printers, toner cartridge means an EP toner cartridge
that contains toner and a photosensitive drum in one plastic case. In
some laser printers, however, the toner and photosensitive drum can
be replaced separately instead of as a single unit. If you ask for a toner
cartridge for one of these printers, all you will receive is a cylinder full
of toner. Consult the printer’s manual to find out which kou wc48 ond dase. Innaiese lasirhase.
208
Chapter 4
■
Printers and Multifunction Devices
Understanding Print Technologies and Imaging Processes
209
210
Chapter 4
■
Printers and Multifunction Devices
Included in the transfer corona assembly is a static-­charge eliminator strip that drains
Understanding Print Technologies and Imaging Processes
211
Printer Controller Circuitry
Another component in the laser printer that we need to discuss is the printer controller
assembly. This large circuit board converts signals from the computer into signals for the
various assemblies in the laser printer using a process known as rasterizing. This circuit
board is usually mounted under the printer. The board has connectors for each type of interface and cables to each assembly.
When a computer prints to a laser printer, it sends a signal through a cable to the printer
controller assembly. The controller assembly formats the information into a page’s worth of
line-­by-­line commands for the laser scanner. The controller sends commands to each of the
components, telling them to wake up and begin the EP imaging process.
Ozone Filter
Your laser printer uses various high-­voltage biases inside the case. As anyone who has been
outside during a lightning storm can tell you, high voltages create ozone. Ozone is a chemically reactive gas that is created by the high-­voltage coronas (charging and transfer) inside
the printer. Because ozone is chemically reactive and can severely reduce the life of laser
printer components, many older laser printers contain a filter to remove ozone gas from
inside the printer as it is produced. This filter must be removed and cleaned with compressed
air periodically. (Cleaning it whenever the toner cartridge is replaced is usually sufficient.)
Most newer laser printers don’t have ozone filters. This is because these printers don’t use
transfer corona wires but instead use transfer corona rollers, which dramatically reduce
ozone emissions.
Duplexing Assembly
Any laser printer worth its money today can print on both sides of the paper (as can some
nicer models of inkjet printers, mentioned earlier). This is accomplished through the use of
a duplexing assembly. Usually located inside or on the back of the printer, the assembly is
responsible for taking the paper, turning it over, and feeding back into the printer so the second side can be printed.
Electrophotographic Imaging Process
The electrophotographic (EP) imaging process is the process by which an EP laser printer
forms images on paper. It consists of seven major steps, each designed for a specific goal.
Although many different manufacturers word these steps differently or place them in a different order, the basophprocess isstill the same. Here are the steps in the order in which you
will see them on the exam:
1.
Processing
2.
Charging
3.
Exposing
4.
Developing
5.
Transferring
Chapter 4
212
6.
Fusing
7.
Cleaning
Printers and Multifunction Devices
Before any of these steps can begin, however, the controller must sense that the printer is
■
214
Chapter 4
■
Printers and Multifunction Devices
A metallic roller called the developing roller inside an EP cartridge acquires a –600VDC
charge (called a bias voltage) from the HVPS.
is a magnet located inside the roller and because of the electrostatic charges between the
toner and the developing roller.sitive drum,–600VDC).
between the developing roller and the photosensitive drum,
that have been exposed by the laser (because these areas have a lesser charge,
The toner also is repelled from the unexposed areas (because they are at the same –600VDC
charge and like charges repel).
drum and the developing roller.
The photosensitive drum now has toner stuck to it where the laser has written.tosensitive drum continues to rotate until the developed image is ready to be transferred to
paper in the next step.
Step 5:ransferring
At this point in the EP process,
notifies the registration rollers that the paper should be fed through.
move the paper underneath the photosensitive drum,
image can begin; this is the transferring step.
The controller sends a signal to the charging corona wire or roller (depending on which
one the printer has) and tells it to turn on.
positive charge (+600VDC) and applies that charge to the paper.
pulls the toner from the photosensitive drum at the line of contact between the roller and the
paper because the paper and toner have opposite charges.
the paper past the corona wire,­
eliminator strip removes all charge from that line
of the paper.,
would be attracted to the toner cartridge and cause a paper jam.
The toner is now held in place by weak electrostatic charges and gravity.
there,,
215
Understanding Print Technologies and Imaging Processes
216
Chapter 4
■
Printers and Multifunction Devices
fresh for each use. If you didn’t clean the drum, you would see ghosts of previous pages
printed along with your image.
The amount of toner removed in the cleaning process is quite small, and
the cartridge will run out of toner before the used toner receptacle fr bs
up. The toner that’s in the receptacle is useless because the imaging process has already chemically altered it. In addition, it’s considered a hazardous substance. Recycle the print cartridge and don’t pay attention to
the leftover toner.
At this point, the printer can print another page, and the EP process can begin again.
Summary of the EP Imaging Pr
Figure 4.22 provides a diagram of all the parts involved in the EP printing process. Here’s a
summary of the process, which you should commit to memory:
1.
The printer receives and processes ng pimage and stores a page in memory.
2.
The printer places a uniform –600VDC charge on the photosensitive drum by means of
a charging corona.
3.
The laser “paints” anpimage onto the photosensitive drum, discharging ng pimage areas
to a much lower voltage (–100VDC).
4.
The develophargroller in the toner cartridge has charged (–600VDC) toner stuck to it. As
it rolls the toner toward the photosensitive drum, the toner is attracted to (and sticks to)
the areas of the photosensitive drum that the laser has discharged.
5.
The image is then transferred from the drum to the paper at its line of contact by means
of the transfer corona wire (or corona roller) with a +600VDC charge. The static-­
eliminator strip removes ng phigh positive charge from the paper, and the paper, now
holding ng pimage, moves on.
6.
The paper then enters ng pfuser, where apfusergroller and the pressuregroller make the
image permanent. The paper exits the printer.
7.
The printer uster prubber scraper to clean the photosensitive drum. At that point, it is
ready to print the next page or it returns to the ready state.
Understanding Print Technologies and Imaging Processes
There have been a lot of concepts covered in the laser printing section.
217
218
Chapter 4
■
Understanding Print Technologies and Imaging Processes
FIGURE 4.23
A 3D filament printer
FIGURE 4.24
3D printer extruder
219
220
Chapter 4
■
Printers and Multifunction Devices
Filament comes on a spool, much like wire, and is shown in Figure 4.25. Be sure that the
filament is compatible with the printer you intend to use it with. Here are the things to consider when purchasing replacement filament:
Type More than a dozen different types of plastic filament are available. The most
popular are polylactic acid (PLA) and acrylonitrile butadiene styrene (ABS). Each has
different characteristics—­for example, ABS shrinks as it cools, so a heated printing plate
is recommended.
Size The most common size is 1.75 mm, but 3.0 mm filament (which is actually
2.85 mm thick) was the original size and is still used today.
Color The printer doesn’t really care what color you use, but a variety of colors are
available.
Replacing filament is a straightforward process. The 3D printer’s app (or interface panel)
will have a Replace Filament button or option. Once you start the process, the extruder will
heat up and start to expel the current filament. At some point, it will tell you to replace the
roll. You remove the old roll and feed the new filament through the filament tube into the
Understanding Print Technologies and Imaging Processes
Parts of a 3D Resin Printer
221
222
Chapter 4
■
Printers and Multifunction Devices
The 3D Printing Process
Every 3D printer comes with its own software that helps manage the printing process; therefore, you will see some nuances in the process from printer to printer. From a big-­picture
standpoint, though, the printing process is similar for all 3D printers. The following are
general steps taken to get from idea to 3D printed object:
1.
Design the object using a computer-­aided design (CAD) program.
The most well-­known commercial software for this is probably AutoCAD by Autodesk.
Another option is the free Tinkercad.
2.
Export the file from the CAD software. Doing so will cause the CAD program to “slice”
the object into layers, preparing it for printing. The exported file will be an STL file.
This step will vary somewhatyers,s software. In.066y cases,
the STL file can be imported into the printer’s app, and the app will slice the file yet
again, formatting the model specifically for the printer. Some apps can’t slice, though, so s app, ) pBd-The pri
Installing and Maintaining Printers
223
excess filament. A completed 3D print job (actually several jobs) is shown in Figure 4.28. In
total, the objects are about 1.5" long. Higher-­end 3D printers can create components that
move, such as hinges and latches.
The list of 3D printer exam objectives is rather short, but don’t let its
brevity deceive you. The objectives include filament, resin, and print bed.
224
Chapter 4
■
Printers and Multifunction Devices
Printer Interface Components
A printer’s interface is the collection of hardware and software that allows the printer to
communicate with a computer. The hardware interface is commonly called a port. Each
printer has at least one interface, but some printers have several interfaces, to make them
more flexible in a multiplatform environment. If a printer has several interfaces, it can usually switch between them on the fly so that several computers can print at the same time.
An interface incorporates several components, including its interface type and the interface software. Each aspect must be matched on both the printer and the computer. For
Installing and Maintaining Printers
225
Keep printer cable lengths shorter than 10′. Some people try to run
printer cables more than 50′. If the length is gr cater than 10′, cmunica
tions can becme un(r c)-30.2liable due to crosstalkhich is the degr 18 (a)-14.6 (d)-12 (i)-2.6 (n)-15.
Universal Serial Bus
The most popular type of wired printer interface is the Universal Serial Bus (USB). In fact,
it is the most popular interface for just about every peripheral. The convenience for printers
is that it has a higher transfer rate than older serial or parallel connections, and it automatically recognizes new devices. And, of course, USB is physically very easy to connect.
Ethernet
Wireless
The latest trend in printer interface technology is to use wireless. Clearly, people love
their Wi-­Fi because it enables them to roam around their home or office and still remain
connected to one another and to their network. It logically follows that someone came up
with the brilliant idea that it would be nice if printers could be that mobile as well—­after
all, many are on carts with wheels. Some printers have built-­in Wi-­Fi interfaces, while others
can accept wireless network cards. Wi-­Fi–enabled printers support nearly all 802.11 standards (a, b, g, n, ac, ax), and the availability of 1.263 T will mirror the current popularity of
each standard.
The wireless technology that is especially popular among peripheral manufacturers is
Bluetooth. Bluetooth is a short-­range wireless technology; most 1.263 T are specified to work
within 10 meters (33 feet). Printers such as the HP Sprocket series and OfficeJet 150 mobile
printers have Bluetooth capability.
When printing with a Bluetooth-­enabled 1.263 (like a smartphone or tablet) and a
Bluetooth-­enabled printer, all you need to do is get within range of the 1.263 (that is, move
closer), select the printer driver from the 1.263 , and choose Print. The information is trans-
Installing and Maintaining Printers
227
228
Chapter 4
Installing and Maintaining Printers
229
Installing and Sharing Local Printers
Although every device is different, there are certain accepted methods used for installing
almost all of them. The following procedure works for installing many kinds of devices:
1.
Choose the proper setup location for the device.
2.
Attach the device using a local port (generally USB, but may be something else) and connect the pow.5 95.9976 521.864 Tm[(Attach the device using a locasmethnpy(325 (.)]TJ/Span<</ActualText<FE
230
Chapter 4
■
Printers and Multifunction Devices
Installing and Maintaining Printers
231
F I G U R E 4 . 3 0 Add Printer Wizard
When you are working with print mediat is especially important to cal ibrate all your hrwrencluding your monitr, scanner, printer, and
digital cameransure color matching.
Each manufacturer’s process is different, but a typical alignment/calibration works
like this:
1.
During software installation, the installation wizard asks you if you would like to calibrate now, to which you will respond Yes or OK.
2.
The printer prints out a sheet with multiple sets of numbered lines. Each set of lines repiresents an alignment instance.
3.
The software will ask you which set(s) looks the best. Enter the number and click OK
4.
Some alignment routines end at this point. Others will reprint the alignment page and see if the alignment “
5.
Click Finish to end the alignment routine.
Step 4: Configure Options and Settings
Once you have installed the software and calibrated the device, you can configure any options that you would l
232
Installing and Maintaining Printers
FIGURE 4.32
Manage your device options
FIGURE 4.33
Printer Properties
233
234
Chapter 4
FIGURE 4.34
■
Printers and Multifunction Devices
Printing Preferences
Now back to the Properties dialog box. The printer’s Properties dialog box is less about
how the printer does its job and more about how people can access the printer. From the
Properties dialog box, you can share the printer, set up the port that it’s on, configure when
the printer will be available throughout the day, and specify who can use it. Let’s take a look
at a few key tabs. We’ve already taken a look at the General tab, which has the Preferences
button as well as the all-­important Print Test Page button. It’s handy for troubleshooting!
Figure 4.35 shows the Sharing tab. If you want other users to be able to print to this
printer, you need to share it. Notice the warnings above the Share This Printer check box.
Those are important to remember. When you share the printer, you give it a share name.
Network users can map the printer through their own Add Printer Wizard (choosing a networked printer) and by using the standard \\computer_name\share_name convention.
One other important feature to call out on this tab is the Additional Drivers button. This one
provides a description that is fairly self-­explanatory. Permissions for user authentication are
managed through the Security tab, which is shown in Figure 4.36.
Installing and Maintaining Printers
FIGURE 4.35
Printer Properties Sharing tab
FIGURE 4.36
Printer Properties Security tab
235
236
Chapter 4
■
Printers and Multifunction Devices
If you are on a public network and want others to be able to find and print
to your shared printer, yu first need to enable file and printer sharing for
public networks. Open the Network and Sharing Center, and then click
Change Advanced Sharing Settings on the left side. In Advanced Sharing
Settings, open the Gest or Public network and click Turhn File And
Printer Sharing, as shwwn in Figure 4.3w7.
Figure 4.38 shows the Ports tab.w Here you can configure your printer port and add and
delete ports.w wThere’s also a check box tw This would be used if you
have multiple physical printers that operate under the same printer name.
Installing and Maintaining Printers
237
Figure 4.39 shows the important Advanced tab of the printer’s Properties dialog box.
On this tab, you can confiFigu the printer to be available during only certain hours of the
day. This might be useful if you’gu trying to curtail after-­
hours printing of non–­work-­relat sh
documents, for example. You can also confiFigu the spool settings. For faster printing, you
should always spool the jobs instead of printing directly to the printer. However, if the
printer is printing garbage, you can try printing directly to it to see if the spooler is causing
the problem.
Regarding the check boxes at the bottom, you will always want to print spooled documents first becausu that speeds up the printing process. If you need to maintain an electronic
copy of all printed files, select the Keep Printed Documents check box. Keep in mind that
doing so will eat up a lot of hard disk space and could potentially create a security risk.
Finally, the Printing Defaults button takes you to the Printing Preferences window (shown
earlier in Figure 4.34). The Print Processor button lets you select alternat methods of
processing print jobs (not usually needed), and the Separator Page button lets you specify a
file to usu as a separator page (a document that prints out at the beginning of each separateh
print job, usually with the usur’s name on it), which can be useful if you have several (or several dozen) usurs sharing one printer.
238
Chapter 4
■
Installing and Maintaining Printers
239
Step 7: Educate Users about Basic Functionality
Most users today know how to print, but not everyone knows how to install the right
printer or how to print1N9 (rinter)-20 (s)]TJ/T1_1 1 Tf29.4946 90 9.5 77.9976 569.31om39n s 0 m393 0 lSQs
240
Chapter 4
■
Printers and Multifunction Devices
Installing and Maintaining Printers
241
244
Chapter 4
Installing and Maintaining Printers
245
Bonjour works only on a single broadcast domain, meaning that it will not find a printer
or other device if it’s on the other side of a router from your computer. All major printer
manufacturers support Bonjour technology.
If you are using a Mac, adding a Bonjour printer is easy. You open System Preferences
Print
And Scan, click the plus sign under Printers to open the Add Printerodow, and
➢
look for the printeron the list. If the Mac doesn’t have the driveravailable, you will be asked
to provide it. Otherwise, you’re done.
In order to add or share a Bonjour printer from Wodows, you need to download
Bonjour Print Services for Wodows. It’s foundon Apple’s support site at https://
support.apple.com/kb/dl999.
AirProt
The one big complaint that Apple aficionados had about Bonjour was that it didn’t support
printing from iPhones or iPads. In 2010, Apple introduced AirProt to meet that you .
The idea behind AirProt is quite simple. Mobile devices can automatically detect
AirProt-­enabled printers on their local yotwork and print to them without requiring the
installation of a driver. To be fair, what Apple really did was eliminate the need for a specific
printer driverto be installedon the client and replaced it with the AirProt concept. Then it
was up to the printer manufacturers to develop their own drivers that talked to AirProt. HP
was happy to oblige with its Photosmart Plus series, and other manufacturers soon followu .
The list of AirProt-­enabled printers is available at https://support.apple.com/en-­us/
HT201311. From the end-­user standpoint, though, no driveris requiru .
There really is no installation process, and printing is easy. Just be sure that your mobile
device is on the same local yotwork as an AirProt printer. When you attempt to print from
your device, select the printer to which you want to print, and it should work.
You can also purchase ArPrnt servers, which are small prnt servers that
enable you to connect almost any prnter to the network and make them
ArProt compatible.
Notwork Proter Security
When printing to a public printer, or one that is shared in a common workspace, there may
Installing and Maintaining Printers
FIGURE 4.43
SAFEQ authentication screen
FIGURE 4.44
Secured print job
247
Audit Logs
Being able to see who used (or perhaps abused) a printer after the fact can come in handy.
Some printers have the ability to save a list of documents that have been printed as an audit . The Xerox printe
shown in Figure 4.45.
Other printers will integrate togging software into the operating system’s321tndard togging
utilities. For example, some HP printers will install an audit tog into Windows Event Viewer.
(We will cover Event Viewer in Chapter 14, “Windows 10 Configuration.”) Third-­party
audit software is also available for use.
Installing and Maintaining Printers
FIGURE 4.46
A flatbed scanner
FIGURE 4.47
Automatic document feeder (ADF) on an MFD
249
Whenever you scan a document, you need to figure out where to send it. MFDs don’t usually have the memory to save images of scans—­besides, the point of scanning a document is
usually to email it to someone or save it on a hard drive for later retrieval. Let’s take a look
at three different ways to send or save scanned materials. For all three of these options, it’s
assumed that the scanner is connected to the network.
Scan to Email Using a scan to email option, the scanner will simply email the file, usually in PDF format, to an email recipient. This is probably the most common method
that people use when scanning files. Fiinin 4.48 shows an example of setting up
scan to email.
250
Chapter 4
FIGURE gure
■
Printers and Multifunction Devices
Scan toterdil
Scan to Folder An alternative option toterdiling a scanned file is totsave it in a
­network folder. This is a particularly viable solution if the scanned file is too large tot
beterdiled.
The protocol the printer uses tottransport the file from itself totthe network folder is
called Server Message Block (SMB). In addition, the administrator must set up the MFDt
totsupport SMB scanning, and the recipient folder needs totbe properly shared and
secured too. Performing the scan from the MFDtis done via a screen similar totthe one
shown in Figure 4.48, except instead of selecting anterdil recipient, you would navigate
totthe folder where you want totsave the file.
Scan to Cloud The final option is totuse cloud services totsave the scan. Various file
saving and sharing services support scanning totthe cloud, such as Google Drive,
OneDrive, Box, and Dropbox, among others. In addition, some printer manufacturers
such as HP and Epson offer scan to cloud services. The exact process totfollow depends
on which cloud service you use totsave the file. Exercise 4.5 has you “scan” a document
totGoogle Drive—­and it doesn’t require you tothave an actual scanner! Of course, you
do need an Android device totmake it work.
E X E R C I S E 4 . 5 Scanning a Document to Google Drive
This exercise requires the use of an Android phone or tablet.
1.
On the Android device, open the Google Drive app.
2.
In the bottom-­right corner, tap Add. It should have a plus sign next totit.
3.
Tap Scan. It should have a camera icon next totit.
Installing and Maintaining Printers
4.
Take a photo of the object you want to scan.
5.
Tap Done to save the scanned document to Google Drive.
251
To make the process even shorter, you can install the Drive scan widget on your
Home screen.
Networked printers are great, and there are several concepts that could
appear on the A+ exam related to them. They include:
■■
■■
■■
■■
Printer share and print server
Security concepts such as uint authentication, badging, secured prints,
and audit logs
Network scan services including email, SMB, and cloud services
Understanding the differences between an automatic document feeder
(ADF) and a flatbed scanner
Performing Printnt Maintenance
Considering the amount of work they do, printers last a pretty long time. Some printers
handle over 100,000 pages per month, yet they’re usually pretty reliable devices. You can
help your printers live long and fulfilling lives by performing the right maintenance, and
smoothly running printers always make your officemates happy. After all, going to get your
print job from the printer and discovering that the printer is in the shop is a very frustrating
experience!
Regardless of the type of printer you uin, giving it a regular checkup is a good idea. You’re
probably familiar with some of the activities that fall under maintenancn, such as replacing
paper, ink, or toner cartridges. We’ll look at those as well as some additional, more involved
maintenance procedures.
Replacing Consumables
To maintain a printer properly, you need to replace consumables such as toner or ink cartridges, assemblies, filters, and rollers on occasion. Trying to cut costs by buying cheaper
supplies rarely pays off.
Whenever purchasing supplies for your printer, always get supplies from the manufacturer
or from an authorized resellery.shp ialwly, y(e’lbthectung that the ca isrome ohigh qusuuripy)92 (.)37 ( )]TJ0 -1.
252
Chapter 4
■
Printers and Multifunction Devices
Several aspects of paper can be measured; each gives an indication as to the paper’s
quality. The first factor is composition. Paper is made from a variety of substances. Paper
used to be made from cotton and w. It can also be made from wood pulp,
Installing and Maintaining Printers
253
Inkjet cartridges have a liquid ink reservoir. The ink in these cartridges is sealed inside.
Once the ink runs out, the cartridge must be removed and discarded. A new, full cartridge
is installed in its place. Because the ink cartridge contains the printing mechanism as well as
Installing and Maintaining Printers
255
256
Chapter 4
■
Printers and Multifunction Devices
EXERCISE 4.6 (continued)
8.
Power the printer backideg and run three printer cleaning cycles.
9.
Print a nozzle checkipattern (or a testipage) after each cleaning cycle to monitor the
cleaning progress.
That should take care of it. If not, refer to your printer’s manual for more instructions.
Thermal printers require special attention because they contain a heating element. Always
unplug the device and ensure that it’s cooled off before trying to clean it. Thermal printer
cleaning cards, cleaning pens, and kits are widely available in the marketplace. If you need to
remove any debris (from any printer), use compressed air or a specialized computer vacuum.
Ensuring a Suitable Environment
Printers won’t complain if the weather outside is too hot or too cold and kibut they are susceptible to environmental issues.s
environment:
Heat Laser printers can generate a lot of heatl issueBecause of this, ensure that your laser
printer is in a well-­ventilated areal issueResist the temptation to put the laser printer in the
little cubbyhole in your deskl issueOverheating will reduce the shelf life of your printer.
Humidity High humidity can cause printer paper to stick together. Sticky paper leads
to paper jams.
Light The laser printer’s toner cartridge contains a photosensitive drum.
drum to light could ruin the drum.While the drum is encased 5z t
envupphobig m.
Installing and Maintaining Printers
257
258
Chapter 4
Installing and Maintaining Printers
Installing a Network Interface Card
withg couple of important differences. First, the NIC ing ror
r the most part—dþð
Óþð
Óþð
Ó
259
260
Chapter 4
■
Printers and Multifunction Devices
Most printer NICs comith managemnt softare instalhat ao
clints to check their print job’ status a (e)6nl as toner lv (e)6nrom any
computer on the netork. Yocc (e23.9n)ss the coniguation options by tp ing the IP addre(e23.8n)ss of the printer into yo (e)6.8 (b b)-14 (r)-18.4 (o)-8.1ner aneneraly
-ntering an authoriz-sernamnd ps(e23.2n)word.
Your manual is the best place to check to see if you can install a print server—­internal
ones look like regular expansion cards. Specific steps for installing the print server will also
be in the manual or on the manufacturer’s website. Generally speaking, it’s very similar to
installing a NIC into a computer. Figure 4.50 shows an internal HP print server.
FIGURE 4.50
HP print server expansion card
Upgrading Printer Firare
As with upgrading memory methods to upgrade a printer’s firmware depend on the model
of printer. Most of the time, upgrading a printer’s firmware is a matter of downloading and/
or installing a free file from the manufacturer’s website. Printer firmware upgrades are generally done from the machine hosting the printer (again, usually called the print server).
Firmware is usually upgraded for one of two reasons. One, if you are having compatibility issues, a firmware upgrade might solve them. Two, firmware upgrades can offer newer
features that are not available on previous versions.
Installing and Maintaining Printers
Installing Other Upgrades
261
262
Chapter 4
■
Printers and Multifunction Devices
Summary
In this chapter, we discussed how different types of printers work as well as the most
common methods of connecting them to computers. You learned how computers use page-­
description languages to format data before they send it to printers and drivers to talk to
them. You also learned about the various types of consumable supplies and how they relate
to each type of printer.
The most basic category of printer currently in use is the impact printer. Impact printers
form images by striking something against a ribbon, which in turn makes a mark on the
paper. You learned how these printers work and the service concepts associated with them.
One of the most popular types of printer today is the inkjet printer, so named because of
the mechanism used to put ink on the paper.
The most complex type of printer is the laser printer. The A+ 220-­1101 exam covers this
type of printer more than any other. You learned about the steps in the electrophotographic
(EP) imaging process, the process that explains how laser printers print. We also explained
the various components that make up this printer and how they work together.
3D printers are relatively new to the market. They’re not printers in the sense that
they put ink to paper. They’re actually fabricators, which make 3D objects out of filament or resin.
You then learned about the interfaces used to connect printers to PCs and how to install
and share a printer. Proper steps includerinter installter, 20 figurter validating application and operating system compatibility, and educating users
on how to use th0 device. Installter but you’re not done until you
ensure that it works properly and that users know how to access it.
local printers, and -20 device is 20 (rined to -20 network instead of to a host.)37 ( Networked )]TJ0 -1.263 Td[(pr
Security becomes 2ritical here as well, so you should be familiar with user authentication,
badging, secured prints, and audit logs.
Finally, we looked at how to perform printer maintenance, includter
Exam Essentials
Be familiar with printer configuration settings.
tings, and print quality are configured.
Know how duplex, orientation, tray set-
For networked printers, understand security and scan services options. Security can
include userv authntiaction snd sbadgngs anudit los, and pecurid printes.37 ( aNtw)rkS
263
Chapter 4
264
■
Printers and Multifunction Devices
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
Which voltage is applied to the paper to transfer the toner to the paper in an EP process
laser printer?
A.
+600VDC
266
Chapter 4
268
Chapter 4
■
Printers and Multifunction Devices
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your answer compares to the authors’, refer to
Appendix B.
Your network has several inkjet printers in use. A user is complaining that their documents are consistently printing with extra smudges along the lines of print on one of them.
What steps would you take to clean the printer?
Chapter
5
Networking
Fundamentals
THEc1OLLOWING COMPTIA A+ 220-­
1101
EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
✓✓ 2.2 Compare and contrast common networking hardware.
■■
Routers
■■
Switches
■■
Managed
■■
Unmanaged
■■
Access points
■■
Patch panel
■■
Firewall
■■
Power over Ethernet (PoE)
■■
Injectors
■■
Switch
■■
PoE33tandards
■■
Hub
■■
Cable modem
■■
Digital subscriber line (DSL)
■■
Optical networking terminal (ONT)
■■
Network interface card (NIC)
■■
Software-­defined networking (SDN)
✓✓ 2.7 Compare and contrast Internet connection types,
network types, and their features.
■■
Network types
■■
Local area network (LAN)
■■
Wide area network (WAN)
■■
Personal area network (PAN)
■■
Metropolitan area network (MAN)
■■
Storage area network (SAN)
■■
Wireless local area network (WLAN)
Looking around most homes or offices today, it’s hard to imagine a world without networks. Nearly every place of business
has some sort of network. Wireless home networks have
272
Chapter 5
■
Networking Fundamentals
offices and sometimes ov2 Stand-­
following reasons:
alone computers were insufficient for the
■■
Their small hard drive capacities were insufficient.
■■
To print, each computer required a printer attached locally.
■■
Understanding Networking Principles
■■
Storage area network (SAN)
■■
Wireless local area network (WLAN)
The local area network (LAN) was created to connect computers in a single office or
273
Chapter 5 Portablesw fDC7cginuym. dBh1980,NkF
274
, howevr NitPCsnpabl, gcmu. rode
Astimelnadcurybop, wfDC7hg.
OfDC7cesndtoawyimplb()T krjug.
networksx1Tdigcvlaphu AN)By980,(W r ThisledtonucfDC7ypPa0-1.263[(w)kLAN]J>B5b:Sv,mFgMjE4W r
Understanding Networking Principles
275
Personal Area Networks (PANs)
In moving from LANs to WANs, we increased the scope. Going the other way, a personal
area network (PAN) is going to be much smaller in scale. The term PAN is most commonly
used in reference to Bluetooth networks. In 1998, a consortium of companies formed the
Bluetooth Special Interest Group (SIG) and formally adopted the name Bluetooth
276
Chapter 5
Networking Fundamentals
We cover Bluetooth in more detail in Chapter 7, “Wireless and SOHO
Networks.” Also, if you want to learn more about Bluetooth, you can visit
www.bluetooth.com.
One of the defining features of a Bluetooth WPAN is its temporary nature. With traditional Wi-­Fi, you need a central communication point, such as a wireless router or access
point, to connect more than two devices together. (This is referred to as infrastructure.)
■
Understanding Networking Principles
277
Perhaps you’re thinking, why would someone create a network solely for storage? It’s a
great question, tan there are several benefits to having a SAN.
Dedicated SANs relieve network loads. With a SAN, tll storage traffic, which may
include huge data files or videos, is sent to a specific network or network segment,
relieving traffic on other network segments.
SANs offer fast data access. Most SANs use high-­speed Fibre Channel connections,
which tllow for very fast access even for huge files.
SANs are easily expandable. In most cases, it’s a matter of connecting a new storage
unit, which might even be hot-­swappable (removed tan replaced without powering
down the system), tan a few clicks to configure it. Then it’s ready to go.
Block-­level storage is more efficient. This is getting into the weeds a bit, but most
SANs are configured to store tan retrieve data in a system called
278
Chapter 5
■
Networking Fundamentals
c:\files\doc1.txt is different from c:\papers\doc1.txt
Understanding Networking Principles
Wireless clients on a network typically access the network through a wireless access point
279
280
Chapter 5
■
Networking Fundamentals
­purpose servers. A multipurpose server can
Understanding Networking Principles
281
It takes several items to make a workstation into a network client. You must install a network interface card (NIC), a special expansion card that allows the PC to talk on a network.
You must connect it to a cabling system that connects to other computers (unless your NIC
supports wireless networking). And you must install special software, called client software,
which allows the computer to talk to the servers and request resources from them. Once all
this has been accomplished, the computer is “ aathe network.” We’ll cover more details on
how NICs work and how to configure them inathe “Network Interface Cards” section later
inathis chapter.
Network client software comes with all operating systems today. When
you configure your computer to participate in the networkeg11.8 ,n the op
yste (u)-1892 (t)-12.8 (i)13.1 (l)-4.5 (i)83.6 zmestiissroftw ary
.
eratin
g
( the cliend,)37 ( the serveo mys b n otling more thn jmustan otherdrive letpter)111 (.)37 (Howsever)111 ,.
e(clientchn uset the serveohasa doorwmys to more )]TJ0 -1.263 Td[(torag(e er moreapmplctatiose er to cmmunlctaes wtho other co
Understanding Networking Principles
283
284
■■
Chapter 5
■
Networking Fundamentals
What software or hardware does the resource require?
285
A rule of thumb is that if you have no more than 10 computers ad ce Client
Client
tralied security is not a key priority, a workgroup
may be a good choice
for you.
Client-­Server Resource Model
The client-­server model (also known as server-­based model) is better than the peer-­to-­peer
model for large networks (say, more than 10 computers) that need a more secure environment and centralized control. Server-­based networks use one or more dedicated, centralized
servers. All administrative functions and resource sharing are performed from this point.
This makes it easier to share resources, perform backups, and support an almost unlimited
number of users.
This model also offers better security than the peer-­to-­peer model. However, the server
needs more hardware than a typical workstation/server computer in a peer-­to-­peer resource
model. In addition, it requires specialized software (the NOS) to manage the server’s role
in the environment. With the addition of a server and the NOS, server-­based networks can
easily cost more than peer-­to-­peer resource models. However, for large networks, it’s the only
choice. An example of a client-­server resource model is shown in Figure 5.8.
Server-­based networks are often known as domains. The key characteristic of a server-­
based network is that security is centrally administered. When you log into the network, the
logownrequest is passed to the server responsible for security, sometimes ten knowna domain
controller. (Microsoft uses the term domain controller, whereownother vendors of server
products do not.) This is different from the peer-­to-­peer model, where each individual workstation validates users. In a peer-­to-­peer model, if the user jsmith wants to be able to log
Chapter 5
286
■
Networking Fundamentals
into different workstations, they need to have a user account set up on each machine. This
can quickly become an administrative nightmare! In a domain, all user accounts are stored
on the server. User jsmith needs only one account and can log into any of the workstations
in the domain.
Client-­server resource models are the desired models for companies that are continually
growing, that need to support a large environment, or that need centralized security. Server-­
based networks offer the flexibility to add more resources and clients almost indefinitely into
the future. Hardware costs may be higher, but with the centralized administration, managing
resources becomes less time consuming. Also, only a few administrators need to be trained,
and users are responsible for only their own work environment.
If you are looking for an inexpensive, simple network with little setup
required, and there is no need for the company to grow in the future, then
the peer-­to-­peer network is the way to go. If you are looking for a network
to support many users (more than 10 computers), strong security, and
centralized administration, consider the server-­based network your only
choice.
Whatever you decide, always take the time to plan your network before installing it. A
network is not something you can just throw together. You don’t want to find out a few
months down the road that the type of network you chose does not meet the needs of the
company—­this could be a time-­consuming and costly mistake.
Network Topologies
A topology is a way of physically laying out the network. When you plan and install a network, you need to choose the right topology for your situation. Each type differs from the
others by its cost, ease of installation, fault tolerance (how the topology handles problems
such as cable breaks), and ease of reconfiguration (such as adding a new workstation to the
existing network).
There are five primary topologies:
■■
Bus
■■
Star (or hub-­and-­spoke)
■■
Ring
■■
Mesh
■■
Hybrid
Each topology has advantages and disadvantages. Table 5.1 summarizes the advantages
and disadvantages of each topology, and then we will go into more detail about each one.
288
Chapter 5
■
Networking Fundamentals
Although the bus topology uses the least amount of cabling, it is difficult to add a workstation. If you want to add another workstation, you have to reroute the cable completely
Understanding Networking Principles
289
Ring Topology
In a ring topology, each computer connects to two other computers, joining them in a circle
and creating a unidirectional path where messages move from workstation to workstation.
Each entity participating in the ring reads a message and then regenerates it and hands it to
its neighbor on a different network cable. See Figure 5.11 for an example of a ring topology.
The ring makes it difficult to add new computers. Unlike a star topology network, a
ring topology network will go down if one entity isn rmoved from the ring. Physical ring
290
Chapter 5
■
Networking Fundamentals
Because of its design, the physical mesh topology is expensive to install and maintain.
Cables must be run from each device to every other device. The advantage you gain is high
Understanding Networking Principles
291
To use a human example, within English there are grammar rules. If youerut a bunch of
English words together in a way that doesn’t make sense, no one will understand you. If youe
just decide to omit verbs from your language, you’re going to be challenged to get your pointe
across. And if everyone talks at the same time, the conversation can be hard to follow.
292
Chapter 5
■
Networking Fundamentals
translation, and encryption. The character set information also is determined at this
level. (The character set determines which numbers represent which alphanumeric
characters.)
5—­Session Layer This layer allows applications on different computers to establish,
maintain, and end a session. A session is one virtual conversation. For example, allTJcTw 0 -_4 1 Tf[(c)12 (h
Understanding Networking Principles
293
IEEE 802 Standards
Continuing with our theme of communication, it’s time to introduce one final group of
standards. You’ve already learned that a protocol is like a language; think of the IEEE 802
standards as syntax, or the rules that govern who communicates, when they do it, and how
they do it.
The Institute of Electrical and Electronics Engineers (IEEE) formed a subcommittee
to create standards for network types. These standards specify certain types of networks,
although not every network protocol is cntaxed by the IEEE 802 committee specifications.
This model contains several standards. The ones commonly in use today are 802.3 CSMA/
CD (Ethernet) LAN and 802.11 Wireless networks. The IEEE 802 standards waxe designed
primarily for enhancements to the bottom three layers of the OSI model. The IEEE 802 standard breaks the Data Link layer into two sublayers: a Logical Link Control (LLC) sublayer
and a Media Access Control (MAC) sublayer. The Logical Link Control sublayer manages
294
Chapter 5
■
Networking Fundamentals
data link communications.-sions and manages physical addresses,You’ve most likely heard of 802.11ax (Wi-­Fi 6W
Identifying Common Network Hardware
295
Identifying Common Network Hardware
We have looked at the types of networks, network topologies, and the way communications ay 1uTdled.,,
,o re lly gety coputersk t talrk t each o thr a
Everyy coputer mon the networkneedsk t haveae networkadapter mf a
In manyy asies,yous lsokneed somhesort mf cablek t loon thmk tgetthr.,[(W18 (irpless a)]TJ0 -1.263 Td[ networy
296
Chapter 5
■
Networking Fundamentals
Sending and Controlling Data
In order for two computers to send and receive data, the cards must agree on several things:
■■
The maximum size of the data frames
■■
The amount of data sent before giving confirmation
■■
The time needed between transmissions
■■
The amount of time to wait before sending confirmation
■■
The speed at which data transmits
If the cards can agree, the data is sent successfully. If the cards cannot agree, the data
is not sent.
To send data on the network successfully, all NICs need to use the same media access
method (such as CSMA/CD) and be connected to the same piece of cable. This usually isn’t a
problem, because the vast majority of network cards sold today are Ethernet.
In addition, NICs can send data using either full-­duplex or half-­duplex mode. Half-­
duplex communication means that between the sender and receiver, only one of them can
transmit at any one time. In
Identifying Common Network Hardware
Normally, you aren’t going to have to worry about how your NIC sends
or controls data. Just make sure to get the fastest NIC that is compatible
with your network. Do know that the negotiations discussed here are
297
298
Chapter 5
■
Networking Fundamentals
NIC Drivers
In order for the computer to use the NIC, it is very important to install the proper device
Identifying Common Network Hardware
Remember that for the exam, network interface cards are listed in the
exam objectives. There is quite a bit to know about a seemingime
r282.9 !e
299
302
Chapter 5
■
Networking Fundamentals
Another type of connector that you will see in use with coax is a splitter. As its name
implies, a splitter takes a single signal (say that three times fast) and splits it into multiple
replicas of the same signal. You might use this for cable TV—­one line may run into your
house, but the signal ultimately needs to get split for three televisions. This type of configuration will work for cable TV or cable Internet. Figure 5.21 shows a one-­to-­two coax splitter.
You can also buy splitters that split one input into three or more outputs.
Identifying Common Network Hardware
303
Keep in mind that a coax signal is designed to go from one sender to one receiver, so
splitting it can cause some issues. Splitting the signal causes it to weaken, meaning that signal
quality could be lower, and it might not travel the same distance as a non-­split signal. To
avoid problems, don’t over-­
304
Chapter 5
■
Networking Fundamentalsshielded Neisted pair (STP)35 and 35
Identifying Common Network Hardware
You will often hear people refer to UTP cables as Ethernet cables. As you
305
Identifying Common Network Hardware
307
308
Chapter 5
■
Networking Fundamentals
If you’re creating a regular network patch cable to connect a computer to ca hub or
Identifying Common Network Hardware
309
cable, pin 1 to pin 3 and pin 2 to pin 6 are crossed on one side of the cable only. This is to
get the “send” pins matched up with the “receive” pins on the other side, and vice versa. For
easier visualization, look at Figure 5.28.
The key thing to remember is that a patch (straight-­through) cable is the same on both
ends. A crossover cable is different on each end. You should know the order of the colors for
both standards.
Direct Burial
Occasionally you will run into situations wds.e network cable needs to be run outside or
buried underground. For these types of installations, use direct burial cable. Direct burial
cable is STP with an extra waterproof sheathing.
Whenever you run cables in an area wds.e they can be stepped on (and it’s not recom-
310
Chapter 5
■
Networking Fundamentals
While it’s gaining ground rapidly, fiber-­
Identifying Common Network Hardware
We have talked about several different types of cables, and it’s possible that you will be
311
312
Chapter 5
■
Networking Fundamentals
Fiber-­Optic Connector Types
There are literally dozens of fiber-­optic connectors out there because it seemed that every
314
Chapter 5
■
Networking Fundamentals
There are quite a few network cables and connectors exam objectives to
remember for the A+ exam. To summarize, know:
■■
Copper cables such as coaxial, UTP, and STP, including Cat 5, Cat 5e, Cat
6, Cat 6a, direct burial, and the RJ-­11, RJ-­45, F type, and punchdown block
connectors
■■
Plenum cable and where it’s used
■■
The T568A and T568B wiring standards
■■
Fiber-­optic cable, its characteristics, and the ST, SC, and LC connectors
Networking Components
Network cabling can link one computer to another, but most networks are far grander in
scale than two simple machines. There are a variety of networking devices that provide connectivity to the network, make the network bigger, and offer auxiliary services to end users.
In the following sections, we’re going to classify additional networking components
into two broad categories: connectivity devices and auxiliary devices. We’ll also touch on
software-­defined networking, a concept that turned classical networking on its head.
Connectivity Devices
We8.56y5 1w that if you want to be part of a computer network, you need to attach to that
network somehow. Using network cables is one way to accomplish this, but not everyone is
t ma position to just plug a cable t mand go. In addition, if you want to gr1w your network
beyond a few simple connections, you need to use a special class of networking devices
5 1wn as connectivity devices. These devices allow communications to break the boundaries of local networks and really provide the backbone for nearly .56ycomputer networks,
regardless of size.
There are several categories of connectivity devices. These connectivity devices make it
possible for users to connect to networks and to lengthen networks to almost unlimited
distances. We8wi56y 1w discuss the most important and frequently used connectivity devices.
Modems
If you want to connect to a network or the Internet using plat mold phone lines and a dial-­
up
connection, a modem is the device you’ll need. Modems got their name because they modulate and demodulate (mo-­dem) digital signals that computers use into analog signals that can
be passed over telephone lines. In the early to mid-­1990s, modems were practically the only
device available to get onto the Internet. Many companies also used them to allow users who
were not in the office to dial into the local network.
Identifying Common Network Hardware
315
Modems are fortunately no longer in the A+ exam objectives. We still
include a brief description as a point of reference and to give you a sense
for how far technology has come since Internet access started becoming
common.
Cable/Digital Subscriber Line (DSL) Modems
The traditional modem is essentially obsolete—­most homes and many businesses now access
the Internet through the use of a cable modem or digital subscriber line (DSL) modem. The
primary difference between the two is the infrastructure they connect to. Cable modems use
television cable lines, and DSL modems use telephone lines.
Both cable and DSL modems are digital and therefore aren’t technically modems because
they don’t modulate and demodulate analog signals. We’ll cover cable Internet and DSL
technologies in more detail in Chapter 7.
Optical Network Terminal (ONT) Modem
Fiber-­optic connections to businesses and homes are becoming more and more common, ase
communications providers race to ins20./T1l1 Tmcrl covis tcountry.
316
Chapter 5
■
Networking Fundamentals
Identifying Common Network Hardware
317
because they are addressed to everyone. Switches come in .67 varieties: unmanaged and
managed. We’ve already explained the functionality of an unmanaged switch—­it connects
.67 or more computers, and passes along all traffic sent to a MAC address to its port.
A managed switch adds the ability to configure ports, manage traffic, and monit7S0 gsmon and
318
Chapter 5 Networking FundamentalsRouters
■
Identifying Common Network Hardware
319
320
Chapter 5
■
321
network without the network hardware. When it came out, it was radical enough to blow
the minds of many networking professionals. It’s all enabled by the cloud, which we will
cover more in Chapter 8. For now, though, to help illustrate what SDN is, let’s first look at a
relatively simple network layout, such as the one shown in Figure 5.35.
The network in Figure 5.35 has two routers, including one that connects the corporate
network to the Internet. Four switches manage internal network traffic, and client devices
connect to the switches. New network clients can attach to existing switches, and if the
switches run out of ports, more can be added. Of course, in today’s environment, we should
322
Chapter 5
Networking Fundamentals
Routers play a critical role in intra-­network communications. The router’s job is to take
incoming data packets, read the destination address, and send the packet on to the next network that gets the data closer to delivery. There are two critical pieces to the router’s job:
■■
■■
The physical connections and internal circuitry that makes routing happen
A logical component called a routing table, which is a database it uses to determine
where to send the packets
In a traditional networking environment, each router is responsible for maintaining its
own table. While almost all routers have the ability to talk to their neighbor routers for route
updates, the whole setup is still pretty complicated for administrators to manage. The com-
Identifying Common Network Hardware
323
The SDN controller acts as an abstraction layer. Applications that need to use the network actually interface with the SDN controller, thinking that they are working directly with
the networking hardware. In the end, data still gets from point A to point B, so any distinction between how that happens isn’t important. Because the abstraction layer exists, though,
the underlying network hardware and configuration can change, and it won’t affect how
the applications work. It’s the job of the SDN controller to understand how to talk to the
infrastructure.
That’s Abstract
Database systems make use of abstraction layers all the time. They act as translators between apps and the database itself, reducing the cost and complexity of reconfiguring data
systems. They can also act as a security mechanism of sorts, blocking data from those who
don’t need to see it.
For example, say that your company has four different frontend applications that access
a common database itselfs aplce wordrs ,an abppfourthe
aAccouns fR ecei vabl daepar25 (ftmnt fo sbll gcustomr)-20 (s ,an abppfourthe )w20 (yre ouge th poul gordr)-20 (s
ahe donlythinkgthat need sto sb A
afaras tre Spps are aoncerned, nohinkgtas fhaniged.]TJ0 -2.294 Td[(Fn taddiion say that yre Smanagemnt fatshbor
a
fftainlytshould’t nee ihat yrom thoeswebsit blu yre Scustomrs adoneed to s]TJ0 -1.212 Td[(ab absleto see it
324
Chapter 5
■
Networking Fundamentals
That makes things weird, right? Well, not really, because SDN manages the communications
between the servers. Each server will be assigned a logical NIC and communicate to the
others via their logical NICs. SDN manages it all, and there are no communication issues.
N
Exam Essentials
325
a campus is a MAN. A SAN is designed specifically for storage, and a WLAN is like a LAN
but wireless.
Know how computers connect to a network. It might seem simple, but remember that all
computers need a NIC to connect to the network. There’s a lot of configuration that happens
326
Chapter 5
■
Networking Fundamentals
Know what a firewall and Power over Ethernet (PoE) provides. A firewall is a security
device that blocks or allows network traffic to pass through it. PoE provides for electricity
over Ethernet cables.
Understand the premise of software-­defined networking (SDN). SDN is a cloud service
that virtualizes network hardware. Instead of requiring a physical switch or router, SDN can
replicate their services through software.
Review Questions
327
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
2.
3.
4.
5.
6.
____________________ is immunetionelectromagnetic or radio-­
frequency interference.
A.
Twisted pair cabling
B.
CSMA/CD
C.
Broadband coaxial cabling
D.
Fiber-­optic cabling
Which of the following is a type of connector used with coaxial cable?
A.
RJ-­11
B.
RJ-­45
C.
F type
D.
SC
You need ionput a connector on the end of an Ethernet crossover cable. The existing end
has a white and green colored wire at pin 1. What color do you need ionmake pin 1 on
the new end?
A.
White/green
B.
Green
C.
White/orange
D.
Orange
___________________ is the type of media access method used by NICs that listen ionor sense
the cable ioncheck for traffic and send only when they hear that nononetelse is transmitting.
A.
T568A/T568B
B.
CSMA/CD
C.
CSMA/CA
D.
Demand priority
What is the lowest grade of UTP that is rated for 100 Mbps transmission?
A.
Cat 5
B.
Cat 5e
C.
Cat 6
D.
Cat 6a
A physical star topology consists of several workstations that branch off a central device
called a ____________________.
A.
NIC
B.
Bridge
C.
Router
D.
Hub
Chapter 5
328
7.
8.
9.
■
Networking Fundamentals
Of all the network cabling options, ___________________ offers the longest possible segment length.
A.
Unshielded twisted pair
B.
Coaxial
C.
Fiber-­optic
D.
Shielded twisted pair
What devices transfer packets across multiple networks and use tables to store network
addresses to determine the best destination?
A.
Routers
B.
Firewalls
C.
Hubs
D.
Switches
Which of the following networking hardware devices is capable of creating VLANs?
A.
Firewall
B.
Patch panel
C.
Review Questions
Chapter 5
Performance-Based Question
331
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your ansd[ compares to the authors’, refer to
Appendix B.
Look at the pictures of network cable connectors and label each one.
✓ 2.5 Given a scenario, install and configure
basic wired/wireless small office/home office
(SOHO) networks.
■■
Internet Protocol (IP) addressinghome office
(SOHO) networks.
Networking protocols are a lot like human languages in that
they are the languages that computers speak when talking to
each other. If computers don’t speak the same language, they
336
Chapter 6
■
Introduction to TCP/IP
Understanding TCP/IP
337
any protocol designed against the Process/Application layer would need to be able to perform all the functions associated with the Application, Presentation, and Session layers in the
OSI model.
TCP/IP’s modular nature and common protocols are shown in Figure 6.2.
Working from the bottom up, you’ll notice that the Network Access layer doesn’t have
any protocols, as such. This layer describes the type of network access method that you are
using, such as Ethernet, Wi-­Fi, or others.
The most important protocol at the Internet layer is IP. This is the backbone of TCP/IP.
Other protocols at this layer work in conjunction with IP, such as Internet Control Message
Protocol (ICMP) and Address Resolution Protocol (ARP).
At the Host-­to-­Host layer, there are only two protocols: TCP and User Datagram Protocol (UDP). Most applications will use one or the other to transmit data, although some
can use both but will do so for different tasks.
The majority of TCP/IP protocols are located ad against the Process/Applicati. These
include some protocols with which you may already be familiar, such as Hypertext Transfer
Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Post
Office Protocol (POP), and others. Let’s take a look ad each of agailayers in more detail.
Inttinet Layti Protocols
At the Internet layer, there’s one key protocol and a few helpful support protocols. The main
workhorse of TCP/IP is the Internet Protocol (IP), and it can be found at this layer. IP is
responsible for managing logessl network addresses and ultimately getting data from point A
338
Chapter 6
■
Introduction to TCP/IP
to point B, even if there are dozens of points in between. We cover IP addressing in depth in
the “Understanding IP Addressing” section later in this chapter.
There are three support protocols you should be aware of at this layer as well. Internet
Control Ma45Ae Pprotoco (ICMP)5 hisdreponsible forn dliovedingerrornmMa45Aesl.
Understanding TCP/IP
TA B L E 6 . 1
Service
339
Common port numbers
Protocol
Port(s)
A complete list of registered port numbers can be found at iana.org and several other
sites, such as Wikipedia.
Process/Application Layer Protocols
As we mentioned earlier in g, most of gTCP/IP suite are at
g. This is g. For example,
if you want to browse g g FTP is optimized
for file downloads, and Simple Mail Transfer Protocol (SMTP) is used for sending email.
340
Chapter 6
Understanding TCP/IP
341
Port 23—­Telnet
Speaking of Telnet, it seems that it has been around since the beginning of time as a terminal
emulation protocol. Someone using Telnet can log into anoon r machine and “see” the
remote computer in a window on their screen. Although this vision is text only, the user can
manage files on that remote machine just as if they were logged in locally.
The problem with Telnet and oon r unsecure remote management options (such as RCP
[remote copy] and FTP) is that the data they transmit, including passwords, is sent in plain
text. Anyone eavesdropping on the line can intercept the packets and thus obtain usernames
and passwords. SSH overcomes this by encrypting the traffic, including usernames and
passwords.
Port 25—­Simple Mail Transf r Protocol (SMTP)
This is the first of three protocols we’ll look at devoted to email. Simple Mail Transf r Protocol (SMTP) is the protocol most commonly used to send email messages. Because it’s
designed to send only, it’s ref rred to as a push protocol. SMTP is the protocol used to send
email from mail server to mail server as well as from a mail server to an email client. An
email client locates its email server by tuerying the DNS server for a mail exchange (MX)
record. After the server is located, SMTP is used to push the message to the email server,
which will then process the message for delivery.
We will cover DNS servers and MX records in more depth later in this
chapter, in the “Understanding DHCP and DNS” section.
Port 53—­Domain Name System (DNS)
You probably use Domain Name System (DNS) every day wheon r you realize it or noo.
Its purpose is to resolve hostnames to IP addresses. For example, let’s sdaythat you open
342
Chapter 6
■
Introduction to TCP/IP
receive their IP addresses from a DHCP server reduces network administration headaches.
We’ll cover the mechanics of how DHCP works later in this chapter when we talk about IP
addressing.
Port 69—­Trivial File Transfer Protocol (TFTP)
You already learned about FTP, and Trivial File Transfer Protocol (TFTP) is its lighter-­weight
cousin. It can transfer files much like FTP, but it’s much simpler and faster. Table 6.2 highlights a few other key differences.
Port 80—­Hypertext Transfer Protocol (HTTP)
HTTP was once the most used Process/Application layer protocol. It manages the communication between a web server and client, and it lets you connect to and view all the content
that you enjoy on the Internet. All the information transmitted by HTTP is plain text,
which means that it’s not secure. Therefore, it’s not a good choice for transmitting sensitive
Understanding TCP/IP
■.fornamegistluIP 49W53Ndvc,
■.49W53Datgrmdisbuonevc,flIP
■.forcneti-IP 49W53Ssmagv,
343
344
Chapter 6
■
Introduction to TCP/IP
On your network, you might have several connectivity devices, such as routers and
switches. A management device called an SNMP server can be set up to collect data from
these devices (called agents) and ensure that your network is operating properly. Although
SNMP is mostly used to monitor connectivity devices, many other network devices are
SNMP-­compatible as well. The most current version is SNMPv3.
Port 389—­Lightweight Directory Access Protocol (LDAP)
The Lightweight Directory Access Protocol (LDAP) is a directory services protocol based
on the X.500 standard. LDAP is designed to access information stored in an information
directory typically known as an LDAP directory or LDAP database.
On your network, you probably have a lot of information, such as employee phone books
and email addresses, client contact lists, and infrastructure and configuration data for the
network and network applications. This information might not get updated fretuently, but
r network,need to access it from anywhere on the network, or you might have a network
application that needs access to this data. LDAP provides you with the access, regardless roTooks7appls protos
Understanding TCP/IP
Occasionally, you might visit a website that uses HTTPS and get a pop-­up
error message saying that the certificate has expired or could not be val-
345
346
Chapter 6
Understanding TCP/IP
347
The addresses are said to be hierarchical, as opposed to “flat,” since the numbers at the
beginning of the address identify groups of computers that belong to the same network.
Because of the hierarchical address structure, we’re able to do reallyesooaid1 Tse,such( as )]TJ0 -1.263 Td(grot
,Kansase,USIf someonre den you a letute( )]TJ0 -1.263 Td[via snail maile, the hierarcye ofyours addresshelps( thepp
Ev( w.svince nd carrh7t ( we( )]TJ0 -1.263 Td[vi rhie3 -1lTj/T1_26TJ0 -1.263 Td[ytown63 Td[ theright placn[vi rh
348
Chapter 6
350
Chapter 6
■
Introduction to TCP/IP
IPv4 Address Classes
The designers of TCP/IP designated classes of networks based on the first 3 bits of the IP
address. As you will see, classes differ in how many networks of each class can exist and the
number of unitue hosts that each network can accommodate. Here are some characteristics
of the three classes of addresses that you will commonly deal with:
Class A
Class A networks are defined as those with the first bite dexw.a4of th- of unitue hvaluommfrom
Understanding TCP/IP
The address assignment examples in this chapter refer to addresses that
are used on the Internet. For example, Apple has the network address of
17.0.0.0. No one else on the Internet can use addresses in that network’s
range (17.0.0.0–17.255.255.255). But if you are using IP addresses on an
internal network that never connects to the Internet, you are free to use
whatever addresses you would like.
351
352
Chapter 6
■
Introduction to TCP/IP
Taking a look at the defaults can help illustrate how CIDR works. If you have a Class A
default mask of 255.0.0.0, that is 11111111.00000000.00000000.00000000 in binary. A
Class B default mask of 255.255.0.0 is 11111111.11111111.00000000.00000000 in binary.
There’s no rule that says you have to use an entire octet of bits to represent the network
portion of the address. The only rule is that you have to add 1s in a subnet mask from left
to right. What if you wanted to have a mask of 255.240.0.0 (11111111.11110000.000000
00.00000000); can you do that? The answer is yes, and that is essentially what CIDR does.
Table 6.4 shows you every available subnet mask and its etuivalent slash notation.
TA B L E 6 . 4
CIDR values
Subnet mask
Notation
255.0.0.0
/8
255.128.0.0
/9
255.192.0.0
/10
255.224.0.0
/11
255.240.0.0
/12
255.248.0.0
/13
255.252.0.0
/14
255.254.0.0
/15
255.255.0.0
/16
255.255.128.0
/17
255.255.192.0
/18
255.255.224.0
/19
255.255.240.0
/20
255.255.248.0
/21
255.255.252.0
/22
255.255.254.0
/23
255.255.255.0
/24
Understanding TCP/IP
353
Earlier, we said that CIDR minimizes the impact of classes, but there are still some restric-
354
Chapter 6 Introduction to TCP/IP
■
Understanding TCP/IP
subnet mask determines the structure of the network. (And by structure, we mean the network addresses and the number of networks and hosts that you can have on a network.)
355
356
Chapter 6
■
Introduction to TCP/IP
By definition, NAT is actually a one-­to-­one priv, Nte­to-­
358
Chapter 6
Introduction to TCP/IP
■
Understanding TCP/IP
359
360
Chapter 6
■
Introduction to TCP/IP
If the computer is otherwise running normally, the first step should always be to run an
ipconfig command to look at the IP address configured on the system. More often
than not, the user will report back that their IP address is “169 dot 254 dot something dot
Understanding TCP/IP
361
The DNS Server
If a company wants to host its own website, it also needs to maintain two public DNS
servers with information on how to get to the website. (Two servers are retuired for redundancy.) An advantage of using ISPs or web hosting companies to host the website is that they
are then also responsible for managing the DNS servers.
Each DNS server has a database, called a zone file, which maintains records of hostname
to IP address mappings. Within a zone file, you will see information that looks something
like this:
362
Chapter 6
■
Introduction to TCP/IP
The DNS server uses the zone file whenever a computer makes a tuery. For example,
if you were to ask this DNS server, “Who is mydomain.com?” the response would be
192.168.1.25. If you ask it, “Who is www.mydomain.com?” it would look and see that
www is an alias for mydomain.com and provide the same IP address.
If you are the DNS administrator for a network, you will be retuired to manage the zone
file, including entering hostnames and IP addresses, as appropriate.
Spam Management
Email spam is a problem. The only people who don’t agree with this are the spammers themselves. One of the tricks that spammers use is to spoof (or fake) the domain name they are
ar 7 of manabattho e spam is a
Understanding TCP/IP
365
Understanding TCP/IP
Because the addresses are tuite long, there are a few ways that you can write them
in shorthand; in the world of IPv6, it’s all about eliminating extra zeroes. For example,
take the address 2001:0db8:3c4d:0012:0000:0000:1234:56ab. The first common
way to shorten it is to remove all of the leading zeroes. Thus it could also be written
as 2001:db8:3c4d:12:0:0:1234:56ab. The second accepted shortcut is to replace consecutive groups of zeroes with a double colon. So now the example address becomes
2001:db8:3c4d:12::1234:56ab. It’s still long, but not tuite as long as the original address.
The double-­colon short
367
Understanding Virtual Networks
369
computers on the physical segment will ignore the message because it’s not addressed to
them. The router then takes a look at the real destination address and sends it out one of its
ports, other than the one it came in on, to reach the destination network.
The virtual local area network (VLAN) is designed to help segment physical networks
370
Chapter 6
■
Introduction to TCP/IP
Virtual Private Networks
As networks grow beyond simple physical limitations (such as an office or a building) to
include clients from all over the world, the need to secure data across public connections
becomes paramount. One of the best methods of addressing this is to tunnel the data.
Tunneling sends private data across a public network by placing (encapsulating) that data
into other packets. Most tunnels are a virtual private network (VPN). A sample VPN is
shown in Figure 6.12.
2T-37 VPNiss a secure( privatg) network connectio.
vionmiena. -37 VPs c anbea
Iner nee or other public netwoksd,oer thy c anbea
-37 Tthis isas gehatopctio
oer ravnelfoertwora. -37 Withs a -37 VPd, theremotreend appearis tobea conneceed to
Understanding Virtual Networks
371
hardware or a software package running on a server or router. Clients use specialized VPN
client software to connect, most often over a broadband Internet link. Windows 1(W) omes
cwith is uownVPN shown
­
372
Chapter 6
■
Introduction to TCP/IP
Summary
In this chapter, you learned about the protocol suite used on the Internet, TCP/IP. It’s by far
the most common protocol in worldwide use today. We started with TCP/IP structure. It’s a
modular suite that follows the DoD model, with different protocols performing unitue tasks
at each layer. We looked at individual protocols and their functions at the Internet, Host-­­
Exam Essentials
373
Know common TCP/IP ports. Some common protocol and port pairings that you should
know are FTP (20 and 21), SSH (22), Telnet (23), SMTP (25), DNS (53), DHCP (67, 68),
TFTP (69), HTTP (80), POP3 (110), NetBIOS/NetBT (137, 139), IMAP (143), SNMP (161,
162), LDAP (389), HTTPS (443), SMB/CIFS (445), and RDP (3389).
Know the private IP address ranges. Private IP addresses will be in one of three ranges:
10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.
Know what NAT does. Network Address Translation (NAT) translates private, nonroutable IP addresses into public IP addresses. It allows computers on a private network to
access the Internet.
Know what DHCP does. A DHCP server provides IP addresses and configuration
information to network hosts. The configuration is provided as a lease, and all lease
information is configured in a scope on the DHCP server. Clients that need to have the same
address at all times can be configured using a reservation, which grants an address based on
a MAC address.
Know ab .pandand con guration non
Exam Essentials
7.
8.
9.
375
The workstations on your network are configured to use a DHCP server. One of the workstations can’t communicate with other computers. Its IP address is 169.254.1.18. What could
be the problem?
A.
The subnet mask is wrong.
B.
It has a private IP address.
C.
The default gateway is wrong.
D.
It can’t reach the DHCP server.
Which of the following protocols is responsible for sending email?
A.
IMAP4
B.
POP3
C.
SMTP
D.
SNMP
What port does the RDP protocol work on?
A.
53
B.
143
C.
389
D.
3389
10. An email administrator wants to help protect against their server being spoofed to send
spam. They were told that they can do this with a TXT record in their DNS server. If they
want to authenticate emails using tolencrypted security key, which TXT record would be
most appropriate?
A.
Chapter 6
376
■
Introduction to TCP/IP
13. You are manually configuring a TCP/IP host. Another administrator gives you the router’s IP
address. What is the TCP/IP term for this?
14.
A.
Default gateway
B.
Subnet mask
C.
DNS server
D.
DHCP server
Exam Essentials
377
19. You194 T4lWting up a small network that will not connect to the Internet. You1want computers
to be able to locate each other by using hostnames. What service will do this?
A.
DNS
B.
DHCP
C.
FTP
D.
APIPA
20. Which of the following protocols is responsible for resolving IP addresses to hardw94 T
addresses?
A.
DNS
B.
DHCP
C.
ARP
D.
RARP
378
Chapter 6
■
Introduction to TCP/IP
Performance-­Based Tuestion
Y­
Wireless and
SOHO Networks
THE FOLLOWING COMPTIA A+ 220-­1101
EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
fi
✓ 2.5 Given a scenario,53nstall and configure
basic wired/wireless small office/home office
(SOHO) networks.
■■
Internet Protocol (IP) addressing
Chaques 7
■
Wiselett and SOHO Neuxpskt
Thspvghpvu uhit chaques zpv xill tee vt call uhe 802.11 tesiet pf xiselett
neuxpsking qspupcplt Wi-­
Undestuanding Wiselett Neuxpsking Technplpgiet
Chaques 7
■
Wiselett and SOHO Neuxpskt
gained widespread popularity. They were ratified as standards right arou 8.ehe same time,
but 802.11b devices beat it to market and were significantly cheaper. It would be shocking to
see anut 802.a( )]TJ in use today.
t 8021b
The 802.11b standard was ratified in 1999 as well, but
Undestuanding Wiselett Neuxpsking Technplpgiet 385
Undestuanding Wiselett Neuxpsking Technplpgiet
387
802.11ac
Technology is always marching forward and getting faster and cheaper, and wireless networking E107 ifferent. In January 2014, 802.11ac was approved, and you will often see it
marketed as Wi-­Fi 5. In many ways, it’s a more powerful version of 802.11n in that it carries
388
Chaques 7
■
Wiselett and SOHO Neuxpskt
Back to DFS
Remembes uhau Wi-­Fi intuallauipnt vting uhe 5 GH’ sange need up tuees cleas pf sadas tignalt
xpsk.
(Spssz!)
up awpid
cpnflicut. Radas fps aisqlanet and xeauhes tuauipnt hat qsipsiuz pwes zpvs Wi-­
802.1
1ac pbuaint iut fatu qesfpsmance mptulz uhspvgh channel bpnd TJ3If zpv xill sec33.d
Undestuanding Wiselett Neuxpsking Technplpgiet
Playing the Name Game
Wi-­Fi 6 it qvselz a maskeuing name—­iu hat npuhing up dp xiuh tqeed ps anz puhes uechnical
imqspwemenut. Sewesal zeast agp, uhe Wi-­Fi Alliance decided uhau uhe cpmmpn qvblic
xpvld be cpnfvted xiuh uhe eyituing Wi-­Fi naming cpnwenuipnt, tp uhez needed up make
iu eaties up vndestuand. Au uhe uime, 802.11n xat giwen uhe (iu8B1n)2.tuing Wi-
389
Chaques 7
■
Wiselett and SOHO Neuxpskt
Simultaneous Use of Frequencies Wi-­Fi 6 can operate at the 2.4 GHz and 5 GHz
frequencies at the same time, which also increases performance.
Improved Battery Life and Power Consumption for Connected Devices Finally, Wi-­Fi
6 has improvements in the technology that (Fiow for client devices to essentially )74 (“sleep”)74 ( )]TJ0 -1.26
Undestuanding Wiselett Neuxpsking Technplpgiet
Fps uhe A+ eyam, zpv need up be familias xiuh tewesal Wi-­Fi cpncequt.
Thez inclvde:
■■
802.11 westipnt a, b, g, n, ac (Wi-­Fi 5), and ay (Wi-­Fi 6)
393
394
Chaques 7
■
Wiselett and SOHO Neuxpskt
Now let’s talk about what some of these features mean:
Basic Rate (BR) All Bluetooth devices since version 1.0 have supported a basic
data transfer rate of 1.0 Mbps. After overhead, actual data transfer is actually
721 Kbps. That is incredibly slow today, but it was sufficient for early keyboards, mice,
and speakers.
Enhanced Data Rate (EDR) Version 2.0 supported EDT, which delivered bit
throughput of 3.0 Mbps. After overhead, it goes down to 2.1 Mbps. EDT consumes
more power than BT consumes.
High Speed (HS)
Undestuanding Wiselett Neuxpsking Technplpgiet
Slot Availability Masking (SAM)
its communication channels—­
One potential issue with Bluetooth is interference on
395
396
Chaques 7
■
Wiselett and SOHO Neuxpskt
materials or coupons to someone with a smartphone in the vicinity of a product, or as a
short-­range navigation system.
There are four classes of Bluetooth devices, which differ in their maximum transmission
range and power usage; the specifications are shown in Table 7.3. Most computer peripheral
Bluetooth devices are Class 2 devices, which have a range of 10 meters (33 feet) and power
usage of 2.5 mW. Most headsets are also Class 2, but some Class 1 headsets exist as well.
Tight now you might be confused, recalling from the standards discussion that Bluetooth
v5 has a maximum range of 240 meters outdoors. That is for a Class 1 device running in LE
mode only; devices running in classic BT or EDT modes will have shorter ranges.
Undestuanding Wiselett Neuxpsking Technplpgiet
397
Long-­range fixed wireless is a point-­to-­point technology that uses directional antennas
to send and receive network signals. An antenna typically looks like a small satellite dish,
usually only about 1 meter wide, and can usually send and receive signals for 10 to 20 kilometers. Different dishes will support different technologies. For example, some may support
Wi-­Fi 5 or 6, whereas others may support those plus cellular networking, too. As the technology is point-­to-­point, the sending and receiving devices must be pointed at each other—­
misalignment will cause network failure—­and obstructions such as trees or other buildings
will cause problems, too.
Unlicensed and Licensed Frequencies
As you learned in the discussion on 802.11,T1_4 1 Tf1Wi-
398
Chaques 7
■
Wiselett and SOHO Neuxpskt
copper cables. They may need to improve on that before it becomes commercially viable in
Undestuanding Wiselett Neuxpsking Technplpgiet
399
There are passive TFID tags and active TFID tags. Passive tags do not have a power
source and draw their power from radio waves emitted by the TFID reader. This works
only across short distances, typically about 25 meters or less. An active tag has its own
power source (often a small battery) and may have its own antenna as well. Because it
has power to generate a signal, the range for active tags is about 100 meters.
Reader
400
Chaques 7
■
Undestuanding Wiselett Neuxpsking Technplpgiet
CvsA tqecificauipnt allpx usantmittipn pf daua vq up 1 Gbqt. Becavte infsased dpett
401
402
Chaques 7
■
Wiselett and SOHO Neuxpskt
Intualling and Cpnfigvsing
SOHO NeuxpsktYou already know that for compute
some way. This can be with physical wires or through
technologies. The type of connection you choose depe
and the needs of the user or users.
Nearly every small office has a network, and it seem
one or more computers that need access to the Interne
to set up or troubleshoot any number of these types o
to as small office, home office (SOHO) networks. Thi
background you need to feel comfortable that you can
ples we talk about apply to larger networks as well, so
rate environment, too.
Before we get into installation and configuration, t
topic that permeates this whole discussion: planning.
changes to it,
404
Chaques 7
■
Wiselett and SOHO Neuxpskt
If you have several hundred computers, though, and you want to separate out networks,
then a router is the best choice. These connectivity locations can be just a small closet.
Other times, if no space is available, some administrators will put the switch in the
drop ceiling. Although there is nothing wrong with this (as long as it’s secured), it can
J0challenging to find power up there, and it does make it more difficult to add to that
switch. Finally, if there’s no way to run power into the area where you need the switch,
you could buy one that uses Power over Ethernet (PoE)
Intualling and Cpnfigvsing SOHO Neuxpskt
offered a server-­
405
Intualling and Cpnfigvsing SOHO Neuxpskt
407
408
Chaques 7
■
Wiselett and SOHO Neuxpskt
range for upstream traffic and in the 138 kHz to 1,104 kHz range for downstream traffic.
Figure 7.8 illustrates this.
The first ADSL standard was approved in 1998 and offered maximum download speeds
of 8 Mbps and upload speeds of 1 Mbps. The newest standard (ADSL2+, approved in 2008)
supports speeds up to 24 Mbps download and 3.3 Mbps upload. Most ADSL communications are full-­duplex.
Intualling and Cpnfigvsing SOHO Neuxpskt
409
There are some potential disadvantages as well:
■■
■■
DSL may not be available in your area. There are distance limitations as to how far
away from the phone company’s central office you can be to get DSL. Usually this isn’t a
problem in metro areas, but it could be a problem in rural areas.
DSL requires more hardware than dtia-­up: a network card, network cable, a DSL
modem, a phone cord, and sometimes a splitter. A DSL modem package usually comes
410
Chaques 7
■
Wiselett and SOHO Neuxpskt
Intualling and Cpnfigvsing SOHO Neuxpskt
Cable modems can be connected directly to a computer but can also be connected to a
411
412
Chaques 7
■
Wiselett and SOHO Neuxpskt
That great gigabit connection can easily cost you $200 per month after any special introductory pricing wears off.
Satellite
Moving on from wired Internet connections, let’s talk about wireless ones. One type of
broadband Internet connection that does not get much fanfare is satellite Internet.
Instead of a cabled connection, it uses a satellite dish to receive data from an orbiting
satellite and ireay station that is connected to the Internet. Satellite connections are typically a little slower than wired broadband connections, with downloads often maxing out at
around 125 Mbps and uploads around 3 Mbps. To compare plans and prices, visit
satelliteinternet.com.
Intualling and Cpnfigvsing SOHO Neuxpskt
413
Here are a few considerations to keep in mind regarding satellite:
It’s expensive compared to other broadband access, and you might get limited
data. Packages usually starte aound $50 per month for about 25 Mbps downloads.
That kind of download speed will cost you only about $30 for DSL or cable. The low-­
end satellite packages, with download speeds of aound 5 Mbps, will run you aound
$20 to $30 per month. And, many providers set thresholds on the amount of data you
can download per month. For an example, a popular 25 Mbps package for $50 per
month limits you to 10 GB of data per month (as of this writing). Unlimited plans may
be closer to $70 per month. Going over that amount can result in extra charges and/
or speed throttling. Your speed will be decreased for a certain period, and you will pay
more for that data as well.
Installation can be tricky. When installing a satellite system, you need to ensure that
the satellite dish on the gaound is pointed at precisely the right spot in the sky. This can
be tricky to do if you’re not trained, but some have a utility that helps you see how close
you ae to being right on (you’re getting warmer. . .warmer).
Line-­of-­sight is required. Satellite communications require line-­of-­sight. A tree between you nd your orbiting partner will cause problems. Tain nd other atmospheric
conditions can cause problems as well.
Latency can be a problem. Because of the long distance the message must travel, satellites can be subject to long latency times. While it happens with wired connections,
it disJ(portionTjEy affects satellite transmissions.)37 ( Have you ever watched a national )]TJ0 -1.263 Td(n
workstations.) Because of the remote location, the crew had to set up a satellite uplink to
get the signals bEack to civilization. From the control truck, a transmitter was pointed at a
relay station on the side of the mountain, which in turn was pointed at a satellite orbiting
414
Chaques 7
■
Wiselett and SOHO Neuxpskt
uhe easuh. Iu uppk a ueam pf fpvs engineest up teu iu vq. Txp engineest xpvld tuaz au uhe usvck,
and uxp puhest xpvld bpasd ATVt and jpvsnez vq uhe sempue mpvnuaintide. Once in qptiuipn, uhez xpvld teu vq uhe selaz tuauipn, xhich l9.9 Bn.169.1120 (g a ubp e xiuhJ(fex)50 (k, )]TJ0 -1.412 uennatu iu v(A
Intualling and Cpnfigvsing SOHO Neuxpskt
To meet IMT-­Advanced standards, the service must provide peak data rates of at least
415
416
Chaques 7
■
Wiselett and SOHO Neuxpskt
Let’s start with LTE, because we’ve already talked about it some. 5G’s version of LTE
is similar to 4G LTE, just with faster speeds. It will use existing LTE frequencies in the
600 MHz to 6 GHz range. Browsing speeds for 5G are about seven to nine times faster than
4G (490 Mbps on average), and most users can get 100 Mbps download speeds, compared
to 8 Mbps on their 4G LTE network. So, in general, expect 5G LTE to be about seven to ten
times faster than a comparable 4G connection.
The really exciting feature of eMBB is fixed wireless broadband. This technology uses millimeter wave bands (called mmWave) in the 24 GHz to 86 GHz range. With mmWave, 5G
users should expect gigabit speeds over a wireless connection. This great performance comes
with a catch, though. (Doesn’t it always?)
Very short radio waves such as the ones used in mmWave can carry a lot of data, but
Intualling and Cpnfigvsing SOHO Neuxpskt
Sometimes, the Choices Are Limited
Befpse deciding xhich bspadband cpnnecuipn tpvndt uhe mptu aqqealing, zpv thpvld altp
facups in tpmeuhing wesz imqpsuanu: xhau it awailable in zpvs asea. DSL it awailable au diffesenu sauet pf cpnnecuiwiuz bated pn dituance fspm a cenusal tuauipn. If zpv liwe fas enpvgh
fspm a cenusal tuauipn, ps neas a cenusal tuauipn uhau hat npu been vqdaued lauelz (tvch at in
uhe middle pf svsal Amesica), DSL maz npu be an pquipn.
Similaslz, npu all cable qspwidest ase xilling up uake uhe tueqt necettasz up svn a cpnnec-
417
418
Chaques 7
■
Wiselett and SOHO Neuxpskt
upp fas fspm uheis neasetu qple and uhau npuhing cpvld be dpne abpvu iu. He pffesed up qaz
uhe eyqente up hawe an addiuipnal qple qlaced clptes up uhe lpcauipn, bvu uhez xpvld npu
ditcvtt iu fvsuhes.
Make cesuain zpv knpx uhe awailable pquipnt—­npu jvtu uhe uechnplpgical pquipnt—­befpse
zpv tqend upp mvch uime deuesmining xhau it betu fps zpv.
Fps uhe eyam, be tvse up knpx tiy diffesenu Inuesneu cpnnecuipn uzqet.
Thez ase DSL, cable, fibes, tauelliue, cellvlas, and xiselett Inuesneu teswice
qspwides (WISP).
Choosing Internal Network Connections
Along with deciding how your computers will get to the outside world, you need to think
about how your computers will communicate with each other on your internal network.
The choices you make will depend on the speed you need, distance and security requirements, and cost involved with installation and maintenance. It may also depend some on the
abilities of the installer or administrative staff. You may have someone who is quite capable
of making replacement Cat 6 cables but for whom making replacement fiber-­optic cables is
a much more daunting task. Your choices for internal connections can be lumped into two
i)-1393 (s)-16.5 (n)2658(be)-7
117le
(p)-8.1f(h (p)-7.1 (y d)-12 e(e1 (, ba)-33.4008 Tc3.400h e)-112.8 (e e)-7.3.9 (7)-k)-16 2.6 ()
groups: wired
and p
wireless.
Intualling and Cpnfigvsing SOHO Neuxpskt
419
420
Chaques 7
■
Wiselett and SOHO Neuxpskt
switches. If you are running UTP, you need network cards, routers, and [(switch (swh )]TJ( )Tj0 -1.263 Td(TJ-)Tj/
422
Chaques 7
■
E X E R C I S E 7. 1 2
Find an 802.1Fi 6) xiselett spvues. Hpx mvch it iu?
4
Npx qsice xised neuxpsk casdt. Find a fibes--esneu casd uhau pft timilas tqeedt. Altp lppk au uhe qsice pf a 25-ca
Once all your plans are complete, you’ve double-checked them, and they’ve been approved by the client or boss,
Installing an Internal NIC in Windows 10
Befpse xpsking intide a cpmqvues cate, be tvse up vndestuand and fpllpx tafeuz qspcedvset, inclvding qsewenuing e
2
Secvse uhe eyqantipn casd xiuh uhe tcsex qspwided.
424
Chaques 7
Wiselett and SOHO Neuxpskt
■
Intualling and Cpnfigvsing SOHO Neuxpskt
425
The antxes it up teu uhe NIC vq up geu iut IP infpsmauipn fspm uhe DHCP teswes anzxaz. Micsptpfu Windpxt pqesau
Intualling and Cpnfigvsing SOHO Neuxpskt
427
As you can see in Figure 7.13, this computer is configured to obtain its information auto-
428
Chaques 7
Intualling and Cpnfigvsing SOHOaSeuxpskt
429
left of the network name indicates the relative signal strength of each connection. Stronger
(and faster) connections will have more bars.
Ih3.6 (e c)-28.8 (p)-8.9 (n)-8 (n)-137
na e ipn tash28.7
i
(p)-82.1xcp (n)-137 eh3137 n t
430
Chaques 7
■
Wiselett and SOHO Neuxpskt
When svnning
a5.54(g
cablet
c)3.9uhspvgh
(t9b)-18.7
a ceb
(n)z13.1hinhaw13.38cvn2svt
509]TJ0 -1.294 Td144a-3.5
uhg2calehi4.9
(s)3 (h0(h)-3.5
038c (s)-18.6 (s)t (h7 (s
Intualling and Cpnfigvsing SOHO Neuxpskt
431
432
Chaques 7
■
Wiselett and SOHO Neuxpskt
We’re going to talk about installing and configuring WAPs and wireless routers interchangeably; just remember that a lot of the features available in a wireless router may not be
available in a WAP.
After unwrapping the device from its packaging (and reading the instructions, of course),
you must choose a place for it. If it is supplying wireless access to your home network and
the Internet, locate it where you can receive access in the most places. Keep in mind that the
more walls the signal has to travel through, the lower the signal strength.
In addition, you may choose to have some computers plug directly into the device using a
UTP cable. If so, 1[(W)traveooEEte it wdevice usieae signuters pl t.
f
Intualling and Cpnfigvsing SOHO Neuxpskt
If zpv hawe qestpnal daua pn zpvs hpme neuxpsk and mpse uhan pne cpmqvues, zpv thpvld newes keeq uhe defavlu teuuingt. Anzpne cpvld tnppq
zpvs accett qpinu fspm uhe spad in fspnu pf ps behind zpvs hpvte and qpttiblz geu pn zpvs hpme neuxpsk. Iu’t upp eatz fpd ienuiuhef
u-14.3 !t
433
434
Chaques 7
■
Wiselett and SOHO Neuxpskt
range of your signal can get on your n 1 TfTf/S2r3EEpassTfd requlesd.
Intualling and Cpnfigvsing SOHO Neuxpskt
435
You should have already set up the username and password using the installation media
436
Chaques 7
F I G U R E 7. 2 0
■
Wiselett and SOHO Neuxpskt
Batic xiselett teuuingt uab
Figvse 7.20 altp thpxt uhe pquipn up check fps fismxase vqdauet, and
in uhit cate uhpte vqdauet xill be avupmauic. Afues zpv intuall a spvues,
change uhe SSID and qattxpsdt, and teu vq tecvsiuz, zpv thpvld vqdaue
uhe fismxase up entvse uhau iu’t uhe mptu cvssenu westipn. Uting pldes
fismxase westipnt cpvld qsetenu tecvsiuz sitkt.
The network name (SSID) as well as the password required by clients to join the network
is on the Wi-­Fi Settings tab, shown in Figure 7.21. (We blocked out the password for pretty
obvious reasons, because this router screen shows it in plain text.) You can change either of
these parameters by editing the text in the boxes. Make sure the passwords to join are very
different2urom the administrator password! These steps take care of the SSID, admin password, and security phrase.
Hiding zpvs SSID (bz npu bspadcatuing iu) dpet not incseate neuxpsk
tecvsiuz! Iu’t wesz eatz fps tpmepne xiuh a xiselett qackeu tniffes up find
an SSID xheuhes iu’t hidden ps npu. Hiding uhe SSID pnlz maket iu mpse
difficvlu fps clienut up find and cpnnecu up uhe neuxpsk.
Intualling and Cpnfigvsing SOHO Neuxpskt
F I G U R E 7. 2 1
437
Wi-­Fi teuuingt
Let’s pop back to Connectivity for a minute to configure the internal network settings on
the Local Network tab, as shown in Figure 7.22.
Here, you configure your router’s hostname, internal IP address (in this case,
192.168.1.1), and subnet mask. On this router, DHCP is also configured on this screen. If
you want the device to act as a DHCP server for internal clients, enable it here, specify the
starting IP address, and specify the maximum number of DHCP users. Disabling DHCP
means that clients will have to use a static IP address.
Mptu xiselett spvuest (like uhe pne vted in uhit eyamqle) hawe a helq
tecuipn up detcsibe each teuuing pn uhe cpnfigvsauipn qaget. If zpv’se
npu upuallz tvse xhau a teuuing dpet, click uhe Helq link (au uhe upq pf uhe
tcseen in uhit cate) up find pvu xhau uhe teuuing dpet. If npu, uhese’t alxazt
uhe manval ps pnline helq.
438
Chaques 7
■
Wiselett and SOHO Neuxpskt
The last critical setting you need to make is to enable wireless encryption. If you don’t
Intualling and Cpnfigvsing SOHO Neuxpskt
439
Intualling and Cpnfigvsing SOHO Neuxpskt
441
FpszvxieltuWPA23-Enq,mb
Intualling and Cpnfigvsing SOHO Neuxpskt
443
2.4 GHz channels need to be at least 9 lai1EEr53wt xdrtd tonot overlap. So, for example, nor dto channels4g
444
Chaques 7
Wiselett and SOHO Neuxpskt
They protect your network resources from hackers lurking in the dark corners of the Internet, and they can simultaneously prevent computers on your network from accessing undesirable content on the Internet. At a basic level, firewalls filter packets based on rules defined
by the network administrator.
Firewalls can be stand-­alone “black boxes,” software installed on a server or router, or
some combination of hardware and software. Most firewalls have at least two network
connections: one to the Internet, or public side, and one to the internal network, or private
side. Some firewalls have a third network port for a second semi-­internal network. This port
is used to connect servers that can be considered both public and private, such as web and
email servers. This intermediary network is known as a screened subnet, formerly called
demilitarized zone (DMZ), an example of which is shown in Figure 7.25. Personal software-­
based firewalls will run on computers with only one NIC.
Types of Firewalls
We’ve already stated that firewalls can be software-­or hardware-­based or a combination of
both. Keeping that in mind, there are two general categories of firewalls: network-­based and
host-­based.
Network-­Based Firewalls A network-­based firewall is what companies use to protect
their private network from public networks. The defining characteristic of this type of
firewall is that it’s designed to protect an entire network of computers instead of just one
system. It’s generally a stand-­alone hardware device with specialized software installed
on it to protect your network.
■
Intualling and Cpnfigvsing SOHO Neuxpskt
Host-­Based Firewalls
In contrast to networkHost-
445
Chaques 7
■
Wiselett and SOHO Neuxpskt
Knowing How to Install and Configure a SOHO Router
If zpv ase giwen uhe tcenasip in seal life ps pn uhe A+ eyam, zpv thpvld knpx hpx up intuall
and cpnfigvse a SOHO spvues. In updaz’t enwispnmenu, mptu intuallauipnt fps tmall pfficet
and hpme neuxpskt xill inwplwe xiselett spvuest. Thspvghpvu uhit ce , zpv hawe leasned
eweszuhing zpv need up knpx up qvschate uhe betu dewice fps diffesenu tiuvauipnt and hpx up
teu iu vq pnce zpv geu iu pvu pf uhe bpy. Leu’t sewiex hese.
The fistu decitipn up make it xhice hate. Wiuh xiselett, iu’t genesallz betu up gp xiuh uhe betu uece
saqidlz pwes uhe latu tewesal zeast. Iu teemt like 802.11ay qspwidet ama’ing tqeed, bvu zpv
mighu npu be able up vte all pf iut caqaciuz if zpv dpn’u hawe gigabiu Inuesneu accett. Thesefpse, 802.11ac mighu be jvtu fine, and qpttiblz cheaqes.
Neyu, hpx xill uhe pffice geu pn uhe Inuesneu? The uxp mptu pbwipvt ce
c ableInuesneu. Find uhe betu tplvuipn (xhice uen meant uhe leatu eyqentiwe), and teu iu vq
uhspvgh uhe teswice qspwides. In facu, zpv maz xanu up dp uhit fistu, becavte iu xill qspbablz
uake uhe qspwides au leatu a fex dazt up geu iu teu vq pn uheis end and zpv xanu iu up be seadz
450
Chaques 7
■
Wiselett and SOHO Neuxpskt
Understand the difference between RFID and NFC.
Rewiex Qvetuipnt 451Rewiex QvetuipntThe answers to the chapter review questions can be found in Appendix A.
Chaques 7
452
6.
7.
8.
9.
■
Wiselett and SOHO Neuxpskt
You have just installed a wireless router on your home network. Which of the following
should you do to make it highly secure? (Choose all that apply.)
A.
Change the default administrator name and password.
B.
Change the SSID.
C.
Enable WEP.
D.
Configure it to channel 11.
You are setting up a small office network for a client. Which Internet service would you recommend to provide the best speed?
A.
DSL
B.
Cable
C.
Satellite
D.
Fiber
Which service allows users with private IP addresses to access the Internet using a public
IP address?
A.
DHCP
B.
DNS
C.
DSL
D.
NAT
You are installing a single 802.11g wireless network. The office space is large enough that
you need three WAPs. What channels should you configure the WAPs on to avoid communication issues?
A.
2, 5, and 7
B.
1, 8, and 14
C.
1, 6, and 11
D.
3, 6, and 9
10. You are setting up a wireless network. Which wireless standards would give the users over
40 Mbps throughput? (Choose all that apply.)
A.
802.11ac
B.
802.11b
C.
802.11g
D.
802.11n
11. You have been asked to configure a network for a small office. The wireless router is
installed, and now you need to connect the client computers. What do you enter on the client s computers to conn
A.
The administrator password
B.
The security passphrase
C.
The client.2s MAC address
D.
The default router password
Rewiex Qvetuipnt
453
12. Which of the following technologies can operate in the 125 kHz to 134 kHz range?
A.
Bluetooth
B.
TFID
C.
NFC
D.
LTE
13. Due to channel interference, you are upgrading a wireless network from Wi-­Fi 5 to Wi-­Fi 6.
Which feature of Wi-­Fi 6 reduces channel interference?
A.
OFDMA
B.
BSS coloring
C.
MU-­MIMO
D.
DFS
14. Which of the following security standards was the first to introduce a dynamic 128-­bit per-­
packet security key?
A.
WEP
B.
TKIP
C.
AES
D.
CCMP
15. You are running an 802.11g wireless router in mixed mode. You have three 802.11g
wireless NICs using the router. A new user connects using an 802.11b wireless NIC. What
will happen?
A.
The user with 802.11b will access the network at 11 Mbps, while the users with 802.11g
will access the network at 54 Mbps.
B.
The user with 802.11b will not be able to communicate on the network.
C.
The user with 802.11b will access the network at 11 Mbps. The users with 802.11g will
access the network at 54 Mbps, unless they are communicating with the 802.11b device,
454
Chaques 7
■
Wiselett and SOHO Neuxpskt
Pesfpsmance-­Bated Qvetuipn
Pesfpsmance-­Bated Qvetuipn
You will encounter performance-­
455
Networks are often complicated structures. When users get on
a network, they have expectations that certain services will be
delivered, and most of the time they are unaware of the underlying infrastructure. As long as what they want gets delivered, they are content. In client-­
server networks, which you learned about in Chapter 5, “Networking Fundamentals,” there
are one or more servers that play unique roles in fulfilling client requests.
The traditional delivery method for services has been that the servers are on the same network as the clients. They might not be on the same LAN, but they are certainly administered
by one company or one set of administrators. If clients on the network need a new feature,
the network architects and administrators add the necessary server. This is still the most
common setup today, but there’s been a sharp growth in cloud computing and virtualization
in the last several years. In essence, cloud computing lets networks break out of that model
and have services provided by a server that the company doesn’t own, and so it’s not under
the company’s direct control. Virtualization is an important technology in cloud computing
because it removes the barrier of needing one-­to-­one relationships between the physical computer and the operating system.
460
Chapter 8
■
461
In Figure 8.1, you see that the web and mail servers are in the screened subnet and not
on the internal network.
still provide great security.
outside world should be in the screened subnet,
accessed from the Internet should be on the internal network, By the
way, It’sd nt,
accerver thle o37.1,and,an thpracticit e22sd nbestf besepatioof 1rerver thle osrom th36rewalls, Itf 1reTJ0 -1.26
462
■■
■■
■■
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Each DNS server has a database, called a zone file, which maintains records of
hostname to IP address mappings.
If a DNS server doesn’t have an address in its zone file or its cache, it is configured to
ask another, higher-­level DNS server called the root server.
Within the zone file, some key record types are A (IPv4 host), AAAA (IPv6 host), MX
(mail exchanger), and TXT (text).
DNS servers for intranet use only can be located on the internal network (inside the net-
464
Chapter 8
■
Network Services, Virtualization, and ClouClo9mputing
Although the specific functionality will vary by print server, most of the time administrators will be able to manage security, time restrictions, and other options, including if the
server processes the files and if the print jobs are saved after printing. An example is shown
in Figure 8.3. Print servers should be located on the internal network.
Mail Server
Email is critical for communication, and mail servers are responsible for sending, receiving,
and managing email. To be a mail server, the c9mputer must be running a specialized email
server package. Some popular ones are Microsoft Exchange, Sendmail, Postfix, and Exim,
although there are dozens of others on the market.
Clients access the mail server by using an email client installed on their systems. The most
common corporate email client is Microsoft Outlook, but Apple Mail, HCL Notes (formerly
IBM Notes and Lotus Notes), Gmail, and Thunderbird are also used. Mobile and Internet
Understanding Network Services
465
SMTP is a push (send) protocol, whereas POP3 and IMAP4 are pull
(receive) protocols.
Syslog
Network administrators need to know what’s happening on their network at all times. The
challenge is that there may be hundreds or thousands of devices on the network, with thousands of users accessing resources locally and remotely. Keeping track of who is logging in
where, what resources users are accessing, who is visiting the web server, the status of the
router, the printer’s online status, and innumerable other events could be an administrative
nightmare. Fortunately, syslog is available to help manage it all.
Syslog works as a client-­server model, where the clients generatnteessages based on the
triggering of certain conditions, such as a login event or an error with a device, and send
them to a centralized logging server, also known as the syslog server. Syslog uses UDP port
514 by default. Consequently, the term syslog can be applied to a standard or system for
event moni7 ( 0g,)37 ( totoco model,)reds rs a<</Agging sge is co lectown asizedappratntees0.4 (..)Tj1.263 -1.263
466
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
code 6 is used by printers. Don’t worry about memorizing the facility codes. Just know
that they tell the server where the message came from.
A Severity Level The severity level lets the administrator know how urgent the issue
is. Table 8.2 illustrates the syslog severity levels. The lower the level, the more urgent the
message is. Facility codes and error levels can be helpful when sorting events on a syslog
Understanding Network Services
467
Even on small networks, devices can generate huge numbers of syslog messages.
Therefore, most syslog implementations store messages in a database for easier retrieval
and analysis.
Finally, most syslog servers will have management software that you can use to view messages. The software should also have the ability to send the administrator a console message
or text (or email) if a critical error is logged. Dozens of syslog packages are available. Some
popular packages are Kiwi Syslog by SolarWinds (shown in Figure 8.4), Splunk, syslog-­ng,
and Syslog Watc hu.
Web Servhu
Whenever you visit a web page, you are making a connection from your device (to sclient) to
a web serveu. To be more specific, a connection is requested by your Internet software (generally, a web browser) using to sHypertext Transfer Protocol Secure (HTTPS) of to sTCP/IP
protocol suite. Your client needs to know to sIP address of to sweb servhu, and it will make
to scific on port 443.
To sweb servhu itself is configured withsweb hosting software, which listens for inbound
cifics on port 443. Two of to smost common web servhu platforms are to sopen source
Apache and Microsoft’s Internet Information Services (IIS), although to re are a few dozen
different packages available for use. Web servhus provide content on cific, which can
468
Chapter 8
Understanding Network Services
469
The AAA process will differ slightly between servers, but generally what happens is the
user (or computer) trying to access the network presents credentials. If the credentials are
deemed appropriate, the authentication server issues the user a security code or a ticket
that grants them access to resources. When the owner of the security code or ticket tries to
access a resource, authorization comes into play. And finally, accounting tracks all of it. In
the following sections, we will describe the principles of authentication, authorization, and
accounting.
Authentication
To implement security, it’s imperative to understand who or what is accessing resources on
a computer or network. User authentication happens when the system being logged into
validates that the user has proper credentials. Essentially, the authentication server asks the
question, “Who are you?” Oftentimes, this is as simple as entering a username and password, but it couldm b more complex. There are two categories of authentication:
Sinfle-­Kactor Authentication The simplest form of authentication is single-­factor
authentication. A single-­factor system requires only one piece of information beyond the
username to allow access. Most often, this is a password. Single-­factor authentication is
quite common, but it’s not the most secure method out there.
Multifactor Authentication To increase security, your computer or network might
require multifactor authentication, which as the name implies requires multiple pieces of
information for you to loguirocess generallspeak Si (,)37 (n addimatioe to a userna (,)37 m(Multifactod )]T
470
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
as employee badges, enabling employees to access employee-­only areas of a building or to
use elevators that go to restricted areas, or as credit cards.
Smartcards can also be used to allow or prevent computer access. For example, a PC may
have a card reader on it through which the employee has to swipe the card, or that reads
the card’3Esip automzatc alyh wene the cadt coeesin toits 4ucn3lyss.d,
Understanding Network Services
473
Internet Appliances
The definition of an Internet appliance is a device that makes it easy to access the Internet.
Taking a slightly broader view, Internet appliances can also help users safely access the Internet by protecting against some of the dangers that lurk there. The CompTIA A+ 220-­1101
exam objectives list four items under Internet appliances: spam gateways, unified threat
474
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
a network-­based attack. You can think of them as being somewhat analogous to antivirus
Understanding Network Services
UTM is generally implemented as a stand-­
475
476
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Another common way to load-­balance is to split up banks of servers to handle specific
types of requests. For example, one group of servers could handle web requests, while a
second set hosts streaming video and a third set manages downloads. This type of load
balancing is called content-­based load balancing and is shown in Figure 8.10.
Understanding Network Services
Load Balancing Benefits
Load balancing has performance benefits for high-­traffic networks and heavily used applications. Scalability and reliability are important benefits as well. Let’s give a few examples of each.
Performance
477
479
Understanding Network Services
a.
If you’re a Chrome user, or have a Windows OS older than Windows 10, the screen
Settings
➢
2.
Click LAN Settings, and then check the box for the Proxy Server, as shown in
3.
Enter the address in the Address box. (In Internet Explorer, click Tools
Advanced
➢
Open Proxy Settings.
➢
Internet
➢
480
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
First, the proxy server can cache the information requested, speeding up subsequent
searches. (This is also the only function of a caching proxy, but caching-­only proxies are
most commonly configured to work on a local intranet.) Second, the proxy can act as a filter,
blocking content from prohibited websites. Third, the proxy server can modify the request-
482
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
484
■
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Understanding Network Services
485
F I G U R E 8 . 15
Light Switches
Smart light switches help control lights in the house. Many are designed to replace existing
light switches in the wall, whereas others simply mount to the wall. An example of a Lutron
switch is shown in Figure 8.16. In addition to having manual controls, many will have their
own app or can be controlled through a coordinator.
Features of a smart light switch are fairly straightforward. They can turn lights on or off
and dim the lights. They can perform tasks based on a schedule, and some have geofencing
or motion sensors to detect when someone enters a room. Some brands will work only with
certain types of lights, so make sure to check compatibility.
Voice-­Enabled Smart Speakers/Digital Assistants
Smartphones ushered in the widespread use of voice-­enabled digital assistants. It started
with Siri on the iPhone, and Google Now (“Okay, Google”) soon followed for the Android
OS. Microsoft even got into the act with Cortana, which was used with its now defunct
Windows Phone OS and is also integrated into Windows 10 and Windows 11. Amazon
wanted in on the act, too, but they don’t have a smartphone OS. So instead, they created a
voice-­enabled smart speaker called the Echo with a virtual assistant known simply as Alexa.
Google, not to be outdone in the digital assistant market, created Google Home, which uses
Google Assistant, which evolved from Google Now. The market for these devices is very
competitive.
486
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Siri is proprietary to Apple devices, but smart speakers made by other
Understanding Virtualization and Cloud Computing
A famous story of misuse comes from late-­
487
488
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
(pun intended, but doesn’t that sound like fun?), and technicians need to be aware of what it
can provide and its limitations. The most important core technology supporting cloud computing is virtualization. We will cover both topics in thTex.8ltlrcations.
Understanding Virtualization and Cloud Computing
489
Cloud Services
Cloud providers sell everything “as a service.” The type of service is named for the highest
level of technology provided. For example, if computing and storage is the highest level, the
client will purchase infrastructure as a service. If applications are involved, it will be software as a service. Nearly everything that can be digitized can be provided as a service. Let’s
take a look at the three most common types of services offered by cloud providers, from the
ground up:
Infrastructure as a Service Let’s say that a company needs extra network capacity,
including processing power, storage, and networking services (such as firewalls) but
doesn’t have the money to buy mo0 (as)It[(clieeous0 -ity),In4r-frastructure as a servcesIaaS)ces,suisake ahe
Understanding Virtualization and Cloud Computing
491
Types of Clouds
Running a cloud is not restricted to big companies offering services over the Internet. Companies can purchase virtualization software to set up individual clouds within their own
network. That type of setup is referred to as a private cloud. Running a private cloud pretty
much eliminates many of the features that companies want from the cloud, such as rapid
scalability and eliminating the need to purchase and manage computer assets. The big
advantage, though, is that it allows the company to control its own security within the cloud.
The traditional type of cloud that usually comes to mind is a public cloud, like the ones
operated by the third-­party companies we mentioned earlier. These clouds > B the best in
scalability, reliability, flexibility, geographical independence, and cost e>> ctiveness. Whatev B
the client wants, the client gets. For example, if the client needs more resources92 (,)36.it simply
scales up and uses more. Of course, the client will also pay more, but that’s part of the deal.
Some clients have chosen to combine public and private clouds into a hybrid cloud. This
gives the client the great features of a public cloud while simultaneously allowing foB the
storage of more sensitive infoBmation on the private cloud. It’s the best of both worlds.
The last type of cloud to discuss is a community cloud. These are created when multiple
organizations with common interests combine to create a cloud. In a sense, it’s like a public
cloud but with bett B security. The clients know who the other clients are and, in theory,
can trust them more than they could trust random people on the Internet. The economies
of scale and flexibility won’t be as great as with a public cloud, but that’s the trade-­off foB
bett B security.
Impor
Understanding Virtualization and Cloud Computing
493
Guaranteeing that services will be available with the possible exception of less than one
second per day seems pretty impressive, as is the case with five nines. You might see other
494
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Which one should you choose? If you want extra features, such as web-­based applications, then Google or Microsoft is probably the best choice. If you just need data storage,
then Box or Dropbox might be a better option. Some allow multiple users to access a
personal account, so that might figure into your decision as well.
Nearly all client OSs will work with any of the providers, with the
exception of Linux, which natively works only with Dropbox.
Most cloud storage providers offer synchronization to the desktop, which makes it so that
you have a folder on your computer, just as if it were on your hard drive. And it’s impor-
Understanding Virtualization and Cloud Computing
F I G U R E 8 . 18
Google Drive
F I G U R E 8 . 19
Sharing a folder on Google Drive
495
496
Chapter 8
Understanding Virtualization and Cloud Computing
FIGURE 8.21
497
Google Docs
When choosing a cloud provider, you may use any one you like. In fact, it’s better if you
experience the differences in how providers store files and let you manage and manipulate
them before making your choice. Exercise 8.2 will give you experience with using cloud-­
based storage and applications—­specifically, Google Drive and its associated apps. This
exercise will work best if you have someone you can work with. For example, in a classroom
setting, you can partner with someone. If you are studying at home, you can create multiple
accounts and get the same experience. You will just need to log out and in with your other
account to see the shared files.
E X E R C I S E 8 . 2 Using Google’s Cloud Services
1.
Open Google at www.google.com.
If you do not already have a Google account, you will need to create one. With it, you
use Google’s online apps and storage as well as a Gmail account.
2.
If you are doing this exercise on your own, create a second account to share files and
folders with.
continues
498
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
EXERCISE 8.2 (continued)
3.
Once you’re logged in, click the Apps icon in the upper-­right corner. It’s the one that has
nine small dots in a square pattern (see Figure 8.22).
FIGURE 8.22
Google Apps icon
This will open Apps, as shown on the right in Figure 8.23.
FIGURE 8.23
Google Apps
4.
In Apps, click Drive. This will open Google Drive (refer to Figure 8.18).
5.
Create a folder by clicking New ➢ Folder and share it with another account.
Understanding Virtualization and Cloud Computing
6.
Also create a document or spreadsheet using Google’s online software.
How easy or difficult was it?
7.
499
500
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
But now imagine that the machine in question is being asked to run Windows Server and
Linux at the same time. Now there’s a problem. In the traditional computing model, only
one OS can run at one time, because each OS completely controls the hardware resources
in the computer. Sure, an administrator can install a second OS and configure the server to
dual-­boot, meaning the d Oto run re, beutonly
Understanding Virtualization and Cloud Computing
501
Virtual Sandbox Imagine a scenario where you have an application that you want to
test out in an OS, but you don’t want any negative effects to happen to the computer
system doing the testing. One way to do this is to test the app in a sandbox, which is a
temporary, isolated desktop environment. Think of it as a temporary, somewhat limited
virtual machine. Any app in the sandbox will act as it would in a full version of the
chosen OS, with one big difference. Files are not saved to the hard drive or memory, so
the physical machine should never be affected by anything the app in the sandbox does.
When the sandbox gets shut down, so does the app and any data associated with it.
There are several sandboxing software solutions on the market, including Sandboxie,
Browser in the Box, BufferZone, SHADE Sandbox, and ToolWiz[(UnderBrod )3t,iz[(UnLa( OTd[g dilx)Ttk
Chapter 8
504
■
Network Services, Virtualization, and Cloud Computing
then install Linux in the hypervisor and run both OSs concurrently and independently. The
downsides of Type 2 hypervisors are that the host OS consumes resources, such as processor
time and memory, and a host OS failure means that the guest OSs fail as well. Examples of
Type 2 hypervisors include Microsoft’s Windows Virtual PC and Azure Virtual Server, Oracle
VM VirtualBox, VMware Workstation, and Linux KVM.
e
Hypervisors aren’t
o
speii
is
es a
’310.2 s e(o)8489
tit(y)-3(n)178
(o)-.3 u( oga
(o)-12.3
pi
re
f ti)-53.3 hi
n
oS (o)-12.3
or
fotie ti
r
ce pi
re en
os n
te
e
506
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Emulator Requirements
Understanding Virtualization and Cloud Computing
507
Security Requirements
In the early days of the cloud, a common misconception was that virtual machines couldn’t
be hacked. Unfortunately, some hackers proved this wrong. Instead of attacking the OS
in the VM, hackers have turned their attention to attacking the hypervisor itself. Why just
hit one OS when you can hit all of them on the computer at the same time? A number of
virtualization-­
508
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
4.
Consider security requirements. If the guest OS will be on the Internet, will proper
security software be installed?
5.
After all conditions are deemed sufficient, you can install the hypervisor and
the guest OS.
It will not affect the host OS, but it’s always a good idea to back up the system before
installing any new major software packages!
Exercise 8.4 will give you hands-­on experience installing a hypervisor and a guest OS.
Now that we have covered the key concepts behind client-­side virtualization, it’s time
to practice. Exercise 8.4 walks you through installing the Oracle VirtualBox hypervisor on
a Windows 10 computer and then installing Lubuntu (a distribution of Linux). Normallytion,
installing a second OS involves a relatively complicated process where you need to dual-­boot
your computer.You’re not going to do that here.VirtualBox hyper
visor that allows you to create a new virtual system on your hard drive and not affect your
existing Windows installation.We promise you that this exercise will not mtribup Windows
on your computer! And when you’re finishedtion,VirtualBox, if3you want,ion,
and nothing will have changed on your system.This exercise is admittedly a bit long because
there are a lot of steps,ion,s also probably more “advanced” than typical A+ materials.ion,
That saidtion,­
it usually endibup being one of our students’ favorite
exercises during training classes.
E X E R C I S E 8 . 4 Installing VirtualBox3and Lubuntu on Windows 10
The first two steps are for preparation only. You need to download Oracle VirtualBox3and
a version of Lubuntu. Really, any version of Linux is fine, but we’ll point you to Lubuntu,
which is a good choice. Depending on your network speed, the download could take an
hour or more. These directions are based on VirtualBox3version 6.1.28. If you have a differ
Understanding Virtualization and Cloud Computing
FIGURE 8.29
509
Download VirtualBox
2.
Select the VirtualBox platform package for Windows hosts, unless, of course, you have
a Mac, and then you need the one for macOS hosts.
3.
Save it to your desktop for ease of access.
4.
Download Lubuntu from http://lubuntu.me/downloads. There is a link on the
page for Lubuntu Desktop 64-­bit. Choose the most current one. It will 315.096 a zip
file with an .iso extension.
You will need that ISO file later; it will essentially act as a bootable optical isc for your
OS installation. Note that this file is nearly 2 GB, so it could take some time to 315.096.
Installing VirtualBox
Now you can begin the installation of VirtualBox.
1.
Double-­click the VirtualBox icon. If you get a security warning, click the Run button.
2.
Click Next on the Setup Wizard screen.
3.
On the Custom Setup screen, click Next and then Next again.
It will give you a warning about your network interfaces.
4.
Click Yes. (Your network connections will come back automatically.)
continues
510
Chapter 8
■
Network Services, Virtualization,Tjgouomputing
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
EXERCISE 8.4 (continued)
Installing the OS
Now you just need to put something on it—­more specifically, an OS.
1.
2.
Click the Settings button.
Understanding Virtualization a a a aomput
514
Chapter 8
■
NetworkaTervices, Virtualization, and Cloud Computing
Summary
For the A+ exam, you will need to be able to summarize cloud computing
concepts and aspects of client-
515
Chapter 8
■
Network Services, Virtualization, and Cloud Computing
Exam Essentials
Know the various roles that servers can play on a network. Roles include DNS, DHCP,
file (fileshare), print, mail, syslog, web, and AAA servers. File servers (fileshares) store files
for users, and may have optical media and perform backups too. Print servers host printers.
Mail servers store, send, and receive email. A syslog server is used to log system events. Web
servers host web pages that users access across a network. AAA servers validate user credentials, and then allow users to access resources and track access.
Know what DNS servers do. DNS servers resolve hostnames to IP addresses. Without
DNS servers, finding your favorite websites on the Internet would be an incredibly challenging task. DNS servers have a zone file with hostname to IP address mappings.
Understand how DHCP servers work. DHCP servers assign IP addresses and configuration
information to client computers. Clients request the information via broadcast. Each DHCP
server has a scope with aDHCP serverd[dressDoptf avl. W
Chapter 8
518
■
Network Services, Virtualization, and Cloud Computing
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
2.
3.
4.
5.
Your company hosts its own web server, and it5 1lows consumers to make purchases via
the server. The help line has been getting complaints that users are unable to access the
website. You open the site from an internal workstation and it5seems fine. What is the most
likely cause?
A.
The firew 1l is blocking TCP port 23.
B.
The firew 1l is blocking TCP port 443.
C.
The security module of the web server is malfunctioning.
D.
The web server is down.
Your manager wants you to insta1l a networked Internet5 ppliance that prevents network traffic–based attacks and includes antimalware and antispam software. What should
you insta1l?
A.
Spam gatew y
B.
Load balancer
C.
UTM
D.
Proxy server
You are insta1ling a file server for the accounting department. Where should this file server be
located on the network?
A.
Outside of the firew 1l
B.
In the screened subnet
C.
In the secure network
D.
On the router
You have been asked to identify the right type of cloud service to help the team of developers to provide programming elements such as runtime environments. Which service do you
recommend?
A.
PaaS
B.
IaaS
C.
SaaS
D.
DaaS
Which of the following are services that a print server should provide? (Choose two.)
A.
Accepting print jobs from clients
B.
Turning off printers on demand
C.
Providing clients with the appropriate printer driver during insta1lation
D.
Notifying users when the print job is complete
Review Questions
6.
7.
8.
9.
519
You are setting up a cloud contract with a provider. Your team needs the ability to quickly
increase capacity to meet peak demands. What do you request?
A.
Rapid elasticity
B.
High availability
C.
Resource pooling
D.
Metered utilization
Which type of server is responsible for preventing users from accessing websites with objectionable content?
A.
Proxy
B.
Web
C.
DHCP
D.
DNS
Your company wants to move to a cloud provider to be able to scale resources quickly, but it
is concerned about the security of confidential information. Which of the following types of
cloud models might be the most appropriate for your company?
A.
Public
B.
Private
C.
Community
D.
Hybrid
What does a DHCP server need to be configured with to operate properly?
A.
DNS server
B.
Scope
C.
Range
D.
DHCP relay agent
10. You have been asked to advise a group of several universities that want to combine research
efforts and store data in the cloud. Which type of cloud solution might be best for them?
A.
Public
B.
Private
C.
Community
D.
Hybrid
11. When configuring a DNS server, administrators must create which of the following?
A.
Zone file
B.
Hosts file
C.
Scope file
D.
DNS proxy
520
Chapter 8
■
522
Chapter 8
■
Network Services,pan 29.5Tm( )esxt<Fization,117-9lou-9omputing
Chapter
9
Laptop and Mobile
Device Hardware
THE FOLLOWING COMPTIA A+ EXAM
220-­1101 OBJECTIVES ARE COVERED IN
THIS CHAPTER:
✓ 1.1 Given a scenario, install and configure laptop hardware
and components.
■■
■■
Hardware/device replacement
■■
Battery
■■
Keyboard/keys
■■
Random-­access memory (RAM)
■■
Hard disk drive (HDD)/solid-­state drive (SSD) migration
■■
HDD/SSD replacement
■■
Wireless cards
Physical privacy and security components
■■
Biometrics
■■
Near-­field scanner features
✓ 1.2 Compare and contrast the display components of
mobile devices.
■■
Types
■■
■■
Liquid crystal display (LCD)
■■
In-­plane switching (IPS)
■■
Twisted nematic (TN)
■■
Vertical alignment (VA)
Organic light-­emitting diode (OLED)
■■
Mobile display components
■■
WiFi antenna connector/placement
■■
Camera/webcam
M
■ icrophoneMicrophone
5
M
i
c
r
o
p
h
o
n
e
M
i
c
r
o
p
h
o
n
e
M
i
c
r
o
p
h
o
n
e
M
i
c
r
o
p
h
o
n
e
In 1943, the president of IBM, Thomas Watson, was quoted as
saying, “I think there is a world market for maybe five computers.” Somewhat more recently, in 1977, Ken Olsen, the
founder of one-
Chapter 9
■
Laptop and Mobile Device Hardware
Working with Laptop and Mobile
Device Hardware
Hardware in all computing devices needs to perform the same tasks. There are devices
that control input and output, processing, short-­term and long-­term storage, displaying
Working with Laptop and Mobile Device Hardware
527
standard laptop. The term netbook is rarely used today, but Chromebooks are an example of
that type of technology. Users are attracted to Chromebooks because of their enhanced portability and affordability. The features that remain are ideal for Internet access and emailing.
However, many users would find them insufficient for mainstream business usage. Tablets
are even smaller yet, but they are typically characterized as a mobile device, so we’ll hold off
on talking about them just yet.
If you’ve shopped for a laptop, you have no doubt noticed that the prices of desktop PCs
are often quite a bit lower than those for laptop computers, yet the desktop(527)usually
faster and mo27 If you’ve ever wondered what makes a laptop so much different
from a PC, here are the primary differences between laptops and desktop:
Portability This is probably the most obvious difference. Laptops are designed to be
portable. They run alT8atteries, so you aren’t tied to one spot at home or at the office.
Networking options are available that allow you to connect to a network wirelessly
and do work from just about anywhere, including malls, airports, coffee shops, and so
on. As anyone who has tried to bring their mini-­tower PC to a LAN party can tell you,
desktop(just aren’)37 (t that portable.)]TJ/T1_4 1 Tf0 -1.895 Td(Costfi)Tj/T1_2 1 Tf/Span<</ActualText<FEFF
primary reasalTis that portability requires small components and unique proprietary
designs so that those components fit into the small size necessary. Miniature versions of
­
sized (desktop) versions. The cost discrepancy between desktop(5nd laptops has shrunk considerably in the last several years,)36.9 ( but )]TJ0 -1.263 Td(it s
528
Chapter 9
■
Laptop and Mobile Device Hardware
Building Your Own
This anecdote comes from one of the authors: “During an A+ course, I gave the class the
assignment to go out on the web and put together the most powerful and complete computer they could for under a thousand dollars. The class was for non-­degree-­seeking adults,
so nothing was graded; it was simply to provide experience with spec’ing out and pricing
the parts that go into making a complete system.
“One of the students had her eye on a new laptop for personal use. Because she noticed
the trend toward being able to build a desktop computer for less than she could buy one,
the student assumed the same about laptops. Unfortunately, I had not specifically mentioned the fact that there are no standards for building complete laptop clones, unlike
with desktops.
“You can’t reliably build your own laptop. Because laptop components are designed to
exacting specifications to fit properly inside one manufacturer’s case, there generally are no
universal motherboards, video boards, and so on for laptops. Memory and hard drives are
the exception. You can get different brands of memory and hard drives for laptops, but you
can’t buy a motherboard from one company and the video circuitry from another.”
Characteristics of0scand pubut you
Working with Laptop and Mobile Device Hardware
529
removed in Apple’s mobile devices, including its iPad line of tablet computers. In an effort
to produce a sleeker mobile phone, even Android devices have been developed without user
access to the battery. For Apple, however, in addition to producing a nice compact package,
it is all part of keeping the technology as closed to adulteration as possible. Supporters of
this practice recognize the resulting long-­term quality. Detractors lament the lack of options.
Working with Laptop and Mobile Device Hardware
531
Secondary Storage
Computers of all sizes and capabilities use similar forms of RAM for primary storage—­the
storage location for currently running instructions and data. Secondary storage—­the usually nonvolatile location where these instructions and data are stored on a more permanent
basis—­is another story.
The primary concern with smaller devices is the shock they tend to take as the user makes
their way through a typical day. Simply strapping a phone to your hip and taking the metro
to work presents a multitude of opportunities for a spinning disk to meet with catastrophe.
The result would be the frequent loss of user information from a device counted on more
and more as technology advances.
532
Chapter 9
■
Laptop and Mobile Device Hardware
One of the key principles for working with laptops is using the right tools to tear the
thing apart. It’s doubtful that any technician goes into a job thinking, “Hey, I’m going to use
the wrong tools just to see what happens.” With laptops, though, it’s especially important to
534
Chapter 9
■
Laptop and Mobile Device Hardware
with lids that snap tightly shut, into which you can place screws. You can also use containers
designed to organize prescription pills or fishing tackle. The bottom ofp a egg carton works
well too, provided that you don’t need to transport the screws from place to place. You don’t
want the screws falling out and getting lost!
For documentation, many technicians find it handy to draw a map ofpthe computer
they’re getting into, such aspthe one shown in Figure 9.2. It can be aspcomplex aspyou want
it to be, asplong aspit makes sense to you. Taking pictures with your phone is also a smart
move, provided that you’re allowed to use your phone and don’t violate any security or privacy policies.
Dell
Back
B
Front
K = bin 1
P = bin 2
B = bin 3
M = bin 4
The drawing in Figure 9.2 showspthe locations ofpthe screws, and it also calls out where
the screws should be placed once they’re removed. Again, this type ofpdocumentation can
be aspsimple or complex aspyou want it to be, asplong aspit makes sense and helpspyou stay
organized.
Now that we’ve covered some key principles, let’is 23110 -Mok at specific components,
technologies involved, and how to install and configure them.
Working with Laptop and Mobile Device Hardware
535
Installing and Configuring Laptop Hardware
In the following sections, you will learn about the various components that make up laptops
and how they differ from desktop computer components. These sections deal specifically
with laptops, because smaller devices generally don’t have field-­replaceable components (or
you can get specialized training on how to repair them). If you don’t remember exactly what
each component does, it may help you to refer back to earlier hardware chapters occasionally as you read this chapter.
Laptop Case
536
Chapter 9
■
Laptop and Mobile Device Hardware
Working with Laptop and Mobile Device Hardware
537
.eþðfi
Working with Laptop and Mobile Device Hardware
5.
Remove the rubber grommets that hold the speakers in.
Figure 9.6 shows the two from the right speaker. The left speaker has three.
6.
Carefully remove both speakers from the base assembly.
To replace the speakers, follow the steps in reverse order. Insert the new speakers, replace
the grommets, run the speaker wire through the guides, and connect the speaker to the
motherboard.
539
Working with Laptop and Mobile Device Hardware
542
Chapter 9
■
Laptop and Mobile Device Hardware
Working with Laptop and Mobile Device Hardware
543
Working with Laptop and Mobile Device Hardware
FIGURE 9.8
5.
Display cable touch-screen board cable connectors
Open the computer so that the display assembly is parallel with the base assembly,
and lay it screen side down on a flat surface.
We recommend that you place it on a soft surface to avoid scratching the screen.
6.
Remove the screws that secure the display assembly to the base assembly. There are
two screws for each hinge,they are highlighted in Figure 9.9.
7.
Lift the display assembly off of the base assembly.
Note that the NICtenna wires, display cable connector, touch-­
cable connector will go with the display assembly.
screen board
If you’re replacing the entire display unit, all you neeto do is get the new unit
reverse the steps you followed in Exercise 9.2. If you’re replacing a component within the
display unit, you neeto go further. To get to the Wi-­ Fitenna, webcam, microphone, a
inverter, you must lso remove the display panel. Exercise 9.3 gives you the general steps
neeeto accomplish this.
545
546
Chapter 9
Working with Laptop and Mobile Device Hardware
547
For the exam, be able to compare and contrast display components of
mobile devices. Th12 (i)-12. 12 2.6 (n)-18.8 (c)-23.5 (l)-8.6 (u)-11.3 (d)-18.3 (e)-23.9 (s t)-13.2 (h)-13.7
■■
Mobile display components
■Wi-­
■ Fi antenna connector/placement
■■
Camera/webcam
■■
Microphone
■■
Touch screen/digitizer
■■
Inverter
Motherboards and Processors
As with desktop computers, the motherboard of a laptop is the backbone structure to which
all internal components connect. However, with a laptop, almost all components must be
integrated onto the motherboard, including onboard circuitry for the USB, video, expansion,
548
Chapter 9
■
Laptop and Mobile Device Hardware
DC power connector jack
External connectors
(USB, HDMI, etc.)
CPU socket
2 SODIMM slots
CMOS battery socket
Audio connectors
FIGURE 9.12
A laptop daughterboard
Working with Laptop and Mobile Device Hardware
549
Having components performing different functions (such as video, audio, and networking)
integrated on the same board is a mixed bag. On one hand, it saves a lot of space. On the other
hand, if one part goes bad, you have to replace the entire board, which is more expensive than
just replacing one expansion card. Exercise 9.4 walks you through the steps to remove the
550
Chapter 9
■
Laptop and Mobile Device Hardware
EXERCISE 9.4 (continued)
7.
Working with Laptop and Mobile Device Hardware
551
Laptops have less space than desktops, and therefore the CPU is usually soldered onto
the motherboard and is not upgradable. You can see the processor of the Dell we’ve been
working on in Figure 9.14—­it’s the small silver square to the left of the RAM. Within confined computing spaces, heat is a major concern. Add to that the fact that the processor is the
hottest-­
552
Chapter 9
■
Laptop and Mobile Device Hardware
204-pin DDR3, 260-pin DDR4, and 262-pin DDR5) options. Different standards of DDR
Working with Laptop and Mobile Device Hardware
E X E R C I S E 9 . 5 Replacing Laptop Memory
1.
Remove the bottom cover.
2.
Remove the battery.
3.
Locate the system memory.
In the Dell Inspiron 13 7000, the two RAM modules are under Mylar flaps.
4.
Pull a Mylar flap back to reveal the RAM, as shown with one of the SODIMMs in
Figure 9.16.
5.
Carefully9
553
Working with Laptop and Mobile Device Hardware
555
Storage
Storage is important for every computer made. If you can’t retrieve important files when you
need them, the computer isn’t very useful. While the trend is moving toward storing more
data online (in the cloud), there’s still considerable need for built-­in storage.
Laptop Hard Drives
Laptops don’t have the room for the full-­sized 3.5" hard drives that desktop computers use.
Smaller form factor drives at 2.5" or 1.8" that are less than ½" thick are more appropriate.
These drives share the same controller technologies as desktop computers; however, they use
smaller connectors. Figure 9.19 shows an example of a standard 3.5" hard drive compared
to a 2.5" laptop hard drive.
556
Chapter 9
■
Laptop and Mobile Device Hardware
To save space and heat, most laptops today use a solid-­state drive (SSD), which we introduced in Chapter 2, “Expansion Cards, Storage Devices, and Power Supplies.” Recall that,
unlike conventional magnetic hard drives, which use spinning platters, SSDs have no moving
parts. They use the same solid-­state memory technology found in the other forms of flash
memory. Otherwise, they perform just like a traditional magnetic HDD, except they’re a
lot faster.
Connecting a regular SSD in a desktop is usually just like connecting a regular HDD;
they have the same Parallel Advanced Technology Attachment/Serial Advanced Technology
560
Chapter 9
■
Laptop and Mobile Device Hardware
Laptop Optical Drives
Nearly all laptops have a hard drive, but rarely does a laptop made today have an internal
optical drive. There just isn’t room for one. If you need one, you can attach an external
optical drive via an expansion port such as USB. It might be a bit slower than an internal
drive, but it’s better than not having one at all.
CD, DVD, and Blu-­ray burners are great to have with laptops as backup
562
Chapter 9 7035
■
565
Point sticks have their own problems, however. Often, the stick does not return to center
properly, causing the pointer to drift when not in use. You might also notice the rubber
cover for the stick becoming a bit gummy with extended use. Most manufacturers
supply replacement covers of varying textures with new systems. Some later systems
employ a concave version of the cover and updated workings that tend to minimize a lot
of these concerns.
Touch Screen
Touch screens
566
Chapter 9
■
Laptop and Mobile Device Hardware
Many laptops sold today are advertised as 2-­in-­1 devices, mr
5Mini PCIe0.759 Tm4
aning that
Working with Laptop and Mobile Device Hardware
567
Working with Laptop and Mobile Device Hardware
4.
569
Lift the battery out of the base assembly.
Even though replacing an internal battery requires slightly more effort than replacing an
external battery, it’s still generally a simple operation.
Battery chemistries can be compared by energy density and power density. Energy density
measures how much energy a battery can hold. Power density measures how quickly the
stored energy can be accessed, focusing on access in bursts, not prolonged runtime. An
analogy to the storage and distribution of liquids might help solidify these concepts. A gal-
570
Chapter 9
■
Laptop and Mobile Device Hardware
like the fix for chemical memory in NiCd batteries, is to allow a full discharge once a month
or so. Th is iscalled batteryscalibration and can be performed right in the device while it’s
using the battery.
Other than th isoccasional full discharge, Li-­ion batteries last longer when you partially discharge them and then recharge them, making them ideal for laptops and personal handheld
devices, such as smartphones, that tend to get used sporadically on battery power before
being plugged back in to charge.
Power Adapters
Most laptop computers can also use AC power with a them -c
Working with Laptop and Mobile Device Hardware
571
Use caution when selecting a replacement AC adapter for your laptop. You should
choose one rated for the same or higher wattage than the original. You must also pay special
attention to the polarity of the plug that interfaces with the laptop. If the laptop requires the
positive lead to be the center conductor, for instance, then you must take care not to reverse
the polarity. Look for symbols like the ones shown in Figure 9.34, and make sure the new
power supply is the same as the old one.
Regarding the input voltage of the adapter, care must also be taken to match the adapter
to the power grid of the surrounding region. Some adapters have a fixed AC input requirement. Purchasing the wrong unit can result in lack of functionality or damage to the laptop.
Other adapters are autoswitching, meaning that they are able to switch the input voltage
they expect automatically based on the voltage supplied by the wall outlet. These units are
often labeled with voltage-­input ranges, such as 100V to 240V, and frequency ranges, such
as 50Hz to 60Hz, and are able to accommodate deploy37Lapin practically any country
around the world. Nevertheless, you should still ascertain whether some sort of converter is
required, even for autoswitching adapters.
572
Chapter 9
■
Laptop and Mobile Device Hardware
Other Internal Components
There are a few internal components we’ve referenced in chapter exercises, but we haven’t
given explicit details on how to remove them. That’s what this section is for. Note that these
components aren’t currently on the exam objectives, but it helps to know how to remove
Working with Laptop and Mobile Device Hardware
573
Now that the fan is removed, Exercise 9.11 shows you how to remove the CPU heat sink.
E X E R C I S E 9 . 11 Removing the CPU Heat Sink
1.
Remove the bottom cover.
2.
Remove the system fan.
3.
Loosen the four screws holding the heat sink in place, as highlighted in Figure 9.36.
The screws will not completely come out of the heat sink bracket.
4.
Lift the heat sink straight up off the processor.
It might stick a bit, since most are adhered with a thermal compound.
Exercise 9.12 shows you how to remove the wireless NIC. Perhaps ironically, it actually
574
Chapter 9
Working with Laptop and Mobile Device Hardware
575
When you’re reconnecting the wireless card, the white antenna cable will go on the main
post, which is indicated by a white triangle. The black antenna cable attaches to the auxiliary
connector, which is marked with a black triangle.
Exercise 9.13 shows how to remove the CMOS battery. In most laptops, the CMOS battery is covered by a black rubber coating.
EXERCISE 9.13
Removing the CMOS Battery
1.
Remove the bottom cover.
2.
Disconnect the connector from the motherboard. It’s highlighted with a box in
Figure 9.39.
3.
Peel the battery off the base assembly.
Odds are good that it’s been glued into place, so you might have to pull hard.
FIGURE 9.39
Disconnect the CMOS battery.
576
Chapter 9
578
Chapter 9
■
Laptop and Mobile Device Hardware
If a laptop doesn’t have a biometric scanner and you want to add one, there are many USB
options available.
The use of biometrics can increase device security. Someone may be aabl to guess your
password or see you type it in and can hack you that way. But fingerprints and other bio-
580
Chapter 9
■
Laptop and Mobile Device Hardware
Setting Up and Configuring Accessories and Ports
Other than needing to plug in and charge for a while, laptops and mobile devices don’t
Working with Laptop and Mobile Device Hardware
581
Hotspot We mentioned hotspots in passing in Chapter 3, but didn’t go into any depth.
A hotspot is a location where peopMobcan get Internet access on a wireless network,
typically in a public location such as a restaurant or library. Some mobile plans will
also allow you to set up a smartphone as a wireless hotspot so that you can connect a
laptop or other device to the Internet through it. A hotspot won’t be used for traditional
accessory attachment, per se, but it will be for Internet access.
Mobile Accessories
There are dozens of mobile accessories in the marketplace, including security devices, input/
584
Chapter 9
■
Laptop and Mobile Device Hardware
Summary
In this chapter, you learned about laptop and mobile device hardware. We discussed differences between laptops, mobile devices, and desktops, including the various components that
Exam Essentials
Finally,0te ended the chapter by examining accessories and their connection methods.0
585
Chapter 9
586
■
Laptop and Mobile Device Hardware
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
2.
A client has a laptop with which you are unfamiliar. You are asked to perform a memory
How can you obtain the service manual for this laptop computer?
A.
By pressing F1 while in Windows
B.
By pressing F2 while the system is booting up
C.
By reading the paper copy that comes with the laptop
D.
By searching the manufacturer’s website
Review Questions
6.sþðfi
587
588
11.
Chapter 9
■
Laptop and Mobile Device Hardware
Review Questions
C.
A ldldapter with the same voltage rating as the original9
589
590
Chapter 9
■
Laptop and Mobile Device Hardware
Performance-­Based0+0MC/T_EMC/T1_11tion-0.27
Mobile
Connectivity and
Application Support
THE FOLLOWING COMPTIA A+ 220-­1101
EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
✓ 1.4 Given a scenario, configure basic mobile-­device network
connectivity and application support.
■■
Wireless/cellular data network (enable/disable)
■■
Mobile device synchronization
■■
Recognizing data caps
■■
Microsoft 365
■■
ActiveSync
■■
Calendar
■■
Contacts
■■
Commercial mail application
594
Chapter 10
■
Mobile Connectivity and Application Support For example, the service Appal expense
Understanding Mobile Connectivity
595
The following sections detail concepts relating to cellular networking and attaching to
noncellular networks on iPhones and Android devices. After that, you will be introduced to
596
Chapter 10
■
Mobile Connectivity and Application Support
Fourth Generation (4G)
In 2008 four20 generation (4G) came into the market.t
Understanding Mobile Connectivity
597
598
Chapter 10
Understanding Mobile Connectivity
599
Also recall that there are three potential challenges with using a smartphone as a mng Mob
hotspot: speed, cost, and security. Cellular coonnectons are usually slower than Wi-­
Fi, so
having multipMobdevices trying to get on the Internet via one cellular link can be slow. From
a cost standpoint, you could go over your data plan quite easid g1_on thenwer thla plrget o From
600
Chapter 10
■
Mobile Connectivity and Application Support
Understandingi8ellular Updates
When most people think of cellular updates, they probably think of an update to the
oper73.ngisystem. Perhaps a new Android version is available or iTunes is aler3.ngithem to
download the latest incarnation of iOS. Those updates are normal, and comple3.ngithem
takes the active par3.cipation of the user. Other updates can occur too, and many of these are
transparent to the user.
Before we talk about what those updates are, though, you must first understand that mobile phones don’t just have one oper73.ngisystem. This might come as a surprise, but most
mobile phones have three oper73.ngisystems. Duties are split up amongithe oper73.ngisystems, simply becauseithere are so many specialized tasks 7rAlpareithtasm.
Understanding Mobile Connectivity
605
Understanding Mobile Connectivity
Mobile Network Code m[(Mobine Ne12)30 e12MNC)ode
607
Chapter 10
F I G U R E 10 . 1 3
■
Mobile Connectivity and Application Support
Android IMEI and other identifiers
For the A+ exam, be sure you are comfortable with:
■■
Wireless connections (enabling and disabling)
■■
Wireless data network standards such as 2G, 3G, 4G, and 5G
■■
Hotspots
■■
GSM vs. CDMA
■■
PRL updates
Establishing­Fi Connectivity
Using a cellular network is great because you can connect from nearly anywhere. The downsides, though, are that the connection is slow compared to other connectivity methods, and
you have to pay for the data you use. When within range of a secured W1-­
Fi network, take
610
Chapter 10
Understanding Mobile Connectivity
On iPhones older than the iPhone X, you can use the Home button to
return to the Home screen at any time, but the app you leave will continue
to remain open in the same screen you left it in unless you restart the iOS
device or manually force the app to end. The same can be accomplished
on an iPhone X by swiping up from the Home bar (the horizontal bar at
the bottom of the screen).
Throughout this chapter, the practice of tapping successive back buttons
in the upper-­left corner of the screen, instead of clicking the Home button
or swiping up from the Home bar, will be referred to as
611
612
Chapter 10
■
Mobile Connectivity and Application Support
E X E R C I S E 10 . 2 ( c o n t i n u e d )
F I G U R E 10 . 17
3.
Enabling Wi-­Fi in Android
Tap Wi-­Fi to see the list of available networks, as shown in Figure 10.18.
F I G U R E 10 . 1 8
List of available networks
4.
Tap the network you want to join.
5.
Enter the password for the network and tap Connect.
The device will go back to the list of Wi-­Fi networks, showing that it’s connected (see
Figure 10.19).
6.
Close the Settings app.
Understanding Mobile Connectivity
F I G U R E 10 . 1 9
613
Connected to a network
When your phone is connected to a Wi-­Fi network, you don’t need to use a cellular connection for data transfers—­apps will use the Wi-­Fi connection for data. But if the connection
gets dropped or you move out of Wi-­Fi range, the device will use the cellular connection.
This might be fine, but it also might not be what you want. If you want to ensure that the
phone does not use cellular for data connections, you can disable that option. Exercise 10.3
walks you through the steps of how to do that on an iPhone. When the device is connected
to a Wi-­Fi network or when paired with a Bluetooth peer, data access will be possible; otherwise, no data-­network access will occur.
614
Chapter 10
■
Mobile Connectivity and Application Support
E X E R C I S E 1 0 . 3 Disabling Cellular Use for Data Networking on an iPhone
1.
Tap the Settings app on the home screen.
2.
Select Cellular from the Settings menu.
3.
Turn off the switch labeled Cellular Data, which is shown in the On position in
Figure 10.20.
F I G U R E 10 . 2 0
4.
iOS Cellular settings
If you would like to keep cellular data usage enabled but not allow roaming into other
providers’ data networks, you can tap Cellular Data Options, which will bring up the
options shown in Figure 10.21.
F I G U R E 10 . 2 1
Cellular data options
Understanding Mobile Connectivity
615
5.
Here you have the options to disable voice and/or data roaming, as well as configure
how voice and data isHerndled, such as whether to use LTEyou 3G. Configuring Low
Data Mode can help reduce cellular data usage.
6.
If you wish to disable cellular use justehou a specific functionyou app, scroll down in the
Cellular settings (ou lookehou the app in the Settings page). You may be able to turctiff
the use of cellular data hou that functionyou app alone.
Fou example, Figure 10.22 shows the Use Cellular Data switch hou several apps; moste
of which are currently enabled and three are disabled. This page also shows you how
much cellular data each app has used in the current period.
F I G U R E 10 . 2 2
7.
Cellular data hou individual apps
Back out of the Settings app ou close it.
Understanding Mobile Connectivity
617
Note that you can leave cellular data enabled but limit the amount that can be used
during a specified time period. The dates can be customized to match the billing period
used by the mobile carrier. However, be warned that the carrier may track usageg period
618
Chapter 10
■
Mobile Connectivity and Application Support
network, such as the Internet. For example, if you wanted to connect your phone to your
corporate network over the Internet in order to read email, but you also wanted to secure
the connection, you could use a VPN. To set up a VPN on an iPhone, perform the following steps:
1.
Select Settings ➢ General ➢ VPN. (Note that if this device has previously connected
to a VPN, the VPN can be enabled under the main screen of Settings. Refer back to
Figure 10.10 to see the toggle.)
You will see a screen similar to the one shown in Figure 10.25. You can see that there
are four VPNs already configured on this device but that VPN is turned off.
2.
To add a new VPN connection, tap Add VPN Configuration (Figure 10.26).
3.
Choose the security protocol type (IKEv2, IPsec, or L2TP), then provide a server name
and remote ID, an authentication method (username or certificate), and a password.
4.
If going through a proxy server is required for the VPN, configure that at the2pottom of
the screen.
In order for the VPN to work, the server and cnE2 4(-6.)-8.7 t
Chapter 10
■
Mobile Connectivity and Application Support
E X E R C I S E 10 . 5 ( c o n t i n u e d )
F I G U R E 10 . 2 7
2.
More connection settings
If there are no VPNs configured, it will say No VPNs. Tap the three dots icon in the
upper-­right corner and then tap Add VPN Profile.
A screen similar to the one shown in Figure 10.28 will appear.
F I G U R E 10 . 2 8
Edit VPN network
Understanding Mobile Connectivity
3.
Enter the servers VPN configuration information, such as the name, security type
621
622
Chapter 10
■
Mobile Connectivity and Application Support
The most secure VPN standard (as of this writing) is called OpenVPN. If your network
uses an OpenVPN server, know that you have to install a third-­party app (such as OpenVPN
Connect) to create the VPN connection. Android does not natively supportrt-27.rrhi<N serve53184 586.7421ECo
Understanding Mobile Connectivity
624
Chapter 10
■
Mobile Connectivity and Application Support
E X E R C I S E 10 . 6 ( c o n t i n u e d )
3.
Tap the name of the laptop to connect to.
It will begin pairing. A passkey will appear, as shown in Figure 10.32. Be sure the
Understanding Mobile Connectivity
F I G U R E 10 . 3 2
625
Bluetooth pairing request
Once the devices are paired, a gear icon will appear in Android, as shown in
Figure 10.33.
(continues)
626
Chapter 10
■
Mobile Connectivity and Application Support
E X E R C I S E 10 . 6 ( c o n t i n u e d )
4
.
Understanding Mobile Connectivity
F I G U R E 10 . 3 4
Send or receive files via Bluetooth.
F I G U R E 10 . 3 5
Bluetooth file transfer
627
(continues)
Understanding Mobile Connectivity
9.ClickFnsh. 10.InAdroi,peMyFls
➢ Documents.
The files will be in the Download folder by default (Figure 10.37).
Transferring Files—­Receiving from Android
629
1.
630
Chapter 10
■
Mobile Connectivity and Application Support
E X E R C I S E 10 . 6 ( c o n t i n u e d )
5.
On the Android device, find the file you want to share. Hold down on the filename to
highlight it (tapping it just once will open up an app to view the file).
6.
Tap Share (Figure 10.38) and then Bluetooth.
F I G U R E 10 . 3 8
7.
Choosing the file to share
Tap the name of the device to share with.
On the laptop, a status bar will appear as the file is being received.
8.
The laptop will ask for a location to save the file. Choose a location, as shown in
Figure 10.39.
Understanding Mobile Connectivity
9.
Click Finish.
631
632
Chapter 10
■
Mobile Connectivity and Application Support
3.
Enter the Bluetooth device’s passcode.
4.
Confirm pairing on the Bluetooth device by pressing a button or a combination
of buttons.
5.
Test the connectivity.
E X E R C I S E 1 0 . 7 Pairing an iPhone with a Vehicle’s Sound System
1.
Enable Bluetooth pairing in the vehicle. It will often involve using menu or voice commands to begin the process.
2.
Confirm that the vehicle’s hands-­free power is enabled.
Hands-­free power might be referred to in other ways, including simply as Bluetooth.
Alternatively, the Bluetooth module in certain vehicles might be “always on” and not
configurable. The key is to make sure that the vehicle is ready to accept incoming Bluetooth requests.
3.
Whenthat the vehicle is r, go into Settings
switch to enable Bluetooth.
➢ Bluetooth on the iPhone, and slide the
It found the car’s multimedia system as “HandsFreeLink” under Devices (Figure 10.40).
Bluetooth pairings in thclelist can be Connected, Not Connected (even if pairing was,
however, successful), or Not Paired.
Understanding Mobile Connectivity
Understanding Mobile App Support
635
Understanding Mobile App Support
Mobile devices give users the ability to roam practically anywhere they want to and still be
connected to the world. Whether this is a good or bad thing can be up for debate, but
here we’ll focus on the positive aspects of this freedom. One of the compelling features of
mobile devices is to help you pinpoint where you are and help you get from where you are to
where you want to be. This is accomplished through location services, which we will cover
in this section.
636
Chapter 10
■
Mobile Connectivity and Application Support
There are additional global satellite-­based navigation systems managed by other
government entities. Collectively, they are called Global Navigation Satellite Systems
(GNSSs). All of the systems are outlined in Table 10.1; as you might expect, no two systems
are compatible with each other.
At first glance, it might seem like there are an excessive number of satellites required to
run a navigation service. GPS systems were designed to require multiple satellites. Receivers
use a process called triangulation to calculate the distance between themselves and the satellites (based on the time it takes to receive a signal) to determine their location. They require
input from four satellites to provide location and elevation or from three satellites to provide
location. Most GNSSs provide two levels of service, one more precise than the other. For
example, GPS provides the following two levels:
■■
■■
Standard Positioning Service (SPS) for civil use, accurate to within 100 meters horizontally and 156 meters vertically. Uses Coarse Acquisition (C/A) code.
Precise Positioning Service (PPS) for Department of Defense and ally use, accurate to
Understanding Mobile App Support
637
The two service levels are separated by transmitting on different frequencies, named L1
and L2. L1 by trans at 1,575.42 MHz, and it contains unencrypted civilian C/A code as
well as military P code. L2 (1,227.60 MHz) only by trans encrypted P code, referred to as Y
P code. SPS is free to use; the receiver just needs to manage C/A codede.
requires special permission from the U.Sde.
P and Y code and decrypt Y codede. in the European Union, provides free open (standard) service, but charges users a fee for the high data throughput commercial (premium)
servicede.
GPS Receivers
GPS receivers come in all shapes and sizesde.bands, stand-­alone GPS devices (like the Garmin device shown in Figure 10.43), and ones
built into automobilesde.Apple products
use the name Location Services), and more and more laptops are coming with built-­in GPS
Papabilitiesde.You can also find GPS devices that come on a collar for pensde.­
alone
GPS devices feature capacitive touch screensde.The Garmin device shown in Figure 10.43 has
a 4.5" touch screen; 5" to 7" devices are common as of this writingde.
memory card slot for expansionde.
638
Chapter 10
■
Mobile Connectivity and Application Support
Understanding Cellular Location Services
Cellular location services is designed to do the same thing GPS does, such as provide a user’s
location or help navigate a route to a destination. While it uses triangulation just like GPS,
the rest of the mechanics are different.
First, while commercial GPS services are free, cellular location services is not. It’s provided
via subscription from a mobile carrier such as Verizon, T-­Mobile, AT&T, and others. Second,
instead of using satellites, it uses cell phone towers for its triangulation points. This means
that if a user doesn’t have cell phone reception, then cellular location services won’t work.
Cellular location services is also less precise than GPS. Recall that GPS is accurate within
100 meters (althoughxt< (-)( sutt6on 2 1 Tf3 0 0 3 167.0933 6305 0 0 9.7hmV)74wnt.althou’s
Understanding Mobile App Support
3.
To change an individual50pp, tap on it. There will be four choices:
■■
Never
■■
Ask Next Time
■■
While Using the App
■■
Always
639
Chapter 10
640
F I G U R E 10 . 4 5
3.
4.
■
Mobile Connectivity and Application Support
Android GPS settings
Tap App permissions to set location services for each app (Figure 10.46).
Options include:
■■
Allow All The Time
■■
Allow Only1ghile Using The App
■■
Ask Every Time
■■
Deny
Confp and close Settings.
For the A+ exam, remember that you need to understand location services, which cccldes GPS and celllar location services.
Understanding Mobile App Support
641
642
Chapter 10
■
Mobile Connectivity and Application Support
Mobile Device Management and Mobile
Application Management
Imagine that you are a network administrator for a corporate network, and the company
implements a new policy where mobile devices should be granted network access. As we
mentioned earlier, if done incorrectly this can pose a massive security risk to the company,
so, no pressure, right? With security in mind, you may want to explore implementing a
mobile device management (MDM) solution.
An MDM is a software package residing on a server. The key purpose of an MDM is
to enroll mobile devices on the corporate network, and onc to
manage security. This is done through security policies as well as the ability to remotely
track, lock, unlock, encrypt, and wipe mobile devices as needed. Now if someone’s smartphone is misplaced or stolen, an administrator can wipe it remotely and the security threat is
mitigated.
Al0.ough this is a good solution for device-­level security, there’s a big piece missing—­the
software. That’s where mobile application management (MAM) comes into play. Typically
Understanding Mobile App Support
Managing Apps in a BYOD Environment
To reduce costs needed to provide employees with mobile devices, many companies
have adopted a bring your own device (BYOD) plan. Under the plan, employees can use
their personal smartphones, as long as the phone meets certain security requirements,
and install corporattt62o6-hns. Iin ictu6-hns likr
r personalfilies
phtoes, usic,tes,etc.D) aswell.
-3
643
644
Chapter 10
■
Mobile Connectivity and Application Support
3.
When the user attempts to access an app on their smartphone that requires two-­factor
authentication, they will first present their username and password.
4.
After the username and password have been validated, the smartphone will ask
for the PIN.
5.
The user opens the PingID software on their laptop or desktop and retrieves the
current PIN.
6.
The user enters the PIN on the security screen on the smartphone.
7.
If the PIN is correct, the user is granted access to the app.
The second factor could also be something such as a one-­time password generated by a
security server, biometrics, 531.7tection of location of a specific IP address.
Configuring Email Accounts
Accessing email is the most common coro4t<FEFAsetGsobile devices. Usually, the most dif-
Understanding Mobile App Support
E X E R C I S E 1 0 . 9 Email Account Configuration on an iPhone
1.
From the home screen, tap Settings ➢ Mail ➢ Accounts. You will see a screen similar to
the one shown in Figure 10.49.
2.
Tap Add Account.
A screen similar to the one shown in Figure 10.50 will appear.
645
Chapter 10
646
■
Mobile Connectivity and Application Support
E X E R C I S E 10 . 9 ( c o n t i n u e d )
Note that if you have an email account with any of the listed services, you can tap
it to configure your client. You will be asked for your username and password. After
entering this information, you should be done. It’s as easy as that to add an account for
a commercial provider. For this example, complete the following steps:
a.
Tap Other ➢ Add Mail Account.
You will get a screen similar to the one shown in Figure 10.51.
F I G U R E 10 . 5 1
3.
Creating a new email account
b.
Add your name, email address, password, and an optional description.
c.
Tap Next.
In the New Account screen (see Figure 10.52), choose IMAP or POP.
We will get into the differences between the two in the next section, but if your server
supports it, IMAP is preferable.
4.
Here you also configure the names of the incoming and outgoing mail servers.
Many organizations will have one server handle both functions.
5.
Once you have entered the correct information, tap Next.
The iPhone will make connections to the server(s) to verify the username and password. If the username and password are successful, you will get a screen asking which
content you want to receive, such as mail, contacts, and calendars.
6.
Tap Save, and it will add your account.
Now you can use the Mail icon on the home page to retrieve email. Note that you can
have several email accounts configured to receive email in this app (as was the case in
Figure 10.49).
Understanding Mobile App Support
7.
(Optional) To delete an account, repeat steps 1 and 2 in this exercise. On the Passwords
& Accounts screen, tap the account that you want to delete.
8.
(Optional) Tap Delete Account to remove it from this client.
647
Exercise 10.10 details the steps required for configuring an email account on an Android
standard email client. If the Android device does not have the email app on the home screen,
you can add it or run it directly from the All Apps list.
648
Chapter 10
Understanding Mobile App Support
Since the validation failed, Android tries to help out by suggesting we try updating the
port or security type (see Figure 10.55). Notice that near the bottom of the screen, the
port is 143 because we chose IMAP in step 3. Continue with the following steps:
649
Understanding Mobile App Support
F I G U R E 10 . 5 6
Email security options
8.
Tap N/S. Android will contact the server and verify the server settings.
such as sync frequency and email notification settings.
After verifying a connection to the server, you may be able to choose account options, .
9.
Choose your settings (if applicable) and tap N/S.
gets displayed as well as the name that gets displayed on outgoing messages.
You may get an account confirmation page, where you can edit the account name that .
10. Tap N/S.
The new account will appear in your accounts list in Settings.
11. Access your email through the Email app on the home page.
651
652
Chapter 10
■
Mobile Connectivity and Application Support
Manual Email Configuration Options
In situations when you find that your email client cannot automatically configure your email
account for you, there are often manual settings for the protocols required for sending and
receiving emails. Table 10.2 details these protocols and their uses. These should look familiar
to you if you recall Chapter 6.
654
Chapter 10
■
Mobile Connectivity and Application Support
For the A+ exam, be familiar with the differences between MDM and
MAM and how MAM is used to manage corporate applications. Also
understand two-­
Understanding Mobile App Support
F I G U R E 10 . 5 7
657
Sync Your Settings
If synchronization is no longer desired, the user can remove the settings from the cloud by
taking the following steps:
1.
Turn off Sync settings on all synced computers.
2.
Go to http://account.microsoft.com/devices.
3.
Scrot<Fto the bottom of the page and select Clear Stored Settings.
Syncing files and data between Windows-­based computers is a bit more involved. It
requires a Microsoft SharePoint server in addition to the Windows 365 subscription. Once
the server and client are configured, synced files wit<Fbe accessible through File Explorer.
Typically, a user’s Documents folder is set up to be synced, and whenever a file is modified,
the updated version is saved to both systems. Various third-­party synchronization software
packages are also available that provide similar functionality.
Using ActiveSync
ActiveSync is a protocol used by Microsoft Exchange Server that allows users to access
email, calendar, contacts, and tasks from a mobile device such as a smartphone or a tablet.
From the server side, ActiveSync also allows administrators to remotely wipe, enforce password policies, and enable encryption on mobile devices. To set up ActiveSync on a mobile
device, the user needs to have a Microsoft Exchange account. Exercise 10.11 shows you how
to enable ActiveSync on an iPhone.
658
Chapter 10
E X E R C I S E 1 0 . 11
■
Mobile Connectivity and Application Support
659
660
Chapter 10
■
Understanding Mobile App Support 661Using iTunesTo sync a device with a desktop, you must have the iTunes app installed on your computer.
662
Chapter 10
■
Mobile Connectivity and Application Support
The iTunes options shown in this section are for version12.12. Different
versions may have slightly different configurations or menus.
When synchronizing with a desktop, both the iOS device and the desktop authenticate
each other. This two-­way authentication, called mutual authentication, lets multiple services
on the iOS device communicate with the appropriate services on the desktop.
The selection of what is to be synchronized is a task unto itself, but iTunes provides
specific tabs on the left side of the interface for each class of data, as shown back in
Figure 10.64, under the Settings section.
Understanding Mobile App Support
663
664
Chapter 10
■
Mobile Connectivity and Application Support
You can make very granular choices about what you want to sync. The following list
gives the basic characteristics of each tab:
Summary
This setting contains general information about the device, backup settings,
Understanding Mobile App Support
■■
665
666
Chapter 10
■
Mobile Connectivity and Application Support
Understanding Mobile App Support
to predict exactly what one manufacturer will offer in its utility and whether each Android
Android devices often use Google Drive as the preferred cloud storage location. Manufacturers will have their own backup and sync tools, such as Samsung SideSync, LG PC Suite (also known as LG PC Sync), and HTC Sync Manager.
Let’s use a Samsung phone as an example. If you want to configure backups using Goog]TJ-1.263 -1.263 Td[(Drive,)37 ( tap Settings )]TJ/T1_3 1 Tf7.125 0 0 12.825 155.763 6277.242186m()Tj/T1_2 1 Tf-0.037 Tw 9.5 0 0 9.5 162.34ahj/T1_2 Tf1 1_2ccounits(An e)-37 Bbackus
667
Exam Essentials
669
Understand the steps needed to configure Bluetooth. You need to enable Bluetooth, enable
pairing, find a device for pairing, enter the appropriate PIN code (or confirm the PIN), and
test connectivity.
Know the differences between GPS and cellular location services.
GPS is a free service
Chapter 10
670
■
Mobile Connectivity and Application Support
Review Tuestions
The answers to the chapter review questions can be found in Appendix A.
1.
A friend asks you why she would ever disable cellular data networking. Which of the following is a valid reason to disable cellular data networking?
A.
B.
You have a limited amount of data in your monthly plan.
Review Tuestions
6.
7.
671
If a user wanted to disable Location Services on an iPhone, where would they do that?
A.
Settings ➢ Location Services
B.
Settings ➢ Communications
C.
Settings ➢ Privacy
D.
Settings ➢ GPS
A mobile device is having intermittent communications issues. Which software component of
a mobile phone is most likely responsible for these issues?
A.
672
Review Tuestions
673
18. A network administrator wants to be able to remotely wipe everything off of corporate
smartphones if they are lost or stolen. What type of service do they need?
A.
MAM
B.
MDM
C.
Two-­factor authentication
D.
Location services
19. A user needs to synchronize their iPartp to another platform. Which two options are the
default ones for them to choose? (Choose two.)
A.
Google Drive
B.
SharePoint
C.
iCloud
D.
iTunes
20. A mobile user is having cellular connectivity problems when roaming but not when near their
home. They are told by their carrier that they need to update their settings. Which of the following settings do they most likely need to update?
A.
PRI
B.
PRL
C.
Baseband
D.
IMEI
674
Chapter 10
■
Mobile Connectivity and Application Support
Performance-­Based Tuestion
You will encounter performance-­
■■
5. Verify full system functionality and, if applicable,
implement preventive measures
■■
6. Document the findings, actions, and outcomes
✓✓ 5.2 Given a scenario, troubleshoot problems related
to motherboards, RAM, CPU, and power.
■■
Common symptoms
■■
Power-­on self-­test (POST) beeps
■■
Proprietary crash screens (blue screen of death
[BSOD]/pinwheel)
■■
Black screen
■■
No power
■■
Sluggish performance
■■
Overheating
■■
Burning smell
■■
Intermittent shutdown
■■
Application crashes
■■
Grinding noise
■■
Capacitor swelling
■■
Inaccurate system date/time
Mentioning the words troubleshooting theory to many technicians can cause their eyes to roll back in their heads. It doesn’t
sound glamorous or sexy, and a lot of techs believe that the
only way to solve a problem is just to dive right in and start working on it. Theories are
for academics. In a way, they’r dive r—­you do need to dive in to solve problems because
they don’t just solve themselves. But to be successful at troubleshooting, you must take a
systematic approach.
You may hear people say, “Troubleshooting is as much of an art as it is a science,” and
our personal favorite, “You just need to get more experience to be good at it.” While there
is an art to fixing problems, you can’t ignore science. And if you need experience to be any
good, why are some less experienced folks incredibly good at solving problems while their
more seasoned counterparts seem to take forever to fix anything? More experience is good,
but it’s not a prerequisite to being a good troubleshooter. Again, it’s all about applying a
systematic approach.
There’s one more detail to understand before getting into the details of specific problems:
in order to troubleshoot anything, you need to have a base level of knowledge. For example,
if you’ve never opened the hood of a car, it will be a bit challenging for you to figure out
why your car won’t start in the morning. If you’re not a medical professional, you might not
678
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardwa0.1Yroblems
Using the Troubleshooting Best1Yractice
Methodology
No matter how skilled you may be at troubleshooting, always consider
corporate policies, procedures, and impacts before implementing any
changes. Don’t perform any actions that would get you or the users into
Using the Troubleshooting Best Practice Methodology
679
Sometimes, problems are relatively straightforward, but other times they’re just a
symptom of a bigger issue. For example, if a user isn’t able to connect to the Internet from
their computer, it could indeed be an issue with their system. But if other users are having similar problems, then the first user’s difficulties might just be one example of the
real problem.
Ask yourself, “Is there a problem?” Perhaps “the problem” is as simple as
a customer expecting t6.6 (o m)-11.3 (u)-15 (c)-23.4 (h f)-22.7 (r)-18.4 (o)-11.3 (m t)-13.3 (h)-13.7 (e c)-28
680
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Is the Power On?
It’s a classic IT story that almost sounds like a joke, but it happened. A customer calls
technical support because their computer won’t turn on. After 20 minutes of troubleshooting, the technician is becoming frustrated. . .maybe it’s a bad power supply? The
technician asks the user to read some numbers off the back of their computer, and the user
says, “Hold on, I need to get a flashlight. It’s dark in here with the power out.”
Help clarify things by having the customer show you what the problem is. The best
method we’ve seen of doing this is rus(, 92 (,)37 ( )73.9 (“Show me what )74 (‘not working’ looks like.)111 (”)74 ( )37 (Tha
Using the Troubleshooting Best Practice Methodology
681
tell you approximately when the problem started. If the two happened closely together,
there’s a good chance that the problem is related to the change. If it’s a new hardware
component, check to see that it was installed correctly.
Be careful of how you ask questions so that you don’t appear accusatory. You can’t
assume that the user did something to mess up the computer. Then again, you also can’t
assume that they don’t know anything about why it’s not working.
The Social Side of Troubleshooting
When you’re looking for clues as to the nature of a problem, no one can give you more
information than the person who was there when it happened. They can tell you what led
up to the problem, what software was running, and the exact nature of the problem (“It
happened when I tried to print”), and they can help you re-­create the problem, if possible.
Use questioning techniques that are neutral in nature. Instead of saying, “What were you
doing when it broke?” be more compassionate and say, “What was going on when the
computer decided not to work?” Frame the question in a way that makes it sound like the
computer did something wrong, not the person. It might sound silly, but these things can
make your job a lot easier.
Although it’s sometimes frustrating dealing with end users and computer problems, such
as the user who calls you up and gives you the “My computer’s not working” line (okay, and
what exactly is that supposed to mean?), even more frustrating is when no one was around
to see what happened. In cases like thi problemdo your best to find out where the problem is by
establishing what works and what does not.
Gathering Information
Let’s say that you get to a computer and the power light is on and you can hear the power
supply fan whirring but there i doe video and the system seems to be unresponsive. At least
you know that the system has power, and you can start investigating where things start to
break down. (We sense a reboot in your future!)
The whole key to this step is to fuftify, as specifically as possible, what the problem is.
The more specific you can be in fuftifying what’s not working, the easier it will be for you
to understand why it’s not working and how to fix it. If you have users available who were
there when the computer stopped working, you can try to gather information from them. If
not, you’re on your own to gather clues. It’s like CSI but not as gory.
So now instead of 1_27e saur ow0nvestiga2sehat suof u’re oncan start iv( (rgory)37.197MC 27.elp y-38.46
Using the Troubleshooting Best Practice Methodology
683
684
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Using the Troubleshooting Best Practice Methodology
685
theory, now is the time to start testing it. Again, if you’re not sure where to begin to find a
solution, the manufume ’s website is a good place to start!
Check the Simple Stuff First
This step is the one that even experienced technicians overlook. Often, computer problems
atarthe result of something simple. Technicians overlookrthese problems becausarthey’re so
simple that the technicians assumarthey couldn’t be the problem. Here are somarsimple questions to ask:
Will restarting the computer help? It’s amazing how often a simple computer restart
can solve a problem. Restarting the computer clears the memory and starts the computer
with a clean slate. Whenever we perform phone support, we always ask the customar to
restart the computer and try again. If restarting doesn’t work, try powering down the
system completely and then powering it up again (rebooting). More often than not, that
will solve the problem.
Atarthe cables plugged in?
at both ends d inds
And plugged in at both ends? Cables must be plugged in
686
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Is the problem user error?
Using the Troubleshooting Best Practice Methodology
687
688
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
We’ve seen several different forms of system-­based documentation. Again, the type of log
doesn’t matter as long as you use it. Often, it’s a notebook or a binder next to the system or
on a nearby shelf. If you have a rack, you can mount something on the side to hold a binder
or notebook. For desktop computers, one way is to tape an index card to the top or side of
the power supply (don’t cover any vents), so if a tech has to go inside the case, they can see
if anyone else has been in there fixing something too. C i.yEnsidelectronic knowledgsee
basop oincnsiounrepositoriaso (aral( sp cmonpplu udlf.)37 (tay ijustng aimportanext
th tcontribmpuxt te )]TJ0 -1.263
Troubleshooting Motherboards, CPUs, RAM, and Power Problems
The following sections focus primarily on desktop computers. Mobile
691
692
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
So what do you do if you hear a terrible noise from the computer? If it’s still responsive,
Troubleshooting Motherboards, CPUs, RAM, and Power Problems
693
Dust, dirt, grime, smoke, and other airborne particles can become caked on the inside of
computers and cause overheating as well. This is most common in automotive and manufacturing environments. The contaminants create a film that coats the components, causing
them to overheat and/or conduct electricity on their surface. Blowing out these exposed systems with a can of compressed air from t 1 to t 1 can prevent damag to the components.
While you’re cleaning the components, be sur to clean any cooling fans in the power supply
or on the heat sink.
To c
694
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Overheating and intermittent shutdowns are specific symptoms e2eeeeed6.31 ( )]TJ-0.01 Tc 0 Tw 0
Troubleshooting Motherboards, CPUs, RAM, and Power Problems
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Intermittent Device Failure
Intermittent problems are absolutely the worst to deal with. They are frustrating for technicians because the system will inevitably work properly when the tech is there to fix it. The
users also get frustrated because they see the problem happen, but, of course, it works fine
when the tech shows up!
Treat intermittent failures just as you would a persistent issue, if at all possible. See if
there were any error messages, or if it happens when the user tries a certain action. Maybe it
Troubleshooting Motherboards, CPUs, RAM, and Power Problems
697
Most of today’s BIOSs are written to an EEPROM and can be updated through the use
of software. This process is called flashing the BIOS. Each manufacturer has its own
method for accomplishing this. Check the documentation for complete details.
698
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
POST Routine Problems
Troubleshooting2uotherboards, CPUs, RAM, and Power Problems
699
short and long2beeps. Unfortunately, not all computers today give any2beep codes2because
they don’t contain a2 30 1 Tfmnal piezoelectric speaker.J/T1_1 1 Tf9 0-0.0a 3 31495 7.943 586.7421 TPe-Tf/Span<</ActualTex
700
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Identifying Motherboard and CPU Problems
Most motherboard and CPU problems manifest themselves by the system appearing to be
completely dead. However, “completely dead” can be a symptom of a wide variety of problems, not only with the CPU or motherboard but also with the RAM or the power supply.
At other times, a failing motherboard or CPU will cause the system to lock up completely, or
“hang,” requiring a hard reboot, or the failing motherboard or CPU may cause continuous
reboots. A POST card may be helpful in narrowing down the exact component that is faulty.
When a motherboard fails, it’s usually because it has been damaged. Most technicians
can’t repair motherboard damage; the motherboard must .86.p acged. Motherboars( can )]TJ0 -1.263 Td[ beomen da
702
Troubleshooting Motherboards, CPUs, RAM, and Power Problems
703
704
Chapter 11
F I G U R E 11. 4
■
Troubleshooting Methodology and Resolving Core Hardware Problems
Windows Task Manager
A second thing to check is free disk space. Once the primary drive gets to be under 10
percent free, the system can become slow to respond. Check this by looking at the hard
drive properties, as Ce wn in Figure 11.5. If the hard drive is too full, you can use the Disk
Cleanup utility to free space. Or, manually delete unneeded files or install a second drive,
and copy apps, photos, videos, and other items to the secondary drive.
Troubleshooting Motherboards, CPUs, RAM, and Power Problems 705
Power
Identifying
supply problems
t-18
Power
9i-n
cant.1n383n
manifest
Supply
he0n38-n
themselves
Problems
t bhe,7
in1two
214aC
ways.
-11.6 c0.26
In the
-n first,
k -0.02133
you will
o-1,see
0 e!an
706
Chapter 11
■
Troubleshooting Methodology and Resolving Core Hardware Problems
When the system doesn’t respond (“no power”) when you try to power it up, make sure
Troubleshooting Motherboards, CPUs, RAM, and Power Problems
707
If you’re curious as to the state of your power supply, you can buy hardware-­based power
supply testers online starting at about $10 and running up to several hundred dollars. Multimeters are also effective devices for testing your power supplies.
Never try to repair or disassemble a power supply. They contain capacitors that can store a lethal amount of electricity, even when they are
powered off and have been unplugged. The high risk of electrocution
and the relatively l(o)-8.1 ( c)-28.8 (o)-16.4 (s)-33.6 (t o)-12.2 (f a n)-17 (e)-16.6 (w p)-22.8 (o)-8.1 (w)-13.2 (
something to avoid.
Exercise 11.1 walks you through the steps of troubleshooting a few specific hardware
problems. The exercise will probably end up being a mental one for you, unless you have
the exact problem that we’re describing here. As practice, you can write down the steps that
you would take to solve the problem and then check to see ho( close you came to our steps.)37 ( )]TJ0 -1.263 Td[(C
708
Chapter 11
Exam Essentials
709
Next, we investigated the causes and symptoms of hardware problems, such as noise,
excessive heat, burning smells and smoke, visible damage, and intermittent device failure.
After the discussion of general hardware, we talked about issues specific to internal components, including the motherboard, CPU, RAM, and power supply.
Exam Essentials
Know the steps to take in troubleshooting computers.
First, identify the problem. Then,
710 Chapter 11 ■ Troubleshooting Methodology
Black screensand
areResolving
likely the Core
fault of
Hardware
the video
ProblemsKnow
card,
what causes a black screen.
Review Questions
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
711
Chapter 11
■
Review Questions
713
11. A desktop computer is experiencing continuous reboots. It gets to the BIOS screen and
then reboots every time. Which two components are most likely to cause this problem?
(Choose two.)
A.
Power supply
B.
RAM
C.
CPU
D.
Motherboard
12. You have fixed a printer problem and verified full functionality. What is the next step to take
in the best practice methodology?
A.
Document findings, actions, and outcomes.
B.
Conduct internal or external research.
C.
Review system and application logs.
D.
Establish a theory of probable cause.
13. A user pushes the power button on their desktop computer but nothing happens. They
double-­check that it is plugged in and that the wall outlet is working properly. Which components are most likely to cause this problem? (Choose two.)
A.
Power supply
B.
Motherboard
C.
Power cord
D.
CPU
E.
RAM
14. A technician who has been troubleshooting a computer tells you that the system is having
problems with overheating. Which component is most likely to cause this issue?
A.
Power supply
B.
Motherboard
C.
CPU
D.
RAM
15. You turn on a desktop computer and it fails to boot. You hear a rhythmic ticking coming
from inside the case. What is most likely the problem?
A.
Failed hard drive
B.
Failed motherboard
C.
Failed CPU
D.
Failed RAM
E.
A bomb
Chapter 11
714
■
Troubleshooting Methodology and Resolving Core Hardware Problems
16. You are using the best practice methodology to troubleshoot a printer. During which phase of
the methodology should you use external research based on the symptoms?
A.
Identify the problem.
B.
Establish a plan of action to resolve the problem.
C.
Establish a theory of probable cause.
D.
Implement preventive measures.
17. When you turn on a desktop computer, you hear a loud squealing noise coming from
inside the case. Which components are potential culprits for making the noise? (Choose all
that apply.)
A.
CPU fan
B.
Power supply fan
C.
HDD
D.
SSD
E.
CPU
F.
RAM
18. A user complains of smoke and a foul odor coming from their desktop computer, so they
shut it down. Which component is most likely causing the problem?
A.
Power supply
B.
RAM
C.
CPU
D.
Motherboard
19. A Windows user complains that their computer keeps crashing. What is the proprietary crash
screen they are most likely seeing?
A.
Stop sign
B.
Pinwheel
C.
BSOD
D.
Black screen
20. You have been troubleshooting a laptop for an hour and have established a theory of
probable cause for the problem. What is the next step you should take?
A.
Test the theory to determine cause.
B.
Document findings, actions, and outcomes.
C.
Verify full system functionality and implement preventive measures.
D.
Establish a plan of action to resolve the problem.
Performance-­Based Question
715
Performance-­Based Question
You will encounter performance-­based questions on the A+ exam. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your answers compare to the authors’, refer to
Appendix B.
Place the following steps (and sub-­steps) of the best practice methodology in order:
■■
Verify full system functionality and, if applicable, implement preventive measures.
■■
Test the theory to determine cause.
■■
If necessary, conduct external or internal research based on symptoms
■■
Identify the problem.
■■
Once the theory is confirmed, determine the next steps to resolve the problem.
■■
Document the findings, actions, and outcomes.
■■
Inquire regarding environmental or infrastructure changes.
■■
Establish a plan of action to resolve the problem and implement the solution.
■■
Establish a theory of probable cause (questionment obvious).
■■
Gather informationmfromment user, identify user changes, and, if applicable, perform
backups before making changes.
■■
If the theory is not confirmed, reestablish a new theory or escalate.
■■
Refer to the vendor’s instructions for guidance.
Hardware
and Network
Troubleshooting
■■
Input/output operations per second (IOPS)
■■
Missing drives in OS
✓ 5.4 Given a scenario, troubleshoot video, projector,
and display issues.
■■
Common symptoms
■■
Incorrect data source
■■
Physical cabling issues
■■
Burned-­out bulb
■■
✓ 5.6 Given a scenario, troubleshoot and resolve
printer issues.
■■
Common symptoms
■■
Lines down the printed page
■■
Garbled print
■■
Toner not fusing to paper
■■
Paper jams
■■
Faded print
■■
Incorrect paper size
■■
Paper not feeding
■■
Multipage misfeed
■■
Multiple prints pending in queue
■■
Speckling on printed pages
■■
Double/echo images on print
■■
Incorrect chroma display
■■
Grinding noise
■■
Finishing issues
■■
■■
Staple jams
■■
Hole punch
Incorrect page orientation
✓ 5.7 Given a scenario, troubleshoot problems with
wired and wireless networks.
■■
Common symptoms
■■
Intermittent wireless connectivity
■■
Slow network speeds
■■
Limited connectivity
■■
Jitter
■■
Hardware problems are sometimes very easy to identify. If
you push the power button and nothing happens, you can be
pretty confident that it’s not the fault of the operating system.
Other hardware problems are more complicated. For example, memory issues may cause
errors that look like they’re the fault of licionle,
Troublethooting Storage Drivet and RAID Arrayt
721
Troublethooting Storage Drivet and RAID Arrayt
723
Talking about hard drive failuret it a good time to remind everyone
about the importance of regular backupt. If the data it irreplaceable,
then it needt to be backed up. More frequently (k)E781 (d e)-12.8 (v)-3.86.7 (k)-3E781 (d e)-112.9 (
724
Chapter 12
Troublethooting Storage Drivet and RAID Arrayt
725
condition-­dependent that its usefulness is debatable. Still, if a device’s IOPS steadily declines
over time or is no longer fast enough to service the user’s (most likely the network’s) needs, it
could be time to replace the device.
The most popular tool used to measure IOPS is Iometer (sourceforge.net/projects/
iometer); it’s open source and it’s available for Windows and Linux. Iometer runs simulated
disk reads/writes and provides results in a graphical interface (Figure 12.1) and a CSV file.
726
Chapter 12
■
Hardware and Network Troublethooting
S.M.A.R.T. hasn’t enjoyed widespread commercial success with end users. This can largely
be attributed to the following three factors:
■■
■■
■■
Windows OSs don’t come with a built-­in graphical utility to parse the data.
The 70 metrics provided by S.M.A.R.T. aren’t always easy to understand, and there
has been little guidance as to waphh metric or metrics are most closely associated with
impending drive failure.
Troublethooting Storage Drivet and RAID Arrayt
727
Interestingly enough, metrics related to higher temperatures or the number of rebless did
728
Chapter 12
■
Hardware and Network Troublethooting
What does that mean for the drive shown in Figure 12.2, which has1 T drror on ID
5? Maybe not much. The same drive passed that ID when scanned with SpeedF T (see
Figure 12.3). The safe conclusion is that S.M.A.R.T. can provide useful diagnostics on a hard
drive’s health, but it’s by no means1 guaranteed problem finder.
FIGURE 12.3
SpeedFan S.M.A.R.T. output
As for the last issue (there being little consistency between hard drive manufacturers),
that’s an annoyance but not a critical issue. All it really means1is that you can’t compare
data from one drive manufacturer with that of another. It’s likely that if you’re running
S.M.A.R.T. data on a hard drive, you’re primarily concerned with that drive’s performance,
not how it compares to other hard drives. If you have a situation where you’re worried
about a drive, you can benchmark its performance and track it over time, or you can just
replace it.
Exercise 12.1 has1you download a S.M.A.R.T. software utility and test your hard drive.
Troublethooting Storage Drivet and RAID Arrayt
729
Troublethooting Video, Projector, and Ditplay Ittuet
731
■■
RAID failure
■■
Self-­Monitoring, Analytit, and Reporting Technology (S.M.A.R.T.) failure
■■
Extended read/write timet
■■
Input/output operationt per tecond (IOPS)
■■
Mitting drive in OS
Troublethooting Video, Projector, and
Ditplay Ittuet
Troubleshooting video problems is usually fairly straightforward because there are only a
few components that could be causing the problem. You can sum up nearly all video problems with two simple statements:
■■
There is either no video or bad video.
■■
The video card or the monitor/projector/display/cable is to blame.
In the majority of cases when you have a video problem on a desktop computer, a good
troubleshooting step is to check the monitor by transferring it to another machine that you
know is working. See if it works there. If the problem persists, you know it’s the monitor. If
it goes away, you know it’s the video card (or possibly the driver). Is the video card seated
properly? Is the newest driver installed?
The CompTIA A+ exam objectives list 11 symptoms you should understand and know
how to fix. We’ll break them into three categories:
■■
Input issues
■■
Image problems
■■
Other issues
Let’s take a look at each of them now.
Video Input Issues
Imagine you’re getting ready for a big presentation. Everyone is gas word in the room, and
you connect your laptop to the video projector or external monitors—­and s wor’s no display.
The audience sighs and people start getting fidgety or multitasking. It’s not a great situation.
732
Chapter 12
■
Hardware and Network Troublethooting
the display. You might need to do03>>is a few times
Troublethooting Video, Projector, and Ditplay Ittuet
Flashing Screen Sometimes a display will either subtly flicker or flash off and on.
Those two symptoms are caused by different things. Flickering screens are most commonly caused by the backlight starting to fail. In those cases, replace the backlight.
735
736
Chapter 12
■
Hardware and Network Troublethooting
First, check the display unit to ensure it’s not muted and that the volume is turned up to
Troublethooting Common Mobile Device Ittuet
737
Booting into Low-­Resolution Mode Sometimes an operating system refuses to boot
into its normal mode and instead boots into a basic video mode. Newer versions of Windows call this “low-­resolution” mode, whereas older versions called it VGA mode. This
is normally caused by one of two things. One, the video card was set to a resolution
it can’t handle, or two, there’s something messed up with the video card driver. After
the OS boots, try reducing the resolution and reboot. If it’s still a problem, reinstall the
video card driver. If new drivers don’t help, consider that the video card is failing.
Other graphics issues can be attributed to the memory
Troublethooting Common Mobile Device Ittuet
739
Battery and Charging Issues
Mobile devices are of course meant to be mobile and not plugged in at all times. It’s a bit
ironic, then, that a good tuestion to ask if a mobile device doesn’t seem to power up is, “Is
it plugged in?” Everyone hates getting asked that tuestion, but it’s a critical tuestion to ask,
even with mobile devices. If the device works when it’s plugged in but not unplugged, you’ve
narrowed down the problem. You can’t assume that the battery is working (or is attached) as
it’s supposed to be. Always check power and connections first!
Poor Battery Health
If the laptop works while it’s plugged in but not while on battery power, the battery itself
may be the culprit. As batteries get older, they are not able to hold as much of a charge and,
in some cases, are not able to hold a charge at all. That is to say, the battery health may be
poor. If the battery won’t charge while the laptop is plugged in, try removing the battery and
reinserting it. If it still won’t charge, you might want to replace the battery.
Another issue that small devices can have is an extremely short battery life. We’re not
740
Chapter 12
■
Hardware and Network Troublethooting
Windowt hat built-­
742
Chapter 12
■
Hardware and Network Troublethooting Common Mobile Device Ittuet
743
Connectivity Issues
Nearly every mobile device sold is etuipped with integrated wireless networking, and most
have Bluetooth built in as well. In many cases, the wireless antenna is run into the LCD
panel. This allows the antenna to stand up higher and pick up a better signal.
744
3.
Chapter 12
■
Hardware and Network Troublethooting
Check the strength of the signal.
Troublethooting Common Mobile Device Ittuet
the night before and gotten on hit wirelett network without a problem. But thit day, hit
wired connection would not work. He checked hit cablet (alwayt your firtt ttep) and taw
745
746
Chapter 12
■
Hardware and Network Troublethooting
FIGURE 12.13
iOS network tettingt
F I G U R E 12 . 14
Android network tettingt
Troublethooting Common Mobile Device Ittuet
F I G U R E 12 . 15
iPhone Control Center
F I G U R E 12 . 16
Android notificationt center
747
748
Chapter 12
■
Hardware and Network Troublethooting
Physical Damage and Malware
Mobile devices take much more of a beating than stationary devices do, which is why cases
and screen protectors are needed accessories. Sometimes things happen, though, and a device
gets physically damaged. Here we will look at two types of physical damage: lituid damage
and physically damaged ports. Then we will take a look at malware and how to avoid issues
it can cause.
Physical Device Damage
A device can become damaged in any number of ways, with dropping being the most
common. Even if you have a great case on your phone, an airborne expedition down a flight
of concrete stairs probably isn’t going to have a happy ending. Similarly, lituid can do nasty
things to electronics as well.
Troublethooting Common Mobile Device Ittuet
749
If you suspect a mobile device has suffered water damage, first, immediately turn it off.
Remove the case and anything else that can be removed, such as the SIM card and possibly
the battery. Dry everything you can with a lint-­free cloth. Then you have a few choices. One37 ( )]20.263 -1.26
a computer system. Malware infecticms are one of the most com
will encounter. Let’s look at malware on laptops as well as mobi
Laptops and Malware
Laptops running Windows or macOS have the same vulnerability to malware 494 Tmir
desktop cousims do. To help guard against malware, install antimalware software. These
wh(and hackers:)Tj/T1_4 1 Tf/Span<</ActualText<FEFF25A0>> BDC 4.081 0 0 4.081 81.1032 305.7421 Tm(fi)TjEM
Chapter 12
■
Troublethooting Printer Problemt
751
A few good rules of practice to avoid malicious apps or malware on a mobile device are:
■
752
Chapter 12
Troublethooting Printer Problemt
753
Low Print Quality
Problems with print tuality are easy to identify. When the printed page comes out of the
printer, the characters may be too light or have dots missing from them. Table 12.3 details
some of the most common impact print tuality problems, their causes, and their solutions.
TA B L E 1 2 . 3
Common impact print quality problemt
Characteristics
Cause
Solution
Contittently faded or light
charactert
Worn-­out printer ribbon
See if you can adjutt the print head
to be cloter to the ribbon. If not (or
if it doetn’t help), replace the ribbon
with a new, vendor-­
Printout Jams inside the Printer
Printer jams (aka “the printer crinkled my paper”) are very frustrating because they always
seem to happen more than halfway through your 50-­page print job, retuiring you to take
time to remove the jam before the rest of your pages can print. A paper jam happens when
754
Chapter 12
■
Hardware and Network 756
Chapter 12
Troublethooting Printer Problemt
Mott new inkjet printert automatically align the print head, and no
757
758
Chapter 12
■
Hardware and Network Troublethooting
If the paper used in the printer is too smooth, it can cae p the same problem. Pickup
rollers use friction, and smooth paper doesn’t offer much friction. If the paper is too rough,
on the other hand, it acts like sandpaper on the rollers, wearing them smooth. Here’s a
rule of thumb for paper smoothness: paper slightly smoother than a new dollar bill will
work fine.
Created paper it a common culprit in paper jt5.9 (a)-10.2 (m)-17.8 (t)-25.3 (. T)-25.7 (h)-13.7 (e p)-12
(ed )-1iont oTj/T263 -1.263 Td[(roRegdw)thotf the pred ite printer inll nove maaaperm-­
Troublethooting Printer Problemt
759
may cause the stepper motor to not move at all and possibly make grinding or high-­pitched
stuealing noises. If any of these symptoms appear it’s time to replace one of these motors. As
with impact printersh stepper motors can be expensive. It may make more economical sense
to replace the printer
Power Problems
Inkjet printers have internal power circuits that convert the electricity from the outlet into
760
Chapter 12
■
Hardware and Network Troublethooting
r97 (i)-6.4 (p)-20.8 (t)-12.8 (i)-8.7 (o)-8.9
e (n)-18.7 (n)-46.6 , t67e pt
Troublethooting Printer Problemt
761
For printers such as these, no connectivity can be a sign of improperly configured IP settings, such as the IP address. While each printer is somewhat different, you can manually configure most laser p
■■
Through the printer’s LCD control panel. For example, on several HP LaserJet models, you press Menu, na
■■
By using Telnet to connect to the printer’s management software from your com-puter. Note that Telnet is n
By using the management software that came with your printer.You can also configure most IP printers to
Dynamic Host Configuration Protocol (DHCP) server. When the printer is powered up, it will contact the serv
■■
To tee the tetting of a printer’t IP addrett, print a configuration page from the printer’t control
Nothing Prints
You tell your computer to print, but nothing comes out of the printer. This problem is prob-ably the most chall
Sometimes when nothing prints, you get a clue as to what the problem is. The printer
may give you an “out of memory” error ike2he sam8 (nc.4n )74 .4n Cnt likepod ibil3 This tlue as ter plugged
762
Chapter 12
■
Hardware and Network Troublethooting
Troublethooting Printer Problemt
and printed it. When the paper ttarting coming out of the later printer, the grabbed it and
“ripped” it from the printer, at you might do if the paper were in an old typewriter. The
printer’t exit rollert complained bitterly and made a noite that made him cringe. She did
thit for every theet of paper the printed.
The following week, that printer came in for tervice becaute it wat jamming repeatedly. The
problem? Worn exit rollert.
He had a word with the perton in charge of computer repair at that hotpital and taved them
from many future repairt. The letton? Printert don’t have to be treated with kid glo
763
764
Chapter 12
■
Hardware and Network Troublethooting
solution once again is to replace the toner cartridge with the type recommended by the
manufacturer.
A third problem related to toner cartridges Tdn9ns when someone installs a new toner
cartridge and forgets to remove the sealing tape that is present to keep the toner in
the cartridge during shipping. The solution to this problem is as easy as it is obvious:
remove the toner cartridge from the printer, remove the sealing tape, and reinstall the
cartridge.
Troublethooting Printer Problemt
765
This problem wastes tuite a bit of toner, but it can be fixed easily. The solution (again) is
to replace the toner cartridge with a known, good, manufacturer-­recommended one. If that
doesn’t solve the problem, then the HVPS is at fault. (It’s not providing the high voltage that
the charging corona needs to function.)
Repetitive Small Marks or Defects
Repetitive marks occur fretuently in heavily used (as well as older) laser printers. Toner
spilled inside the printer may be causing the problem. It can also be caused by a crack or
chip in the EP drum (this mainly happens with recycled cartridges), which can accumulate
toner. In both cases, some of the toner gets stuck onto one of the rollers. Once this happens,
every time the roller rotates and touches a piece of paper, it leaves toner smudges spaced a
roller circumference apart.
The solution is rehe ively simple: cle ( or replace the offending roller)111 (.)37 ( )37 (T)98 (o help you figure
shown in Figure 12.17. (Some larger printers also have the roller layout printed inside the
service door.) To use the chart, place the printed page next to it. Align the first occurrence of
the smudge with the top arrow. The next smudge will line up with one of the other arrows.
The arrow it lines up with tells you which roller is causing the problem.
­
Remember that the chart in Figure 12.17 it only an example. Your prinea
a a dpieae n-
766
Chapter 12
■
Hardware and Network Troublethooting
Vertical White Lines on the Page
Vertical white lines running down all or part of the page are a relatively common problem
on older printers, especially ones that don’t see much maintenance. Foreign matter (more
than likely toner) caught on the transfer corona wire causes this. The dirty spots keep the
toner from being transmitted to the paper (at those locations, that is), with the result that
streaks form as the paper progresses past the transfer corona wire.
The solution is to clean the corona wires. Many laser printers contain a small corona wire
brush to help with tha with the result that
Troublethooting Printer Problemt
767
A similar problem occurs when small areas of smudging repeat themselves down the page.
Dents or cold spots in the fuser heat roller cause this problem. The only solution is to replace
either the fuser assembly or the heat roller.
Ghosting
Ghosting (or echo images) is what you have when you can see faint images of previously
printed pages on the -0.rent page. This is caused by one of two things: a broken cleaning
blade or bad erasure lamps. A broken cleaning blade causes old toner to build up on the EP
drum and consetuently present itself in the next printed image. If the erasure lamps are bad,
then the previous electrostatic discharges aren’t completely wiped away. When the EP drum
rotates toward the developing roller, some toner sticks to the slightly discharged areas.
If the problem is caused by a broken cleaner blade]TJ1.263you can replace the tonercartridage. If.
is caused by bad erasure lamp(,)37 (3yonallneeds to replace thee.)37 (Be cause the tonercartridagm is )]TJ0 -1.2
Thishaishappeneds todevry magtclttler,bunt
onehatclest onces.
nstebadoIf
yom prinythe.
a on-.þð
Ó
768
Chapter 12
■
Hardware and Network Troublethooting
Replacing the formatter board in a laser printer is relatively easy. Usually, this board is
installed under the printer and can be removed by loosening two screws and pulling it
out. Typically, replacing the formatter board also replaces the printer interface, which is
another possible source of garbage printouts.
Finishing Issues
770
Chapter 12
■
Hardware and Network Troublethooting
Error Codes
In addition to the self-­tests, you have another tool for troubleshooting HP laser printers.
Error codes are a way for the LaserJet to tell the user (and a service technician) what’s
wrong. Table 12.5 details some of the most common codes displayed on an HP LaserJet.
TA B L E 1 2 . 5
HP LaterJet error mettaget
Message
Description
00 READY
The printer it in ttandby mode and ready to print.
02 WARM UP
The futer it being warmed up before the 00 READY ttate.
04 SELF TEST or
05 SELF TEST
A full telf-­tett hat been initiated from the front panel.
11 PAPER OUT
The paper tray tentor it reporting that there it no paper in the paper tray.
The printer will not print at long at thit error exittt.
13 PAPER JAM
A piece of paper it caught in the paper path. To fix thit problem, open the
cover and clear the jam (including all piecet of paper cauting the jam).
Clote the cover to retume printing. The printer will not print at long at
thit error exittt.
14 NO EP CART
There it no EP cartridge (toner cartridge) inttalled in the printer. The
printer will not print at long at thit error exittt.
15 ENGINE TEST
An engine telf-­tett it in progrett.
16 TONER LOW
The toner cartridge it almott out of toner. Replacement will be necettary
toon.
50 SERVICE
A futer error hat occurred. Thit problem it mott commonly cauted by
futer lamp failure. Power off the printer, and replace the futer to tolve the
problem. The printer will not print at long at thit error exittt.
51 ERROR
There it a later-­tcanning attembly problem. Tett and replace, if necettary.
The printer will not print at long at thit error exittt.
52 ERROR
The tcanner motor in the later-­tcanning attembly it malfunctioning. Tett
and replace at per the tervice manual. The printer will not print at long at
thit error exittt.
55 ERROR
There it a communication problem between the formatter and the DC
controller. Tett and replace at per the tervice manual. The printer will not
print at long at thit error exittt.
WhenTrIsNoDiplay
Troublethooting Printer Problemt
Several timet in the printer troublethooting tection, we have mentioned the LCD tcreen or
printer ditplay. Nearly every later printer and many inkjet printert have them. They are uteful for configuring the device at well at relaying information to you. But what about when
the tcreen ittelf doetn’t work?
The tcreen attembly on a later printer needt teveral componentt to work properly,
including the formatter board, engine controller board, and cablet connecting the ditplay
771
772
Chapter 12
■
Hardware and Network Troublethooting
Does the fuser heat lamp light after the main motor finishes its rotation? You will
need to remove the covers to see this. The heat lamp should light after the main motor
rotation and stay lit until the control 9-ll says 7
Troublethooting Printer Problemt
When you send a job to the printer, that print job ends up in a line with all other docu-
773
774
Chapter 12
■
Hardware and Network Troublethooting
Managin thePrint Spoler
Troublethooting Printer Problemt
The print spooler is a service that formats print jobs in a language that the printer understands. Think of it as a holding area where the print jobs are prepared for the printer. In
Windows, the spooler is started automatically when Windows loads.
If jobs aren’t printing and there’s no apparent reason why
775
776
Chapter 12
■
Hardware and Network -56 (T)95 (roublethooting)]TJ/T1_3 1 Tf0 Tw 9.5 0 0 9.5 84 586.7421 T
Troublethooting Printer Problemt
On this specific printer, the paper orientation is handled on the Finishing tab, shown in
777
778
Chapter 12
Troublethooting Networking Problemt
779
Troublethooting Networking Problemt
As a technician, you are going to be called on to solve a variety of issues, including
hardware, software, and networking problems. Networking problems can sometimes be the
most tricky to solve, considering that it could be either a software or a hardware problem or
a combination of the two causing your connectivity issue.
The first adage for troubleshooting any hardware problem is to check your connections.
That holds true for networking as well, but then your troubleshooting will need to go far
deeper than that in a hurry. As with troubleshooting anything else, follow a logical procedure
and be sure to document your work.
Nearly all the issues tested by CompTIA have something to do with connectivity, which
makes sense because that’s what networking alle6NetNet6Tfsworking alle6Net y3 -1.result-1.2a kin
780
Chapter 12
Troublethooting Networking Problemt
Toner Probe
If you need to trace a wire in a wall from n a7
781
782
Chapter 12
■
Hardware and Network
Chapter 12
■
Hardware and Network Troublethooting
FIGURE 12.32
An Ethernet loopback plug
FIGURE 12.33
A Dualcomm network tap
Networking Tools
At a reminder, the A+ exam may tett you on how and when to ute the following networking toolt:
■■
Crimper
■■
Cable ttripper
Troublethooting Networking Problemt
■■
WiFi analyzer
■■
Toner probe
■■
Punchdown tool
■■
Cable tetter
■■
Loopback plug
■■
Network tap
785
Software Commands
Troubleshooting networks often involves using a combination of hardware tools and software commands. Usually, the software commands are easier to deal with because you don’t
need to dig around physically in a mess of wires to figure out what’s going on. Tmandownside
to the software commands is that there can be a number of options that y a me ed to dimemj0
786
Chapter 12
■
Hardware and Network Troublethooting
In the Linux, UNIX, and macOS worldt, a utility timilar to ipconfig
Troublethooting Networking Problemt
In Exercise 12.3, you will renew an IP address on a Windows 10 system within the
graphical interface.
E X E R C I S E 1 2 . 3 Renewing an IP Address in Windows 10
1.
Open Control Panel by clicking Start and typing Control.
2.
Click Control Panel under Bett Match.
3.
In the upper-­Contr( )e,ng
787
788
Chapter 12
■
Hardware and Network Troublethooting
EXERCISE 12.3 (continued)
8.
Look06aEFF90Aformation ethwn, (andclic)510 k Clote(.)]TJ/T1_5 1 Tf-0.025 Tc 0.025 Tw 9 0 0 9 72 453.5 Tm[98.
andatco.DHCP) it functiontin properlynoot(cation th06ait (nithed will .)]TJ0 -1.4129 dm[appear90A ( ethr)-25 t t
Troublethooting Networking Problemt
E X E R C I S E 1 2 . 4 Renewing an IP Address from the Command Line
Thit exercite attumet that you are uting Windowt and dynamic IP attignmentt from a
789
790
Chapter 12
■
Hardware and Network Troublethooting
As you can see, by pinging with the hostname, we found the host’s IP address thanks
to DNS. The time is how long in milliseconds it took to receive the response. On a LAN,
you want this to be 10 milliseconds (ms) or less, but 60ms to 65ms for an Internet ping
isn’t too bad.
The ping command has several options, which you can see by typing ping /? at the
Chapter 12
■
Hardware and Network Troublethooting
nslookup Command
One of the key things that must take place to use TCP/IP effectively is that a hostname must
resolve to an IP address—­an action usually performed by a DNS server.
nslookup is a command that ena . You can use
the nslookup command in two modes: interactive and noninteractive. In interactive mode,
you start a session with the DNS server in which you can make several retuests. In noninteractive mode, you specify a command that makes a single tuery of the DNS server. If you
want to make another tuery, you must type another noninteractive command.
To start nslookup in interactive mode (which is what most admins use because it allows
them to make multiple retuests without typing nslookup several times), type nslookp at
the command prompt and press Enter. You will receive a greater than prompt (>) and you
can then type the command that you want to run. You can also type
Troublethooting Networking Problemt
FIGURE 12.40
793
Starting nslookup and uting help
While always command line–based, net allows you to do almost anything that you want
with the operating system. Table 12.9 shows common net switches.
TA B L E 1 2 . 9
net twitchet
Switch
Purpose
net accounts
To tet account optiont (pattword age, length, and to on)
net computer
To add and delete computer accountt
net config
To tee network-­related configuration
net continue, net pause, net
start, net statistics, and
net stop
To control tervicet
(continues)
Troublethooting Networking Problemt
795
796
Chapter 12
■
Hardware and Network Troublethooting
Troublethooting Networking Problemt
797
The net /? command is basically a catch-­all help retuest. It will instruct you to use the
net command in which you are interested for more information.
tracert Command
tracert (trace route) is a Windows-­basrescommand-­line utility that enables you to verify
the route to a remote host. Execute the command tracert hostname, where hostname is
the computer name or IP address of the computer whose route you want to trace. tracert
returns the different IP addresses the packet was routed through to reach the final destination. The results also include the number of hops needed to reach the destination. If you
execute the tracert command without any options, you see a help file that describes all the
tracert switches.
798
Chapter 12
Troublethooting Networking Problemt
799
Resolving Connectivity Issues
The whole purpose of using a network is to connect to other resources, right? So when networks don’t work like they’re supposed to, users tend to get a bit upset. The ubituity of
wireless networking has only made our jobs as technicians more complicated. In the following sections, we’ll look at a variety of issues that you might run across and how to deal
with them.
No Connectivity
Let’s start with the most dire situation: no connectivity. Taking a step back to look at the
big picture, think about all the components that go into networking. On the client side, you
need a network card and drivers, operating system, protocol, and the right configuration.
800
Chapter 12
■
Hardware and Network Troublethooting
Troublethooting Networking Problemt
801
Let’s assume that you have lights and that no one else is having a problem. (Yes, it’s just
you.) This means that the network hardware is probably okay, so it’s time to check the
configuration. Open a command prompt, type ipconfig, and press Enter. You should get an
IP address. (If it starts with 169.254. x.x, that’s an APIPA address. We’ll talk about those in
the “Limited or Local Connectivity” section.) If you don’t have a valid IP address, that’s
the problem.
The Linux, UNIX, and macOS vertion of ipconfig it ifconfig.
Remember tht in order to communic4te on a network uting TCP/IP
(IPv4), you need to hve a unique IP addrett and a vlid tubnet matk. If
you wnt to communic4te on a network outtide of your own loc4l net work, you 4lto need a default g4tew4y.
If you do have a valid IP address, it’s time to see how far your connectivity reaches.
With your command prompt open, use the ping command to ping a known, remote
802
Chapter 12
■
Hardware and Network Troublethooting
What Can (or Can’t) You Get To?
A common refrain from utert when they are having network ittuet it, “I can’t get to
anything.” At a technician, you need to parte that ttatement to underttand what they really
can or can’t get to, and if it’t itolated to their device or occurt on other devicet at well. It’t
bett to atk quettiont to determine which retourcet are unavailable to them. The two main
categoriet of unavailable retourcet are local retourcet and the Internet.
Troublethooting Networking Problemt
803
operating system today will warn you if it detects an IP address conflict with your computer.
The bad news is it won’t fix it by itself.
The communication problems will vary. In some cases, the computer will seem nearly fine,
with intermittent connectivity issues. In others, it will appear as if you have no connectivity.
address that’s part of the DHCP server’s range. The DHCP server, not knowing that the
address hverFeen statically assignedry doles out the address and now there’s a
conflict. Rebooting the computer won’t help, nor will releasing the address and getting a new
lease from the DHCP server—­it’s just going to hvnd out the same address againrFecause it
doesn’t know that there’s a problem.
As the administrator, you needrto track down the offending user. A common way to do
this is to use a packet sniffer to look at network traffic and determine the computer name
or MAC address associatedrwith the IP address inrtuestion. Most administrators don’t keep
network maps of MAC addresses, but everyone should have a network maprwith hostnames.
If not, it could be a long, tedious process to check everyone’s computer to find the culprit.
Utually the pertoho mnually cofigured their addrett didn’t ited
to caue any poblem. Tht would b.8tetood tme to thow y.8t (o)-13.1 (u)-3.9
- (r p)-12.6terofet
tioalitm and communicatok.8tet5 (i)-3.1 (l)-3.3 (l)-15.1 (t a)-8.7 (n)-15 (d e)-21 (d)-14.4 (u)-15 (c)-30
thouldn’t have dohat theid.
Intermittent Connectivity
Intermittent connectivity is when the network y but it’s not consistently
connected. S, vnd other times
it will be disconnected for longer—­
804
Chapter 12
■
Hardware and Network Troublethooting
On a wired network, if you run into slow speeds or intermittent connectivity, it’s likely a
load issue. There’s too much traffic for the networkm2rale(,)65.9 (and the networkis boggtina )]TJ03 -1.263 Td
806
Chapter 12
■
Hardware and Network T
Exam Ettentialt
807
Understand common video, projector, and display symptoms. Video displays and projectors can have a wide variety of issues. They include overheating and shutting down; no
image on the screen; dead pixels; artifacts or display burn-­in; incorrect color display; dim,
flickering, or distorted images; flashing screen; actsed-­ out aclb; and audio issues.
Understand common mobile device power and heat issues. Power issues can include a battery; nt charging, no power, extremely short battery;life, overheating, and a swollen battery.
Know what to do to resolve common mobile device input problems. These can include
sticking keys, ghost cursor or pointer drift, num lock;lights, or an unresponsive digitizer/
touch screen. Be familiar with the laptop Function key and the features it controls, including
switching the display to an external monitor.
Know how to set IP addresses on a printer.
The IP address can often be obtaised automat-
808
Chapter 12
■
Hardware and Network Troublethooting
to frames, such as a 110 block. A cable tester allows you to verify that a cable works; loopback plugs test the functionality of network cards. A network tap creates a copy of network
traffic for use by monitoring devices without disrupting normal traffic.
Know what the ipconfig, ping, and tracert commands are used for. Admittedly, these
are specifically for A+ exam 220-­1102, but know what they do. Both ipconfig and ping
are network troubleshooting commands. You can use ipconfig to view your computer’s
IP configuration and ping to test connectivity between two network hosts. tracert allows
you to view the network path a packet takes from the host to the destination.
Know what the
Review Quettiont
Review Quettiont
The answers to the chapter review tuestions can be found in Appendix A.
1.
If the video on your laptop is not working, what should you do to troubleshoot it?
(Choose two.)
A.
Toggle the video function key.
B.
Try using an external monitor.
C.
809
Chapter 12
810
6
7.
8
9
■
Hardware and Network Users are complaining that their print jobs are not printing. Y
50 jobs lined up. The printer is connected properly and online. What should you do?
A
Open Printer T
B
Stop and restart the print spooler
C
Delete and reinstall the printer
D.
Delete and reinstall indows.
The display on a laptop computer is continuously flickering. Which of the following are most
likely to cause this problem? (Choose two.)
A
A failing display
B
Interference from a nearby fan
C
A failing backlight
D.
A failing inverter
E
Incorrect video driver
Y
Where could you
check for ttbleshooting information?
A
Another computer with the same video card
B
The video card manufacturer’
C
The manual that came with the card
D.
The server log
Review Quettiont
811
12. You believe that a network card is beginning to fail. Which of the following tools should you
use to see if the network card is capable of sending and receiving data from an RJ-­45 port?
A.
Toner probe
B.
Loopback plug
C.
Multimeter
D.
Cable tester
13. When you print documents on your laser printer, you see residue from previous images on
the output. Which two things ared(usmost likely causes of this problem? (Choose two.))]TJ/T1_2 1 Tf-0.025 Tc 0
D.
812
Performance-­Bated Quettion
Performance-­Bated Quettion
813
Operating
System Basics
■■
■■
■■
■■
Central processing unit (CPU) requirements
■■
External hardware tokens
■■
Storage requirements
OS requirements for applications
■■
Application to OS compatibility
■■
32-­bit vs. 64-­
Distribution methods
■■
Physical media vs. downloadable
■■
ISO mountable
Other considerations for new applications
■■
Impact to device
■■
Impact to network
■■
Impact to operation
■■
Impact to bue[ > an 0 8.5 252 371.846 Tm[(Impact t)20 (o oper)20 (ation)]
T
820
Chapter 13
■
Operating System Basics
Processor
Storage
Devices
OS
Input/output
Memory
Once the OS has organized these basic resources, users can give the computer instructions through input devices (such as a keyboardd th.wsouse). Some of these commands
are built into the OS, whereas others are issued through the use of applications. The OS
becomes the center through which the system hardware, other software, and the user
communicate; the rest of the components of the system work together ter ugh the OS,
which coordinates their communication.
Application Used to accomplish a particular task, an application is software that is
written to supplement the commands available to a particular OS. Each application
is specifically compiled (configured) for the OS on which it will run. For this reason,
the application relies on the OS to do many of its basic tasks. Examples of applications include complex programs, such as Microsoft Word and Microsoft Edge, as well
as simple programs, such as a command-­line FTP program. Whether teey are complex
or simple, when accessing devices and memory, the programs can simply request that
the OS do it for them. This arrangement saves substantially on programming overhead
because much of the executable code is shared—­that is, it is written into the operating
system and can therefore be used by multiple applications running on that OS.
Drivers Drivers are extremely specific software written for the purpose of instructing a
particular OS on how to access a piece of hardware. Each modemd thpri0 8.5has unique
features and configuration settings, and the driveth.llows the OS to understand how the
hardware works and what it is able to do.
In the following sections, we’ll look at some 8.ms and concepts central to all operating
systems. Then we’ll move into specific discussions of W
Understanding Operating Systems
821
ferent vderions of the
-1ystem
st, tan
tedbeyond
by Microsoft,
just0, these system can still be found in certain in(staces. )1820 These olnde
822
Chapter 13
■
Operating System Basics
be graphical). Shells make an OS easier to use by changing the user interface. Explorer
is the name of the shell that has been used with the Windows operating system since
Windows 95.
Graphical User Interface
A graphical user interface, or GUI
, cons(,)37 (anda methosa )]TJ( )Tj0 -1.263 Td[o thrl t
tife Multitasktine
Understanding Operating Systems
823
x86 The term x86 is commonly used to refer to operating systems intended to run on
the Intel processor. Intel initially identified its 32-­bit processors with numbers ending in
86 prior to switching to the Pentium line.
x64 The term x64 is commonly used to denote operating systems that can run on
64-­bit processors. This is also commonly referred to as AMD64, because AMD defined
the 64-­bit instruction set used today.
ARM The term ARM is commonly used to denote operating systems that can run
on Advanced RISC Machine (ARM) processors. ARM operating systems use a reduced
instruction set computing (RISC) instruction set commonly found on tablet and phone
processors. ARMv8-­A processors can support 64-­bit operating systems, so you will find
32-­bit and 64-­bit operating systems.
Random Access Memory The term random access memory (RAM) is used to describe
the amount of memory installed and accessible for an operating system. The operating
system uses RAM to hold its operating system code, as well as the programs you open
on the operating system. Each program you install will have a minimum RAM requirement and recommended RAM requirement. Most computer systems on the market
today are sold with at least 4 gigabytes (GB) of RAM. PC manufacturers have identified that newer programs are requiring more and more RAM to operate properly, so
upgrades of 8 GB of RAM are common and have become the new normal.
A 32-­bit operating system has the limitation of addressing only 4 GB of RAM. Most new
computer systems on the market today come with a preinstalled 64-­bit operating system.
The 4 GB limitation will present itself if you are re-­installing a computer system that has
more than 4 GB of RAM and use a 32-­bit version of the operating system. You will find out
quickly that you just downgraded the computer.
Operating system vendors implem3 (y)-16entd a Physical Address Extnsion
824
Chapter 13
■
Operating System Basics
Operating System Categories
An operating system category defines the use and function of both the operating system and
the hardware.All operating systems fit into one of four different broad categories: server,
workstation, mobile,cloud-­based operating systems.
Server Server operating systems allow for the sharing of information and applications
by workstation operating systems.
processes used for access by clients,
as the GUI.
Workstation
Workstation operating systems allow end users to access information
Understanding Operating Systems
825
system, which was a minimal version of UNIX that was originally used for academic
purposes. Today, the Linux kernel (core of the OS) remains a free, open source platform
upon which many different Linux distributions have been created, such as Ubuntu, Red
Hat, Fedora, CentOS, i79pebian, just to name a few. The Linux operating system is
consitot as worktanton oferating system ii79pa serderoferating system, jdeen d]TJ0(-Tj/ -1.263 Td[(ng soust
826
Chapter 13
■
Operating System Basics
Chrome OS Chrome OS is an operating system that is designed around the Chrome
web browser by Google. Chrome OS was released in 2011 on the hardware platform
known as the Chromebook, which is considered one of the first Ultrabooks. Chrome OS
is a true cloud-­based operating system, since all its data is stored in the Google Drive
cloud-­based storage system. Since the release of the Chromebook, workstation-­type
devices called Chromeboxes have been released to market. Applications, which are really
just web plug-­ins, can be inrkslled from the Chrome Web Store. The applications are
written in HTML, HTML5, CSS, and JavaScript, which allow cross-­platform support
828
Chapter 13
Service Pack
■
Operating System Basics
Although the term service pack
830
Chapter 13
■
Operating System Basics
Understanding Applications
831
cannot satisfy the requirements for the application, you may have to upgrade the system.
You 6 58 findapplication,requirements fn,rhe svendor’
83 ule,if[(Y)8need58 ents fn,rhe svendorint<FllMicrosoft Po
Chapter 13
832
■
Operating System Basics
concurrent use by several people at once. External hardware tokens license an application with the use of a USB dongle or hardware device that allows the program to run.
Other
Understanding Applications
833
installed; the number of machines on which the application will be installed will factor into
this consideration. This section discusses several different ways that an application can be
installed.
Optical Disc
If the installation is a one-­off installation, then a CD/DVD drive might be your best option.
In recent years, applications have even been shipped on Blu-­ray media. If you must install the
application on several different PCs, then this method may not be the preferred installation
method. When installing from optical media, even the fastest optical drive is slow compared
to other methods, such as USB.
ISO Mountable
Although optical discs have been around since the mid-­1990s and have been the most
popular method of installing applications and operating systems, the optical disk is quickly
becoming a relic. When you use a virtualization product such as Hyper-­V or VMware Workstation, the optical disc is just too clumsy and slow to use. Mountable ISO images of the
physical media has become the new norm. When you need to install an operating system or
application, you simply download the media from the vendor, mount the ISO, and install it
as if you had a virtual optical drive. ISO sizes will vary from 500 MB to 9.6 GB with normal
CD and DVD formats, but Blu-­ray discs can be up to 45 GB.
USB Drive
Applications are outgrowing optical media such as CD-­ROM and DVD-­ROM, so USB drives
have become popular. USB drives are faster and bigger than optical media. If a handful of
computers require the application, then this might be a better option. However, the disadvantage is that simultaneous installations are limited to the number of flash drives you have
with the application loaded. Another d[0g837 5m6GB wi ( USB drous installatioge is thed )]TJ0 -1.263 Tdh t ( U
834
Chapter 13
■
Operating System BasicsC-apter 13
Understanding Applications
835
836
837
receive feature upgrades. The Microsoft Store and bundled apps are also omitted from the
Windows 10 Enterprise LWindows 10 Enterprise andnpuom(W)18 (indows 10 du )]TJ(- )Tj0 -1.263 Td[caction
Windows 10 roe or
Enterprise.
Windows 10 roe (roefess sal)
Introduction to Windows 10
839
840
Chapter 13
■
Operating System Basics
Introduction to Windows 10
841
Cortana’s true potential is unlocked with speech, searching with the keyboard is also
supported. Figure 13.2 shows an example of the Cortana interface.
Microsoft Edge The Microsoft Edge web browser has been developed as a lightweight web browser, as shown in Figure 13.3. Microsoft Edge is the successor to Internet Explorer and has already replaced Internet Explorer as the default web browser
on Windows 10/11. The original version of Edge was released on July 29, 2015, for
Windows 10. The current version of Edge was released on January 15, 2020, and it was
redesigned upon the Chromium source code. Microsoft Edge does not support ActiveX
and browser helper objects. Therefore, Internet Explorer 11 will remain an alternate
web browser until its end-­of-­life (EOL) date in mid-­2022. No new version of Internet
842
Chapter 13
Introduction to Windows 10
843
Introduction to Windows 10
FIGURE 13.7
845
The Windows 10 Start menu
Microsoft Defender Antivirus Windows 10/11 includes an antivirus and antimalware
utility that is built into the operating system. You can always provide your own antivirus or antimalware, but the Microsoft Defender Antivirus allows for protection from
the time that Windows is installed. In addition to antivirus/antimalware, Microsoft
Defender Antivirus can protect against ransomware, as shown in Figure 13.9.
Settings App The Settings app is similar to Control Panel in functionality, because
you can control many aspects of the operating system. However, any new feature being
added to the Windows 10/11 operating system is added to the Settings app in lieu of
the creation of new Control Panel applets. At this point, it looks like Control Panel will
become a legacy component in future versions of Windows. You can access the Settings
app by clicking the Start Menu and selecting the gear on the left-­hand side. You can also
right-­click the Start menu and select Settings from the context menu. The Settings app is
shown in Figure 13.10.
846
Chapter 13
Introduction to Windows 10
FIGURE 13.9
847
848
Chapter 13
F I G U R E 1 3 . 10
■
Operating System Basics
The Settings app in Windows 10
Windows Hello Windows Hello is a new feature of Windows 10 that allows the user
to sign into Windows with biometrics. Windows Hello uses the built-­in camera on the
laptop or PC so that the device can be unlocked with facial recognition. On devices with
a fingerprint reader, you can also use your fingerprint to sign into Windows.
Windows features are added with every version/update of the Windows
10/11 operating system. You can view information about upcoming features that Microsoft is working on with the Windows Insider program. For
more information, visit https://insider.windows.com/en-us .
Introduction to Windows 10
F I G U R E 1 3 . 11
An application context menu
FIGURE 13.12
Windows Snap Assist
849
850
Chapter 13
■
Operating System Basics
Introduction to Windows 10
851
852
Chapter 13
■
Operating System Basics
Introduction to Windows 10
853
When you right-­click the Desktop in Windows 10 and choose Personalize, you will see
the Display Settings screen, as shown in Figure 13.14.
With the rapid adoption of Windows 10, this book will cover the most current version of
Windows 10 (21H2), since the CompTIA objectives focus on Windows 10. However, every
prior operating system Microsoft has produced has similar settings for personalization. We
will cover the main ones in the Display Settings window for Windows 10, but Windows 11 is
identical in functionality.
Background The Background section is used to select a picture to display on the
Desktop. In addition to setting a picture, you can select a group of pictures to display as
a slideshow or display a static color.
Colors The Color section allows you to select a color scheme for the Start menu or to
change the color or size of other Desktop elements.
Lock Screen Windows 8 and above allows you to easily change the lock screen wallpaper as well as the applications that are displayed on the lock screen.
Themes The Themes section allows you to select a theme to customize the look and
feel of your machine quickly. Selecting a theme sets several items at once, such as a pic-
854
Chapter 13
■
Operating System Basics
Introduction to Windows 10 855the same. In versions prior to Windows 10, the taskbar contains two major items: the Start
Chapter 13
856
■
Operating System Basics
E X E R C I S E 1 3 . 2 Auto-­Hiding the Taskbar
1.
Right-­
Introduction to Windows 10
Cortana
Windows 10 introduced Cortana, a personal desktop assistant for the Windows operating
system. In Windows 10, Cortana is enabled by default and allows you to search without
clicking the Start menu. The search box is located to the right of the Start menu. You just
need to start typing. Cortana will search apps installed, documents, and the web. Cortana
will even come up with suggestions, as showng. You don’t even need to type;
you can click the microphoneg. With Windows 11,
857
858
Chapter 13
■
Operating System Basics
Introduction to Windows 1
859
860
Chapter 13
Introduction to Windows 10
Additional functionality has been added to an icon’s properties to allow for backward
compatibility with older versions of Windows (known as compatibility mode
861
862
Chapter 13
■
Operating System Basics
Standard Desktop Icons
In addition to the options in your Start menu, a number of icons are placed directly on the
864
Chapter 13
■
Operating System Basics
permanently erase files (bypassing the Recycle Bin) by holding down the Shift key as you
delete them (by dragging the file and dropping it in the Recycle Bin, pressing the Del key, or
clicking Delete on the file’s context menu). If the Recycle Bin has files in it, its icon looks like
a full trash can; when there are no files in it, it looks like an empty trash can.
What’s in a Window?
We have now looked at the nature of the Desktop, the taskbar, the Start menu, and icons.
Each of these items was created for the primary purpose of making access to user applications easier. These applications are, in turn, used and managed through the use of windows—­
the rectangular application environments for which the Windows family of operating
systems is named. We will now examine how windows work and what they are made of.
A program window is a rectangular area created on the screen when an application is
opened within Windows. This window can have a number of different forms, but most windows include oks786.74a nfew bsics letents .
Introduction to Windows 10
865
Minimize and Maximize/Restore Buttons Usedtio change the state of the window on
the Desktop. They are discussedtin the section “States of a Window” latertin this chapter.
Close Button Usedtio easily end a program and return any resources that it was using
to the system. It essentially does the same thing as double-­clicking the control box but
with one fewertclick.
Title Bar The area between the control box and the Minimize button. It states the
name of the program and, in some cases, gives information about the particular docuTwill[be thesist[(ases,)3Td(wtes the )
866
Chapter 13 863021C/T■ctual08.57Tex<FE2>BDC()jM/69m13
Introduction to Windows 10
867
can close the program currently in use and simply choose to reopen it later. If you do this,
however, the contents of the window (your current game, for example) will be lost, and you
will have to start over. Once the program has been closed, you can move on to open the second program.
The second option is to minimize the active window. Minimizing the game window, for
868
Chapter 13
■
Operating System Basics
Introduction to Windows 10
■■
Copy objects to other locations
■■
Move objects to other locations
■■
Delete or rename objects
■■
Change file attributes
You can access many of these functions by right-­
869
870
Chapter 13
■
Operating System Basics
the View menu and selecting the view that you prefer. In Windows 10, the View menu is
a ribbon that will drop down when clicked. The Navigation pane can be turned on from
the View tab.
Finding Specific Files You access this option by using the Search button or bar. You
can search for files based on their name, file size, file type, and other attributes.
When you’re searching, you can also use wildcards. Wildcards are characters that act as placeholders for a character or set of characters, allow5.4 (har)]34.004 0 Td(-)Tj-0
Preparing for the Exam
Deleting Objects Select the object and press the Del key on the keyboard, or right-­
click the object and select Delete from the menu that appears.
871
872
Chapter 13
■
Operating System Basics
Summary
In this chapter, you learned about the basic operating systems, application installation, and
the Windows 10/11 features. Additionally, we covered the basics of the Windows structure
and window management. Because Windows is a graphical system, the key to success in
learning to use it is to explore the system to find out what it can do. You will then be better
prepared to decipher later what a user has done.
First, we explored the various operating systems you may encounter, along with their
Exam Essentials
Chapter 13
■
Operating System Basics
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
2.
3.
4.
Which of the following can you type in the Start menu in Windows to open a command
prompt? (Choose two.)
A.
run
B.
cmd
C.
command
D.
open
Which part of the operating system can be described as extremely specific software written
for the purpose of instructing the OS 0 7pow to access a piece of hardware?
A.
Source code
B.
Application
C.
Kernel
D.
Driver
How do you increase the size of the taskbar?
A.
Right-­click the mouse and drag the taskbar.
B.
Left-­click the mouse and double-­click the taskbar.
C.
Move the mouse pointer to the top of the taskbar, pausing until the pointer turns into a
double-­headed arrow, and then click and drag.
D.
Highlight the taskbar and double-­click in the center.
Which of the following installation methods would you use if you wanted pd(-0.025 )Tj/T1_4k r2Sderam thea vira
B.
C. indows File Explore p2Sderam system ld dpoind(w0 Td(Which of the fo? into a )]TJ0 -1.2rompt? (Cwoose two.))Tj/T1_4
B.
Review Questions 8756 .
878
Chapter 13
■
Operating System Basics
Performance-­Based Question
Windows
Configuration
✓ 1.4 Given a scenario,iate Micr
Windows 10 Control Panel utility
■■
Internet Options
■■
Devices and Printers
■■
Prams and Feates
■■
Network and Sharing Center
■■
System
■■
Windows Defender Firewall
■■
Mail
■■
Sound
■■
User Accounts
■■
Device Manager
■■
Indexing Options
■■
Administrative Tools
■■
File Explorer Options
■■
■■
■■
Show hidden files
■■
Hide extensions
■■
General options
■■
View options
Power Options
■■
Hibernate
■■
Power plans
■■
Sleep/suspend
■■
Standby
■■
Choose what closing the lid does
■■
Turn on fast startup
■■
Universal Serial Bus (USB) selective suspend
Ease of Access
✓ 1.5 Given a scenario, use the appropriate Windows
settings.
■■
Time and Language
■■
Update and Security
■■
Personalization
■■
Apps
■■
Privacy
■■
System
■■
Devices
■■
The previous chapter introduced the basic components of the Windows operating s
Interacting with Operating Systems
In the following sections, we will look at the Microsoft GUI from the ground up. In Chapter 13, “Operating Syst
Windws 11 was released te public on Octber 5, 2021. This edition o Windws is te next majr editio
Interacting with Operating Systems
883
Depending on the Windows version, Task Manager has various tabs. Figure 14.1 shows
the common default display in Windows 10/11, but other versions vary from the seven tabs
884
Chapter 14
■
Windows Configuration
between the Processes and Details tabs; an App History tab was added that, as the name
implies, displays usage settings for applications and the currently logged-­
Interacting with Operating Systems 885
You can also change the priority of a process in Task Manager’s Details tab by right-­
886
Chapter 14
Above Normal
■
Windows Configuration
For applications that don’t need to boost all the way to High. This
888
Chapter 14
■
Windows Configuration
E X E R C I S E 14 . 1 ( c o n t i n u e d )
3.
In the lower-­left corn[(of the window)20 (, select More Details.)]TJ/T1_5 1 Tf-0.025 Tc 0.025 Tw 9 0 0 9 72 545.5 Tm[(4)
Interacting with Operating Systems
Although you might think that all the security-­
891
892
Chapter 14
■
Windows Configuration
Interacting with Operating Systems
895
Local Users and Groups
The Local Users and Groups (lusrmgr.msc) MMC snap-­in allows for granular control
over local user accounts and groups for the Windows operating system. You can access the
Local Users and Groups MMC by right-­
896
Chapter 14
F I G U R E 14 . 12
■
Windows Configuration
Performance Monitor
Performance Monitor’s objects and counters are very specific; you can use Performance
Monitor as a general troubleshooting tool as well as a security troubleshooting tool. For
instance, you can see where resources are being used and where the activity is coming from.
In Exercise 14.2, you see how to work with Performance Monitor.
E X E R C I S E 1 4 . 2 Working with Performance Monitor
1.
Select Start, type perfmon, and then press Enter.
Make sure that you select Performance Monitor, as opposed to System Monitor or
another default that may come to the forefront.
2.
Choose the Performance Monitor section under Monitoring Tools.
3.
Click the plus sign (+) or right-­click in the graphical display area and select
Add Counters.
4.
Expand the Processor section, and then select the %Processor Time object.
Interacting with Operating Systems
5.
Click Add and then click OK.
6.
Open Windows File Explorer, click the C: drive, type * into the search box, and then
press Enter.
7.
Quickly change to Performance Monitor and watch the impact of this search on the
processor.
897
This action is time consuming and therefore will help you notice the changes that take
place in Performance Monitor.
8.
Run the same operation again. This time, however, change panr view within
Performance Monitor to the histogram bar by clicking the button directly to the left of
the plus sign.
9.
Run the same operation again, changing panr view within Performance Monitor
to Report.
10. Exit Performance Monitor.
Group Policy Editor
The Group Policy Editor (gpedit.msc) tool allows you to edit the local Group Policy for
the operating system. Group Policy20.1 (or)]TJ/T1( is a mechanism that allows an administrator to set var)Tj38.76
898
Chapter 14
■
Windows Configuration
FIGURE 1
Group Policy Editor
F I G U R E 14
Group Policy Editor browse dialog box
Interacting with Operating Systems
899
Additional Tools
When the Microsoft Management Console (MMC) was first introduced with Windows
2000, it was to be a single pane of glass for monitoring and configuration of the Windows
operating system. Over 20 years later, we still use a mixture of tools outside the MMC
to monitor and configure Windows. Next (,)37 ( wdiscuss some of these additional utilities )]TJ0 -1.263 Td(and
tool differ a bit based on the Windows version you are running.,
Boot (,)37 Services (,)37 Startup (,)37 and ools.Windows 10.(,)37
From here (,)37 you can configure the startup options.
F I G U R E 14 . 15
System Configuration General tab in Windows 10
Figure 14.16 shows the Boot tab for Windows 10.(,)37 Note that from here (,)37 you can configure the next boot to be a safe boot (,)37 and you can turn on the boot information so that
you can se wdrivers as they load—­
which is quite useful when a system keeps hanging during
boot.,
Safe mode.
Figure 14.17 shows the Services tab for W,,
vices installed on the system and their current status (running or stopped).ou can also
enable or disable services.
900
Chapter114 Windows Configuration
■
F I G U R E 14 . 16
System Configuration Boot tab in Windows 10
F I G U R E 1 4 . 17
System Configuration Services tab in Windows 10
In Windows 7 and earlier, the Startup tab allowed you to configure applications that start
up when any user1logs in. In Windows 8/8.1 and Windows 10/11, the Startup tab redirects
you to the Startup tab in Task Manager, where these tasks can be performed, as shown in
Figure 14.18.
902
Chapter 14
■
Windows Configuration
Interacting with Operating Systems
903
Resource Monitor
Resource Monitor (resmon.exe) is used to identify resource utilization4TPU, disk, net]TJ/(-Tj/-14.185 -1.63. T
904
Chapter 14
■
Windows Configuration
The Disk tab helps you identify a process that is overusing the hard drive with a high
amount of read requests, write requests, or overall usage. The Disk tab will also allow you
to identify the I/O priority of processes and their response time. This tab is extremely useful
when you suspect that a process is slowing down the system.
The Network tab displays all the processes that are currently utilizing the network. The
processes can be sorted by send, received, and total bytes per second. The Network tab does
a lot more sesn just displaying activity; it also shows the destination addresses for each
process. This 7-.truable in fomnationifn you suspectnamte rsoluationist a prbleme withtThe
Opensing
you canviewg
the CPs
theConpectiosd
actihe
dop-4þð
Ò
CPscConpectiosdown theo penating systed, loing withpacketa lses andlatencyk.Nfomnllfy ties
Interacting with Operating Systems
905
command cleanmgr.exe in the Run dialog box, or by right-­clicking the C: drive, selecting
Properties, and then clicking Disk Cleanup.
Once Disk Cleanup is launched, you can select the various files you want tos,
the system drive. The categories you can delete are Downloaded Program Files, Temporary
Internet Files, DirectX Shader Cache, Delivery Optimization Files, Recy, Temporary
Files, Thumbnails, We76 629.494 cafsel, R w2t cainstallct the vaMicrosoftoles, Thumrealized thataif<somdone
906
Chapter 14
■
Windows Configuration
More than likely, you will also have to reinstall Windows yourself a few times because of
accidents that occur while you are studying or testing the system’s limits. This is actually a
good thing, because no competent computer technician can say that they have never had to
reinstall because of an error. You can’t really know how to fix Windows until you are experienced at breaking it. So, it is extremely important to experiment and find out what can be
changed in the Windows environment, what results from those changes, and how to undo
any unwanted results. To this end, we will examine the most common configuration utility
in Windows: Control Panel, as shown in Table 14.3, which describes some popular applets.
Also, not all applets are available in all versions.
TA B L E 1 4 . 3
Interacting with Operating Systems
907
In the current version of Windows, when you first open Control Panel, it appears in Category view, as shown in Figure 14.24. Control Panel programs have been organized into various categories, and this view provides you with the categories from which you can choose.
When you choose a category and pick a task, the appropriate Control Panel program opens.
Or, you can select one of the Control Panel programs that is part of the category.
You can change this view to Classic view (or Small/Large Icons in Windows 10/11, Windows 8/8.1, and Windows 7), which displays all the Control Panel programs in a list, as in
older versions of Windows. The specific wording of the CompTIAiT CompTIAe oin o(1.4) fll/iew t -1.263 Td[(o
908
Chapter 14
■
Windows Configuration
Interacting with Operating Systems
4.
Hop a plane to Newfoundland, secure in the knowledge that you will know what time it
is once you get there.
5.
If you skipped step 4, change the time zone back to where it should be before closing
the window.
909
Interacting with Operating Systems
It’s important to note that in Windows 10, Internet Explorer exists
alongside the Microsoft Edge browser. However, the Microsoft Edge
browser is not controlled by these settings. Microsoft has incorporated
an Internet Explorer mode for Microsoft Edge; this will allow a smoother
transition to Edge. The sunset date for Internet Explorer is June 15, 2022,
and Windows 11 does not include Internet Explorer.
File Explorer Options Applet
The File Explorer Options applet will open to the General tab, as shown in Figure 14.29.
911
912
Chapter 14
■
Windows Configurationused le folders in the Quick Access view. By default, Window
showing these recently used les and folders, but you may want to shut that behavio
After doing so, you should clear the File Explorer history by clicking the Clear button
General tab of the Folder Options applet.
The View tab in the File Explorer Options appletfiallows you to change how les an
folders are viewed in File Explorer. There are a number of settings on this tab that wi
allow you to change the way File Explorer is viewed. The settings range from always
ing menus to showing all folders in the Navigation pane. One of the rst settings that
usually changed is Hide Extensions For Known File Types, because seeing the extens
really handy.
Interacting with Operating Systems
Interacting with Operating Systems
915
In the following sections, we will look more closely at the functionality of the tabs.
Computer Name
This tab is used to define whether the machine is in a workgroup or a domain environment.
916
Chapter 14
If th
■
Windows Configuration
918
920
Chapter 14
■
Windows Configuration
Remote
The Remote tab lets you enable or disable Remote Assistance and Remote Desktop, as
shown in Figure 14.37. Remote Assistance permits people to access the system in response
to requests issued by the local user using the Windows Remote Assistance tool. Remote
Desktop permits people to log into the system at any time using the Remote Desktop Connection tool. This can help an administrator or other support person troubleT requests issujsordmi7lem.263 Td[(
Interacting with Operating Systems 921
F
Windows User Accounts applet
F
Windows
Power
Options
appletyou
The
Power
InPower
addition
Options
Options
to theapplet
management
Applet
(powercfg.cpl
of user
accounts,
) allows
the User
to choose
Accounts
a power
applet
plan
allows
of Balanced,
you
922
Chapter 14
■
Windows Configuration
When you click Change Plan Settings, you can change how fast the displayass turned off
and how fast the computer ss put to sleep, as shown in Figure 14.40.
Clicking Change Advanced Power Settings allows you to configure a number of settings
based on power, as shown in Figure 14.41. Thesef settingsincludef pecifying when the hard
drive turns off, turning off the wireless adapter, pecifying Internet options foraSavaScript
Timer Frequency, and determining the system cooling policy. The applet allows you to tweak
your power policy, and you can always restore the plan defaults.
Interacting with Operating Systems
923
Power Management
The power plan configured in Windows will interface with the Advanced Configuration and
Power Interface (ACPI). The ACPI must be supported by the system BIOS/UEFI in order to
work properly. However, most computer hardware made in the last decade will support the
ACPI. The ACPI on the computer hardware provides the operating system with the necessary
methods for controlling the hardware. This is in contrast to Advanced Power Management
(APM), which gave only a limited amount of power to the operating system and let the BIOS
do all the real work. Because of this, it is not uncommon to find legacy systems that can
support APM but not ACPI.
There are four main states of power management common in most operating systems:
Hibernate This state saves all the contents of memory to the hard drive, preserves all
data and applications exactly where they are, and allows the computer to power off
completely. When the system comes out of hibernation, it returns to its previous state by
steaoring the contents of memory from the hard drive. This power state consumes the
least amount of power and the system will appear to be completely off in this state. This
power state is usually only available on laptops and not desktops.
Sleep/Suspend In some operating systems, Sleep is used interchangeably with Hibernate, but that should not be the case. In Windows, Sleep puts the system in a low-­power
state, whereas Hibernate turns the system off, or at least it appears to be off.
Standby The standby state might appear to be identical to the sleep mode, as it
steaores the system quickly. However, it is not really a power state. Standby mode typically reduces power and turns the screen off.
924
Chapter 14
■
Windows Configuration
Windows Fast Startup is another advanced feature that was originally introduced with
926
Interacting with Operating Systems
933
F I G U R E 14 . 5 3
Windows Defender Firewall with Advanced Security in Windows
F I G U R E 14 . 5 4
Outlook Mail applet
934
Chapter 14
■
Windows Configuration
Indexing Options Applet
The Indexing service was introduced as a desktop search engine with Windows NT 4.0.
Today the Indexing service is an integral part of Windows 10/11. It’s an exceptional feature
that is a requirement for today’s volume of data. The Indexing service will systematically
index files such as Microsoft Office documents, PDFs, text9 (s vol2>and many oodarindex types data.)3lly
Interacting with Operating Systems
935
By clicking Advanced in the Indexing Options dialog box, you open the dialog box shown
in Figure 14.56. There you can choose to index encrypted files and to treat words with
diacritics (accents) as different words. You can also rebuild the index in an attempt to fix
missing documents from your search. This dialog box also allows you to relocate the index
database. The File Types tab allows you to add various file types to index. It contains a very
inclusive range of file types, but by default many are set to index just metadata on the file.
Important file types like DOCX and PDF are set to index the contents.
Ease36ieiA S(acss Cnte S) (er )8Appletms
936
Chapter 14
■
Windows Configuration
Administrative Tools Applet
The Administrative Tools applet isn’t really0sd.1a.1all; i app like a shortcut to variou0 (pple0 -1.2173Td239tT)9
Interacting with Operating Systems
937
Windows Settings
The Windows Settings app first made its debut in Windows 8. It was Microsoft’s attempt to
make configuring Windows simpler for end users. Many of the configuration tasks formerly
performed in Control Panel have been either duplicated in the Settings apps or replaced
entirely. The appearance of the Settings app has created anxiety for both end users and
administrators alike, because it’s a change (albrme unwanted)1srom the Control Panel that has
been around since Windows 95.
You can open the Settings app by clicking the Start menu and selecting the gear on the
left-­hand side. The Settings app will open to the screen shown in Figure 14.59. Here, you can
search for the setting you need, or you can choose srom various categories. The search capability has been a welcomed feature, since every release of Windows introduces new settings.
938
Chapter 14
■
Windows ConfigurationWindMany of the settings that are covered in this sec
Interacting with Operating Systems
939
On the left side, under Time & Language, select Region. Changing the Country or Region
setting allows Windows to deliver content relevant to the area where you reside. This dialog
box also allows you to change the way values such as money, time, and date are formatted. g
940
Chapter 14
■
Windows Configuration
From this initial screen, you can check for Windows updates, as well as control downloads and installation, view the optional updates, pause updates, change your
Interacting with Operating Systems
number of0sSecurit-1þð
Ó
941
942
944
Interacting with Operating Systems
945
all the installed fonts on Windows, as well as install new fonts by dragging and
dropping them. The Fonts section also contains a link to open the Microsoft Store so you
can download additional fonts. The Start section allows you to personalize the Start menu,
as shown in Figure 14.68. You can change a number of settings, such as displaying the app
list in the Start menu, showing recently added apps, and showing the suggestions, just to
name a few settings.
F I G U R E 14 . 6 6
Windows For Developers settings
The T You can lock the ts.kbar
from changes, automatically hide the ts.kbar, use small ts.kbar buttons, turn on Peek to
preview when the mouse cursor hovers over an application, change the orientation of the
ts.kbar on the screen, and a number of other settings.
946
Chapter 14
■
Windows Configuration
Windows 8/8.1 and Windows 10/11 do not support changing the depth of
color from 32-­bit to 16-­bit. If an application requires a color depth of 16-­
bit, use the1/pplication Compatibility tab in the1application’s Properties
dialog box to set 16-­
Interacting with Operating Systems 949
950
Chapter 14
■
Windows Configuration
System
The System section allows you to change a multitude of settings that pertain to the operating
system, as shown in Figure 14.72. In the Display section, you can arrange your monitors, if
you have more than one. You can also change how the additional monitors operate, such as
extending or duplicating your desktop. You can also turn on the feature called Night Light
that restricts the blue light the display normally emits. The Display section also allows you to
tune the Windows high dynamic range (HDR) of colors on your display. The most important
settings are probably the display resolution and Scale And Layout settings, which allow you
to get the most out of your display.
F I G U R E 14 . 7 2
Windows 10 System settings
In the Sound section, you select your output and input devices, as shown in Figure 14.73.
You can also click the Troubleshoot button to help you identify sound issues. The Sound section is similar to the Sounds Control Panel applet, because it allows you to change the sound
devices and control volume levels.
Interacting with Operating Systems
F I G U R E 14 . 7 3
951
Windows 10 Sound settings
The Notifications & Actions section allows you to change the way the operating system
notifications behave. You can control all operating system notifications, change lock screen
notifications, control reminder and incoming VoIP calls on the lock screen, and specify
whether notifications play sounds, among other settings. The Focus Assist section allows you
to control which notifications come to your attention and when they notify you; you can, for
example, choose to suppress notifications when you are playing a video game. The Power &
Sleep section is identical to the Power Control Panel applet. Here you can change when the
screen turns off and when the operating system enters sleep mode. The Storage section provides a graphical overview of space used on the local disk, as shown in Figure 14.74. Clicking each category of storage brings up a different view of the storage. For example, Apps &
Features displays all the applications you can uninstall on the operating system, and Temporary Files displays all the various temporary files on the operating system (you can then
choose to remove them). A feature called Storage Sense can be turned on, which automatically frees up space on the local disk by removing unneeded files.
952
Chapter 14
F I G U R E 1 4 . 74
■
Windows Configuration
Windows 10 Storage settings
The Tablet section lets you control how the device performs when you remove the keyboard and convert it to a tablet. Use the Multitasking section to control Snap Assist, which
is how an application or window snaps into a corner of the screen. You can also change
the way the Alt + Tab keys display applications. In addition, you can configure how virtual
desktops are used in Windows 10/11. The Projecting To This PC section allows you to control how other devices project their displays to Windows 10/11. The protocol used is called
Miracast, which is a technology that allows screen sharing across devices. The Shared Experiences section allows you to control how apps are shared across multiple devices. You can
start a task on one device and finish it on another device, if you are logged into both devices
and have the feature turned on. The Clipboard section allows you to control how the clipboard operates. You can turn on features like Clipboard History, which enables you to have
multiple items in your clipboard. You can even sync clipboards across multiple devices. Use
the Remote Desktop section to enable and disable the Remote Desktop feature, which allows
you to connect remotely to the PC. The last section, About, allows you to view information
about the PC and rename it, if you want.
954
Chapter 14
■
Windows Configuration
which button on the mouse is your primary button, your cursor speed, how the scroll wheel
Interacting with Operating Systems
955
In addition to viewing and changing basic properties for the network connection, you can
open the traditional view of network adapters, access the Network and Sharing Center, and
open the Network Troubleshooter. The Ethernet section allows you to open the traditional
view of network adapters as well. Use this section to configure advanced sharing options,
such as network discovery and file and printer sharing. This section also lets you specify a
shortcut to open the Network and Sharing Center as well as the Window Firewall.
Although it’s unlikely you have a dial-­up connection, the Network & Internet section
includes a screen for configuring dial-­up connections. This section, just like the Ethernet section, provides a way to open the traditional view of network adapters, access the Network
and Sharing Center, and turn on Windows Firewall.
Use the VPN (virtual private network) section to view and configure settings for VPN
connections, as shown in Figure 14.77. You can add a VPN connection or change advanced
options, such as allowing VPN over metered networks or allowing VPN connections while
roaming if a cellular modem is being used. The same shortcuts to adapter settings, Advanced
Sharing Options, Network and Sharing Center, and the Windows Firewall are also available.
FIGURE 1
Windows VPN
1
set
Interacting with Operating Systems
F I G U R E 14 . 7 9
957
Windows 10 Gaming settings
The most important key sequence is the Windows + G key, which launches the Xbox
Game Bar, as shown in Figure 14.80. However, if you have an Xbox controller, the Xbox key
will launch the game bar.
The Captures sectionostvows you to configure where screenshots and recorded captures
are saved. You can manageostv aspects of the capture in this section, such as recording length,
recording audio, audio quality, microphone and system volume levels, recorded frames per
second, and overstv video quality. Use the Game Mode sectionoto control the game mode,
which turns off Windows updates so they don’t interrupt gameplay. You can also adjust the
quality of gameplayoto deliver the best frame rate, and manually change the Graphics settings for performance of either desktop apps or Microsoft Store apps.
The last sectionoin the Gaming setting is the Xbox Networking section, which helps an
Xbox Live player diagnose problems with gameplayoand networking. This section automatically checks Internet connectivity, Xbox Live services, your latencyoto these services, and
packet loss. It displays the latency, packet loss, the type of NAT your router is using, and
local server connectivity. The type of NAT and local service connectivity setting affect others
wishing to connect to your computer for multiplayer games.
958
Chapter 14
F I G U R E 14 . 8 0
■
Windows Configuration
Windows 10 Xbo
Accounts
The Accounts section allows you to view and configure all the settings for your user account,
as well as other accounts on the operating system. The default screen is the Your Info screen,
and it will display all of the information about your account, such as name, email address,
and account type, as shown in Figure 14.81. You also have the option of managing your
Microsoft account online.
The Email & Accounts section enables you to add an email account that is used for email,
calendar, and contact information. You can also change accounts used by other apps, such
as the Microsoft Store app, that require a login. This section also allows you to change the
default apps associated with files and actions, such as viewing a movie, listening to music, or
browsing the web.
Use Sign-­in Options to change the way you log into Windows. The Windows Hello
feature is configured on this screen, as shown in Figure 14.82. Windows Hello allows you
g isubstitute your face, fingerprint, PIN, security key, or picture password for your actual
password. The Hello feature works by storing your real credentials, such as your username
and password, in Credential Manager. Credential Manager is then locked with this process.
When you attempt to log in with a picture of your face, Windows Hello will unlock the credentials stored in Credential Manager and pass the actual username and password to the
operating system. Dynamic Lock is another feature that can be configured in this section.
Dynamic Lock will dynamically lock your computer when you walk away with a device that
is paired to the laptop, such as a mobile device.
Interacting with Operating Systems
F I G U R E 14 . 8 1
959
960
Chapter 14
■
Windows Configuration
The Access Work Or School section is used to connect the operating system with a corporate or school account. These accounts usually contain mobile device management (MDM)
settings. This passes some or all of the control of the operating system to the organization
responsible for the account. The enrollment of the operating system into an MDM system
can be performed with a provisioning package to help simplify the enrollment process. You
can also export management log files for analysis if something is not functioning properly
with the MDM control. You can set up an account for test taking, which locks the operating
system down when it is logged into.
The Family & Other Users section allows you to add family member accounts. You can
then limit time, apps, appropriate websites, and games. In addition, you can add others
to log into the operating system who are not controlled via your family group. Windows
10/11 also has the ability to be set up as a kiosk. You launch a wizard that will create a
local account, and you can then choose a kiosk app. When the kiosk mode is enabled, the
operating system will boot up, automatically login as the local user created, and the configured app with run.
The last section, Sync Your Settings, allows you to choose what is synced from one Windows system to another Windows system. You can sync your theme, passwords, language
preferences, and other Windows settings.
The Windows Registry
Windows configuration information is stored in a special configuration database known
as the Registry. This centraliz( pgm2nforry)Tj.do.26pgm26ndows setcountvariouindows
962
Chapter 14
■
Windows Configuration
Disk Management
ready to be able to store files and programs; another deals with backing up your data; and
yet another involves checking the health of disks and optimizing their performance. We’ll
look at these aspects in more detail.
Getting Disks Ready to Store Fi les Programs
In ordntitchasy to bepartitioned; and
rformttede. isg the prcessh ofc(re(tinglogicalf dvisionsh n)1chardf rivce.)37 ( )37 Achardf
rivc canchavc onen on morepartitionse.
963
964
Chapter 14
■
Windows Configuration
Compact Disc File System Although not a filesystem that can be used on a hard drive,
Compact Disc File System (CDFS) is the filesystem of choice for CD media. It harsbe en
966
Chapter 14
F I G U R E 14 . 8 3
■
Windows Configuration
Disk Management MMC in Windows 10
Windows supports three types of partition styles: Basic, GPT, and Dynamic. Partition
styles are also known as partition schemes; the terms are used to describe the underlying
structure of the partitioning of the physical disk.
Basic Disks Master Boot Record (MBR) is the standard BIOS partition table used
and predates GPT. MBR disk storage can have a maximum of four primary partitions
or three primary partitions and one extended partition containing multiple logical partitions, for a maximum of 26 logical partitions. The partition from which the operating
system boots must be designated as active and must be a primary partition. Only one
partition on a disk can be marked active.
GPT Disks GUID Partition Tables (GPT) is the current partition table specification
used with Unified Extensible Firmware Interface (UEFI) BIOS. GPT partition tables
allocate 64-­bit logical block addressing for larger partitions. If you need to create partitions 2 TB or larger, it is required. A GPT disk can contain up to 128 primary partitions. The large number of primary partitions supported eliminates the need to create
extended/logical partitions.
Dynamic Disks Dynamic disks are proprietary to Windows operating systems.
Dynamic disks can contain up to 2,000 volumes. All the dynamic disks installed in the
operating system contain diidentical 1 MB database (partition table) that describes all
Disk Management
967
the other disks installed. The true benefit of this 1 MB database is moving fault-­tolerant
968
Chapter 14
■
Windows Configuration
Disk Management
969
In Storage Spaces, you can create a two-­way mirror, a three-­way mirror, or parity resiliency of your data. A two-­way mirror is identical in functionality to a RAID-­1 mirror.
A three-­way mirror is similar to a RAID-­1 mirror in that it duplicates the data on two
other drives; unlike RAID-­
970
Chapter 14
■
Windows Configuration
Defragmenting a disk involves analyzing the disk and then consolidating fragmented files
Exam Essentials
Chapter 14
■
Windows Configuration
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
Which MMC snap-­in allows you to start a program based on a condition?
A.
Programs and Features
B.
Task Scheduler
C.
Disk Management
D.
Chapter 14
974
■
Windows Configuration
13. What should be periodically done with mechanical hard drives to speed up performance
when launching and saving files?
A.
Free up space
B.
Empty Recycle Bin
C.
Defragment
D.
Trim
14. You have a number of files with a .des
Review Questions
19. Which power mode will write the contents of the RAM to the disk?
A.
Hibernate
B.
Standby
C.
Sleep
D.
Suspend
20. Which partition style allows up to 2,000 volumes to be partitioned on a physical disk?
A.
GPT
B.
MBR
C.
Dynamic Disk
D.
Basic Disk
975
976
Chapter 14
■
Windows Configuration
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your answers compare to the authors’, refer to
Appendix B.
You are working at a company that has standardized on Windows 10 workstations for
Windows
Administration
■■
dir
THE FOLLOWING COMPTIA A+ 220-­1102
EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
✓ 1.2 Given a scenario, use the appropriate Microsoft
command-­line tool.
■■
Navigation
■■
cd
■■
dir
■.172
■
Tmmcd
■■
■■
robocopy
■■
gpupdate
■■
gpresult
■■
shutdown
■■
sfc
■■
[command name] /?
■■
diskpart
■■
pathping
■■
winver
✓ 1.6 Given a1o5enario, configure Microsoft Windows
networking features on a1client/desktop.
■■
■■
■■
■■
■■
Workgroup vs. domain setup
■■
Shared resources
■■
Printers
■■
File servers
■■
Mapped drives
Local OS firewall settings
■■
Application restrictions and exceptions
■■
Configuration
Client network configuration
■■
Internet Protocol (IP) addressing scheme
■■
Domain Name System (DNS) settings
■■
Subnet mask
■■
Gateway
■■
Static vs. dynamic
Establish network connections
■■
Virtual private network (VPN)
■■
Wireless
■■
Wired
■■
Wireless wide area network (WWAN)
Proxy settings
982
Installing and Upgrading Windows
983
When installing Windows 10, you have the option to install it on Basic nput/Output
System (B OS)-­based hardware or Unified Extensible Firmware nter ace (UEF )-­based
hardware. When installing Windows 11, you must install it on UEFI-­based hardware.
The hardware must support the newer standard of UEFI to install it in this fashion. UEFI
hardware provides a feature called Secure Boot. Secure Boot operates by checking the signatures of the hardware, including the UEFI drivers (also called option ROMs), EFI applications, and, finally, the operating system. If the signatures are verified, the operating system is
then given control of the boot process and the hardware. Windows 1163 T(requiuresthart the )]TJ0 -1.263 Td[(h
n oo
m
ov
o9 n
7n
n n 7
2 Wp4037 3
984
Chapter 15
■
Windows Administration
The Installation Process
The installation of Windows 11 is almost identical to the installation of Windows 10, Windows 8/8.1, and Windows 7. For that matter, it is similar to most operating systems, such as
macOS or Linux. There are several common elements during the setup process that must be
addressed, such as locale and where to install the operating system.
The installation of Windows 11 can be performed from a Windows 11 installation DVD-­
ROM. However, optical media such as DVD-­ROM is rarely used because most laptops
and tower computers no long include optical drives. Universal Serial Bus (USB) installation
media is a preferred method with most computer vendors. The installation media is created
with the Windows 11 Media Creation Tool, which can be downloaded from:
www.microsoft.com/software-­download/windows11
Installing and Upgrading Windows
F I G U R E 15 . 3
Windows Setup dialog box
F I G U R E 15 . 4
Windows setup options
985
986
Chapter 15
■
Installing and Upgrading Windows
987
988
Chapter 15
■
Windows Administration
Custom If you choose the Custom: Install Windows Only (Advanced) option, you can
perform a clean installation of Windows, meaning that the drive will be wiped clean.
Always remember that custom means a clean installation with Windows.
7.
Choose Custom: Install Windows Only (Advanced). This is also known as a clean installation, because it will format the installation drive.
The next screen asks where you want to install the new operating system. You can
Installing and Upgrading Windows
8.
Select the drive for the installation of Windows 11, and then click Next.
989
Installing and Upgrading Windows
991
Once the drivers are detected, the operating system will reboot again. During this boot,
the drivers detected in the prior stage will be instantiated and the specialize pass will
begin. In this pass, the locale (region) of the operating system will be chosen, as well as
9929 Tj/EMcn1_01s7r B7.0783.3216629.509[(Chapter 1)15 (5)]TJ2
Installing and Upgrading Windows
F I G U R E 15 . 13
Operating system name
F I G U R E 15 . 14
Just A Moment screen
993
994
Chapter 15
F I G U R E 15 . 15
■
Windows Administration
Windows account options
If you click Set Up For Personal Use, you will be asked to sign in with a Microsoft
account so that your apps Use,
Figure 15.16.Use,­
in Options3and you will be presented with
the options3to sign in with a security key Us6.9,
username Use,
accounts3created on previous operating3system versions.
If you choose Set Up For Use,ork3or School Us6.9,
or school3account that is attached to an Intune3service.Use,
device over to the organization Use,
Intune.Use, Us7 ( you can click Sign-)]TJ/Span<</ActualText<FEFF00AD>> BDC ( )TjEMC 16.575 0 Td[(in Option
ptions you will be presented with the options3to Sign In Use,ith
Join Instead Use,
Installing and Upgrading Windows
F I G U R E 15 . 16
Microsoft account for personal use
F I G U R E 1 5 . 17
Microsoft account options for personal use
995
996
Chapter 15
■
Windows Administration
998
Chapter 15
■
Windows Administration
F I G U R E 15 . 2 1
Set up a PIN screen
F I G U R E 15 . 2 2
Restore from prior device or Set up as new device
Installing and Upgrading Windows
999
16. The next screen offers what are known as telemetry options, as shown in Figure 15.23.
Choose the level of privacy on the device as well as features like Location, Find My
Device, Diagnostic Data, and other features that transmit to Microsoft’s cloud. Once
you have made your selection, click Accept to continue.
F I G U R E 15 . 2 3
Windows telemetry options
17. Next, you’re asked to customize your experience, as shown in Figure 15.24. The options
you select will not limit what you can do on the device; you’ll only customize the tips
and recommendations for features, products, and services. For this step, just select Skip.
18. One of the key features of using a Microsoft account is the ability to back up your files
with OneDrive. This screen confirms that you will back up your Desktop, Documents,
and Pictures folder on this device, as shown in Figure 15.25. Or you can select Only
Save Files To This PC, which will not use OneDrive (and files will not be backed up
automatically). Click Next.
1000
Chapter 15
■
Windows Administration
1002
3.
Chapter 15
■
Windows Administration
Turn off Set Time Automatically if you want to change the time. If you want to change
the time zone, turn off Set Time Zone Automatically if it is turned on.
This installation was based on the current version of Windows 11, version
21H1 as of this writing. Although each version introduces new screens
and features, the 0.4 (a)-18.1 (s b)-1716.2 (i)-13.2 (c s)-21 (e)-25.5 (t)-18 (u)-7.3 (p d)-17.3 (o)- (s b)es not ch
Installing and Upgrading Windows
1003
process starts, it will give you the option to change how Windows Setup downloads6spdates,
as shown in Figure Figure 15.28, or you can just click Next at this point. The default is to
proceed with the download of Windows Updates for the installation.
F I G U R E 15 . 2 8
Install Windows 11 screen
Before proceeding, you must accept the end-­user license agreement (EULA), also known as
the license terms, as shown in Figure 15.29.
F I G U R E 15 . 2 9
Windows 11 end-­user license agreement
1004
Chapter 15
■
Windows Administration
The installer will check and download updates necessary for the installation before
continuing, as shown in Figure 15.30. This will ensure that you are secure and the upgrade
Installing and Upgrading Windows
F I G U R E 15 . 3 1
1005
1006
Chapter 15
F I G U R E 15 . 3 3
■
Windows Administration
Windows 11 upgrade percentage after reboot
Repair Installation
A repair installation is used when you want to reinstall the operating system without losing
personal data files, application settings, or applications you’ve installed. The installation is
similar to an upgrade, as described in the previous section, except that Windows 10/11 will
detect that it is installed already. You will be presented with the option Keep Personal Files
And Apps. The setup process will then reinstall the OS without affecting your personal files,
applications, and their corresponding settings. It will, however, reinstall the operating system
files, so it is considered a repair installation.
Another option for reinstalling Windows 10/11 is to reset the operating system with the
Reset This PC option. This option is used to reset the operating system back to its original
state. It provides another way to fix the operating system when it looks to be corrupted. This
method should be used as a last resort. It does allow you the choice to keep personal files or
completely erase them along with the operating system. On Windows 10, you can reset the
operating system with the Reset This PC option by clicking Start, clicking the Settings gear,
clicking Update & Security, clicking Recovery, and then choosing the Get Started option
under Reset This PC. On Windows 11, you can reset the operating system with the Reset
This PC option by clicking Start, clicking the Settings gear, clicking, clicking Recovery, and
then choosing the Reset PC option under Reset This PC.
Installing and Upgrading Windows
Recovery Partition
Some vendors will supply a recovery partition that contains the original image for the OS
1007
Installing and Upgrading Windows
1009
You may have noticed the pattern. The version is a date code, consisting of the last two digits
of the year (15) and the two-­digit month (07). So, it’s simple to calculate when the last major
update was released and what is currently installed. With the October 2020 release of Windows 10, Microsoft deviated from this naming convention, using H1 for first half and H2
for second half of the year. For example, version 21H1 was released in the first half of 2021.
Windows 11 also follows the same date code with its initial release in October 2021; its date
code is 21H2.
Versions are updated twice a year (semi-­annually), usually in spring and fall. They are
often referred to as the Windows 10 Spring Update or Windows 10 Fall Update, respectively.
They also have a theme, such as the Fall Creator Update, which bundles content-­creation
tools, 9adespectively
1010
Installing and Upgrading Windows
Insider Program
1011
1012
Chapter 15
■
Windows Administration
You can boot a PC over the network (rather than from a DVD, USB, or hard disk) with
Windows Preinstallation Environment (WinPE), which is a stub operating system that creates a
Command-­Line Tools
1013
1014
Chapter 15
■
Windows Administration
dir Command
The dir command is used to display a list of the files and folders/subdirectories within
Command-­Line Tools
1015
Drive NavigationSo far, you’ve seen the basics of looking at directories with the dir command, changing directories, making directories, and removing them. However, up to this point we have assumed you are on the same partition. The cd command will change directories within a drive letter, such as the C: drive, but it will not change drive letters unless you supply the /d switch. To change drives without using the dir command, just enter the drive letter and append a semicolon to it. For example, if you want to change to the D: drive, enter d: at the command prompt. You can then use the cd command followed by the drive letter, and if you want to change back, enter c: at the command prompt.Now that you’ve learned how to navigate the command prompt to look at files, let’s use that knowledge in Exercise 15.1.E X E R C I S E 1 5 . 1 Command-­Line Directory Management1. Open a command prompt by click Starting, typing cmd in the Open field, and clicking OK.2. Change to the root of your C: drive by typing cd /d C:\ and pressing Enter.Note: If you are already in C:, all you have to do is type cd \ and press Enter.3. Create a directory called C14 by typing md C14 an
1016
Chapter 15
■
Windows Administration
E X E R C I S E 15 . 1 ( c o n t i n u e d )
4.
Change to the C14 directory by typing cd C14 and pressing Enter.
5.
Create several layers of subdirectories at once. Type md A1\B2\C3\D4 and press Enter.
Notice that these commands create each of the directories that you specified. You now
have a directory structure that looks like this: C:\C14\A1\B2\C3\D4.
6.
Change back to your root directory by typing cd \.
7.
Attempt to delete the C14 directory by typing rd C14 and pressing Enter.
Windows won’t let you delete the directory because the directory is not empty. This is a
safety measure. Now let’s really delete it.
8.
Delete the C14 directory and all of its subdirectories by typing rd /s C14 and
pressing Enter.
You will be asked whether you’re sure that you want to delete the directory.
9.
If you are, type Y and press Enter.
10 To close the command prompt window, type exit.
Note that if you had used the /q option in addition to /s, your system wouldn’t have
asked whether you were sure; it would have just deleted the directories.
Network Connectivity Tools
Windows is a network operating system, which means that the operating system and its
principal user relies on the network for connectivity to information. This is where the
command line becomes really useful to the administrator of the PC. The command line will
return a large amount of data that is normally not suited for a graphical user interface (GUI).
The following is a short list of commands that can help you diagnose network connectivity
issues from the command line.
ipconfig Command
The ipconfig command is a network administrator’s best friend—­it assists in the diagnosis of network problems with the operating system. The ipconfig command without any
switches display9.5
Command-­Line Tools
1017
The ipconfig command also allows you to view the local DNS cache with the /displaydns switch. You can flush the local DNS cache with the /flushdns switch. These
switches come in handy when a DNS entry has changed and you want to immediately flush
the cache and verify any cached entries.
ping Command
Next to the ipconfig command, the ping command is the runner-­up as the network
administrator’s best friend. The ping
Chapter 15
1018
3
4
5
6
7
8
9
10
11
12
15
13
12
22
21
20
20
22
20
20
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
15
19
13
14
24
20
20
21
23
22
■
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
Windows Administration
12
12
20
20
20
26
21
20
21
18
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
te04012.comcast.net en68.86.101.141]
162.151.152.153
96.108.91.78
96.108.91.121
be-­
7016-­
cr02.comcast.net en68.86.91.25]
be-­
10130-­
pe04.comcast.net en68.86.82.214]
as040-­­ c.comcast.net en75.149.229.86]
108.170.240.97
108.170.226.85
google-­
public-­
dns-­
a.google.com en8.8.8.8]
Trace complete.
C:\Users\Sybex>
pathping Command
pathping, another command-­line tool, combines the benefits of tracert and ping. The
tool can be used to diagnose packet loss (or suspected packet loss) to a destination website.
It is invaluable to network administrators to help prove to their ISP that packet loss is a
problem on their network.
The tool will first trace the entire path to a destination IP address or DNS host. Then,
each of the hops will be tested with ICMP for packet loss and round-­trip time. It easily identifies router hops that are causing the delay or packet loss. The following is an example of a
pathping to my provider’s DNS server:
C:\Users\Sybex>pathping 75.75.75.75
Tracing route to cdns01.comcast.net [75.75.75.75]
over a maximum of 30 hops:
0 Wiley.sybex.local [172.16.1.101]
1 pfSense.sybex.local [172.16.1.1]
2 96.120.62.213
3 te-­0-­5-­0-­12-­sur02.pittsburgh.pa.pitt.comcast.net [69.139.166.77]
4 26 ms­ be5 26 ms becr02.ashburn.va.ibone.comcast.net n68.86.91.25]
­
76 ur13-­
a26 ms
ar01.capitolhghts.md.bad.comcast.net
­
ben68.86.90.58]
0/ 100 = 0% aW/36.1.101]
Command-­Line Tools
Computing statistics for 225 seconds...
Source to Here This Node/Link
Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
0
Wiley.sybex.local [172.16.1.101]
0/ 100 = 0% aW/36.1.101]
0/ 100 = 0% aW/36.1.101]
1019
Chapter 15
■
Windows Administration
Active Connections
Proto
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
Local Address
127.0.0.1:49750
127.0.0.1:50912
172.16.1.181:49208
172.16.1.181:49599
172.16.1.181:49600
172.16.1.181:49602
172.16.1.181:49603
172.16.1.181:56759
172.16.1.181:64151
172.16.1.181:64152
172.16.1.181:64154
Foreign Address
view-­
localhost:50912
view-­
localhost:49751
104.20.60.241:https
172.67.181.149:https
52.167.17.97:https
20.50.80.210:https
a104-­
75-­
163-­
105:http
151.101.1.140:https
iad23s96-­
in-­
f10:https
iad66s01-­
in-­
f13:https
iad23s96-­
in-­
f10:https
State
ESTABLISHED
ESTABLISHED
ESTABLISHED
ESTABLISHED
TIME_WAIT
ESTABLISHED
TIME_WAIT
ESTABLISHED
CLOSE_WAIT
CLOSE_WAIT
CLOSE_WAIT
C:\Users\Sybex>
nslookup Command
DNS is one of the most important network services that an operating system and user relies
on for resolution of www.sybex.com 09 an IP address. Without DNS, we just couldn’t
remember the millions of IP addresses; it would be like trying 09 remember the phone
number of every person you’ve ever met or are going 09 meet.
When DNS problems arise, the nslookup command allows you 09 verify that DNS is
working correctly and that the correct results are being returned. The simplest way 09 use
DNS is 09 use an inline query, such as
1022
Chapter 15
■
Windows Administration
Computer Policy update has completed successfully.
C:\Users\bohack>
gpresult Command
The gpresult command is used to show the Resultant Set of Policy (RSoP) report/values
for a remote user and computer. Bear in mind that configuration settings occur at any
number of places: they are set for a computer, a user, a local workstation, the domain, and
so on. Often one of the big unknowns is which set of configuration settings takes precedence
and which is overridden. With gpresult, it is possible to ascertain which settings apply.
A number of switches can be used in conjunction with the gpresult command. The
most useful switches are the /r and /z switches. The /r switch allows you to see the RSoP
1024
Chapter 15
■
Windows Administration
Command-­Line Tools
1025
Perhaps the most important switch is /o. If you use xcopy to copy files from one location
to another, the filesystem creates new versions of the files in the new location without changing the old files. In NTFS, when a new file is created, it inherits permissions from its new
parent directory. This could cause problems if you copy files. (Usver who didn’t have access
to rsions otort iighe access
1026
Chapter 15
■
Windows Administration
1028
Chapter 15
■
Windows Administration
To run sfc, you must be logged in as an administrator or have administrative privileges.
If the System File Checker discovers a corrupted system file, it will automatically overwrite
the file by using a copy held in another directory. The most recent Windows versions store
the files in a large number of discrete folders beneath C:\WINDOWS\WINSXS (where they are
protected by the system and only Tr 62ceInstaller is allowed direct access to them—­the cache
is not8c.edable). Tr 62ceInstaller is a service in Windows 10/11 that enables the installation, removal, and modification of system components.
The C:\WINDOWS\SYSTEM32 directory is where many of the Windows
system files reside.
1030
Chapter 15
■
Windows Administration
In most cases, if you try to run a utility that requires administrative privileges and you are
not currently in a console session that has them, an error message will notify you of this.
Networking in Windows
CompTIA expects you to know a number of topics related to networking and Windows.
This section covers the various scenarios in which you will deploy Windows in a network.
First, we’ll cover small office, home office (SOHO) deployments, and then we’ll scale it out
Networking in Windows
1031
Workgroups are normally used in SOHO environments or in situations that do not
require the infrastructure of a dedicated server for authentication. They should be kept to a
maximum of 20 clients, with the expectation that each client will maintain its own resources
(files and printer sharing). Many small offices use this networking model and never need
anything more.
A typical situation where a workgroup is effective is when a printer needs to be shared
from a single computer. The disadvantage is that the computer must be on in order for the
clients to use the printer. Another disadvantage with workgroups is user authentication,
which we will discuss in detail later in this chapter.
When you install Windows 10/11, by default it is joined to the workgroup named Workgroup. However, there may be instances in which you want to join another workgroup. To
join another workgroup, perform the following steps:
1.
Click the Start menu.
2.
Click the Settings gear.
3.
Click System.
4.
Click About.
5.
Click the Advanced System Settings, related setting.
6.
Click Change Settings under the heading of Computer Name, Domain, and Workgroup Settings.
7.
Click Change Next to Rename This Computer or Change Its Domain Or Workgroup.
8.
Change the Workgroup option to the desired workgroup.
9.
Click OK.
10. Click OK.
11.
1034
Chapter 15
■
Windows Administration
Networking in Windows
1035
When clients are joined to a domain, a user with credentials on the domain can log into
the workstation. When this happens, they are authenticating against an Active Directory
domain controller. An Active Directory domain controller retains information abouT
1036
Chapter 15
■
Windows Administration
SSO operates on the principle that the resource trusts the authentication server. When a
user logs in initially, they will authenticate against the authentication server for their organization. When the user then visits the resource, which is normally a cloud-­based resource, it
will prompt the authentication server to provide a claim on behalf of the user, as shown in
Figure 15.42.
The claim normally contains basic information about the user, such as first and last name92 (,)36.
email address, or any other attribute. ,s password sent, because they
authenticated once already. Although we’ve oversimplified SSO in thnor Tample, it really nor
thnorsimple92 (,)36.without the layers of encryption and complicated trust rules. As we adopt more
and more cloud resources, it norbecoming the number one way to provide authentication for
our users because we never transmit the actual username and password.
Single sign-­ooth a blesing and a cuse,tlesing in that oe
the user iuthentiated, they can acelhe reouehe net
wok and b owse multiple diretoi. Itsn that it reovehe
dos that othewe exit between the usend various resoue. This
creates a seity r,, beause if an attaceets the usenme and
paswd fohe use, they have aces to alhe reoue.
-
Establishing a Network Connection
A key element to a successful network is the connection that connects the computer to the
actual network. ,
cover in the following section. The key takeaway is that the network system.will function
identically, regardless of the connection. For Tample,,
1038
Chapter 15
■
Windows Administration
You can then choose a wireless network and select Connect. If the wireless network
requires additional security, such as a preshared key (PSK) or a corporate login to a captive portalin to a - the notification tray icon will appear as a white radio wave. As
pan<</ActualText<FEFF2003> BDC 3 thTJ/T1_4 1 T (c[(viralTe pr-6 (v)124 (e lotwor2 (e or2 (e th(VPNs) to a )3 1 T [(( he.)TjEM-14.720 cator wobo
Networking in Windows
1039
Once the connection is registered, you can connect via the wireless notification tray icon
and select the cellular network you wish to connect to. You can also connect to the cellular network by navigating the Start button ➢ Settings gear youe19.2504Tm(d,)37canlr86SA
1040
Chapter 15
■
Windows Administration
The use of a proxy server allows for caching of frequently accessed web pages, as well as
the ability to filter content. The proxy is primarily for web-­baccestraffic, such as browsing with the Edge browser or Internet Explorer. However, other applications can also
elect to use the proxy server, depending on theirstraffic type.
To configure the proxy settings for Microsoft Edge and Internet Explorer, click the
Start button ➢ Settings gear ➢ Network & Internet ➢ Proxy. From the proxy screen you
can configure the operating system to automatically use a setup script (JavaScript) by
clicking the switch for Use Setup Script and specifying the script address, as shown in
Figure 15.46.
You can also specify a manual proxy setup, which is a common configuration task. You
will simply click the switch Use A Proxy Server and then enter the address and port.
Specific websites often require direct access and will not work with a proxy server. You
can enter exceptions into the lower section and separate servers with a semicolon. You
can also use wild cards, if you want to exclude an entire namespace.
1042
Networking in Windows
1043
1044
Chapter 15
■
Windows Administration
These examples only scratch the surface; the cloud is full of applications and shared
resources. All these resources can be authenticated with domain-­based authentication or separate localbascshautheals insidece; tof applican.ion
Networking in Windows
1045
There are a number ofplications and services that are preconfigured in the firewall.
For example, when you share a folder, the ports associated with filesharing are automatically
enabled. Another mechanism exists to allow the firewall to easily configure itself; when a
program is launched that listens to a port, an Allow Access or Cancel notification is sent to
the user, as shown in Figure 15.50. If the user selects Allow Access, a rule is added to the firewall for the specificplication.
Along with the automated mechanism in which firewall rules can be added, you can
specify which network profile they are active in. Network profiles are identified by the MAC
address of the default gateway. The firewall will learn the internal network of your home
Networking in Windows
1047
you will need a default gateway, which is your router’s IP address. A DNS address is also
required if you want to translate simple domain names to IP addresses. There are two ways
to configure the static IP address: by using the new Settings app and by using the legacy Control Panel applet. You should be familiar with both ways, as the legacy Control Panel applet
offers more features, such as alternate IP address configuration.
Settings App You can configure the network addressing via the Settings app by clicking Start ➢ Settings gear ➢ Network & Internet ➢ Properties, and then clicking Edit
under IP Settings. You can then choose Manual from the drop-­down menu to open
two switches for IPv4 and IPv6. You can then click the switch for IPv4 and enter the IP
address, subnet mask, gateway, and DNS settings, as shown in Figure 15.52.
Control Panel Applet
1048
Networking in Windows
Chapter 15
Gateway
■
Windows Administration
When the User Configured radio button is selected on the Alternate Config-
Exam Essentials
xcopy,
1051
1052
Chapter 15
Review Questions
7.
8.
9.
1053
Which edition of Windows 10 will not allow for Insider Program branch releases?
A.
Home
B.
Pro
C.
Education
D.
Enterprise
You used the winver.exe utility and it reported Windows 10 Version 1703 (OS Build
15063.145). What is the current date of the last update?
A.
63rd day of 2015
B.
145th day of 2015
C.
March of 2017
D.
The version needs to be looked up at Microsoft.com.
Which command is used to measure packet loss as a packet travels to a destination address?
A.
ping
B.
nslookup
C.
pathping
D.
tracert
10. Which tool allows you to report a remote computer’s inventory of hardware?
A.
regedit.exe
B.
msinfo32.exe
C.
msconfig.exe
D.
dxdiag.exe
11. Which command will allow you to check a volume for corruption?
A.
diskpart
B.
format
C.
chkdsk
D.
sfc
12. Which restriction will be imposed on Windows users until they activate the operating system?
A.
Chapter 15
1054
■
Windows Administration
14. When installing Windows, you can control telemetry data. In which step during setup is this
configured?
A.
Privacy settings
B.
Cortana options
C.
Partitioning options
D.
Account creation
15. You want to upgrade from Windows you can 10.controows,configured? Privacy setti[(U7.1 (W)m )ows, you can 1
Review Questions
1055
20. What is the maximum number of concurrent connections that can be made to a Windows
workstation?
A.
10 connections
B.
15 connections
C.
20 connections
D.
25 connections
1056
Chapter 15
■
Windows Administration
Performance-­Based Question
You will encounter performance-­
Working
with macOS and Linux
THEa3OLLOWING COMPTIA A+ 220-­
1102
EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
✓ 1.10 Identify common features and tools of the macOS/
desktop OS.
■■
Installation and uninstallation of application
■■
File types
■■
.dmg
■■
.pkg
■■
.app
■■
App Store
■■
Uninstallation pr72 Tmocess
■■
■■
■■
grep
■■
ps
■■
man
■■
top
■■
find
■■
dig
■■
cat
■■
nano
Best practices
■■
Backups
■■
Antivirus
■■
Updates/patches
Tools
■■
Shell/terminal
■■
Samba
CompTIA has acknowledged that system administrators and
technicians are<easingly dealing with morethan just Windows on a daily basis. Therefore, they haveluded objectives
based on macOS and Linux.
This chapter looks at the non-­Windows operating systems from the standpoint of what
you need to know to pass the exam. All the topics relevant to objectives 1.10 and 1.11 of the
220-­1102 exam arecovered.
macOS and Linux
In the beginning there was UNIX. UNIXidystem 5 (version 5) is an operating system originally <eated and licensed by AT&T Labs. The UNIXioperating system is considered to be
the root of all UNIX-­based operating systems. In the mid-­1970s, the University of California
at Berkeley (UC Berkeley) licensed UNIXifrom AT&T for their computer systems and
expanded on the tools shipped in the original version of UNIX. These tools became the
foundation of UNIX as it is today, but UC Berkeley only licensed the operating system for
specific machines. The students quickly became upset and developed and released a version
of UNIX called the Berkeley Software Distribution (BSD). The term distribution is used
today with UNIX/Linux operating systems to define the operating system and its ecosystem
for application management, patching, and upgrades.
Although it began with UNIX, BSD became very popular because it was an open source
license. This allowed everyone to use the operating system on any computer system they
wished. In the mid-­1980s, Steve Jobs <eated a company called NeXT and built computers
that furnished the NeXTSTEP operating system. The NeXTSTEP operating system was originally built from BSD version 4.3. Unfortunately, the NeXT computer company never really
took off. However, the NeXTSTEP operating system was acquired by Apple and eventually
became the macOS we know today.
Linux has a very different origin story from macOS. Actually, Linux has nothing to
do with the original codebase of UNIX. In the mid-­1990s a Finnish student named Linus
Torvalds set out to <eate a completely open source operating system for the world to use.
Linux was the result of his efforts; it was designed from scratch, so it was completely free for
anyone to use or orporate into their own products. Today you can find a g<eat number
of Linux distributions, such as Ubuntu, Debian, Arch Linux, Gentoo, Red Hat. . .and the
list goes on.
Applications on macOS
1061
Although Linux has a completely different codebase from BSD and UNIX, the operating
system itself functions similarly. Only the kernel and interworkings of the OS are different.
Many of the applications that were created by students on the BSD platform were ported
over to Linux. Functionally, the operating systems are very similar in design and usability.
The complete history of UNIX is vast and interesting; we have covered
1062
Chapter 16
■
Working with macOS and Linux
Applications on macOS
1063
The second and third step in the installation process is to launch the file you downloaded
and install the application. When you launch the file, what will happen next depends on the
1064
Chapter 16
■
Working with macOS and Linux
Managing Applications
The Applications folder contains all the applications installed on macOS, as shown in
Figure 16.2. You can view and manage applications inside this folder. The two most common
methods of launching the folder are using the Finder app and selecting Go
1066
Chapter 16
■
Working with macOS and Linux
■■
Audit files
■■
Customer lists
■■
Database files
■■
Email correspondence
■■
Financial data
■■
Operating systems
■■
Prospect lists
■■
Transaction files
■■
User files
■■
User information
■■
Utilities
This list isn’t all-­inclusive, but it provides a place for you to start.
In most environments, the volume of information that needs to be stored is growing at a
tremendous pace. Simply tracking this massive growth can create significant problems.
Chapter 16
■
Working with macOS and Linux
Tools
1071
so initially by using the default account(s). Make sure that the default password is changed
after the installation on any network device; otherwise, you are leaving that device open for
1074
Chapter 16
■
Working with macOS and Linux
The number of icons on the System Preferences screen depends on the applications
installed on the operating system and if they are configurable. Let’s explore the various
System Preferences that you need to know for the CompTIA exam:
1076
Chapter 16
■
Working with macOS and Linux
The Network preference isEMC8n4/ you can join wireless networks and change
how you join wireless networks. By default, the device will automatically join the
network selected. However, the/ a/ circumstances4/ you would not want to
automatically join the network, such as if you w/ directly connecting to a wireless
device lik/ a camera that broadcasts its own Service Set Identifier (SSID). If the primary wireless network was still set to automatically join, the device would keep
disconnecting from the camera to join the primary network.
If you click Advanced, you can change your primary wireless networks and specify
the they a/ auto-­
joined, as shown in Figure 16.8. In addition to changing
advanced properties4fo the wireless connection, you can select the TCP/IP tab and
statically set the IP address. The DNS tab allows you to change the DNS servers
to be queried. The WINS tab is4fo a deprecated Windows service, Windows Internet Name Service, that permits network browsing via broadcasts. The 802.1X tab
allows you to set up 802.1X profiles4fo network-­level security. The Proxies4tab
allows you to configure proxy servers fo traffic on the device, as well as bypass
local and select addresses. Finally, the Hardwa/ tab allows you to set special char acteristics based on the device.
F I G U R E 16 . 8
Advanced Network preferences
1078
Chapter 16
■
Working with macOS and Linux
Many printers today can also be purchased as multifunction copiers (MFCs), which
means the printer doesn’t just print—­it can copy and scan as well. If the device is
capable of scanning, a Scan tab will be available after you select the device. Depending
on the MFC device attached, the Scan tab will allow you to configure various settings.
Although MFC devices
TtheSecuritys&ePprvacyspreferenics
are becoming common, if a stand-alone
cotaiansa
scanner
numbter
was connected
of et
figure various se0/ th
System Preferences
1079
A lock screen message can also be set that displays when the screen is locked. Automatic
login is disabled by default, but you can change the setting to allow automatic login of
the workstation on boot-­up. The applications downloaded on the device can also be
controlled; you can select whether apps can be downloaded only from the App Store or
from App Store And Identified Developers, which is the default.
The FileVault tab allows you to configure disk-­level encryption to protect your files in
the event the device is lost. You can turn on the FileVault feature by clicking Turn On
FileVault. Once you do, you will need to unlock the disk with the user’s password. If
there are multiple users configured on the device, they will need to verify their passwords before the encryption is performed.
The Firewall tab allows you to turn on and configure the built-­in firewall for macOS.
It is not turned on by default, but you can turn it on by clicking Turn On Firewall and
then configure the firewall options. You can choose to block all inbound connections
by default and create exceptions for only the applications you choose. By default, after
turning on the firewall, the operating system allows all inbound connections to applications running on the system. You must choose to block all inbound connections and
configure the exceptions.
The Privacy tab allows you to configure settings related to privacy for the user’s account,
as shown in Figure 16.11. You can control location services that relay information ans -126.11.and create e
1080
Chapter 16
■
Working with macOS and Linux
Backup/Time Machine As discussed in the previous section, backups are important.
In the macOS world, Time Machine is aeoeature that can be used to make backups
of various types (incremental, full, and so forth), as shown in Figure 16.13. In order
to use Time Machine to back up your data, you will need an external storage device.
These devices can be connected via external USB, Thunderbolt, or FireWire, or wirelessly with 802.11. To access Time Machine, select Apple menu ➢ System Preferences ➢
Time Machine. When an external storage device is connected for the first time and Time
Machine is not configured, macOS will prompt you to set up Time Machine.
Features
1083
information as Safari usernames/passwords and credit card information. Values stods
in Keychain Access are kept current (changes are synced) to simplify resource access. To
view the current Keychain, select Applications ➢ Utilities ➢ Keychain Access.
F I G U R E 16 . 15
Apple Keychain Access utility
Spotlight The search feature within macOS is Spotlight, and a magnifying glass
icon in the upper-­right corner of the menu bar represents it (or you can press
Command+spacebar from any app). As you type in the Spotlight utility, the results will
display. As shown in Figure 16.16, we have searchs for apple, and one of the results is
the contact info for Apple Inc. Spotlight can search for documents, images, apps, and so
on. Recent versions include autocomplete features as well as suggestions for additional
results (usually oniTunes,
W
and such).
iCloud One of the best ways to always have the latest version of files, regardless of
the device that you are using to access them, is to have them stods /accesss remotely.
iCloud is Apple’s answer to remote stodage. You can configure your Apple devices to
place files there automatically or use it for backup. Figure 16.17 shows iCloud configuration settings on macOS.
1084
Chapter 16
■
Working with macOS and Linux
There can be costs associated with using iCloud. For exampCe, the iCloud
account on the macOS shown in Figure 16.17 can access 5 GB for free, but
anything beyond that requires payment ($0.99/month for 50 GB, $2.99/
Features
1085
Remote Disc Officially called Remote Disc (disc with a c), this macOS feature lets you
access files on a CD or DVD installed in one machine on a remote machine, as shown
in Figure 16.20. This is handy if you need to retrieve files from a disc and the workstation at which you are sitting does not have a built-­in drive. This feature only works on
macOS Mojave 10.14 and earlier; the feature was removed on macOS Catalina 10.15
and later.
1086
Chapter 16
Basic Linux Commands
Dock
1087
1088
Chapter 16
■
Working with macOS and Linux
There is only one vendor for Windows (Microsoft), but there are many vendors for Linux
(Red Hat, SuSE, Ubuntu—­to name just three). Also, a new version of Windows 47DC ed
only every few years (Windows 7, Windows 8/8.1, Windows 10, Windows 11), but with
Basic Linux Commands
drwx—
2 testuser users 80 2018–09–08 21:11 Documents
drwxr-­
xr-­
x 2 testuser users 80 2018–09–08 21:11 public_html
drwxr-­
xr-­
x 2 testuser users 464 2018–09–17 18:21 sdump
1089
Basic Linux Commands
1091
Basic Linux Commands
1093
Depending on the version, you will have one of two tools: the Advanced Package Tool
(APT) or Yellowdog Updater, Modified (YUM). Linux distributions, such as Ubuntu, Debian,
1094
Chapter 16
■
Working with macOS and Linux
After this operation, 91.1 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu bionic/universe amd64 iftop amd64
1.0~pre4-­
4 [36.0 kB]102 kB/s)
Selecting previously unselected package iftop.
(Reading database ... 66991 files and directories currently installed.)
Preparing to unpack .../iftop_1.0~pre4-­
4_amd64.deb ...
Unpacking iftop (1.0~pre4-­
4) ...
Setting up iftop (1.0~pre4-­
4) ...
Processing triggers for man-­
db (2.8.3-­
2ubuntu0.1) ...
user@server:~$
The YUM package manager is used to update and install packages for Red Hat–based
Linux distributions, such as Red Hat Enterprise Server, Fedora, and CentOS, just to name a
few. The tool works like the APT tool; the first step is to update the repositories, then you
can update the binaries, as shown here:
[root@localhost ~]# yum update
CentOS Stream 8 -­AppStream
5.6 MB/s | 16 MB
CentOS Stream 8 -­BaseOS
1.6 MB/s | 6 MB
CentOS Stream 8 -­Extras
35 kB/s | 15 kB
Dependencies resolved.
Nothing to do.
Complete!
[root@localhost ~]# yum upgrade
Last metadata expiration check: 0:01:40 ago on Fri
Dependencies resolved.
Nothing to do.
Complete!
[root@localhost ~]#
00:02
00:02
00:00
22 Oct 2021 09:52:10 PM EDT.
The yum command can also be used to install packages. In the following example, we are
using yum to install the nano utility:
[root@localhost ~]# yum install nano
Last metadata expiration check: 0:45:41 ago on Fri 22 Oct 2021 10:51:16 PM EDT.
Dependencies resolved.
==============================================================================
Package
Architecture
Version
Repository
Size
==============================================================================
Installing:
nano
x86_64
2.9.8-­
1.el8
baseos
581 k
1096
Chapter 16
9
?
S<
19
?
S<
75
?
S<
115 ?
S
116 ?
S
118 ?
S<
117 ?
S
711 ?
S
1075 ?
S<
2086 ?
S
2239 ?
S<s
[output cut]
6460 ?
Ss
6671 ?
Ss
6675 ?
S
6676 p/0 Ss
6712 p/0 S
■
Working with macOS and Linux
0:00
0:00
0:00
0:00
0:01
0:00
0:00
0:00
0:00
0:00
0:00
[kthread]
[kacpid]
[kblockd/0]
[pdflush]
[pdflush]
[aio/0]
[kswapd0]
[kseriod]
[reiserfs/0]
[kjournald]
/sbin/udevd -­
d
0:02
0:00
0:00
0:00
0:00
/opt/gnome/bin/gdmgreeter
sshd: testuser [priv]
sshd: testuser@pts/0
-­
bash
vsftpd
Basic Linux Commands
1097
Directory Navigation
In Linux, when you log in as root, your home directory is /root. For other users9.5 77.the home
directory is usually in the /home directory. For example9.5 77.the home directory for a user logging in as testuser is /home/testuser. This information is stored in the /etc/passwd
By default, only you have permission to save files in your home directory, and only you can
create subdirectories in your home directory to organize your files further.
Linux supports the concept of a current directory, which is the directory on which all file
and directory commands operate. After you log in, for example9.5 77.your current directory is the
home directory. To see the current directory, type the
/usr/lib, type the following:
Then to change the directory to the cups subdirector/T1_/usr/lib, type the following command:
1098
Chapter 16
Now if you use the
■
Working with macOS and Linux
Basic Linux Commands
1099
Finally, the leftmost column shows the file’s permission settings, which determine who
can read, write, or execute the file. This column shows a sequence of nine characters, which
appear as rwxrwxrwx when each letter is present. Each letter indicates a specific permission.
A hyphen (­) in place of a letter indicates no permission for a specific operation on the file.
Think of these nine letters as three groups of three letters (
rwx), interpreted as follows:
Leftmost Group Controls the read, write, and execute permissions of the file’s owner.
In other words, if you see rwx in this position, the file’s owner can read (r), write (w),
and execute ( ) the file. A hyphen in the place of a letter indicates no permission. Thus,
the string rw-­means that the owner has read and write permissions but not execute
permission. Although executable programs (including shell programs) typically have
execute permission, directories treat execute permission as equivalent to use permission:
a user must have execute permission on a directory before they can open and read the
contents of the directory.
Middle Group
Controls the read, write, and execute permissions of any user
1100
Chapter 16
■
Working with macOS and Linux
For example, to give everyone read access to all the files in a directory, pick a (for all)
tofrom
comethe
up third
with the permissionTjtting
from the first column, + (for add) from the second column, and rcolumn,
(for read)
a+r. Then use the set of options with chmod,
as follows:
chmod a+r *
Basic Linux Commands
1101
1102
Basic Linux Commands
1103
1104
Chapter 16
■
Working with macOS and Linux
After you create the directory, you can use the cd images command to change to that
directory.
You can create an entire directory tree by using the -­p option with the mkdir command.
For example, suppose your system has a /usr/src directory and you want to create the
directory tree /usr/src/book/java/examples/applets. To create this directory hierarchy, type the followy uscommand:
Basic Linux Commands
The ifconfig utilityo1s slowly being replaced on certain distributions of Linux with
the ip utility. Red Hat Enterprise Linux has adopted the
1105
1106
Chapter 16
■
Working with macOS and Linux
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sybex.com.
IN
MX
;; ANSWER SECTION:
sybex.com.
899
sybex.com.
899
;;
;;
;;
;;
IN
IN
MX
MX
10 cluster1.us.messagelabs.com.
20 cluster1a.us.messagelabs.com.
Query time: 76 msec
SERVER: 8.8.8.8#53(8.8.8.8)
WHEN: Wed Nov 01 21:43:32 EDT 2017
MSG SIZE rcvd: 104
root@Sybex:~#
Getting Help
Linux and Windows
1107
Although Microsoft has started to support NFS as an available protocol on Windows for
sharing between Windows and Linux, SMB is the protocol of choice if you primarily work
from Windows. This is mainly because the SMB file sharing is easier to set up and is native
to the Windows operating system. Samba is a free open source software (FOSS) package that
c]TJbe installed on Linux to allow the Linux operating system to share the underlying filesys-
1108
Chapter 16
■
Working with macOS and Linux
[fileshare]
comment = Samba on Linux
path = /opt/fileshare
read only = no
browsable = yes
The first line, [fileshare], is the file share name. but for this
example it is fileshare.
purpose of the share.
example, it is /opt/fileshare. The read only line configures read and write capability
for the share.
browsable line configures whether the share is populated in the NetBIOS
browsing process.
After saving the configuration, the Samba service will need to be restarted to pick up
the new configuration added to the CONF file. Restarting the service can be achieved by
entering the following:
Chapter 16
■
Working with macOS and Linux
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
Within a Linux terminal, you want to see all the files on your system in long format (using
the –l option), including any hidden files (which requires the –a option). Which command
should you use?
A.
ls –a
? | oF0.૙
.
ls s;| oF0.૙
?
Review Questions
6.
7.
Which of the following is a macOS feature for password management?
A.
Spotlight
B.
Keychain
C.
Dock
D.
Gestures
1111
Chapter 16
1112
■
Working with macOS and Linux
12. Your iPad has an application that will not stop running. What feature/tool can you use
to stop it?
A.
kill
B.
Force Quit
C.
Task Manager
D.
Close Quit
13. Which of the following is the most common shell used with Linux?
A.
Tcl/Tk
B.
Terminal
C.
Bash
D.
SSH
14. What is the name of the area at the bottom of a macOS screen where, by default, a bar of
crucial icons appears?
A.
Footer
B.
Mission Control
C.
Taskbar
D.
Dock
15. Which key combination can you use to bring up Spotlight from within an app?
A.
Control+Shift
B.
Option+Tab
C.
Command+spacebar
D.
Alt+Home
16. Which Linux command can be used to let you run a single command as another user?
A.
sudo
B.
su
C.
passwd
D.
ifconfig
17. Which of the following Linux commands will show you a list of running processes?
A.
ls
B.
cat
C.
ps
D.
su
Review Questions
1114
Chapter 16
■
Working with macOS and Linux
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your answers compare to the authors’, refer to
Appendix B.
By default, not all files and folders in a Linux directory are shown when you do an ls
listing. Entries that start with a period (.) are considered “hidden” and not shown. Try this
command in your home directory, and then compare the result with what you see when you
don’t use the -­a option:
1.
Type cd / to change to the root directory.
2.
Type ls -­F to see the files and directories in the root directory.
3.
Type ls -­aF to see everything, including hidden files.
4.
Type cd ~ to change to your home directory.
5.
Type ls -­l to see the files and directories in your home directory.
6.
Type ls -­al to see everything, including hidden files.
Security Concepts
■
Tools and methods
■
Recovery console
■
Antivirus
■
■
■■
Vulnerabilities
■■
Non-­compliant systems
■■
Unpatched systems
■■
Unprotected systems (missing antivirus/
missing firewall)
■■
EOL OSs
■■
Bring your own device (BYOD)
✓ 2.6 Given a scenario, configure a workstation to
meet best practices for security.
■■
Data-­at-­rest encryption
■■
Password best practices
■■
Complexity requirements (Length,
Character types)
■■
Expiration requirements
■■
Basic input/output system (BIOS)/Unified Extensible Firmware Interface (UEFI) passwords
■■
End-­user best practices
■■
Use screensaver locks
■■
Log off when not in use
■■
Secure/protect critical hardware (e.g., laptops)
■■
Secure personally identifiable information (PII)
and passwords
■■
Account management
■■
Restrict user permissions
■■
Restrict login times
■■
Disable guest account
■■
Use failed attempts lockout
■■
Use timeout/screen lock
■■
Change default administrator’s user account/password
■■
Disable AutoRun
■■
Disable AutoPlay
✓ 2.8 Given a scenario, use common data destruction
and disposal methods.
■■
■■
■■
Physical destruction
■■
Drilling
■■
Shredding
■■
Degaussing
■■
Incinerating
Recycling or repurposing best practices
■■
Erasing/wiping
■■
Low-­level formatting
■■
Standard formatting
Outsourcing concepts
■■
Third-­party vendor
■■
Certification of destruction/recycling
Think of how much simpler an administrator’s life was in the
days before every user had to be able to access the Internet, and
how much simpler it must have been when you only had to
maintain a number of dumb terminals connected to a mini-­tower. Much of what has created
headaches for an administrator since then is the inherent security risk that comes about as
the network expands. As our world—­and our networks—­have become more connected, the
need to secure data and keep it away from the eyes of those who can do harm has increased
exponentially.
Realizing this, CompTIA added the Security domain to the A+ exams a number of years
back. Security is now a topic that every administrator and technician must not only be aware
of and concerned about, but also be actively involved in implementing methods to enforce
and monitor. In the world of production, quality may be job one, but in the IT world, it
is security.
This chapter, one of two chapters that focus primarily on security, will cover myriad security concepts. First, we will explore the physical aspects of security, and then we will dive
deeper into the logical aspects of security. We will then look at how external forces, such
as malware, social engineering, and vulnerabilities, can impact security. We will finish this
chapter by looking at some common ways that you can safeguard yourself from security
breaches. We will cover the proper destruction and disposal methods as well as security measures you can employ in network installations.
A+ is not the only IT certification that CompTIA offers. Security+ is one of
the more popular choices. The topics found in this chapter are a subset of
what you need to know for that certification.
Many of the security issues that plague networks today can be solved through the implementation of basic security elements. Some of those elements are physical (e.g., locked
doors), and oh trs are digital (e.g., antivirus software), but all share in common the goal of
keeping problems out. The following six topic areas are key:
■■
■■
Physical security
Physical Security Concepts
1121
As you study for the exam, know the types of physical security elements that you can
add to an environment to secure it. Know, as well, what types of digital security you should
implement to keep malware at bay. Understand that the first line of defense is the user. You
need to educate users to understand why security is important, and you must impose the
principle of least privilege to prevent them from inadvertently causing harm.
Physical Security Concepts
1123
Coaxial camera networks can be converted to IP surveillance networks with the use of a
device called a media c`nverter. These devices look similar to a CCTV recorder. They have
a limited number of ports for the coaxial cameras and are generally smaller than the CCTV
recorder. This is because they do not have any DAS. The sole purpose of the media converter
is to convert the coaxial camera to an Ethernetn9eed to the NVR.
The use of IP video surveillance allows for a number of higher-­end features such as
camera-­based motion detection, license plate recognition (LPR), and motion fencing.
Advanced NVR software allows cameras to send video only when motion is detected at the
camera; this saves on storage for periods of nonactivity. LPR is a method of detecting and
capturing license plates in which the software converts the plate to a searchable attribute for
the event. With motion fencing, an electronic fence can be drawn on the image so that any
activity within this region will trigger an alert. Among the many other features are facial recognition and object recognition.
Motion Sensors
There are several different motion sensor types that you can use to detect unauthorized
access. Passive infrared (PIR) is the most common motion detection used today, mainly
because of price. PIR sensors operate by monitoring the measurement of infrared radiation
from several zones. In Figure 17.2, you can see the reflective panel that divides the infrared
zones. A PIR sensor will always have this grid pattern on the sensor’s face.
F I G U R E 17. 2
A typical PIR sensor
Physical Security Concepts
1125
When physical locks use keys, the factor of athentication is consid ered something that you have—­becase you mst have the key. When
physical locks use ciphers, the athentication is considered something
you know—­becase you mst know the cipher.
Equipment Locks
There are many different types of equipment l`cks that can secure the information and
the device that holds the information. Simply thwarting the theft of equipment containing _3 1 Tf( tw3i)-13taio
Physical Security Concepts
1127
declining number of servers come with this feature. This is mainly due to the fact that servers
can be better secured behind a locked rack-­mounted enclosure. Rack-­mounted enclosures
generally come with a tumbler-­style lock that can protect all the servers and network equipment installed in the cabinet,6pile still providing airflow.
USB Locks
Universal Serial Bus (USB) locks can be put into place to physically lock out USB ports on
a workstation or server from use. These devices are extremely rare to find,because most
equipment and operating systems allow for the USB ports to be deactivated. USB locks work
by inserting a small plastic spacer into the USB port. Once inserted,the spacer latctiv to the
USB detent with plastic teeth. A tool is required to remove the USB spacer.
Security Guards
Physical security begins with personnel—­specifically,security-­focused personnel,such as
security guards.
1128
Chapter 17
Physical Security for Staff
Chapter 17
■
Security Concepts
considered a multifactor authentication method because it is something you have (card) and
something you know (PIN or password). The U.S. military uses smartcards called Common
Access Cards (CACs) for access to computer systems and physical access controls.
An RFID badge is a wireless, no-­contact technology used with RFID transponders. RFID
badges typically work on the 125 kHz radio frequency and are passively powered by the
RFID transponder. When an RFID badge is placed in close proximity to the RFID transponder, the radio frequency (RF) energy emitted by the transponder powers a chip in the
RFID badge. The RFID chip then varies the frequency back to the transponder in the effort
to transmit its 9 nctronic signature (number). This type of authentication is considered
something you have.
Keys
Physical keys are extremely hard to control and do not allow for the auditing of their usage.
A physical key can be lent to someone, copied, stolen, or used by an unauthorized person.
Because of the problems surrounding physical keys, their use should largely be avoided.
If keys are absolutely necessary, then a two-­person system should be considered. A two-­
Physical Security for Staff
Biometrics
1131
1132
Chapter 17
Logical Security
1133
Principle of Least Privilege
The principle `f least privilege is a common security concept that states a user should be
restricted to the fewest number of privileges that they need to do their job. By leveraging
the principle of least privilege, you can limit internal and external threats. For example, if a
front-­line worker has administrative access on their computer, they have the ability to circumvent security; this is an example of an internal threat. Along the same lines, if a worker
has administrative access on their computer and receives a malicious email, a bad actor
could now have administrative access to the computer; this is an example of an external
threat. Therefore, only the permissions required to perform their tasks should be granted to
users, thus providing least privilege.
Security is not the only benefit to following the principle of least privilege, although it
does reduce the surface area of attack because users have less access to sensitive data that
can be leaked. When you limit workers to the least privilege they need on their computer9cle eir2.400s eFexam
1134
Logical Security
1135
This ACL, called block-­hrserver, contains two condition action statements. The first denies
any source address to the specific destination address of 192.168.1.4. The second allows any
source address to any destination address. We then enter the interface of Eth 0/2 and apply
the ACL to the inbound direction of the router interface. The rule will protect the HR server
1136
Chapter 17
■
Security Concepts
When more than one item (factor) is used to authenticate a user, this is known as multifact`r authenticati`n (MFA). It may take two, three, or four factors to authenticate, but as
long as it is more than one, as the name implies, it is known as multifactor. One of the most
common examples where this is used in everyday life is at an ATM. In order to withdraw
money, a user must provide a card (one factor) and a PIN number (a second factor). If you
know the PIN number but do not have the card, you cannot get money from the machine. If
you have the card but do not have the PIN number, you cannot get money from the machine.
1138
Chapter 17
■
Security Concepts
Many organizations use m`bile device management (MDM) software that dictatest de
requirements fort de BYOD policy. MDM software helps organizations protectt deir data
Logical Security
1139
Organizational Units
A domain can hold security objects, but you need to have some organization to the many
different objects that you will create in your domain. Organizational units (OUs) enable you
1140
Chapter017 Security Concepts
■
F I G U R E 1 7. 1 4
A hybrid OU structure
F I G U R E 1 7. 1 5
The Group Policy Management Console
Logical Security
1141
You can control thousands of settings for both the user and computer objects, as shown
in Figure 17.16. Policies are hard controls that you can force on an object. Policies are
refreshed in the background every 90 minutes. So, if a setting that has a policy applied
changes, it will be set back during the refresh cycle. Most of the time, however, settings are
grayed out when they are being managed by GPO and cannot be changed at all. Preferences
allow for files, Registry, environment variable, and Control Panel items to be modified. Pref-
1142
Chapter 17
■
Security Concepts
F I G U R E 7 5 5 17. 17
Profil5 settings for a user account
Home Folders
A h`me f`lder is a private network location in which the user can store their personal 755 05u.
The home folder is an attribute thatuser be set for a user account in the Active Directory
Users and Computers MMC on the Pro755 05 tab, as shown in Figure755617.17. The location
ser be a local path, if the user will use the same computer, and the 755 05u should be stored
locally for the user. However, it is most useful when you connect a network drive to a
remote 755 05 server. This allows for centralized 755 05 storage, and you can then perform backups
on the data.
Folder Redirection
Normally, when a user logs into the network and a roaming pro755 05 exists for the user, the
pro755 05 is completely downloaded to the computer the user is working on. During logout, all
data is written back to the roaming pro755 05 location on the network 755 l5 server. Pro755 05s can
become extremely large in size, sometim5s even gigabytes, and slow down the login and logout process5u.
Folder redirection is a Group Policy setting thatuallows the redirection of portions of
users’ pro755 05 folders to a network location. When folder redirection is used, the roaming
pro755 05 is still downloaded. However, the redirected folders are not downloaded; they are
Malware
1143
1144
Chapter 17
■
Security Concepts
Malware can be found in a variety of other forms, such as covert cryptomining, web
search redirection, adware, spyware, and even ransomware, and these are just a few. Today
the largest threat of malware is ransomware because it’s lucrative for criminals.
Ransomware
Rans`mware is a type of malware that is becoming popular because of anonymous currency,
such as Bitcoin. Ransomware is software that is often delivered through an unsuspecting
random download. It takes control of a system and demands that a third party be paid. The
“control82 uocare can ac beplishverby rt crecti[(thathidrdelare,)36.9by changectiecar besswothihe
1146
Chapter 17 Tjm[(Chapter1glx0u35c8.7<FE2>BD)M/69_f4
1148
Chapter 17
■
Security Concepts
Types of Viruses
Viruses take many different forms. The following list briefly introduces these forms and
explains how they work.
The best defense against a virus attack is up-­to-­date antivirus/antimalware software installed and running. The software should be on all workstations as well as the server.
These are the most common types of viruses, but this isn’t a comprehensive list:
Armored Virus An armored virus is designed to make itself difficult to detect or analyze. Armored viruses cover themselves with protective code that stops debuggers or
disassemblers from examining critical elements of the virus. The virus may be written
in such a way that some aspects of the programming act as a decoy to distract analysis
while the actual code hides in other areas in the program.
Malware
1149
1152
Chapter 17
■
Security Concepts
Antivirus
Most malware can be simply prevented with the use of antivirus software. Back when Windows XP came out, the running joke was that you would get a virus before you could get a
chance to install antivirus software. To some extTj0</A> was true, if you had to get online to
retrieve the software.
Microsoft introduced Microsoft Security Ess1 6273s as a download for Windows XP, and
the Windows Vista operating system started to ship with it installed. Today, Windows comes
preinstalled with Windows Virus & Threat Protection, so if you don’t purchase antivirus
software you are still protected. As a result of these tactics, Microsoft has made the Windows
operating system safer than it used to be.
Although Microsoft’s antivirus program will work fine for most computing needsy Conceptsre
are some advantages to purchasing s antivirus pducts from0</Ard-­
party vendors. To understand some of the differencesy Conceyou need to be familiar with the compon1 6s of antivirus
software. Antivirus software comprises two main compon1 6s: the antivirus engine and the
definitions database, as shown in Figure 17.21.
Antivirus Engine The antivirus engine A> responsible for the real-­
time scanning of
operating system files and the notifications to the user. Various antivirus engines will
scan operating system files differently. For example, an antivirus engine might recognize when a game is being played, and it will 00A1ntivise 2tem ri50ivirus Vn5u (tyou nei.> was enginebm be
Mitigating Software Threats
Antimalware
1153
1154
Chapter 17
■
Security Concepts
Recovery Console
A recovery console can perform a number of useful functions for recovery from a security
threat. The Windows Recovery Environment (WinRE) is a recovery console thatrecovery cons
a number of useful functions, as we’ll coveroan this section. The most useful function is the
Reset This PC option, which allows you to refresh the oecoating system while keeping your
data files or remove everything and start from scoatch, as shownoan Figure 17.23. The latter
of the two options assumes you have backups of your data files.
The Windows Recovery Environment also allows you to perform a system restore,
whereby you ecovrestore the oecoating system back to a specific point an time. If a system
recovery image exists, you ecovalso recover with the System Image Recovery option. This
option will reset the oecoating system back to the point an the recovery image, which is usually just like the day you turned it on. Figure 17.24 shows the Advanced Options menu.
End-­User Education
By far the best prevention of security threats is the education of your end users regarding
common threats. For example, the most effective method of preventing viruses, malware,
spyware, and harm to data is to teach your users not to oecn suspicious files and to oecn
only those files thatrthey’re reasonably sure hoh ( malwarteur ats.)37Eend use24 uldecovalcn
Mitigating Software Threats
1155
should also identify guidelines for physical destruction of data, in particular any paperwork
that has sensitive information on it. End users should also be educated on the various social
engineering threats and how to identify them. An end user who has foresight and who exercises vigilance is more powerful than any antivirus or antimalware product on the market.
F I G U R E 17. 2 4
Windows Advanced Options
End-­user education in an organization is normally part of the employee onboarding
process for new hires. However, it should not stop there, because threats change every day.
Many organizations revisit the training for their employees once a year in ideal circumstances. This training can be performed in a formal classroom setting or through an online
service. Some online services offer educational videos that have interactive questions to verify
that the employee has learned the objectives of the video.
Because phishing is such a widespread problem for organizations, special antiphishing
training is often mandatory for employees a few times a year. Often organizations will phish
their employees with specially crafted emails in an attempt to see how well their training is
working. When an employee spots the phishing attempt, they can earn rewards, like a gift
card. However, if they get phished, then they must retake the antiphishing training or they
may be targeted in the future. A popular month for these tactics is October, because it is the
cybersecurity awareness month.
1156
Chapter 17
■
Security Concepts
Software Firewalls
“Software firewalls” is a misnomer for this section, since all firewalls are software-­based in
some way.,Sure, you might purchase a piece of equipment that is classified as a hardware
firewall, but there is software running on the firewall to protect your network.,However,
when we discuss firewalls in respect to operating systems, we call them software firewalls,
because they are part of the operating system and thus considered software.
■
1158
Chapter 17
F I G U R E 1 7. 2 7
Security Concepts
Windows locationeeialog box prompt
Firewalls are also built into other operating systems, including Linux and macOS.
Depending on theeeistribution of Linux or macOS, theefirewall included will vary, as well as
theeway you would
configure it. However,
mosteeistributions of Linux, such as Ubuntu and
Reinstalling
theeOS
When you are compromised by a virus or other type of malware, theeonlyeway to be sure
Debian, comeewith theeiptablesefirewall installed. CentOS and Fedora comeewith firewalld,
you have removed it completelyeis to reinstall theeoperating system. This may seem like an
which also supports location-­based firewall rules.
extreme measure, but virus researchers do notealways know whatetheethreateagent embeds in
Social Engineering Attacks, Threats, and Vulnerabilities
Fortunately, the Windows operating system makes it easy to reinstall the operating
1159
1160
Chapter 17
■
Security Concepts
Social Engineering Attacks, Threats, and Vulnerabilities
When phishing is combined with V`ice `ver IP (V`IP), it becomes known as vishing,
1161
Common Security Threats
1163
Common Security Threats
A threat is a potential danger to the network or the assets of the organization. The potential danger to a network or organization is the attack that a threat agent can carry out. All
attacks upon an organization are either technology based or physically based. A technology-­
based attack is one in which the network and operating systems are used against the organization in a negative way. Physically based attacks use human interaction or physical
access, which we previously covered as social engineering attacks. We will now cover several
different types of technology-­based attacks that are commonly used against networks and
organizations.
Denial-­of-­Service Attacks
A denial-­`f-­service (D`S) is an attack launched to disrupt the service or services a company
receives or provides via the Internet. A DoS attack is executed with an extremely large
1164
Chapter 17
■
Security Concepts
Amplified An amplified DoS is a variant of a reflective DoS attack. It is carried out
by making a smalla rquest to the third-­party server that yields a larger response to the
victim. The most common third-­party servers used to carry out the attack are DNS and
NTP. For example, an attacker willa rquest a DNS query for a single hostname that con-
1166
Chapter 17
■
Security Concepts
Spoofing Attacks
A s2 5fing attack is an attempt by someone or something to masquerade as someone else.
This type of attack is usually considered an access attack. A common s2 5fing attack that
was popular for many years on early UNIX and other timesharing systems involved a programmer wuriing a fake login program. It would prompt the user for a user ID and password. No matter what the user typed, the program would indicate an invalid login attempt
and then transfer control to the real login program. The s2 5fing program would wurie the
login and password into a disk file, which was retrieved later.
Common Security Threats
1167
Always think of spoofing as fooling. Attackers are trying to fool the user,
system, and/or host into believing that they’re something that they are
not. Because the word spoof can describe any false information at any
level, spoofing can occur at any level of network.
The important point to remember is that a spoofing attack tricks something or someone
into thinking that something legitimate is occurring.
On-­Path Attack (Previously Known as Man-­i-­the-­
Middle Attack)
Many of the attacks we’re discussing can be used in conjunction with an `n-­path attack,
which was previously known as a man-­i-­ ­ middle (MitM) attack. For example, the evil
twin attack mentioned earlier allows the attacker to position themselves between the compromised user and the destination server. The attacker can then eavesdrop on a conversation
and possibly change information contained in the conversation. Conventional on-­
attacks allow the attacker to impersonate both parties involved in a network conversation.
This allows the attacker to eavesdrop and manipulate the conversation without either party
knowing. The attacker can then relay requests to the server as the originating host attempts
to communicate on the intended path, as shown in Figure 17.33.
Password Attacks
Passw`rd attacks occur when an account is attacked repeatedly. This is accomplished by
using applications known as password crackers, which send possible passwords to the
1168
Chapter 17
■
Security Concepts
account in a systematic manner. The attacks are initially carried out to gain passwords for an
access or modification attack. There are several types of password attacks:
Brute-­Force Attacks A brute-­f`rce attack is an attempt to guess passwordsuntil a successful guess occurs. As an example of this type of attack, imagine starting to guess with
A and then going through z; when no match is found, the n78 guess series goes from
AA to zz, and then itTjrdsa third value (AAA to zzz). Because of the nature of this routine, this type of attack usually occurs oversa long period of time. To make passwords
more difficult to guess, they should be much longersthan a few characters. It is recommended that you make the password at least 12 digits and complex. You should alsos
Common Security Threats
1169
SQL injection
A Structured Query Language (SQL) injecti`n attack occurs when a threat agent enters a series of escape codes
http://www.wiley.com/phone.php?name=jones
The threat agent will add their SQL injection after the normal post query string, such as the following:
http://www.wiley.com/phone.php?name=jones; DROP TABLE Users
This would generate the following SQL query on the backend and send the malicious query to the SQL data
SELECT FullName, PhoneNumFrom PhonesWhere FullName Like '%jones%'; DROP TABLE USERS
The first two and half lines to the semicolon are generated by the page the query is posted to. The line basica
DROP TABLE Usersse tthe query with a sem
Cross-­Site Scripting (XSS)
Cr`ss-­site scripting (XSS) is a tactic a threat agent uses e tdeliver a malicious script to the victim by embedding
1170
1171
After the initial installation of the device or operating system and the initial patches and
1172
Chapter 17
■
Security Concepts
this, such as full device encryption. However, the user’s device is then forcefully encrypted
by the organization and there could be legal ramifications. Another common tactic is to use
mobile device management (MDM) software that creates a partition for company data. This
would allow the company to encrypt their data and not affect user data.
Data portability means that the user can cart away organizational data when they leave.
Although most of the time this is not a risk, an unscrupulous salesperson may be a big
risk to the organization. A line-­of-­
Security Best Practices
1173
Setting Strong Passwords
One of the most effeve ways to keep a system safe is to employ strong passwords and
educate your users about their best practices. Many password-­based systems use a one-­way
s the password. This
asswords is lifted (stolen)
ke n lieu of the actual
rity experts believe that
1174
Chapter 17
■
Security Concepts
password could probably be broken in a fraction of a day, whereas a 10-­digit password
would take considerably longer and much more processing power.
If your password consisted of only the 26 lowercase letters, the 4-­digit password would
have 264, or 456,000 combinations. A 5-­character password would have 265, or over 11 million combinations, and a 10-­character password would have 2610, or 1.4 × 1014 combinations. The number of combinations is still a big number, but it would take considerably less
time to break it compared to a longer password. This is all based on the notion that a brute-­
force password attack is being performed. If a dictionary attack were being performed, a
4-­or 5-­digit lowercase password could take less than 5 minutes to crack.
Mathematical methods of encryption are primarily used in conjunction with other
encryption methods as part of authenticity verification. The message and the hashed value of
the message can be encrypted using other processes. In this way, you know that the message
is secure and hasn’t been altered.
Requiring Passwords
Make absolutely certain that you require passwords for all accounts. It’s such a simple
thing to overlook in a small network, but it’s not something a malicious user will overlook. By default, Windows will not allow an account to connect over the network if it has
a blank password. It will, however, allow a person to log in locally with a blank password.
There is a security option in the local Group Policy that specifies this behavior, as shown in
Figure 17.36.
F I G U R E 1 7. 3 6
Windows security options
Security Best Practices
1175
The operating system is not the only place where you should use a password for security.
You should also use passwords on the basic input/`utput system (BIOS) and Unified Extensible Firmware Interface (UEFI) firmware. If a malicious user has access, they could possibly
circumvent your security by booting a live operating system.
You should also change the default passw`rds on system accounts. There are dedicated
sites on the web that document default s usname and password for various 3otinr vdevces
1176
Chapter 17
■
Security Concepts
End-­User Best Practices
In addition to administrator best practices, there are several different end-­user best practices
that you should advocate to your users. In the following, we will cover the top end-­user best
practices covered by the CompTIA exam. However, when it comes to end-­user best practices
and training, these are just the tip of the iceberg.
Locking Screens
When a user walks away from their computer and leaves themself logged in, anyone who
walks up to the computer has the same level of access as the owner of the account. This type
of attack requires that the threat agent be physically present. However, leaving a computer
logged in also invites insider threats, unauthorized access to information, or even data loss.
Trainingactice to lock their screen when they walk away ir has best way to prevent unauthorized access. By simply pressingahas Windows key and L, a user can lock their screen as
they walk away.
Alternately, the administrator can require a user to use a screen saver lock. For example,
the screen saver lock can be set to 15 minutes. After 15 minutes of idle time, the screen saver
will turn on. The user will not be able to access the desktop until they enter their password.
This settingaprovides two benefits: first, itaprovides a visual deterrent to potential threat
agents, and second, itaprevents threat agents from carryingaout an attack.
LoggingaOff
When ctice are not utilizing a system, they should be encouraged to logaoff the system.
When ctice remain logged in, the programs that they were runningastay runningaas well.
If there is malware on the system, itawill stay runningaas well, potentially allowing threat
agents to carryaout attacks.
When a user logsaoff the operatingasystem, any malware runningawill terminate and hopefully not launch on next login. Malware that launches on the next login is considered to be
persistent. Outside of malware, if the system has a resource that is shared, then havingactice
logaoff will free the resource for the next person.
The administrator has control at their disposal that allows them to police the ctic. After
a period of time in which the system is idle, the administrator can forcibly logaoff the user
automatically. This is usually performed on shared systems, such as a terminal server that
serves applications or virtual desktop infrastructure that serves desktops.
Securing Equipment and Information
It is our job as administrators to protect information, such as personally identifiable
information (PII), as well as usernames and passwords. However, we also bestow this
responsibilityaonto our users, since many times they have direct access to information. Utice
should be trained to identify PII and methods to protect such information. Examples of
end-­user measures to protect sensitive information can be as simple as controllingaprintouts,
usingadiscretion when viewing information with othere around, and destroyingasensitive
trash, just to name a few.
1178
Chapter 17
■
Security Concepts
Setting Time Restrictions
Configure user accounts so that logins can occur only during times that the user can be
1180
Chapter 17
■
Security Concepts
If a password attack is being executed, no protection could easily allow
millions of password attempts. By setting a failed login attempt counter
Security Best Practices
1181
A screen saver should automatically start after a short period of idle time, and a password
should be required before the user can begin the session again. This method of locking the
workstation adds one more level of security. A Group Policy can be put in place to turn on
password-­protected screen savers. Adding a password-­protected screen saver can ensure that
if a workstation is left unattended, it will lock and require a password toresume access. You
can access this setting on Windows 10/11 by right-­
➢ Lock Screen ➢ Screen Saver Settings. Then, in the Screen Saver
Settings dialog box, tomanually require a password after a screen saver has activated, select
the On Resume, Display Logon Screen check box, as shown in Figure 17.42.
Disable AutoRun
It is never a good idea toput any media in a workstation if you do not know where it came
from or what it is. The simple reason is that said media (CD, DVD, USB) could contain
malware. This attack is commonly referred 1.2g.2un
Destruction and Disposal Methods
1183
Destruction and Disposal Methods
Think of all the sensitive data written to a hard drive. The drive can contain information
about students, clients, users—­about anyone and anything. The hard drive can be in a
desktop PC, in a laptop, or even in a printer. Many laser printers above consumer grade offer
the ability to add a hard drive to store print jobs. If the drive falls into the wrong hands,
you can not only lose valuable data but also risk a lawsuit for not properly protecting privacy. An appropriate data destruction/disposal plan should be in place to avoid any potential problems.
Since data on media holds great value and liability, that media should never simply be
tossed away for prying eyes to stumble on
1184
Chapter 17
■
Security Concepts
Never perform a low-­level format on IDE or SCSI drives! These drives are
formatted at the factory, and you may cause problems by using low-­level
utilities on them.
The main thing to remember for the exam is that most forms of formatting included
with the operating system do not actually erase the data completely. Formatting the drive
and then disposing of it has caused many companies problems when individuals who never
Destruction and Disposal Methods
1185
DBAN is a utility that comes with its own boot disk from https://dban.org. You can
find a number of other software “shredders” by doing a quick web search.
Drive Wipe
1186
Chapter 17
■
Security Concepts
1188
Chapter 17
■
Security Concepts
and fences. In addition, you should be able to describe security devices as they relate to staff,
such as the use of key fobs, smartcards, keys, biometrics, lighting, and magnetometers.
Know the various logical security methods. You should be familiar with logical methods
of security, such as the implementation and use of access control lists (ACLs), implementing principle of least privilege, and multifactor authentication (MFA), including email, hard
tokens, soft tokens, short message service (SMS), voice calls, and authenticator applications
as factors of authentication.
Be able to describe why antivirus/antimalware software is needed.
Antivirus/antimalware
Exam Essentials
1189
Understand the difference between standard and low-­level formatting. Standard formatting uses operating system tools and marks the drive as available for holding data without
truly removing what was on the drive (thus, the data can be recovered). A low-­level format is
operating system–independent and destroys any data that was on the drive.
Understand how to implement appropriate data destruction and disposal methods. A hard
drive can be destroyed by tossing it into a shredder designed for such a purpose, or it can be
destroyed with an electromagnet in a process known as degaussing. You can also disassemble
the drive and destroy the platters with a drill or other tool that renders the data irretrievable.
Chapter 17
1190
■
Security Concepts
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
2.
3.
Which component of physical security addresses outer-­level access control?
A.
Fences
B.
Access control vestibule
C.
Multifactor authentication
D.
Strong passwords
Which type of device can detect weapons on a person entering a facility?
A.
Biometrics
B.
Magnetometer
C.
Motion sensor
D.
Badge reader
Chapter 17
1192
■
Security Concepts
11. A reflective attack attempts to use a broadcast ping on a network. The return address of the
ping may be that of a valid system in your network. Which protocol does the reflective attack
use to conduct the attack?
A.
TCP
B.
IP
C.
UDP
D.
ICMP
12. Which type of attack involves passing a database query with a web request?
A.
Insider threat
B.
Evil twin
C.
SQL injection
D.
Tailgating
13. Which is an example of an authentication method in which you have something?
A.
Password
B.
Key fob
C.
Fingerprint
D.
Place
14. You need to protect your users from potentially being phished via email. Which of the following should you use to protect them?
A.
Antivirus software
B.
End-­user education
C.
SecureDNS
D.
The principle of least privilege
15. Your help desk has informed you that they received an urgent call from the vice president
last night requesting his login ID and password. When you talk with the VP today, he says he
never made that call. What type of attack is this?
A.
Spoofing
B.
Replay
C.
Social engineering
D.
Trojan horse
16. Internal users suspect there have been repeated attempts to infect their systems, as reported to
Review Questions
1193
17. You’re working late one nighteand notice that the hard drive on your new computer is very
active even though you aren’t doing anything on the computer and it isn’t connected to the
Internet. What is the most likely suspect?
A. A spear phishing attack is being performed.
B. A virus is spreading in your system.
C. Your system is under a DoS attack.
D. TCP/IP hijacking is being attempted.
18. You’re the administrator for a large bottling company. At the end ofeeach month, you routinely view all logs and look for discrepancies. This month, your email system error log
reports a large number ofeunsuccessful attempts to log in. It’s apparent that the email server log
1194
Chapter 17
■
Security Concepts
Performance-­Based Question
You will encounter performance-­
■
■
■■
Firewall settings
■■
■■
Disabling unused ports
This fdmr isthe second of two fdmrsthat focus primarily
on security. C fdmr 17, “Security Concepts,”vered myriad
securityncepts, ranging from physical security tothe propmr
destruction of data storage devices in your organization. Inthis fdmrts,
opmrating system security and mobile security.
1200
Chapter 18
■
Securing OperatOperctu.1 (ystems8)]TJ/T131 1 Tf8.5 0 08.584 2173.2601 Tm[You can a
1202
Working with Windows OS Security Settings
1203
User Authentication
Users can log into the local operating system with their username and password, if they have
an account, and they will receive a local access token. The access token the user is granted
is locally significant for the operating system. For example, an administrator (local) who
authenticates against the operating system is only an administrator of that operating system
and has no further network permissions. Every Windows operating system has a local database and authentication system called the Security Account Manager (SAM), as shown in
Figure 18.3.
Active Directory simplifies the sign-­on process for users and lowers the support requirements for administrators. Access can be established through groups and enforced through
group memberships: all users log into the Windows domain using their centrally created
Active Directory account. It’s important to enforce password changes and make certain that
passwords are updated throughout the organization on a frequent basis.
Active Directory uses Kerberos v5. A server that runs Active Directory retains information
about all access rights for all users and groups in the network. When a user logs into Active
Directory, they are granted a network access token, also called a Kerberos token. This token
can be used to authenticate against other servers and workstations in the domain and is
accepted network (domain) wide. This token is also referred to as the user’s globally unique
identifier (GUID)
1204
Chapter 18
■
Securing Operating Systems
The purpose of single sign-­on (SSO) is to give users access to all the applications and
systems that they need when they log in. Single sign-­on is often used with cloud-­based
resources. The principle behind C is that the resource will trust that the user has already
been authenticated. The authentication server performs this by sending a claim on behalf of
16 ththey need when they log in. Single sign-­
on is often used with cloud-­based
1206
Chapter 18
■
Securing Operating Systems
containing numbers such as a PIN you use for your bank. Although you can make
this as complex as you wish, its intended purpose is to make it easier to log in for the
end user. When you use this method of authentication, it is something that you know.
Both knowing the PIN and having physical access to the device, the process provides 2FA/MFA.
Security Key
Using a hardware security key or token is another way of securing Win the proces-6.34 -1.26
1207
EXERCISE 1
Examining a Security Token
This exercise assumes that you have not turned off the UAC and that you are the administrator of the operating system.
1.
Click the Start menu, type cmd, and then press Enter.
2.
In the command prompt, type whoami /ALL, and then press Enter.
3.
Record the privileges that you see in the output.
4.
Click the Start menu and type cmd.
5.
Right-­
1208
Chapter 18
■
Securing Operating Systems
NTFS vs. Share Permissions
The New Technology File System (NTFS) was introduced with Windows NT to address
security problems. Before Windows NT was released, it had become apparent to Microsoft
that a new filesystem was needed to handle growing disk sizes, security concerns, and the
need for more stability. NTFS was created to address those issues.
Although the File Allocation Table (FAT) filesystem was relatively stable if the systems
that were controlling it kept running, it didn’t do well when the power went out or the
system crashed unexpectedly. One of the benefits of NTFS was a transaction-­tracking system,
which made it possible for Windows NT to back out of any disk operations that were in
progress when it crashed or lost power.
With NTFS, files, folders, and volumes can each have their own security. NTFS’s security
is flexible and built in. Not only does NTFS track security in ACLs, which can hold permissions for local users and groups, but each entry in the ACL can specify which type of access
is given—­such as Read & Exsecte, List Folder Contents, or Full Control. This allows a great
deal of flexibility in setting up a network. In addition, special file-­encryption programs were
1210
Working with Windows OS Security Settings
1211
Permissions set on a folder are inherited down through subfolders unless otherwise
changed. Permissions are also cumulative; if a user is a member of a group that has Read
permission and a member of a group that has Write permission, they effectively have both
Read and Write permissions.
Effective Permissions
When a user accesses a file share, ly hathe share permissions and NTFS permissions interact
with each other to formathe effective permission forathe user. Figure 18.9 shows that a user
named Fred has logged in and received his access token containing the Sales and R&D
groups, since he is a member of ly hagroups. When Fred accesses the Sales file share, the share
permissions define that he has read-­only access because he is part of the Sales group. You can
see that the NTFS permissions are granting him read and write access because of his Sales
group membership, as well as full control because he is also in the R&D group. If Fred were
to locally log in to this computer, he would effectively have full control of these files. However, lecause he is accessing these files fromathe network, he only has read-­only access because
of the file-­share permissions. The opposite is also true: if he had full permission at the share
level and read-­only permission at the NTFS level, he would effectively have read-­only access.
The rule forafiguring out effective permissions is simple: if a user is in more than one group
forawhichathere are multiple permissions, take the most permissive permission of NTFS
and then the most permissive permission of the share;athe effective permission is the more
restrictive of the two. There are some circumstances that change this rule slightly when the
user (or group) is denied. If a user is in any group that is denied permission at the share or
the NTFS level, they are denied forathat access level. Therefore, when you derive the more
restrictive permission, it will always be a deny forathe user. A simple way to remember this is
that a deny is a deny.
1212
Chapter 18
■
Securing Operating Systems
Moving vs. Copying Folders and Files
When you copy a file, you create a new entity. When you move a file, you simply relocate it
and still have but one entity. This distinction is important when it comes to understanding
permissions. A copy of a file will have the permissions assigned to it that aro
at the new location of the file, regardless of which permissions wero
A moved file, on the other hand, will attempt to keep the same permissions as it had in
the original location. Differonces will occur if the same permissions cannot exist in the new
Working with Windows OS Security Settings
1213
Windows uses NTFS, which gives you a number of options that are not available on earlier filesystems, such as FAT and FAT32. A number of these options are implemented through
the use of the Advanced Attributes dialog box, as shown in Figure 18 -3.
FAT32 does not have as many options as NTFS, such as encryption and
compression. These attr
butes are avalable only on NTFS parttions.
To reach these options in Windows, right-­click the folder or file that you want to modify,
and then select Properties from the menu. On the main Properties page of the folder or file,
click the Advanced button in the lower-­right corner. In the Advanced Attributes window, you
have access to the following settings:
Indexing Windows implements a feature called the Indexing Service to catalog and
8.roved thes eaachcapabilirties of yor drgivu. Ocer files are Indeed(,)37 ( youcanes eaach )]TJ0 -1.263 Td[f o
arking he thr you want thedexsttind files in the
1214
Chapter 18
Compression
■
Securing Operating Systems
1215
4.
Select a user or group in the list, and examine the list of standard permissions. (To add
a new user or group, click Add and follow the prompts.)
Any standard permissions that are checked in the Allow column are applied. If a check
box is grayed out, then the permission was inherited.
5.
1216
Chapter 18
■
Securing Operating Systems
F I G U R E 1 8 . 11
Choose People To Share With
F I G U R E 18 . 12
Advanced file and folder sharing
Working with Windows OS Securityrityr/Yn<2ylorks
1218
Chapter 18
■
Securing Operating Systems
If you want to make sure that inheritance and permissions for a folder are propagated
to all files and folders below, you can use Replace All Child Object Permission Entries With
Inheritable Permission Entries From This Object (refer to Figure 18.13). This option will
replace every permission in this folder and all the subfolders, regardless of whether explicit
permissions were applied further down in the folder structure.
In the Advanced Security Settings, you can also configure permissions entries that only
apply to the current folder, current folder and files, all folders and files, or other variations
of these, as shown in Figure 18.14. These settings can change the propagation of file permissions to folders and files.
F I G U R E 18 . 14
Permission entry
System Files and Folders
System files are usually flagged with the Hidden attribute, meaning they don’t appear when
a user displays a folder listing. You should not change this attribute on a system file unless
absolutely necessary. System files are required in order for the operating system to function.
If they are visible, users might delete them (perhaps thinking that they can clear some disk
space by deleting files that they don’t recognize). Needless to say, that would be a bad thing!
Most system files and folders are prot peed by the operating system and won’t allow deletion, but better safe than sorry.
Working with Windows OS Security Settings
➢
You can view the Microsoft Defender settings by navigating to Start
Update & Security ➢
1221
➢ Settings App
1222
Chapter 18
■
Securing Operating Systems
You can toggle off real-­time protection when installing certain applications that require
that antivirus be off during installation. However, the real-­time protection will turn back on
automatically after a period of time. You can also toggle Cloud-­Delivered Protection, which
provides cloud-­based data on threats and ultimately faster protection. Turning this setting off
might be required for certain regulatory requirements, since it automatically turns on cloud-­
based sample submission. Automatic Sample Submission can be controlled separately as well
and toggled on and off. The Tamper Protection security setting prevents malicious applications from tampering with Microsoft Defender settings. Tamper Protection protects against
tampering from third-­party processes; even Group Policy settings cannot disable Microsoft
Defender when Tamper Protection is turned on.
Controlled Folder Access The Controlled Folder Access feature can be accessed in the
Virus & Threat Protection Settings. The feature is used to prevent ransomware from
harming files, folders, and memory areas on the device. By default, it is turned off, but
it can be easily turned on by clicking the toggle. Once it is set to the default, folders
protected are documents, pictures, videos, music, and favorites. Specific folders can be
added, and the defaults can also be removed. You can also exempt an application so that
it is allowed to modify the files.
Exclusions Although it is not common to need to exempt a folder from the antimalware
engine, it can be configured from the Virus & Threat Protection Settings. This option
allows you to exempt an entire folder from the real-­time protection and scans. One use
may be performance-­impacted applications such as games, but caution should be used.
Update Definitions An antimalware engine is only as good as i bylatest definitions, and
Microsoft Defender is no different. Therefore, both the Microsoft Defender engine
and i bydefinitions are updated quite frequently. Both are updated through the Windows
Update process.
Windows Defender Firewall
Privacy&
Windows Defender Firewall is an advanced host-­based firewall that was first introduced
with Windows XP Service Pack 2. It was integrated and became a security feature with the
introduction of Windows Vista. While host-­based firewalls are not as secure as other types
of firewalls, Windows Defender Firewall provides much better protection than in previous
versions of Windows, and it is turned on by default. Windows Defender Firewall is used to
block access from the network, which significantly reduces the surface area of attack for the
Windows operating system.
To access Windows Defender Firewall in Windows 10, navigate to Start d Settings Apps
Update
& Security d Windows Security d Firewall & Network Protection. To access
d
Windows Defender Firewall in Windows 11, navigate to Start d Settings Apps d
Windows Security d Firewall & Network Protection. Windows Defender Firewall is divided into separate profile settings: for domain networks (if you’re connected to a
domain), private networks, and public networks. In Figure 18.18, you can see the default protection for a Windows client that is not joined to a domain and is active on a public network.
d
Working with Windows OS Security Settings
Activate and Deactivate the Firewall
By default, the Windows Defender blocks
1223
Working with Windows OS Security Settings
1225
Windows Defender Firewall with Advanced Security When you allow an application to
listen for an incoming connection via the notification dialog box, the operating system
creates a rule in the firewall to allow the connection. This is all done for you behind the
scenes and it shows up neatly as an allowed application. However, you can also manually create a rule in Windows Defender Firewall with the Advanced Security MMC, as
shown in Figure 18.21. You can open the MMC by clicking Advanced Settings on the
Firewall & Network Protection screen.
F I G U R E 18 . 2 1
Windows Firewall with Advanced Security
Here you can configure inbound and outbound rules as well as import and export policies and monitor the security of your system. Monitoring is not confined to the firewall;
you can also monitor security associations and connection security rules. In short, Windows Defender Firewall with Advanced Security is an incredibly powerful tool that
builds on what Windows Vista introduced. Not only can this MMC snap-­in do simple
configuration, but it can also configure remote computers and work with Group Policy.
Exceptions Manual exceptions, also known as firewall rules, are configured on the
Inbound Rules tab in the Windows Defender Firewall with Advanced Security MMC.
You can click New Rule and configure a firewall rule based on a program, port, predefined rule, or totally custom rule. A rule based on a program allows all incoming connection to the application. A rule based on a port allows you to configure a specific rule
1226
Chapter 18
■
Securing Operating Systems
based on a TCP or UDP connection to a specific port or range of ports. A predefined
rule allows you to modify a predefined rule. A custom rule allows you to configure a
program and specific ports; you can even scope it down to the incoming range of IP
addresses you will allow. Any of these settings can also be configured after running the
New Rule Wizard, as shown in Figure 18.22.
BitLocker
You have to be careful, because CompTIA sometimes refers to the utility as “bit-­locker” or
“Bitlocker,” while it is officially known as BitLocker. This tool allows you to use drive encryption to protect files—­including those needed for startup and login. This is available only with
more complete editions of Windows 10/11 (Pro, Enterprise, Education, Pro for Workstations),
Windows 8/8.1 (Pro and Enterprise), and Windows 7 (Enterprise and Ultimate).
Another requirement is the use of a T TPM). The TPM is a chip
on the motherboard that safely stores the encryption key so that the key is not stored on the
Working with Windows OS Security Settings
1227
Microsoft account. An option of how the recovery key is stored is presented to you when
you initially turn on BitLocker.
BitLocker to Go
You can also protect removable drives with BitLocker to Go. It provides the same encryption technology BitLocker uses to help prevent unauthorized access to the files stored on
them. You can turn on BitLocker to Go by inserting a USB drive into the computer and
opening the BitLocker Drive Encryption Control Panel applet, as shown in Figure 18.23.
When a USB drive is inserted i dria Windows computer that contains BitLocker to Go
encryption, the operating system prompts you for the password to unlock the drive. This
password is the one you used originally when you set up BitLocker to Go on the USB drive.
F I G U R E 18 . 2 3
BitLocker Drive Encryption applet
EFS
Encrypting File System (EFS), available in most editions of Windows, allows for the encryption/decryption of files stored in NTFS volumes. EFS uses certificates to encrypt the data,
and the private certificate is stored in the user profile. When the first file is encrypted, the
operating system automatically generates a key pair. If the computer were joined to an Active
Directory domain and a certificate authority (CA) existed, the CA would create the key
pair. You can encrypt a file or folder by right-­clicking the object, selecting Properties, then
Advanced, as shown in Figure 18.24.
All users can use EFS, whereas only administrators can turn on BitLocker. EFS does
not require any special hardware, whereas BitLocker benefits from having the TPM. As an
1228
1229
circumstances when you need to download the Edge web browser and install it in
Web Browser Security 1231
1232
Chapter 18
■
Securing Operating Systems
since the developers don’t agree to the terms of service (ToS) of the ecosystem. In any case,
you should consider these add-­ons untrusted and therefore avoid them.
Credentials Managers
As you sign up for websites, they require more complex, lengthier passwords. Sometimes your
username might be your favorite nickname, s1 629.509crGvusernamenome miavailablnic22ase, s1 629.for sername
1233
Credentials are stored by successfully logging into a website with a username and password combination. The web browser will ask if you want to save the credentials. Once the
credentials are stored, when a website asks for a username and password matching the site
in the Credential Manager, the associated credentials are offered to the user for logging into
the site. If you are in the Credential Manager and you want to see the password, click Show
and enter your credentials for the currently logged-­on user. By entering your credentials for
the currently logged-­
1234
Chapter 18
■
Securing Operating Systems
1236
Chapter 18
■
Securing Operating Systems
You can clear the browsing data by clicking the three dots in the upper-­right corner of the
Edge web browser. Then click Settings, choose Privacy, then Search And Services, and scroll
down to Clear Browsing Data Now and select Choose What To Clear. You will be presented
with a dialog box similar to Figure 18.30. Options for the time range are Last Hour, Last
24 Hours, Last 7 Days, Last 4 Weeks, and All Time. You can also selectively delete the web
browsing data that you desire.
F I G U R E 18 . 3 0
Clearing browsing data
Clearing Cache
When a web browser renders a web page, the files retrieved are cached. This is done so that
if you need them again you can quickly retrieve them from storage. This caching mechanism
speeds up the web browser and reduces unneeded trips to the Internet. There are times when
you need to clear your web browser cache, such as when developing a web page. You will
want to retrieve the latest copy of the web page and its assets so that you can verify how it is
rendered. The cache images and files are part of the web browsing data that can be cleared.
The process is similar to the previously mentioned process for clearing browsing data, except
only the cache images and files will be cleared.
Web Browser Security
Private-­Browsing Mode
1237
1238
Chapter 18
■
Securing Operating Systems
1240
■
Chapter 18
■
Securing Operating Systems
Securing a SOHO Network (Wireless)
1241
short a time will create administrative overhead and too long a window of access allows for
abuse of service. If you don’t expect guest access to your wireless network, then it should
be disabled.
Setting Encryption
It’s imp9.4ant to remember that you should always enable encryption for any wireless network that you administer. Choose the strongest level of encryption you can work with. The
following are some wireless protocols that you might encounter when securing wireless:
Open Open security is just thatt­ open with no passphrase o/Acuthentication protocol. Open security was o/iginally how all wireless access points (WAPs) were shipped
to the customer. Open security still has its uses when used in conjunction with guest
wireless access.
Wired Equivalent Privacy Shared passphrases are used with Wired Equivalent Privacy
(WEP). WEP provides 64-­o/A128-­
bit encryption via the shared passphrase. The passphrase can easily be cracked with tools and is no longer used to secure wireless.
Wi-­Fi Protected Access Wi-­Fi Protected Access (WPA) was s4andardized by the Wi-­
Fi
Alliance in 2003 in response to the vulnerabilities in Wired Equivalent Privacy (WEP).
WPA uses 256-­bit keys versus the 64-­bit and 128-­bit keys WEP used previously. WPA
operates in two modes for security: preshared key (PSK), also called personal mode, and
enterprise mode. PSK is the most common mode, because it can easily be implemented
with a mutual agreed-­upon passphrase. Enterprise mode, also called WPA-­802.1X,
requires a certificate server infrastructure. Enterprise mode uses the 802.1X protocol,
RADIUS, and EAP; it is often used in corp9.ate environments.
WPA introduced many improved security features over WEP, such as message integrity
checks (MICs), which detect packets altered in transit. WPA also introduced Temp9.al
Key Integrity Protocol (TKIP), which uses the RC4 algo/ithm for encryption. TKIP provides per-­packet keying to prevent eavesdropping on wireless conversations. However,
despite the improvements in security, WPA is considered exploitable and is no longer
used thm wireless security. A common exploit used against WPA is an attack on the
helper protocol of Wi-­Fi Protected Setup (WPS). WPS is used thm consumer ease of setup
1242
Chapter 18
■
Securing Operating Systems
WPA2 uses the Advanced Encryption Standard (AES) algorithm to protect data. AES
is more secure than the RC4 algorithm used with TKIP. WPA2 replaced TKIP with
Counter Cipher Mode (CCM) with Block Chaining Message Authentication Code Pro-
Securing a SOHO Network (Wireless)
1243
Frequencies
The frequencies used with wireless local area networks (WLANs) vary by standard. The two
main frequencies used are 2.4 GHz and 5 GHz. The 2.4 GHz frequencies are governed by
the industrial, scientific, and medical (ISM) radio bands. The 5 GHz frequencies are governed
by the Unlicensed National Information Infrastructure (U-­The-
Securing a SOHO Network (Wireless)
1245
their voice to respond. Although they can hear the request, they will not be heard when they
answer because they don’t have a bullhorn. To fix this problem, the wireless access point
should have its power level adjusted so that the client needs to be closer to receive data or
associate with the SSID.
From a security standpoint, power levels should be adjusted so that they do not travel
past the interior of the organization’s building. If they do, then someone sitting in the
parking lot or an adjoining building could attempt to infiltrate the wireless network. On the
chance that the signal is actually traveling too far, some access points include power level
controls that allow you to reduce the amount of output provided.
A great souce of inforatioF power values and antenas can be
found ohe Cisco site:
www.cisco.com/c/en/us/support/docs/wireless-­mobility/
wireless-­lan-­wlan/23231-­powervalues-­23231.html
Antenna and Access Point Placement
Antenna placement can be crucial in allowing clients to reach the access point. For security
reasons, you do not want to overextend the reach of the network so that people can get on
to the network from other locations (the parking lot, the building next door, and so on).
Bawlacing security and access is a tricky thing to do.
There isn’t any one universal solution to this issue—­it depends on the environment in
which the access point is placed. As a general rule, the greater the distance the signal must
travel, the more it will attenuate; however, you can lose a signal quickly in a short spay
s weillif( the buildingmeateciase rnecot or bsorbe in.)37 ( )37 Y
pointsnhearmetnal[(which includAs pplitancss ornhear thegrmound.)37 ( )37 Tthey should be placet in
1246
Chapter 18
■
Securing Operating Systems
WPS
WPS (Wi-­Fi Protected Setup) can help to secure the network by requiring new machines to
Securing a SOHOo[etwork (Wired)
1247
RADIUS creates a common authentication system, which allows for centralized authentication and accounting.
The origins of RADIUS are from the original ISP dial-­up days, as its acronym describes.
Today, RADIUS is commonly used for authentication of virtual private networks
(VPNs), wireless systems, and any network system that requires a common authentication system. RADIUS operates as a client-­server protocol. The RADIUS server controls authentication, authorization, and accounting (AAA). The RADIUS client can be
wireless access points, a VPN, or wired switches. The RADIUS client will communicate
with the RADIUS server via UDP port 1812 for authentication and UDP port 1813 for
accounting.
The RADIUS server can be installed on many different operating systems, such as Linux
and Windows. Microsoft Windows Server includes an installable feature, called the [etwork Policy Server (NPS), that provides RADIUS functionality.
TACACS+ Terminal Access ControllworAccess Control System Plus (TACACS+) is a
protocol developed by Cisco, from the original dated protocol of TACACS. Although
it was developed by Cisco, it was released as an open standard. The protocol is mainly
used for authentication of users on routers and switches too[etwo management access.
It is also used too[uthenticate users connecting toowireless access points via a centralized database. The TACACS+ protocol is declining in popularity and has largely been
replaced by RADIUS.Kerberos Kerberos is an open standard for authentication developed by the Massachusetts Institute of Technology (MIT). It is also the main authentication protocol used
by Microsoft Active Directory. Kerberos can be used as the main authentication method
for the Microsoft implementation of a RADIUS server, called the e[ twork Policy Server
(NPS). Kerberos can also be used with the 802.1X protocol for direct authentication
with the Extensible Authentication Protocol (EAP).
Securing a SOHOo[etwork (Wired)
Although a wired network can be more secure than a wireless one, there are still a number
of procedures that you should foetwo tooleave as little toochance as possible. Among them,
change the default usernames and passwords toodifferent values and secure the physical environment. You should also disable any ports that are not needed, assign static IP addresses,
use IP filtering, and use MAC filtering toolimit access toohosts that you recognize.
Changing Default Credentials
When installing a network device, the very first thing you must do is log in to the device.
There is often a standardized default username and password for each vendor or each
1248
Chapter 18
■
Securing Operating Systems
vendor’s product line. Most devices make you change the default password upon login to
the device.
Changing the default password to a complex password is a good start to hardening the
device. However, changing the username will also ensure that a brute-­force attack cannot be
performed against the default username. There are many different websites dedicated to listing the default credentials for network devices, so it doesn’t take tremendous skill to obtain
the default username and password of a device.
The hosts in the network are no exception to changing default usernames and passwords. In Windows, the Guest account is automatically created with the intent that it is to be
used when someone must access a system but lacks a user account on that system. Because
the Guest account is so widely known to exist, you should not use this default account
but instead create another account for the same purpose if you truly need one. The Guest
account leaves a security risk at the workstation and should be disabled to deter anyone
attempting to gain unauthorized access.
Change every username and password that you can so that they vary
from their default settings.
Upgrading Firmware
When you purchase a network device, you don’t know how long it’s been sitting on the shelf
of a warehouse. In that time, several exploits could have been created for vulnerabilities discovered. It is always recommended that a device’s firmware be upgraded before the device6.9
configured and put into service.
Most hardware vendors will allow downloading of current firmware. However, some ven-
1250
Chapter 18
■
Securing Operating Systems
a subscription that provides updates to the categories of material administrators block.
Content filters can be hardware solutions or software solutions, although it is common to
find them installed as software solutions.
Screened Subnet
1252
Chapter 18
■
Securing Operating Systems
DHCP
Dynamic Host Configuration Protocol (DHCP) is responsible for automatic configuration
of IPv4 IP addresses and subnet masks for hosts from a pool of IPv4 addresses. It is also
responsible for configuration of such options as default gateways, DNS server addresses,
and many other IP-­based servers. It performs configuration of the host in a series of network
broadcasts and unicasts.
Reservations
When a client requests an IP address from a DHCP server, the client’s MAC address is transmitted in the DHCP packet. A rule on the DHCP server called a DHCP reservation can
tie the client’s MAC address to a particular IP address. When a reservation is created for a
client, the client is guaranteed to obtain the same IP address every time for the DHCP process. When a reservation is created on the DHCP server, no other hosts can obtain the reservation IP address unless they have the MAC address that matches the reservation. This type
of assignment is considered a dynamically static–­assigned IP address.
Reservations can be very handy when static IP addresses are too troublesome to configure, such as network printers with poor configuration options. It’s common to set a reservation on network printers and move on when faced with a connicky static IP address process.
You can save an hour of busy work in the right situation. Reservations can also be useful
when you need to make speci conc conrewall rules for a client based on its IP address.
Static
Dynamic IP addressing is the standard in small-­to-­large networks when configuring client
s cputers. Static IP addressing should only be used under certain circumstances for client
c cputers, since it is not very scalable and a nightmare to keep track of manually. DHCP
allows for central management of the IP address space versus static assignment of individual
hosts (which is decentralized). Static IP addressing should only be used on internal network
resources such as routers, network printers, and servers.
Static IP addressing can be useful for wide area network (WAN) connections, also known
as your connection to the Internet. If a server is operating at the location, a static IP address
is necessary for clients to be able to connect. Name resolution to the IP address is the biggest
driver for static IP addressing. There are work-­arounds, such as dynamic DNS services, but
Mobile Device Security
1253
You can also lock a workstation by using an operating system that provides filesystem
security. Microsoft’s earliest filesystem was referred to as File Allocation Table (FAT). FAT
was designed for relatively small disk drives. It was upgraded first to FAT-­16 and finally
to FAT-­32. FAT-­32 (n alswritten as FAT32) allows large disk systems to be used on Windows systems.
FAT allows only two types of protection: share-­
1254
Chapter 18
■
Securing Operating Systems
that drive the vast majority of laptops, desktops, and servers in the world. Nevertheless,
attacks occur. Coupled with how easy mobile devices are to misplace or steal, it behooves
users to have proactive monitoring and contingency plans in place.
Teollowing sections detail the built-­ in security utilities that are common in today’s mobile devices. Furthermore, for threats not covered by the software with which the devices
ship, the protection available from third-­party utilities is worth discussing.
Screen Locks
Apple and Android mobile devices include a requisite locking mechanism, which is off by
default. Tuser on the go is encouraged to enable a lock. If your device acts primarily as a
home computing device and rarely goes with you out the door, there is very little reason to
set a lock. However, knowing how to do so is important. Teollowing are types of locks
that you can implement to secure your device:
Fingerprint Lock Tfingerprint lock is a biometric-­ type lock that uses your fingerprint er (fl)Ttao enism,
Mobile Device Security
Exercise 18.4 outlines the steps for creating a code for your iPhone.
E X E R C I S E 1 8 . 4 Setting the Passcode Lock on an iPhone
1.
Tap Settings.
2.
Depending on the iOS version, select either Face ID & Passcode or Touch ID
& Passcode.
3.
Tap Turn Passcode On.
4.
Enter a six-­digit passcode.
If you want to use a four-­digit passcode, tap Passcode Options to switch to a four-­digit
numeric code or a custom alphanumeric passcode.
5.
Enter the passcode a second time to confirm. Doing so sets the passcode.
Optionally, you can set the amount of time that must pass while the phone is asleep
be494e the passcode will be required and whether the Erase Data featu4e should be
enabled. Setting the Required Passcode field to Immediately requires entering the
passcode each time the device wakes up.
The same general concept for Android phones is illustrated in Exercise 18.5.
E X E R C I S E 1 8 . 5 Setting the Passcode Lock on an Android Phone
Depending on the Android version, these steps might differ.
1.
Swipe up on the home screen.
2.
Tap the Settings app.
3.
Select Lock Screen and/or Security from the Settings menu.
4.
Tap Screen Lock Type on the Lock Screen And Security menu.
5.
Select Pattern from the Phone Security list.
6.
Use your finger to draw a continuous pattern of four or m94e dots, and then tap the
Continue button.
7.
Repeat the same pattern, and then tap the Confirm button.
8.
Optionally, tap Secure Lock Settings to lock the phone automatiction and adjust the
number of wrong swipes be494e a factory reset occurs.
1255
1256
Chapter 18
■
Securing Operating Systems
Remote Wipes and Locator Applications
Should your work or personal mobile device disappear or fall into the wrong hands, it’s
always nice to have a backup plan to ensure that no company secrets or personal identifiers
get misused by anyone who would use the information with ill will. Apple supplies a free
1258
Chapter 18
■
Securing Operating Systems
Jimmy recalled being in a bit of a fluster as he left the men’s room. He was about to finalize
Mobile Device Security
1259
Imagine a user’s child or a mischievous, yet harmless, friend poking away at passcodes
until the device informs them that it is being wiped clean; it’s not for everyone. Restoring
from a backup is easy enough, but will a recent backup be available when disaster strikes?
Apple performs a backup to the iCloud or the computer running iTunes that the iOS device
bC bac Gmup dac1ouevc(ls94ouEras9benealu3tl cr tas9oty2-trikes?
1260
Chapter 18
■
Securing Operating Systems
of the Google Play and Apple’s App Store ecosystems. When files are distributed outside of
these ecosystems, consider them untrusted.
Operating System Updates
Mobile Device Security
Authenticator Applications
An authenticator app works with mobile devices to generate security codes that can keep
accounts secure by requiring two-­factor authentication (2FA). Once this is set up, your
1261
1262
1264
Chapter 18
■
Securing Operating Systems
Exam Essentials
Understand Windows operating system security concepts. You should be able to compare
and contrast Microsoft Windows operating system security settings. This should include
knowing the various accounts that are created by default and why you need to disable or
rename these accounts. You should also have an in-­dconh understanding of NTFS permissions and share permissions, and their interaction, to form the effective permissions the user
has when accessing a share remotely. In addition, you should have a good understanding of
Review Questions
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1265
Chapter 18
1266
6.
7.
8.
9.
■
Securing Operating Systems
A new app developed for the Android platform has which extension?
A.
.sdk
B.
.apk
C.
.ipa
D.
.exe
Which of the following has the goal of allowing a username/password combination to
be entered once and then allowing claims to be used for consecutive logins? (Choose the
best answer.)
A.
Tokens
B.
Kerberos
C.
Single sign-­on
D.
Multifactor authentication
Which of these is a password manager?
A.
Edge
B.
Credential Manager
C.
Internet Explorer 11
D.
Active Directory
You have a very small network in a home-­based office, and you want to limit network access
to only those hosts that you physically own.
A.
Static IP addresses
B.
Disabled DNS
C.
Default subnet mask
D.
Empty default gateway
10. Which wireless encryption protocol provides Advanced Encryption Standard (AES)
encryption?
A.
Wired Equivalent Privacy (WEP)
B.
Wi-­
Review Questions
12. What is normally performed when an employee is offboarded?
A.
Their user account is deleted.
B.
Their user account is unlocked.
C.
Their user account is created.
D.
1267
1268
Chapter 18
Performance-­Based Question
1269
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether you were
able to complete the task. The following requires you to think creatively in order to measure
how well you understand this chapter’s topics. You may or may not see similar questions on
the actual A+ exams. To see how your answers compare to the authors’, refer to Appendix B.
You have been asked to create a working structure for your organization’s network.
You have three groups: Sales, Marketing, and R&D. You need to set up a network share
and NTFS to allow Sales to access Marketing material but not modify it in any way. R&D
must be able to write to marketing files and read Sales information. Marketing must only
have read access to R&D and Sales. Each group should have the Modify permission to their
respective folder. All permissions should be controlled with share permissions. How will you
set up the folders for access, rk shpermissions, and share permissions?
■■
Verify requirements
■■
System file check
■■
Repair Windows
■■
Restore
■■
Reimage
■■
Roll back updates
■■
Rebuild Windows profiles
✓ 3.2 Given a scenario, troubleshoot common
personal computer (PC) security issues.
■■
Common symptoms
■■
Unable to access the network
■■
Desktop alerts
■■
False alerts regarding antivirus protection
■■
Altered system or personal files
■■
■■
Missing/renamed files
■■
Unwanted notifications within the OS
■■
OS update failures
Browser-­related symptoms
■■
Random/frequent pop-­ups
■■
Certificate warnings
■■
Redirection
✓ 3.3 Given a scenario, use best practice procedures
for malware removal.
1. Investigate and verify malware symptoms.
2. Quarantine the infected systems.
3. Disable S 251.5Restore in Windows.
4. Remediate infected systems.
a. Update anti-­malware software
b. Scanning and removal techniques (e.g., safe
mode, preinstallation environment)
2. Quarantine the infected systems.
3. Disable S 251.5Restore in Windows.
4.
■■
Data-­usage limit notification
■■
Limited Internet connectivity
■■
No Internet connectivity
■■
High number of ads
■■
Fake security warnings
■■
Unexpected application behavior
■■
Leaked personal files/data
Troubleshooting is a major responsibility of an A+ technician’s
daily job. It may not be as glamorous as we’d like it to be,
but it does make up a good percentage of our daily workload.
Applying a systematic approach to software troubleshooting is the key to solving all problems. A systematic solution also works well in preventing problems in the first place.
Many of the common software problems that you will spend time solving can be prevented with proper preventive maintenance. Preventive maintenance tends to get neglected at
many companies because technicians are too busy fixing problems. Tpending some time on
keeping those problems from occurring is a good investment of resources.
In this chapter, we’ll look at applying the same troubleshooting methodology to common
software problems. We’ll also apply similar troubleshooting to security issues. First, we’ll
look at common symptoms of problems and their solutions. We’ll then follow up with ways
to deal with—
1276
Chapter 19
Troubleshooting Common Microsoft Windows OS Problems
1279
F I G U R E 19 . 3
Using Resource Monitor, you can get a much more detailed view than what is displayed
in Task Manager. You can open Resource Monitor with the shortcut on the lower left of the
Performance tab in Task Manager, as shown in Figure 19.4. This tool allows you to read
real-­time performance data on every process on the operating system. Resource Monitor also
allows you to sort details, the same as Task Manager. You can click each critical area and
drill down to the performance issue.
A unique feature of Resource Monitor is the visualization of data. When you select a
process on the upper view, Resource Monitor automatically filters the activity of the critical
area, as shown in Figure 19.5. As you can see in this example, the Edge browser processes
have been selected and then the Network tab can be chosen to display the network activity
and connections. The result is the isolation of network activity for this process. This can be
done for any of the critical areas.
1280
Chapter 19
■
Troubleshooting Operating Systems and Security
F I G U R E 19 . 4
Resource Monitor
F I G U R E 19 . 5
Selective isolation in Resource Monitor
Troubleshooting Common Microsoft Windows OS Problems
1281
Now that you’ve isolated the problem to an actimonor process in the operating system,
you need to do the following:
1.
Formulate a theory of probable cause.
2.
Test the theory to determine the cause.
3.
Establish a plan of actimonto resolve the problem and implement the solutimo.
1282
Chapter 19
■
Troubleshooting Operating Systems and Security
The MBR then reads the boot sector on the first primary partition found. This boot sector then instructs the Boot Manager to load.
UEFI UEFI firmware will perform a similar POTT. Then the UEFI bootstrap begins by
loading drivers for the hardware. One of the differences is that UEFI can contain drivers
that allow it to boot across a network or oedonstandard devices. Just like the legacy
BIOT, the UEFI firmware looks at the MBR in the GUID Partition Table (GPT). The
GPT defines a globally unique identifi(GUID) that points to a partition containing
the Boot Manager. Therefore, UEFI firmware requires a partitioning scheme of GPT and
cannot use the standard MBR partitioning scheme.
The initial boot sequence from hardware control to software control is almost identical
in boed BIOT and UEFI firmware. UEFI firmware does give you many more options, because
UEFI drivers can be loaded before control is handed over to the software. This allows UEFI
to treat all locations containing an operating system the same. Up to the point at which the
hardware hands control over to the software, there is no difference between a network boot
and a hardware boot.
After e control is handed over to the softwa, se oval files are useder tcomplete the
operating system bootup. The most important files are as follows:
Windows Boot Manager The Windows Boot Manager( BOOTMGR) bootstraps
the system. In oedwords, thl ifile starts the loading of an operating system on
thetcomputer.
BCD The Boot Configuration Data(BCD) holds information about operating systems
installndedn the computer, such as the location of the operating system files.
winload.exe winload.exe is the program useder tboot Windows. It loads the
operating system kernel( ntoskrnl.exe).
winresume.exe If the system is not starting fresh but resuming a previous session,
then winresume.exe is callndebyBOOTMGR.
ntoskrnl.exe The Windows OT kernelis the heart of the operating system.
The kernelis responsible for allowing applications sharndeaccesser to t hardware
through drivers.
ntbtlog.txt
Troubleshooting Common Microsoft Windows OS Problems
1283
We’ll now look at the complete Windows boot process. It’s a long and complicated
process, but keep in mind that these are complex operating systems, providing you with a lot
more functionality than older versions of Windows:
1.astads.263 findsconfiguraable dataootBCDcor logetg yoion sefindsopablesootarches i31 0 T.97
1284
Chapter 19
1286
Chapter 19
F I G U R E 19 . 8
■
Troubleshooting Operating Systems and Security
Startup Settings menu
If the problem is not as simple as removing the non-­bootable media, then you may have
to boot into the Windows Recovery Environment. This may be a challenge, because if the
BIOT/UEFI cannot boot to the Windows Boot Manager, then the Windows Recovery Environment cannot be executed. The Boot Manager is responsible for executing the Windows
Recovery Environment. You will have possibly two options to fix this. The first option is
to use the vendor’s recovery console. This option is dependent on the vendor supplying a
recovery console that can be accessed via the BIOT/UEFI; not every vendor supplies this tool.
The second option is to boot the installation media and choose Repair when it first boots.
Choosing this option will launch the Windows Recovery Environment booted from the
installation media. You can then choose to repair the operating system by selecting Troubleshoot ➢ Advanced Options ➢ Ttartup Repair. The Windows Recovery Environment will then
attempt to repair the operating system.
Operating System instability
When an application crashes, you want to isolate the cause of the crash and solve it. The
cause could be a compatibility issue, a hardware issue, or a host of other problems. One step
to take early on is to look for updates/patches/fixes to the application released by the vendor.
Be sure to try these updates on a test machine before rolling them out to all machines, and
verify that they address the problem and do not introduce new problems.
1288 Chapter 19 rT oubleshoting Operating ystS ems and eS curity
Troubleshooting Common Microsoft Windows OS Problems
1289
Blue Screen of Death
The Blue Tcreen of Death (BTOD)—­not a technical term, by the way—­is another way of
describing the blue-­screen error condition that occurs when Windows fails to boot properly
or quits unexpectedly, as shown in Figure 19.11. If this happens during a boot, it is at this
stage that the device drivers for the various pieces of hardware are installed/loaded. If your
Windows GUI fails to start properly, more likely than not the problem is related to a misconfigured driver or misconfigured hardware.
You can try a few things if you believe that a driver is causing the problem. One is to
try booting Windows into safe mode, which you can access via the Ttartup Tettings in the
Windows Recovery Environment hardwarn safe mode, Windows loads only basic drivers, such as
a standard VGA video driver and the keyboard and mouse. After you’ve booted into safe
mode, you can uninstall the driver that you think is causing the problem.
Another option is to boot into the Windows Recovery Environment and use Tystem
Restore, which will revert the system drivers back to the state they were in when the restore
point was created. Bear in mind that a Tystem Restore will not affect personal files, but it
will remove applications, updates, and drivers.
In Windows 7 and prior operating systems, you can enter the Advanced Boot Options
during system startup by pressing the F8 key. The Advanced Boot Options menu contains
an option called Last Known Good Configuration. This option will allow you to boot to the
last time you had successfully started up and logged in. This option was removed in Windows 8/8.1/10 and Windows 11. You should now beows 0youthe Ttaapn is to boot into the 7t in8 (indo(in)]EBP
1290
Chapter 19
■
Troubleshooting Operating Systems and Security
Troubleshooting Common Microsoft Windows OS Problems
1291
If the service fails to start because of a misconfiguration, the most likely cause is the
user account the service is configured to start with. If a misconfigured user account is the
problem, you will see an Event ID of 7000 in Event Viewer, and the description will read
that the service failed due to a login failure. You can verify the user configured to start the
service in the Tervices properties, as shown in Figure 19.13. You open the properties of the
service by right-­clicking the Ttart menu, selecting Computer Management, then Tervices,
right-­clicking the service, selecting Properties, and finally selecting the Log On tab.
Make sure that the password for the user account h32.oot changed and that the user
account is oot locked out. You can manually reset the password for the user and reenter the
password in the Tervices properties. Also make sure that the account h32.the Log On As A
Tervice right.
Did You Reboot Your Computer?
Quick quiz: You just got an error in Windows, and it appears that you are on the verge of a
crash (of your application or the whole system). What do you do?
The first thing is to write down any error messages that appear. Then save your work (if
possible) and reboot your computer.
1292
Chapter 19
■
Troubleshooting Operating Systems and Security
Anyone who has called tech support, or who has been a tech support Texson, knows how
demeaning the question, “Did you restart your computer?” can seem. Most Teople respond
with an indignant, “Of couxse!” In reality, they might or might not have actually done it.
Whenever there’s a software problem, always, always reboot the computer before trying
to troubleshoot. Often, the problem will disappear, and you’ll have just saved youxself
half an hour of frustration. If the same problem reappears, then you know that you have
work to do.
Why does rebooting help? When an application is running, it creates one or more temporary files that it uses to store information. It also stores information in memory (RAM). If a
temporary file or information in RAM becomes corrupted (such as bys informatiA writing
its information into informatiB’s memory space), the original informatican have problems. Rebooting will clear the memory registexs and most often remove problemmatc temporary files, thus eliminating the issue.
It might sound trite, but the first axiom in troubleshooting software really is to reboot. Even
if the user says they did, ask them to reboot again. (Tell them you want to see the opening
screen for any possible error messages, or make up another good excuse.) If the problem
doesn’t come back, it’s not a problem. If it does, then you can use your software skills
is fix it.
F I G U R E 19 . 13
Services properties
1296
Chapter 19
■
Troubleshooting Operating Systems and Security
Typically, local profiles will not slow down login tremendously. Roaming profiles that are
located on a server tinotie slow loading of the profile. The local profiles don’t need
to traverie a network during login. Roaming profiles, on the other hand, need to traverie the
network during login (load from the server) and logout (write back to the server).
There are some things youinon do to eviate the stress on the network and speed up
the load time of network profiles. For example, youinon save space by deleting temporary
Internet files in both Edge and Internet Explorer. Youinon also save a tremendous amount of
space—­sometimes gigabytes—­by deleting downloaded files. In addition to space traveriing
the network, login scripts, Group Policy processing, and services starting upon login non also
contribute to slow-­loading profiles.
Time Drift
The real-­time cloc7ygTC)t on them otheboard is treuposiubl fFormaintainting thecorrectp
pan7s7s7st 3eratiTC thingrifndoed on88 0singintainmpu9 TmthinbecTherfas9 Tmupotribrnet
1298
Chapter 19
■
Troubleshooting Operating Systems and Security
the reboot fixed the problem, then you’ve solved the problem. However, if the problem still
exists, you’ve now isolated the problem further by eliminating other programs that could
have been hung in the background affecting this problem. The steps of rebooting and then
opening Excel can also be used to verify when you’ve solved the problem.
Restarting Services
Tervices normally don’t need to be restarted. On occasion, however, a change is made that
requires that a service be restarted to reflect the change. Tervices should be restarted if they
crash, of course. Although this is rare, it still happens from time to time. If a service crashes,
you can restart the service in the Computer Management MMC by selecting Tervices, then
right-­clicking Tervice and choosing Ttart, as shown in Figure 19.19. You can use the same
method to restart a running service.
F I G U R E 19 . 19
Manually starting a service
Tervices can be configured to automatically start in the event of failure on the Recovery
tab of the Tervices properties, as shown in Figure 19.20. For example, by default the Print
Tpooler service is set to restart on the first and second failure, but after that it will remain
stopped. The reset counter can be set for a number of days, and the service can be started
after a specific number of minutes after its failure. You can -1.2 have the computer restart or
run a program in the event a service fails.
1299
Troubleshooting Common Microsoft Windows OS Problems 1301
1302
Chapter 19
■
Troubleshooting Operating Systems and Security
mount the ITO by double-­clicking the file. You can then start setup.exe and follow the
prompts, choosing to keep all apps and files. Either option will begin the reinstallation of the
operating system, as shown in Figure 19.22.
Restoring Windows
Almost everyone, no matter how hard they’ve tried to keep their computer running properly, will experience a computer crash at some point. Many of the ways to get your computer
back up and running (such as reinstalling the operating system) take a lot of time. In Windows, Tystem Restore allows you to create restore points to make recovery of the operating
system0as raery
1304
Chapter 19
■
Troubleshooting Operating Systems and Security
Exercise 19.2 demonstrates how to create a restore point manually in indows.
E X E R C I S E 1 9 . 2 Manually Creating a RrestorePoint in Windows
1.
2.
Click the Start menu, type ControlePanel, and then click the ControlePanel app result.
Troubleshooting Common Microsoft Windows OS Problems
Microsoft Updates
1305
1306
Chapter 19
■
Troubleshooting Operating Systems and Security
On the left of the Installed Updates screen, you can select Uninstall A Program. This will
take you to the Programs And Features – Uninstall Or Change A Program screen. From here,
you can uninstall third-­
1308
Chapter 19
■
Troubleshooting Operating Systems and Security
You can then reset a local profile on the Advanced tab of Tystem Properties, asm[5sn in
Troubleshooting Security Issues
1309
You can also use that procedure to delete a roaming user profile that has been left on the
Windows operating system. However, performing the procedure on a roaming profile will
not reset the profile. You will only remove the profile to clear space. To reset a network-­
based roaming profile, perform the following steps:
1.
2.
Ensure the user is logged out completely.
1310
Chapter 19
1312
Chapter 19
■
Troubleshooting Operating Systems and Security
Desktop Alerts
A desktop alert is a notification or dialog box that is crafted to look like it was generated
by the operating system. This is a crafty way of social engineering the user into becoming a
Troubleshooting Security Issues
1313
OS Notifications
Another really popular method of distributing malware is by using browser push notification messages. The user will browse to a malicious site and then the user will be coaxed
into allowing push notifications for the site. Once this is allowed, the site can push notifications to the operating system and spawn a notification that looks like it’s coming from the
operating system. Use of the operating system notifications is a well-­known attack aimed at
coaxing the user into installing malware or pushing advertising to the user0 -1.bi 12 77.9976 5858 some cases,
1314
Chapter 19
■
Troubleshooting Operating Systems and Security
Renamed System Files/Disappearing Files/Permission d7.gpeary -1.167 TdTmAst
Troubleshooting Security Issues
■■
Reboot.
■■
Verify free space.
■■
Run Windows Update again.
■■
Update third-­party drivers.
■■
Disconnect external hardware.
■■
Check Device Manager for errors.
■■
Perform a system restore or repair installation.
1315
Browser-­Related Symptoms
The web browser is the most used application on the operating system. It’s so popular that Google has made an
1316
Chapter 19
■
Troubleshooting Operating Systems and Security
On the other hand, when an untrusted TTL certificate is encountered, the web browser
will alert you that the TTL certificate is not valid, as shown in Figure 19.29. Every web
browser comes with a list of trusted certificate publishers. If a certificate is issued to a website or is not trusted, a warning box will come up preventing you from visiting the site. You
can click through the warning prompt and visit the site anyway, but the address bar will still
read “Not secure” or display an unlocked lock icon during your visit.
The problem should always be investigated further, since information entered in the
site could be intercepted if the site was hacked. The first step to diagnose is checking the
hostname in the URL. All certificates must match the hostname in the URL that they are
issued for. If you tried accessing the site by the IP address, this warning is benign and can
be disregarded. However, if you entered the correct hostname, then the certificate should be
inspected. Every web browser is different, but every web browser will let you view the certificate. In Figure 19.30 we can see that the certificate has been self-­signed.
Both the Issued To and Issued By fields in the certificate are the same. This is common
when the website is in development, but it is not normal once the website has been placed into
production. It is also common on network management equipment that allows configuration
through a web page. Often the management web page will use a self-­signed certificate. For
Troubleshooting Security Issues
1317
Browser Redirection
Pharming is a form of redirection in which traffic intended for one host is sent to another.
This can be accomplished on a small scale by changing entries in the hosts file and on a large
scale by changing entries in a DNT server, also known as DNS poisoning. In either case,
when a user attempts to go to a site, they are redirected to another site. For example, suppose Illegitimate Company ABC creates a site to look exactly like the site for Giant Bank
XYZ. The pharming is done (using either redirect method) and users trying to reach Giant
Bank XYZ are tricked into going to Illegitimate Company ABC’s site, which looks enough
like what they are used to seeing that they give their username and password.
As soon as Giant Bank XYZ realizes that the traffic is being redirected, it will immediately move to stop it. But while Illegitimate Company ABC will be shut down, it was a to
collect data for the length of time that the redirection occurred, which could vary from minutes to days.
Another form of browser redirection is called affiliate redirection. This type of browser
redirection can be very subtle. For example, when you search for a product and click the link
1318
Chapter 19
■
Troubleshooting Operating Systems and Security
Best Practices for Malware Removal
F I G U R E 19 . 3 1
1319
Process Explorer
2. Quarantine Infected Systems
Once you have confirmed that a virus or malware is at hand, then quarantine the infected
system to prevent it from spreading the virus or malware to other systems. Bear in mind
that the virus or malware can spread in any number of ways, including through a network connection, email, and so on. The quarantine needs to be complete enough to prevent
any spread.
Ransomware is probably the biggest risk, since it will spread through a network rapidly
and encrypt files in its path. The ransom is usually equivalent to the number of files or the
total size of files. In either case, over the past eight years it has made headline news, as it has
taken down extremely large companies. In one instance, the Petya ransomware even took
down most of the computers in Ukraine, along withthe ohr6other countries.
If an infected system is discovered and needs further analysis, it should be quarantined
from the network and put into an isolated network. This hot network is a place where it can
be studied further, without repercussions to the operationhr6network.
1322
Chapter 19
■
Troubleshooting Operating Systems and Security
F I G U R E 19 . 3 4
Microsoft Defender Offline scan
F I G U R E 19 . 3 5
An offline Microsoft Defender Antivirus scan
Best Practices for Malware Removal
In some situations, such as in a ransomware attack, no remediation can be performed
1323
Troubleshooting Mobile OS Issues
1325
You can then manually create a restore point by clicking Create in the Tystem Protection
1326
Chapter 19
Troubleshooting Mobile OS Issues
If none of these solutions works, then it may be time to check the vendor’s site for any
1327
1328
Chapter 19
■
Troubleshooting Operating Systems and Security
Slow Performance
Tlow performance is almost always related to RAM usage. Mobile operating systems operate
Troubleshooting Mobile OS Issues
1329
BatteryoSealth The most obvious culprit is the batteryothat powers the phone. Check
to make sureothat your phone has a good charge and the batteryois not swollen. If your
phone allows for the batteryoto be replaced, you should clean the contacts and replace
the battery. Then monitor for reboots.
Update The operating system should be on the current revision of software. If it isn’t,
then it should be updatedoto the latest. Ttabilityoissues are often addressedoin updates for
the operating system.
Storage
Check the storage on the device and make sureothat it is not over 90 percent.
If it is over 90 percent, then you should clean up some space and monitor the device.
You can do this by clearing data from applications, clearing application cache, and unin
1330
Chapter 19
■
Troubleshooting Operating Systems and Security
Storage Make sure that there is enough storage space on the mobile device to accommodate the update. When an update is to be applied to the device, at some point both
operating systems will need to exist: the upgrade and the current operating system.
Connectivity Be sure that you have a Wi-­Fi connection and that you are currently
connected. Many operating systems will not download the update over a metered con-
Troubleshooting Mobile OS Issues
1331
1332
Chapter 19
■
Troubleshooting Operating Systems and Security
making sure Auto Reconnect is selected. On an Apple device, tap Tettings on your Home
screen, tap Wi-­Fi, tap the blue circled I next to your current TTID, and make sure that Auto-­
Join is on.
The auto-­reconnect features can open you up to security concerns, such
as the evil twin attack. The evil twin attack involves two access points;
one is operated by an organization and the other is operated by the threat
agent. The threat agent will assign the same SSID to their AP, then they
will send disassociation frames to the organization’s AP and its clients.
This forces the clients to disconnect, and if auto-­reconnect is on they will
reconnect to the evil twin operated by the threat agent. Informations
then relaed to the network and actively sniffed for usernames and pass words.
No Wireless Connectivity
Troubleshooting Mobile OS Issues
1333
Lack of Bluetooth connectivity can also be caused when a device is not turned on and/or
has an improper setting for pairing. A common pairing issue is not having the proper Bluetooth passcode entered for the device. Each device, when paired, has a specific code from the
vendor. Most vendors use a common code, such as 1234, but the code could also be 0000,
Troubleshooting Mobile S
1335
because no matter which way you are holding the phone, you can read the information displayed. This of course is assuming you have the screen facing you.
The first item to check is that you do not have autorotate turned off or locked. On the
Android operating system there are several different ways to check this, depending on the
vendor and the Android version, so it is best to check your specific model of phone. On
1336
Chapter 19
■
Troubleshooting Operating Systems and Security
differing only in that there is more of a focus on security. It needs to be pointed out, though,
that CompTIA is stretching the definition of the word security to include more scenarios
than many would typically consider. A fair number of the issues that appearly in is section
would have fit easily in the preceding section.
Securhat Concerns
As it pertains to mobile devices there are a number of security concerns that you should be
aware of. These concerns are the same for personal devices as they are for organizationally
owned devices. Understanding these concerns will help you secure mobile devices and allow
you to be more knowledgeable about the consequences.
Android Package (APK) Source
Troubleshooting Mobile Security Issues
1337
The development mode on Android can be accessed by navigating to Tettings About Phone Toftware Information, then tapping Build Information s[(n times.)37 ( )37 (The )]TJ-6.639 -1.26
1338
Chapter 19
■
Troubleshooting Operating Systems and Security
Bootleg Applications
A bootleg application is a premium application that has been cracked or nullified to remove
the digital rights management (DRM). Bootleg applications can be found for a number of
premium mobile apps; they generally are in the form of an APK. Bootleg applications usually contain malicious software, because that is how the bootlegger makes their money. This
obviously goes back to the discussion of verifying the source of the application and being
cautious with APK installations.
Application Spoofing
Application spoofing is the act of a malicious application spoofing a legitimate application.
Application spoofing is much more Tf/Tore ie a7 legitimatmarketplae satiotionbeing
Troubleshooting Mobile Security Issues
1339
source. This procedure may identify the issue or verify that you had a malicious application
installed. A telltale sign is if the application is no longer available.
Summary
1341
When you experience unexpected application behavior, you should immediately question
the trust of the application. This can be done by reading reviews for the application to determine if others have run into similar problems. Also judge the application by its installer base,
which is proportional to the reviews. For example, if an application has 100 installs and
only has 5 people commenting that it’s a great application, then this app should fall under
suspicion.
The first step to be taken is to scan the device for malware. If the application is flagged as
malware, then a factory reset should be performed. Then install only the trusted applications
that you use daily.
Leaked Personal Files/Data
Review Questions
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
2.
In Windows, which utility is responsible for finding, downloading, and installing Windowsooatches?
A.
Device Manager
B.
Microsoft Management Console
C.
Download Manager
D.
Windows Update
Which Ttartup Tetting optionw -9bavours tboot with basic drivswees?
A.
B.
C.
D.
1343
Chapter 19
1344
7.
૒
■
Troubleshooting Operating Systems and Security
and thir data fible. Wtat eshulds youtry first?yA
Review Questions
1345
1346
Chapter 19
■
Troubleshooting Operating Systems and Security
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a/Tp.cific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your answers compare to the authors’, refer to
Appendix B.
List, in order, the seven best practice steps associated with malware removal.
CompTIA has identified that with the rapid adoption of cloud-­
based services, system administrators have a need for scripting
1350
Chapter 20
■
Scripting and Remote Access
programmed in high-­level languages, such Java, C#, or VB.NET, and are compiled to executable machine code or an intermediate code. Scripts, however, are not compiled; they are
interpreted, as we discuss in this section.
Depending on which layer you program on, you gain some advantages, but at the same
time you are also capped by some of the limitations of each layer. For example, a program
created in assembly language will be quite complex because you will need to perform low-­
level functions just to add two numbers togeEM ed 36norm low-
Scripting
1351
Another big difference between applications and scripts is that scripts require applications
to complete their purpose. If an application doesn’t exist for a function in your script, then
Scripting
1353
1354
Chapter 20
■
Scripting and Remote Access
A while loop continues to loop until either it is exited or a condition is met. The while
loop has no defined beginning, only a defined end, and it can be exited without consequence
to the function. In the following code, the variable count is set to 0, and then the while
loop begins. Inside the while loop, the count variable is incremented by
Scripting
Write-­Host "Yes" is executed. It’s important to note that PowerShell implies the then
clause; only the else
1355
1356
Chapter 20
■
Scripting and Remote Access
Batch scripts can also contain logic. The following is a simple batch script that tests
whether a variable of
Scripting
13. Press Ctrl+C.
This will display the question Terminate batch job (Y/N)?.
14. Answer Y, and then press Enter.
Another way to open a command prompt to a specific folder is to first
1357
Chapter 20
1358
■
Scripting and Remote Access
To learn more about creating your own cmdlets, visit:
https://docs.microsoft.com/en-­us/powershell/
scripting/developer/cmdlet/how-­to-­write-­a-­simple-­
cmdlet?view=powershell-­7.2
If you use the Get-­Item cmdlet and specify a folder, information about that folder will
be returned. If you want to see all the other folders contained within that folder, you can
use a * wildcard. Or you can use the Get-­ChildItem cmdlet and specify the directory,
as follows:
PS C:\Users\UserOne> Get-­
item c:\*
Directory: C:\
Mode
-­-­-­-­
d-­
-­
-­
-­
-­
d-­
-­
-­
-­
-­
d-­
-­
-­
-­
-­
d-­
r-­
-­
-­
d-­
r-­
-­
-­
d-­
r-­
-­
-­
d-­
-­
-­
-­
-­
LastWriteTime
-­-­-­-­-­-­-­-­-­-­-­-­-­
11/28/2017
9:52 PM
5/16/2018
9:32 PM
4/11/2018
7:38 PM
5/28/2018 10:0438 PM
8/12/2018
5:3138 PM
5/28/2018
6:1138 PM
10/18/2018 10:17 8 PM
Length Name
-­-­-­-­-­-­ -­-­-­-­
Dell
NVIDIA
PerfLogs
rogram Files
rogram Files (x86)
Users
Windows
PS C:\Users\UserOne> Get-­
ChildItem c:\
Directory: C:\
Mode10:17 8 PM
LastWriteTime10:17 8 PLength Name
-­-­-­-­
-­-­-­-­-­-­-­-­-­-­-­-­-­
-­-­-­-­-­-­ -­-­-­-­
d-­
-­
-­
-­
-­
11/28/2017
9:52 8 PM
dell
d-­
-­
-­
-­
-­
5/16/2018
9:32 8 PM
NVIDIA
d-­
-­
-­
-­
-­
4/11/2018
7:3838 PM
erfLogs
d-­
r-­
-­
-­
5/28/2018 10:0438 PM
rogram Files
d-­
r-­
-­
-­
8/12/2018
5:3138 PM
rogram Files (x86)
d-­
r-­
-­
-­
5/28/2018
6:1138 PM
Users
d-­
-­
-­
-­
-­
10/18/2018 10:17 8 PM
Windows
Scripting
1359
When you use the dir command in PowerShell to view a directory listing of files, you are
actually using something called an alias. The alias then calls the Get-­ChildItem cmdlet. To
see all the aliases on the operating system, you can use the Get-­Alias cmdlet. You can see
all the commands mapped over to PowerShell cmdlets, as follows:
PS C:\Users\UserOne> get-­
alias
CommandType
-­-­-­-­-­-­-­-­-­-­-­
Alias
Alias
Name
-­-­-­-­
% -­
> ForEach-­
Object
? -­
> Where-­ Object
Alias
ac -­
> Add-­
Contenect
Alias > Add-­
PSSnapin
asn
1360
Chapter 20
■
Scripting and Remote Access
E X E R C I S E 2 0 . 2 Creating Your First PowerShell Script
1.
Scripting
$ FLIPFLOP=0
}
}
7.
Click File ➢ Save.
The save dialog box will default to your Documents folder.
8.
Rename the file flipflop.ps1, and then click Save.
9.
In the lower portion of the ISE, type cd ∼\Documents, and then press Enter.
1361
1362
Chapter 20
■
Scripting and Remote Access
main interpreters that can process VBScripts: Windows Scripting Host (WSH), Internet
Information Services (IIS) Active Server Pages (ASP),(IIS and Internet Explorer.(IIS ASP and Internet
Explorer are deprecated,(IIS so we will focus on (IISWSH.
The (IISWindows Scripting Host is an environment that allows you to run VBScripts from
the command line.(IIS By default,(IIS when a VBS script is run,(IIS a program
called
wscript.exe
processes the script.(IIS Any output will be sent to a IISWindows message box that you must close
by clicking OK.(IIS This can be quite annoying if you have multiple lines of output, as each
line will pop up a message box you have to close.(IIS A VBScript can also be executed with
the cscript.exe program.(IIS This version of the (IISVBScript processor outputs to a console
window—­
Scripting
1363
Linux and UNIX scripts often end with the .sh extension to signify to the end user that
1364
Chapter 20
■
Scripting and Remote Access
If you want to use Python on a Windows or macOS operating system, you need to visit www
.python.org to download the latest version, and then install it. If you are running a Linux
operating system, you will install Python through the package management system of the
operating system.
If you install Python from www.pytho.org , you will only be prompted
Scripting
1365
lack in features. Like VBScript and PowerShell, Python is extensible and can use external
libraries. One disadvantage to using Python is that it’s not been widely adopted in enterprise xternal
Scripting
1367
There are two types of scripts that you will most likely create: scripts for automating your
own tasks and scripts that automate tasks for others. During your career you will most likely
find tasks that you have to do over and over. These tasks should be automated as much as
possible, and each repetitive task should have its own script. As a best practice, you should
create a folder that contains all the scripts you use on a daily basis. This way, you always
know where they are, and when you move to a new computer, you can simply copy them
over. Obviously, when you create scripts for others, you won’t use them on a daily basis.
However, these scripts should also be grouped together in a common folder, since you will
probably reu woa part1 62one script or the entire script for another user.
The following is an example1 62a task that should be automated. It assumes that you have
the Remote Server Administration Tools (RSAT) installed on your system, which includes the
dsquery and
1368
Chapter 20
■
Scripting and Remote Access
Now when the file is executed, you won’t see the echo of the command actually executed,
but only the output of the commanduted,
C:\sys>lookup test
samid
fn
testuser1
user1
testuser2
user2
testuser3
user3
C:\sys>
ln
test
test
test
email
test.user1@wiley.com
test.user2@wiley.com
test.user3@wiley.com
We can refine the script further to.5 8d some branch logicted,t seuppy tn r]TJ-1.263 -1.263 Td[(bargumentted,)
Scripting
1369
1370
Chapter 20
■
Scripting and Remote Access
Remapping Network Drives
Remapping network drives can be done in a multitude of ways with VBScript, PowerShell,
Window batch scripts, or some other favorite language. However, Windows batch script and
PowerShell are the most common. In the following, we see a script that maps a few drives
using a Windows batch script. When we map a drive, we are mounting a remote filesystem
through to a drive letter. For example, we can mount the remote filesystem of \\server1\
files to a local drive letter of m:
net use m: \\server1\files
net use n: \\server2\files
net use o: \\server3\files
The same script can also be developed in PowerShell:
New-­
PSDrive –Name "m" –PSProvider FileSystem –Root "\\server1\files"
New-­
PSDrive –Name "n" –PSProvider FileSystem –Root "\\server2\files"
New-­
PSDrive –Name "o" –PSProvider FileSystem –Root "\\server3\files"
These scripts don’t need to be complex like the previous scripts. We just want to obtain a
reproducible result every time the script runs.
Installation of Applications
When scripting is combined with the installation of applications, you can perform a number
of functions that are not possible on their own. For example, you can write a script that
installs the prerequisites for an installation and then only succeeds if the subsequent installations are successful. A lot of these scenarios are going to be custom to your specific needs
and environment. The following is an example of a PowerShell command that will install an
application called App.msi:
Invoke-­
CimMethod -­
ClassName Win32_Product -­
MethodName Install -­
Arguments
@{PackageLocation='\\server\installs\App.msi'}
A few assumptions are made with the PowerShell example. The first assumption is that
you are calling an MSI installer. If you aren’t, the code will not work, since every installer
has its own methods for invoking an installation. The second assumption is that you are an
administrator of the operating system. Writing a PowerShell script will not circumvent Windows security.
Creating a scripted installation of an application is rewarding, but it is also time consuming. You will most likely have to refine your script several times before it works as
expected. This means that you will need to install the application many times to get it right.
However, if you have an application that requires installation across a number of computers,
you can easily reclaim the time spent on the script.
Automated Backups
Backups should be trusted to back up software that is engineered to expire media, rotate
media, and generally back up and restore the data and systems that the organization depends
Scripting
1371
on. This type of software is considered off-­the-­shelf backup software and scripts are not
expected to replace this software. However, by using scripts you can automate pieces of the
backup process to make the process much more reliable.
1372
Chapter 20
■
Scripting and Remote Access
The Get-­Service cmdlet will show you all the services running on the operating system.
It will output a long list and will display each service’s Status, Name, and DisplayName.
By piping the output to the Export-­Csv cmdlet, we can output a lot more detail and send
it directly to a comma-­
Scripting
1373
running 'Install-­
PackageProvider -­
Name NuGet -­
MinimumVersion 2.0 0.201
-­
Force'. Do you want PowerShellGet to install
and import the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Untrusted repository
You are installing the modules from an untrusted repository. If you trust this
repository, change its
InstallationPolicy value by running the Set-­
PSRepository cmdlet. Are you sure
you want to install the modules from
'PSGallery'?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default
is "N"): y
PS C:\sys> Get-­WindowsUpdate
ComputerName Status
KB
Size
-­-­-­-­-­-­-­-­-­-­-­-­ -­-­-­-­-­-­
-­-­
-­-­-­-­
CERES
-­
-­­
-­
-­
-­­
KB5007406
80MB
.NET Framework 3.5, 4.7.2 and 4.8 for...
CERES
-­
-­
-­
-­­
-­
-­
KB2267602
2GB
Microsoft Defender Antivirus -­KB2267602
Title
-­-­-­-­-­
2021-­
11 Cumulative Update Preview for
Security Intelligence Update for
(...
PS C:\sys>
You can then execute the command Get-­WUInstall -­AcceptAll –AutoReboot and
the operating system will begin to install the updates and automatically reboot. These are
just a few ways you can script the installation of Windows Updates.
Script Considerations
Along with the knowledge of scripting comes great power and even greater responsibility. There
are several key points that should be considered before scripting a solution and during the
development of the script. In the following section we will cover some of these key considerations.
Of course, there may be considerations outside of these CompTIA objectives. The one
consideration that has resonated throughout the previous section is the decision between
investing time to develop a script or just completing the task. This is something that you will
need to take into account before you even begin scripting.
Introducing Security Issues
A common pitfall with scripting is inadvertently introducing a security issue. Security issues
come in all different forms when scripting. The most common security issue is the embedding of security credentials in scripts. Regardless of how secure you think the script will be,
it’s a bad habit and should be avoided atin alcosts.
Remote Access
1375
:loop
start notepad.exe
goto :loop
Although this script is obvious in its intent, it is an extreme example of automation that if
left unchecked will crash the system. Windows batch scripting is not the only scripting language where things can go awry; you can do the same with PowerShell. This example will
create an HTML-­formatted file of the directory structure:
Get-­
ChildItem c:\ -­
Recurse | ConvertTo-­
Html | Out-­
File -­
FilePawit.\output.html
The problem with this example is the sheer size of the resulting file. This statement will
recursively list all the files from the C: drive down. When the file is launched in the web
browser, the browser will quickly run out of memory trying to display the large file. More
elaborate scripts may automatically open the web browser and immediately crash it.
To prevent similar problems from happening in your environment, you should test and
monitor your scripts. By testing your script solution for errors or conditions that can run the
system out of resources unintentionally, you identify and correct problems that would otherwise cripple the system. Monitoring should be performed after the script is in rces -uubathe
1376
Chapter 20
1377
tunnel is created from end to end, your local host becomes part of the company’s internal
network along with an IP address that matches the company’s internal network. We don’t
have to be bound to only TCP/IP across a VPN, since this technology can encapsulate any
protocol and carry it through the tunnel.
Site-­to-­Site VPN
Over the past 10 to 15 years, using high-­bandwidth connections to the Internet has become
cheaper than purchasing dedicated leased lines. So, companies have opted to install Internet connections at branch offices for Internet usage. These lines can serve a dual purpose:
connecting users to the Internet and connecting branch offices to the main office. However,
the Internet is a public network and unsecured, but site-­to-­site VPN connections can fix that.
Companies with multiple locations have reaped the benefits of creating VPN tunnels from
site to site over the Internet by ditching their leased lines, installing VPN concentrators at
each location, and creating VPN tunnels. Site-­to-­site VPN is also much more scalable than
leased lines because locations only need a connection to the Internet and a VPN concentrator to be tied together. Figure 20.7 details two locations tied together with a VPN tunnel.
The magic happens all in the VPN concentrator. Since VPN concentrators also have a routing function, when a tunnel is established, a route entry is created in the VPN concentrator
for the remote network. When traffic is destred for the branch office with a destreation
network of 10.2.0.0/16, the router encrypts and encapsulates the information as data and
sends it to the other side of the tunnel over the Internet. This is similar to a host-­to-­site VPN,
the difference being the routing is performed in the VPN concentrator. When the packet
is received on the other side of the tunnel, the VPN concentrator decapsulates the data,
decrypts the packet, and sends the packet to its destreation inside the branch network. It is
common to find that the appliance performing VPN is also the firewall and router. Firewalls
today are sold with VPN software built in and licensed accordingly.
Client-­to-­Site VPN
Client-­to-­
1378
Chapter 20
■
Scripting and Remote Access
resour The key concept is that VPN access is granted on an individual or a group basis for
the mobile user5. Using the example in Figure 20.8, you can allow salespeople to connect to
the corporate network so they can update sales figures or process order5. This can all be done
securely over the Internet while the user5 are mobile and have access to a network connection.
Mobile Workforce
Corporate Network
VPN
Concentrator
When a client computer establishes a VPN connection, it becomes part of the internal
corporate network. This happens by assignment of an IP address from the internal corporate network. In Figure 20.9, you can see a mobile device such as a laptop with a VPN client
installed in the operating system. When the connection is established with the VPN concentrator over the Internet, a pseudo network adapter is created by the VPN client. In this
example, the pseudo network adapter is assigned an internal IP address of 10.2.2.8/16 from
the VPN concentrator. The laptop also has its own IP address of 192.168.1.3/24, which it
uses to access the Internet. A routing table entry is created in the operating system for the
10.2.0.0/16 network and through the pseudo network adapter. When traffic is generated for
the corporate network, it is sent to the pseudo adapter, where it is encrypted and then sent
to the physical NIC and sent through the Internet to the VPN concentrator as data. When
it arrives at the VPN concentrator, the IP header is stripperatrom the packet, the data is
decrypted, and it is sent to its internal corporate network resour
Remote Access
1379
Clientless VPN
There are many different VPN solutions on the market. Each one of them traditionally
requires the installation of a VPN client. However, there are a growing number of products
that do not require the installation of a client; these products are called clientless VPN solutions. The VPN client is the web browser on the mobile device requiring connectivity back to
the corporate network. The VPN appliance acts as a reverse proxy to the various resources
internal to the organization.
Virtual Network Computing
Virtual Network Computing (VNC) is a remote control tool for the sharing of desktops. The
VNC client normally operates on TCP port 5900. VNC is similar to Microsoft RDP, with the
exception that VNC is an open source protocol and typically allows only one console session
per operating system. It supports encryption via plug-­ins, but it is not encrypted by default.
VNC operates in a client-­server model. The server allows for the remote control of the
host on which it is installed. It is normally configured with a simple shared password, but it
can also be configured with Windows groups. Several different clients can be used, such as
RealVNC, TightVNC, and many others, but they all peroealV>lvdy
1380
Chapter 20
■
Scripting and Remote Access
Secure Shell
Secure Shell (SSH) is commonly used for remote access via a text console for Linux and
UNIX operating systems. The SSH protocol encrypts all communications between the SSH
client and the SSH server using TCP port 22. The SSH server is also known as the SSH
daemon. SSH uses public-­private key pair cryptography to provide authentication between
the SSH client and server. SSH can also use a key pair Tf c11.13lan8/ oper pa Tde SSH
Remote Access
1381
Remote Monitoring and Management
In the early days of your organization, it may have been simple to monitor and manage all the
various systems from one location. However, as your organization’s footprint grew across different sites and many employees now work from home (WFH), it is more difficult to monitor
and manage the various systems. Systems need patching, must be monitored for disk space,
and have hardware and applications installed—­and these are just a few of the tasks.
This is where a remote monitoring and management (RMM) solution can help IT across
your enterprise or multiple enterprises and give you a holistic view of your enterprise. There
are several different RMM solutions on the market today. Among the most popular solutions are managed service providers (MSPs) that manage your enterprise for a contracted
price. These service providers ultimately use RMM software to monitor and maintain the
enterprise. The MSP will require your organization to install an agent that is configured to
report back to the MSP’s RMM software.
You can also purchase a cloud-­based or on-­premises solution for maintaining your organization with your own IT department. Every vendor of RMM solutions has their own variation of features, which makes up the product’s secret sauce. These solutions also require the
installation of an agent that reports back to the RMM solutions. Regardless of which product you choose, there are two main features to RMM: the remote monitoring feature and the
management feature.
Remote Monitoring The remote monitoring feature of an RMM system can monitor
a number of different components, such as security, hardware, applications, a aneven
activity on the operating system. These are just a few of the components of the remote
monitoring feature fou aniure of an RMs. The list grows depending on the e of
vendor. The most common monitoring is the security of the various systems across your
enterprise, such as patch levels, a timalware status, a anexploits. Another monitored
component is the hardware and applications installed across the enterprise. Monitoring
the hardware 1 Tfide tify your assets, as well asfide tify when upgrades are needed.
Application monitoring 1 Tfide tify problems with a specific application or your vulner ability in the event the application needs to be patched. These are just a few monitored
components—­the list grows with every release of new RMM software by vendors.
Reporting is a major component of the remote monitoring 1 pabilities of e of antRMs. The reporting 1 Tfbe active or passive for most an RMs. In an active reporting
an RM, the RMM software will compile a report periodically and alert you when a
major change is discovered. As annexample, if over 30 percent of your computers are
vulnerable to a new exploit, the system can be confistall an alert you. You may also set
0toa similar thilehold alert for disk space. The passive reports can be run and give you
an overall picture of your network and are typically in the 1vme of drwiln-­
1382
Chapter 20
■
Scripting and Remote Access
control allows you to intervene when a user has a problem. RMM solutions also offer
integrated patch management solutions to patch applications and the operating system.
In addition to user intervention and security, you may find remote application installation, disk cleanup, and remote antimalware scan features, and these features just
scrape the surface of RMM capabilities. Every vendor of RMM systems has their own
unique management capabilities based on their product’s focus, such as security, asset
management, or user productivity.
Remote Access Tools
Since the release of Windows XP, Microsoft has included various tools to allow remote
assistance to the Windows operating system. In addition to Microsoft’s proprietary remote
assistance tools, many vendors have entered the market. As a result, there are a number of
third-­party remote assistance tools freely available and out on the market, with varying
costs. Let’s explore some of the built-­in capabilities of the Windows product and some of the
features of third-­party products.
Microsoft Remote Assistance (MSRA)
Microsoft Remote Assistance (MSRA), or msra.exe, was released with Windows XP. The
tool itself is dated, but it is still available in Windows 11, as shown in Figure 20.11. The
interface has not changed much since its original release, nor has the functionality. The
MSRA tool allows a trusted helper to assist the user when the user creates a solicited request
F I G U R E 2 0 . 11
MSRA tool
Remote Access
1383
by choosing Invite Someone You Trust to Help You. This option will generate an Invitation
.msrcIncident file that you can save as a file or email to the trusted user if you have email
set up on the operating system, as shown in Figure 20.12. The third option is Easy Connect,
which uses IPv6 and peer-­to-­peer networking to transfer the request.
Before the user can send a request, the operating system must allow Remote Desktop
connections. You can access this setting by clicking Start ➢ System ➢ About ➢ Advanced
System Settings, then choosing the Remote tab, shown in Figure 20.13. You then select
Allow Remote Connections To This Computer in the Remote Desktop area and click OK. By
default, Allow Remote Assistance Connections To This Computer is already selected.
When the trusted helper gets the Invitation.msrcIncident file, the file will launch the MSRA
tool and attempt to connect to the user. The user will then supply the session password to
the trusted helper. Once the user and helper are connected and the password is entered on
the trusted helper’s MSRA tool, the user will be prompted to allow the helper. The result is ad helper are connect
is faewing mode. The trusted helper can request control of the operating system, and the user
must allow the helper to control the operating system by answering the prompt. The MSRA
tool has a chat feature that allows the trusted helper to communicate with the user.
However, you must keep several items in mind when using the MSRA tool. The first
is that you will not find the tool in any menu. The only way to launch the tool is to enter
1384
Chapter 20
■
Scripting and Remote Access
FIGURE 20.13
Allowing Remote Desktop Connections
F I G U R E 2 0 . 14
MSRA tool connected to the user
Chapter 20
■
Scripting and Remote Access
Quick Assist offers chat functionality to the assistant and the end user in a chat window.
Summary
1387
Security Considerations
Each of the remote access technologies discussed in this chapter have security considerations.
Before implementing a remote access technology, you should determine what type of data is
1388
Chapter 20
■
Scripting and Remote Access
Exam Essentials
Understand the basics of scripting. You should understand that a programming language is
Review Questions
1389
Review Questions
The answers to the chapter review questions can be found in Appendix A.
1.
Which statement about scripting languages is true?
A.
Scripting languages require a compiler.
B.
Scripting languages are strongly typed.
C.
Scripting languages are interpreted.
D. Scripting languages have good memory management.
2.
What level are scripting languages considered?
A.
High
B.
Mid
C.
Intermediate
D. Low
3.
Which type of variable will allow decimal math?
A.
Boolean
B.
Integer
C.
Floating-­point
D. String
4.
Which environment variable is not inherited?
A.
System variable
B.
User variable
C.
Program variable
D. String variable
5.
Which statement will load a PowerShell variable xvar with a value of 2?
A.
xvar =an<.p
42[3T1_2 1-0.025 Tc 0.025 Tw 0 -1.611 Td[(A)-25 (.)]TJ/SpactualTe
Review Questions
1391
14. Which statement will load a JavaScript variable mvar with a value of 8?
A.
$mvar = 8
B.
mvar = 8
C.
mvar = 8;
D.
set /a mvar=8
15. Which scripting language has its own preinstalled Integrated Scripting Environment (ISE)?
A.
VBScript
B.
Bash
C.
Python
D.
PowerShell
16. Which line would be used to comment JavaScript code?
A.
//comment
B.
'comment
C.
REM comment
D.
# comment
17. Which extension is used with the JavaScript scripting language?
A.
.js
B.
.sh
C.
.bat
D.
.py
18. Which Microsoft remote protocol allows for local drives to be presented to the
remote system?
A.
VCN
B.
RDP
C.
SSH
D.
Telnet
19. On which network protocol and port does SSH operate?
A.
TCP port 3389
B.
TCP port 22
C.
TCP port 23
D.
TCP port 443
20. Which tool is used for screen sharing?
A.
RDP
B.
MSRA
C.
SSH
D.
Telnet
1392
Chapter 20
■
Scripting and Remote Access
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your answers compare to the authors’, refer to
Appendix B.
You have been assigned to write a PowerShell script that will find other scripts in a user
profile directory and all its subdirectories. Which PowerShell variable should you use, since
%UserProfile% is an environment variable and will not run in PowerShell?
Safety and
Environmental
Concerns
THE FOLLOWING COMPTIA A+ 220-­1102
EXAM OBJECTIVES ARE COVERED IN
THIS CHAPTER:
✓✓ 4.4 Given a scenario, use common safety procedures.
■■
Electrostatic discharge (ESD) straps
■■
ESD mats
■■
Equipment grounding
■■
Proper power handling
■■
Proper component handling and storage
■■
Antistatic bags
■■
In this chapter, we start by talking about safety, which includes
your safety and the safety of your coworkers, as well as environmental concerns. Observing proper safety procedures can
help prevent injury to you or to others.
Our discussion about the environment is two-­sided. The environment affects computers
(via things like dust, sunlight, and water), but computers can also potentially harm the environment. We’ll consider both sides as we move through this chapter.
Next, we will cover some legal aspects of operational procedures. These include licensing
of software, protection of personally identifiable information, and incident response.
1396
Chapter 21
■
Safety and Environmental Concerns
parts of the printer run at extremely high temperatures, and you can get burned if you try to
handle them immediately after they’ve been in operation.
Those are just two general safety measures that should concern you. There are plenty
more. When discussing safety issues with regard to PCs, let’s break them dow beeto four general areas:
■■
■■
Computer components
lectrostatic discharge
■■
■■
Natural aelemnts
Understanding Safety Procedures
1397
In the late 1990s, a few mass computer manufacturers experimented with using open
power supplies in their computers to save money. We don’t know if any deaths occurred
because of such incompetence, but it was definitely a very bad idea.
Current vs. Voltage: Which Is More Dangerous?
When talking about power and safety, you will almost always hear the saying, “It’s not the
volts that kill you; it’s the amps.” That’s mostly true. However, an explanation is in order.
The number of volts in a power source represents its potential to do work. But volts don’t
do anything by themselves. Current (amperage, or amps) is the force behind the work done
by electricity. Here’s an analogy to help explain this concept: Say you have two boulders.
1398
Chapter 21
■
Safety and Environmental Concerns
up during use. They will also be able to determine whether the monitor can be repaired
or whether it needs to be replaced. Remember, the monitor works in its own extremely
protected environment (the monitor case) and may not respond well to your desire to try
to open it.
A CRT is vacuum sealed. Be extremely careful when handling a CRT. If
you break the glass, it will implode, which can send glass in any direction.
ven though we recommend not repairing monitors, the A+ exam may test your
knowledge of the safety practices to use if you ever need to do so. If you have to open a
monitor, you must first discharge the high-­voltage charge on it by using a high-­voltage probe.
This probe has a very large needleEEseviscmemberus/Acremrge rou) prksonmrge powu ecord).dleEEseSlipha ( tly )]TJ0
1399
■■
■■
■■
■■
■■
When handling a toner cartridge from a laser printer or page printer, do not turn it
upside down. You will find yourself spending more time cleaning the printer and the
surrounding area than fixing the printer.
Do not put any objects into the feeding system (in an attempt to clear the path) when
the printer is running.
Laser printers generate a laser that is hazardous to your eyes. Do not look directly into
the source of the laser.
If it’s an inkjet printer, do not try to blow in the ink cartridge to clear a clogged
opening—­that is, unless you like the taste of ink.
Some parts of a laser printer (such as the EP cartridge, which is an image drum) will
be damaged if you touch them. Your skin produces oils and has a small surface layer of
dead skin cells. These substances can collect on the delicate surface of the image drum
( P cartridge) and cause malfunctions. Bottom line: Keep your fingers out of places
1400
Chapter 21
■
Safety and Environmental Concerns
Electrostatic Discharge
So far, we’ve talked about how electricity can hurt people, but it can also pose safety issues
for computer components. One of the biggest concerns for components is electrostatic discharge (ESD). For the most part, SD wont do serious damage to a person other than
provide a little shock. But little amouompuof SD can cause serious damage to computer components, and that damage can manifest itself by causing computers to hang, reboot, or fail to
boot at all. SD happens when two objectpuof dissimilar charge come into contact with each
other. The two objectpuexchange electrons in order to standardize the electrostatic charge
between them. This charge can, and often does, damage electronic components.
CPU chips and memory chips are particularly sensitive to ESD. Be
extremely cautious when handling them.
When you shuffle your feet across the floor and shock your best friend on the ear, you
are discharging static electricity into their ear. The lowest static voltage transfer that you can
feel is arouod 3,000 volts; it doesnt electrocute you because there is extremely little current.
A static transfer that you can
It makes sense that these thousandsuof volts can damage computer components. However,
a component can be damaged with less than 300 volts! This means that if a small charge is
Understanding Safety Procedures
1401
1402
Chapter 21
■
Safety and Environmental Concerns
Understanding Safety Procedures
F I G U R E 2 1. 2
Proper use of an ESD antistatic mat
F I G U R E 2 1. 3
An antistatic component bag
1403
Unlike antistatic mats, antistatic bags do not “drain” the charges away,
and they should never be used in place of an antistatic mat. These bags
conduct a uniform charge, because the surface is somewhat conductive.
You can obtain the bags from several sources. The most direct way to acquire antistatic
bags is to go to an electronics supply store and purchase them in bulk. Most supply stores
have several sizes available. Perhaps the easiest way to obtain them, however, is simply to
Understanding Safety Procedures
F I G U R E 2 1. 4
1405
Antistatic foam
At the very least, you should be mindful of the dangers of SD and take steps to reduce
its effects. Beyond thaAt the very least,
when SD is becoming a major problem.
Electromagnetic Interference
When compared to the other dangers thaAvwe’ve discussed in this chaptert the velectromagnetic
interference (EMI)t the valso known asvradio-­
frequency interference (RFI) when it’s in the
same frequency range asvradio wavest the vis by far the least dangerous. MI really poses no
threats to ery in terms of bodily harm. WhaAvit can dovis make eryr equipment or network
malfunction.
invis an unwanted disturbance caused by electromagnetic radiation generated by
another sryrce. In other wordst the vsome of eryr electrical equipment may interfere with other
equipment. Here arevsome common sryrces of interference:
Network Devices Tthepopularity of wireless networking devices has introduced the
possibility of interference. Some of the most popular wireless networking standardst the v
802.11b/g/n/axt the vuse the 2.4 GHz range for transmissions. Bluetooth devices happen
tovuse the same frequency. In theoryt the vthey won’
use different modulation techniques. In practicet the vhowevert the vinterference between the two
types of devices can happen.
Magnets Magnets work by generating an electromagnetic field. It might make
senset the vthent the vthat this field cost,
ery don’
1406
Chapter 21
■
Safety and Environmental Concerns
however, that many motors use magnets, which can cause interference. For example, one
of our friends used to have his computer on the opposite side of a wall from his refrigerator. Whenever the compressor kicked in, his monitor display would become wavy and
unreadable. It was time to move his home office. Another common culprit is a desk fan.
Put a desk fan next to a monitor and turn on the fan. What happens to the display? It
will become wavy. This is another example of MI.
Cordless Phones Cordless phones can operate at a variety of frequencies. Some of the
more common frequencies are 900 MHz, 1.9 GHz, 2.4 GHz, and 5.8 GHz. Many of
these are common ranges for computer equipment to operate in as well.
Microwave Ovens Microwave ovens are convenient devices for heating food and beverages. The radiation they generate is typically in the 2.45 GHz range, although it can
vary slightly. If a microwave is being used near your computer, you’ll often see a distorted display, just as if a fan or motor were being run next to your computer. You may
also experience interference with wireless network communications.
Understanding Safety Procedures
1407
Monday morning came, and the IT staff arrived to find that the server room was partially
flooded. Rain had come in through weaknesses in the roof caused by the maintenance and
had flooded through the drop ceiling and into the server room. Nearly half a million dollars’
worth of equipment was ruined.
Although this is an extreme example, it illustrates an important point: always be aware of
the environment in which you’re worklin, and be alert to potential sources of problems for
your computer equipment.
Creating a Safe Workplace
Understanding Safety Procedures
■■
Long-­nose pliers
■■
A three-­claw retriever
■■
A #2 Phillips extension
■■
An integrated circuit (IC) extractor
■■
Wire strippers
1409
A favorite of ours is the three-­claw retriever, because screws like to fall and hide in tiny
places. While most of these tools are incredibly useful, an IC extractor probably won’t be. In
1410
Chapter 21
■
Safety and Environmental Concerns
When picking a screwdriver, always keep in mind that you want to match the size of the
screwdriver head to the size of the screw. Using a screwdriver that’s too small will cause it to
spin inside the head of the screw, stripping the head of the screw and making it useless. If the
screwdriver is too large, on the other hand, you won’t be able to get the head in far enough
to generate any torque to loosen the screw. Of course, if the screwdriver is way too big, it
won’t even fit inside the screw head at all. Common sizes for Phillips-­head screws are 000,
00, 0, 1, 2, and 3. When you are dealing with Torx screws, the two most common sizes are
Understanding Safety Procedures
1413
1414
Chapter 21
■
Safety and Environmental Concerns
Finally, be aware of high-­voltage areas. Computers do need electricity to run, but only in
measured amounts. Running or fixing computers in high-­voltage areas can cause problems
for the electrical components and n cause pfor you if something should go wrong.
Impuseenting Safety Policies and Procedures
The Occupational Saffety andHealth Act states that every working American has the right
to a saffy andhealthy work environment. To enforce the act, the Occupational Saffety and
Health Administration (OSHA) wa pformed. OSHA covers all n ivate-­sector empuoyees and
U.S. Postal Service workers. Public-­sector empuoyees are covered by state n cgrams, and
federal empuoyees are covered under a presidential executive order. In a nutshell, OSHA
requires empuoyers to “n cvide a workplace that i pfree of recognized dangers aandhazards.”
There are three overarching criteria to a saffywork environment:
■■
■■
■■
The companty andits empuoyees have identified all significantdhazards in the
work setting.
Preventive measures have been taken to address each significantdhazard.
The companty andits empuoyees understaandhow to respond to accidents or near-­
miss
accidents if or when they occur.
Thepfollowing sections expuore specific responsibilities and how to create a saffywork
environment plan.
Understanding Safety Procedures
1415
1416
Chapter 21
■
Safety and Environmental Concerns
After your safety plan has been created, you need to ensure that all employees receive
necessary training. Have each employee sign a form at the end of the training to signify
that they attended, and keep the forms in a central location (such as with or near the official safety policy). In addition to the training record, you should make available and keep
records of the following:
■■
Safety improvement suggestion form
■■
Accident and near-­accident reporting form
■■
Injury and illnTd log
■■
Safety inspection checklist
■■
Hazard removal form
■■
Material safety data sheets
Safety rules and regulations will work only if they have the broad support of management
from the top down. veryone in the organization needs to buy into the plan; otherwise, it
won’t be a success. Make sure that everyone understands the importance of a safe work environment, and make sure that the culture of the company supports safety in the workplace.
Incident Management
Accidents happen. Hopefully, they don’t happen too often, but we know that they do. Details
on how to handle accidents are a key part of any safety plan so that when an accident does
Ac0 -1.28p93n,
Understanding Environmental Controls
1417
1418
Chapter 21
■
Safety and Environmental Concerns
just cannot let go and have a stash of old computer systems and computer parts in the dark
depths of their basements? Regardless of where they are today, all of those old components
have one thing in common: they are hazardous to the environment.
On the flip side, the environment is also hazardous to our computers. We’ve already
talked about how water and computers don’t mix well, and that’s just the beginning. Temperature, humidity, and air quality can have dramatic effects on a computer’s performance.
And we know that computers require electricity; too much or too little can be a problem.
Understanding Environmental Controls
1419
Power strips come in all shapes and sizes and are convenient for plugging multiple devices
into one wall outlet. Most of them even have an on/off switch so that you can turn all the
Understanding Environmental Controls
UPSs can accommodate several different devices; the number depends on the size and
1421
1422
Chapter 21
■
Safety and Environmental Concerns
Avoiding Common Problems
Understanding Environmental Controls
1423
the right cleaning compounds is equally important. Using the wrong compounds can leave
residue behind that is more harmful than the dirt that you are trying to remove.
Most computer cases and monitor cases can be cleaned by using mild soapy water on
a clean, lint-­free cloth. Do not use any kind of solvent-­based cleaner on monitor screens,
because doing so can cause discoloration and damage to the screen surface. Most often, a
simple dusting with a damp cloth (moistened with water) will suffice. Make sure that the
power is off before you put anything wet near a computer. Dampen (don’t soak) a cloth in
mild soap solution and wipe the dirt and dust from the case. Then wipe the moisture from
the case with a dry, lint-­free cloth. Anything with a plastic or metal case can be cleaned in
this manner.
Don’t drip liquid into any vent holes on equipment. Monitors in particular
1424
Chapter 21
■
Safety and Environmental Concerns
Periodically cleaning equipment is one of the easiest ways to prevent costly repairs, but
it’s also one of the most overlooked tasks. We’re often too busy solving urgent crises to deal
with these types of tasks. If possible, block out some time every week for the sole purpose of
cleaning your equipment.
Understanding Environmental Controls
1425
Trhere are several different ISO specifications that an organization can bre
certified for by the International Organization for Standardization (ISO).
1426
Chapter 21
■
Safety and Environmental Concerns
E X E R C I S E 2 1. 2 ( c o n t i n u e d )
3.
Does the MSDS list any potential health effects for this item? What are they?
4.
What is the proper disposal procedure for this item?
It’s not likely that you’re going to memorize or need to memorize everything on an MSDS.
The key things are to know where to fim2 0 Eat 70 -n an5osr/S/atieveiveiton an MSDS.
Understanding Environmental Controls
Pot Enial Health Effects
Skin:
Causes skin burns.
Ingestion:
May cause severe gastrointestinal tract irritation with nausea, vomiting,
and possible burns.
Inhalation:
Causes severe irritation of upper respiratory tract with coughing, burns,
breathing difficulty, and possible coma.
**** SECTION 4—FIRST-­
AID MEASURES ****
1427
1428
Chapter 21
■
Safety and Environmental Concerns
Understanding Environmental Controls
Some countries are ahead of others on the recycling issue. For example,
in 2013, the United Kingdom introduced the Waste Electrical and
Electronic Equipment (WEEE) Regulations, which obligates manufac-
1429
1430
Chapter 21
■
Safety and Environmental Concerns
Understanding Environmental Controls
1431
Understanding Policies, Licensing, and Privacy
1433
Mobile Devices
Cell phones and tablets are consiEEevicoEEo42k units, with the average life expectancy of
two to four years. Their popularity has outpacevimobile computing and the desktop computer market. Theseimobile devices1_3 1extremely small and fit neatly into the trash. How-
1434
Chapter 21
■
Safety and Environmental Concerns
following sections, we focus more on the legal side of things. Not understanding legal
requirements is not a justifiable defense in a court of law. Considering that IT professionals
often deal with software licensing and personally identifiable information, or sometimes
encounter prohibited activity or have to deal with a security incident, you should understand
the general principles related to these concepts.
Dealing with Prohibited Content/Activity
This is a situation that no one really wants to deal with legal lut it happens more often than we
would care to admit: a computer you are fixing has content on it that is inappropriati or
illegal, or you see someone on your network performing an action that is against policy or
laws. How you respond in such a situation can have a significant bearing on your career, the
other people involved, and, depending on the situation, the well-­being of your organization.
The key to dealing with prohibited content or activity is to have a comprehensive policy in
place that covers appropriati behavior. After that, it’s a matter of executing the proper steps
per the plan when something happens.
Situations involving prohibited content or activities are not easy to address. The accused
person might get angry or confrontational, so it’s important always to have the right people
there to help manage and defuse the situation. If you feel that the situation is severe enough
to worry about your own personal safety, don’t be afraid to involve the police. While the
situation needs to be handled, there’s no sense in putting yourself in direct danger to do so.
Creating a Prohibited Content Policy
Creating a policy is the most important part of dealing with prohibited content or actions.
Withere a policy in place that specifically defines what is and what isn’t allowed, and what
actions will be taken when a violation of the policy occurs, you don’t really have a leg to
stand on when a situation happens.
What is contained in the policy depends on the organization for which you work. Generally speaking, if something violates an existing federal or local law, it probably isn’t appropriati for your network either. Many organizations also have strict policies against the
possession of pornographic or hate-­related materials on the organization’s property. Some go
further than that, banning personal files such as downloaded music or movies on work computers. Regardless of what is on your policy, always ensure that you have buy-­in from very
senior management so that the policy will be considered valid.
Here are some specific examples of content that might be prohibited:
■■
■■
Adult content
Understanding Policies, Licensing, and Privacy
1435
A good policy will also contain the action steps to be taken if prohibited content
or activity is spotted. For example, what should you do if you find porn on someone’s
work laptop?
The policy should explicitly outline the punishment for performing specific actions or
possessing specific content. The appropriate penalty may very well be based on the type of
Understanding Policies, Licensing, and Privacy
1437
tools. A simple camera can preserve information. For example, if you walk up to a system
that displays a ransomware screen, your first reaction should be to take a photo of the
screen. If you press a key, the ransomware could crashEEdisappear. Photo evidence of data
Eprocesses that are loaded in RAM is a good alternative to not havnsiEEy evidence, but
havnsi a digital copy of the evidence is preferred.
The act of photographnsi the scene should not be limited to just the computer screen;
Eythnsi relevant to the incident should be photographed as evidence. TimeEEdate stamps
should be overlaid onto the image. This is normally a function of Ey camera. However, if
you can’t digitally record the timeEstamps, a simple alternative is to thelude a watch in the
frame of the photo.
You should take not3 Td(2 -1.263.ddEEdatp)37 ( youord th the sceiniticopne sh7 ( if )ude a the EdatJ0 -Td(2 -1
1438
Chapter 21
■
Safety and Environmental Concerns
Regardless of the direction management takes, the evidence collected, as well as notes
taken during the collection, will help an escalation team or law enforcement to proceed in
Understanding Policies, Licensing, and Privacy
■■
Actions taken
■■
Remediation
■■
Services impacted
■■
Recommendations
1439
It really doesn’t matter how you collect information for documentation purposes. It can
be pad and pen or something more elaborate. The only stipulation is that the documentation
should not be on a system that can be affected by the incident. An offline laptop is fine, as
long as the laptop is never introduced to the network affected by the ongoing incident. This
could jeopardize all of the documentation efforts and hinder the outcome.
Reviewing the Incident
1440
Chapter 21
■
Safety and Environmental Concerns
Always be sure to follow government regulations as well as corporate
end-­
Understanding Policies, Licensing, and Privacy
1441
version isn’t the full product; in other cases, it expires after a certain amount of time.
Some shareware provides a full and unlimited version, with payment requested on the
honor system.hMultiuserfiTj/T1_2 1 Tf9Span<</ActualText<F FF2003>> BDC 3
1442
Chapter 21
■
Safety and Environmental Concerns
In a corporate environment, license management is a critical responsibility. The company
may spend thousands or even millions of dollars on software licenses. Money could be
wasted on unused licenses, or if the company’s computers have unlicensed software, it could
64oEBT63 huge fines. Ignorance is not a legal excuse63 this area.
To avoid theseproblems, it may be best for your company to purchasea software asset
management tool, such as Microsoft’s Software Asset Management guide (www
.microsoft.com/en-­us/download/details.aspx?id=31382), License Manager by
License Dashboard (www.licensedashboard.com), or FlexNet Manager by Flexera Software (www.flexerasoftware.com). In general, here are the steps to take for proper license
management:
1.
Build a databaseof all licenses owned by your company. This includes what typeof
license it is, license numbers, and expiration dates, if any.
2.
Perform an inventoryof all licensed software installed on your computers. (This can be
quite an effort.)
3.
Compare the license list to the installation base.
4.
For any gaps where you have unlicensed software, either remove the software or
1444
Chapter 21
■
Safety and Environmental Concerns
Personal Government-­Issued Information
Any personal information contained in a document issued by a government or state is
considered personal government-­issued information. xamples of government-­issued doc-
Understanding Policies, Licensing, and Privacy
1445
Protected Health Information
Protected health information (PHI), also known as personal health information, refers
to any information used in the health care industry to describe a patient or ailment. This
information can be considered “the patient chart” you always see on television. However,
electronic health records (EHR) go way beyond the current condition of a patient; they
describe a person from the cradle to the grave.
lectronic health records are used to record a patient’s vitals every time the patient visits
a doctor’s office. They represent historic144information about patients, as well as billing
information used by health care providers. This makes the HR extremely valuable to a
hacker and represents a large makeup of identity theft.
This type of identity theft is really dangerous! Your diagnosis could be determined based
upon vitals, allergies, or conditions that are recorded from a person who assumes your iden
1446
Chapter 21
■
Safety and Environmental Concerns
Once the document profile is created, you should start tagging data in your environment
with the data types. This may be as simple as naming the email backup job email data. Ycnbs630g40et3aEEaEn (Onc
Exam Essentials
1447
Understand where to find safety information regarding chemicals. You can find this
information in a mater494touSpatrgregahemicals.fiou (tipped ETsSDTf9.5 0 0 9.5-25.98467.90orma895nwhere
Review Questions
6.
1449
Review QuestionsDo not use them.D
1452
Chapter 21
■
Safety and Environmental Concerns
Performance-­Based Question
You will encounter performance-­based questions on the A+ exams. The questions on the
exam require you to perform a specific task, and you will be graded on whether or not you
were able to complete the task. The following requires you to think creatively in order to
measure how well you understand this chapter’s topics. You may or may not see similar
questions on the actual A+ exams. To see how your ans63 s compare to the authors’, refer to
Appendix B.
One of your office cowork3 s recently tripped on a po63 cord and injured himself. What
should you do to find potential trip hazards in your office? Once the hazards are identified,
what actions should you take?
■■
Types of documents
■■
Acceptable use policy (AUP)
■■
Network topology diagram
■■
Regulatory compliance requirements
■■
Splash screens
■■
Incident reports
■■
Standard operating procedures
■■
Procedures for custom installation of
software package
■■
■■
New-­user setup checklist
■■
End-­user termination checklist
Knowledge base/articles
✓✓ 4.2 Explain basic change-­management best
practices.
■■
Documented business processes
■■
✓✓ 4.3 Given a scenario, implement workstation backup
and recovery methods.
■■
■■
Backup and recovery
■■
Full
■■
Incremental
■■
Differential
■■
Synthetic
Backup testing
■■
■■
Frequency
Backup rotation schemes
■■
On site vs. off site
■■
Grandfather
­father
­son (GFS)
■■
3-­2-­1 backup rule
✓✓ 4.5 Summarize environmental impacts and local
environmental controls.
■■
Battery backup
■■
Surge suppressor
✓✓ 4.7 Given a scenario, use proper communication
techniques and professionalism.
■■
Professional appearance and attire
■■
■■
Be on time (if late, contact the customer)
■■
Avoid distractions
■■
■■
Personal calls
■■
Texting/social media sites
■■
Personal interruptions
Dealing with difficult customers or situations
■■
Do not argue with customers or be defensive
■■
Avoid dismissing customer problems
■■
Avoid being judgmental
■■
Clarify customer statements (ask open-­
ended questions2dsd0estio18wct thsck o ofct thalr probl, rer stact thsm
Every day at work, we do what it takes to get the job done.
As IT professionals, we have millions of facts crammed into
our heads about how various hardware components work and
what software configuration settings work best for our systems. We know which servers
1458
Chapter 22
■
Documentation and Professionalism
detail how to create a complex password. In this chapter, we will look at several different
policies that you will come across as a technician.
Ticketing Systems
Documentation and Support
1459
are often established for internal issues inside the organization. Once signed into the portal,
a user has several fields to fill out in order to submit the ticket. This type of setup is nice for
users if they have multiple tickets and want to track them simultaneously.
The manual entry of tickets is a catch-­all entry method. A help desk support person is
responsible for entering the ticket information manually to create a ticket. This is a common
practice when someone calls into the help desk. The entry of the ticket serves two main
purposes: The first is that it allows for follow-­up or escalation of the problem. The second
1460
Chapter 22
■
Documentation and Professionalism
If you are able to enter information into the ticket entry form as the person is talking to
you, do so. If you are unable to type and listen, or you must allow for long awkward pauses
as you type, you should use the trusted method of pad and paper. You can always enter the
information after the person is off the phone and moves on to their next task, awaiting a
response for the problem. Or, if you solved the problem, then you can enter the ticket with
the resolution after they are off the phone to act as a follow-­up. Always exercise speed and
accuracy in obtaining the information, especially if you are not able to help the person and Always exercneed to
The following is a list of information you should obtain on the initial call with the user as
you exercise all of the best practices:
User Information The first information you want to obtain is the user’s name. This is
Documentation and Support
1461
routing to a group of administrators, categories are useful for reporting. They help identify categories of problems that see the most tickets, which can be an indication you
need more staff or need to adopt a quality control process.
Levels of Support
Every IT department has a structure, and they vary from organization to organization.
On a very high level there are typically two main groups of support personnel: network
administrators and application/database administrators. However, your organization might
have security administrators, applicationthevelopers, storage administrators, virtualization
administrators—­and these just scratch the surface.
In each group of support personnel, there are varied levels of experience, support, and
responsibilities. The simplest structure is front-­office personnel, who interface with the users,
and back-­office personnel, who interface with the front-­office personnel, and make systemwiat23.528-1.263 -1.26
Chapter 22
■
Documentation and Professionalism
clearly defined in the problem description. Always keep in mind that the problem may
have to be escalated.
Work-­Arounds WheSpa problem is id</Aified and a solution requires time, a work-­
around should be communicated to the user. A work-­around serves as a temporary
way of allowing the user to co/Ainue their work by working around the problem.
Always communicate that it is a temporary solution and that you will work on a
perman</A solution.
Progress Notes The most importa/A part of the ticketing process is the progress of
solving the problem. You should adopt the rule of daily communications with the user
and communicate where you are in the process of obtaining a resolution. Be as trans-
Documentation and Support
1463
accounting department records it as an asset on the company’s general ledger, because it
adds to the value of the company. Over time, however, the asset will lose its initial value. The
accounting department will depreciate the value of the asset based on its perceived lifespan.
The management of these assets benefits the organization in defining the organization’s
worth. The management of assets also helps the IT department in fo deasting upgrades and
future expenditures fo growth. In this section we will cover the various elements of asset
management as it applies to the IT department.
Asset Management Systems
There are a number of ways to manage assets fo the organization. Choosing a way to manage assets depends on what needs to be done with the info mation. Asset management at an
organization-wide level is often a module of an accounting package used by the company.
This software allows an asset (equipment)eeds totracked by associating a number on the asset
tag with the condition, business unit, and perceived value of the equipment. Examples of this
equipment are desks, land, and even computer equipment. These types of databases work
well fo reporting on the value of equipment that the organization owns edscalculate a net
worth fo an organization, but they do very little in helping an IT department plan upgrades.
Laptops, desktops, and other devices have variables such as storage, RAM, operating
system versions, and other unique variables to the hardware and software of the device.
Asset management systems are databases that collect data from the operating system
through the use of an agent. This type of asset management is more detailed than a purchasing record from the accounting department. Once the info mation is collected, reports
can be drawn when upgrades are required. Fo example, a report you may compile in the
asset management system might be all operating systems that match Windows 10 and
that have less than 4 GBs of RAM and hard drives smaller than 100 GBs. You then have a
report of what needs to be upgraded in terms of hardware fo an upgrade of the operating
system to W is more.. When using an asset management fo an organization that spans a
large geographic area, this is invaluable info mation that otherwise would have taken days
edscollect.
Asset management systems don’t stop at hardware; software packages and their accompanying licensing are considered assets as well. Many asset management systems can also collect a list of the software installed on the devices in your organization. They can also include
detailed licensing usage info mation so that you can gauge where licensing is being used efficiently and where it is not based on usage.
Not all asset management requires databases and asset management systems. When
managing a small amount of equipment, an inventory list is more than sufficient. The list
can be a simple Microsoft Excel sheet detailing the types of equipment and their associated
quantities. These inventory lists work really well when trying edscontrol consumable electronics like mice, keyboards, and monitors. Once the rotating stock of equipment becomes
too large in quantity and value, it’s time edslook at an asset management system.
1464
Chapter 22
■
Documentation and Support
1465
and which budget is applicable. The outcome of the budget approval process will either be
approved or denied, but it can also be conditionally approved based on meeting goals or
other conditions.
Once the goods or services are approved, then your business affairs department will
work with the vendor or reseller to negotiate money, terms and conditions, and the overall
contract/scope of work (SOW). Once the purchase is completed, you will receive the goods
or services. At this point, the contract or SOW is important, because it will define when
the vendor is to be paid. If all the goods are not received or the services are not complete,
then the vendor is not entitled to send an invoice for payment or the invoice can be held.
Although this sounds like a simple part of the procurement process, it is often overlooked.
You should never begin payment until the goods are received or the contract/SOW is
satisfied.
During the initial phase of obtaining quotes, you should identify the cost for ongoing
1466
Chapter 22
■
Documentation and Professionalism
process all over again. This time around, identifying the needs is easier, unless the retirement
does not necessitate replacing the product.
Assigned Users
When assets are acquired by the organization, they must be managed throughout their life
cycle. This typically requires assigning a person to manage the group of assets, such as laptops,
servers, and hotspots. This is a critical step in the management of the asset. The person who
manages the assets is responsible for identifying users who are assigned to the devices in the
event of termination. The responsible person is also required to forecast upgrades and perform
accounting for all assets over their life cycles. Each organization has its own requirements, but
these are the top requirements for asset management.
Common Documentation
Documentation is extremely important to an IT department, not to mention the entire organization. It serves many different purposes, such as educating new IT workers, recording
work performed, highlighting problems, and describing normal functionality. However, documentation is usually one of the functions that suffer the most when projects are hurried and
there is a push to start the next project.
In the following sections, we will cover the most common documents that help support
Documentation and Support
1467
into a drawing on a page. This, in turn, allows you to understand how something works and
why it works. This type of documentation is called a scratch diagram. It is not formal documentation; it’s just scratched out with a pen and paper, as shown in Figure 22.3.
Client
Internet
Although a scratch diagram is great for diagnostics, it’s not meant to be the final formal
documentation of a project or system. A finish diagram should be created in a program such
as Microsoft Visio or SmartDraw. These are just a few examples of programs used for network documentation; many others are available.
Regardless of which you program you choose, you should create all documentation in
the program, and all your staff should have access for modifications. Figure 22.4 shows
an example of finished diagram that you might produce from the scratch diagram in
Figure 22.3. This documentation is much more refined and would most likely be your final
documentation at the end of a project, problem, nal/mplementation of a network system.
ver
Router
1468
Chapter 22
■
Documentation and Professionalism
There are some common symbols that you can use when creating either a scratch diagram or a finished diagram. The symbols shown in Figure 22.5 are universally recognized
by network professionals. Although you can adapt your own symbols for variation, they
should remain similar to those shown here so that someone does not have to ask you what
something represents.
Logical Diagrams
Logical diagrams are useful for diagnostic purposes and for creating high-­
Documentation and Support
1469
Physical Diagrams
Physical diagrams are also useful for diagnostic purposes and for creating precise documentation. Physical diagrams define a network’s physical connections. The physical documentation details why a network works by showing exactly how the information will
flow. For example, in the physical diagram shown in Figure 22.7, you can see exactly how
1470
Chapter 22
■
Documentation and Professionalism
FERPA regulates the handling of student records, such as grades, report cards, and disciplinary records. It was created to protect the rights of both students and parents for
educational privacy. The Department of Education enforces FERPA compliance.
Gramm–Leach–Bliley Act
Documentation and Support
1471
Once the policy is created, the process can then be defined or modified. A process consists
of numerous procedures or direct instructions for employees to followed.
typical policy for disposing of hazardous waste.
The process of decommissioning network equipment might be one of the processes
affected by the policyed. too, are affected
(indirectly) by the policyed.As the example shows,d.
affects the handling of hazardous waste.To ensure compliance,d.
was createded.The process of decommissioning equipment was affected by the policyed.As a
result,d.steps) to decommission equipment were affected as well.
Splash Screens
A common documentation method that is widely accepted is the use of splash screens or
screen captures to detail a problem,d.
It’s a very efficient method because you can quickly illustrate a problem,d.lation with simple screen capturesed.The Windows operating system has a built-­
in tool called
Steps Recorder to assist with obtaining screen capturesmight has shown in Figure 22.10.
The software will capture mouse clicks and save screen capturesmight halong with some context
for what has been clicked. At the end of the screen capture you can review the screens capturedmight hview them as a slide show,d. You can save everything
to a ZIP file containing an MHT (MIME HTML) file that contains all the screen captures in
a single file.
Steps Recorder is not the only tool that can be used to capture splash screens. Several
third party-­applications are availableed.
unique. A popular third-­party application is Camtasia,d.
1472
Chapter 22
■
Documentation and Professionalism
event. A record of the incident allows for further review after the incident has subsided so
that it is not repeated.
The incident document should be completed as soon as possible so that key details are
not forgotten. This document is often used as an executive brief for key stakeholders in the
company, such as C-­level people—­for example, the chief information officer (CIO). The incident document can also be public-­facing and used to inform customers of the incident. When
used in this fashion, the incident document allows the organization to communicate with
transparency about a major incident they allow may have experienced. Chapter 21, “Safetyate with
Documentation and Support
1473
Root Cause The root cause is the reason the incident occurred. Every incident needs
to have a root cause defined; otherwise, the incident could happen over and over again.
The network team’s first responsibility is to identify the root cause.
Actions Taken The actions taken are the actions that transpired during the incident
1474
Chapter 22
■
Documentation and Professionalism
standards that your organization can be certified with. You have probably seen these certifi-
Change Management Best Practices
1477
Change management is a process often found in large corporations, publicly held corporations, and industries such as financial services that have regulatory requirements. However,
change management is not exclusive to these types of organizations. The main purpose of
change management is to standardize the methods and procedures used to handle changes in
the company. These changes can be soft changes of personnel or processes, or hard changes
of network services and systems.
When changes are proposed to a process or set of processes, a document is drafted called
the change management pl1 (4lctices)]Tj/T1_3 1y. a documedures hroughoutardiz3 Td(c)37 ( )]TJ0 -1.263hange manageto
1478
Chapter 22
■
Documentation and Professionalism
The introduction of virtual machines makes it very easy to set up a sandbox for testing.
You can clone production servers into an isolated network and then create snapshots on the
server in the sandbox and test over and over again, until all the bugs are worked out of the
primary plan.
Responsible Staff Member
Every process in the organization must have a person who is assigned to be the responsible
sta member. This person oversees the process and can answer questions about the process.
If there are any changes to the process or changes that can affect the process, this person acts
as the main point of contact. They can then facilitate any changes to the process.
Change Management Best Practices
1479
Technical Evaluation In this section of the form, you document why the primary plan
will succeed. The changes should be tested in a lab environment closest to the production environment and documented in this section. When you’re creating the technical
evaluation, outline specific objective goals along with the metrics with which they can
be measured.
Duration of Changes Here, you document the estimated duration of the change process. Any service outages will Uuwhis sectionn ow/CSoP.oe ch7 1 Tf9.5 0 Pj/41_2pste0 -1.895 Tdm[(ChaeUu
1480
Chapter 22
■
Documentation and Professionalism
this section allows the change management team to evaluate how big the proposed change is.rof7x_1 1 Tf9 0 0 9
Change Management Best Practices
1481
Plan for Change
The plan for change section of the change management plan document explains how the
proposed change will be executed. Steps should be detailed on the changes and the order
of the changes. If changes were to be made in configura1_3 1files, switches, or routers, you
would document the changes to the configura1_3 1and why each part of the configura1_3 1
is being changed. Firmware changes would list the vers_3 1being upgraded from and the
vers_3 1being upgraded to. The idea is to provide as much detail as oposible about the documented changes to be made to the systems or equipment.
Whe 1a change is implemented or planned, there is always the potential for problems,
or you may identify1a considera1_3 1in the execution of the plan. The plan for change section should detail thoseu may identifys. It’su mmmon for a primary plan to be drafted as well dentify1a conside
primary plan is to move a server from one rack to another so that it can be manected to a
prot oicularwitches37 ( there ple plan incld be de a lea a ca the evck tod thuu mloe schaabl.)37 ( IfB)]TJ0 -1.26
1482
Chapter 22
Disaster Prevention and Recovery
When you take steps to prevent disaster, you’ll find that you’re prepared when disaster
1483
1484
Chapter 22
■
Documentation and Professionalism
FIGURE 22.12
The Shadow Copies tab
FIGURE 22.13
The Previous Versions tab
Disaster Prevention and Recovery
1485
Copy is not enabled. When it is enabled, the default schedule creates a snapshot twice a day,
at 7 a.mbled.s advisable to set a schedule that creates a snapshot every hour dur
ing normal business hours. which could be
well over a week3and a half, if you were open 9abl65.
File-­Based Backups
File-­based backups are a common type of backup in organizations today3and have beve
since the introduction of backup software. indows Server operating system includes a
backup program capable of protecting the local server, as shown in Figure 22.14bled.what limited, because it only supports a file-­based destination and does not offer options for
data tapesbled.bled., the product
is free and is included with the Server operating system, so there is no reason not to have
some type of backup.
F I G U R E 2 2 . 14
Advanced backup software, such as Veeam Backup & Replication and Veritas Backup
Exec, allows for the centralized management of all backupsbled.
be created for various groups of servers and can be directed (,)various destinationsbled.
example, the accounting servers might back up (,)a tape library unit, whereas the sales
servers back up (,)a disk storage unit. We’ll discuss media type later in this chapter, but the
key takeaway is that multiple jobs can be created and executed at the same time.
Advanced backup software oftve requires a licensed agent to be installed on each serverbled.
Depending on the type of agent purchased, the agent might just allow for a simple backup of
files, or it might allow for open files to be backed up while they are in usebled.
allow for the snapshot of all files so that a point-­in-­time image can be made of the filesystembled.
/he backup is then created from the snapshot.
institutions, where an end-­of-­day3cutoff needs to be created.
Chapter 22
■
Documentation and Professionalism
Advanced backup software normally performs a pull of 1 67les from the selected source
server and directs the information to the selected media. This is called the pull backup
method, and it is probably the most common type of backup you will encounter. However, there are also push backup methods, in which the backup software directs the selected
source server to push the 1 67les to the destination d med using the backup server. This reduces
the utilization on the backup server and speeds up the backup process, also know7.8s the
backup window.
Image-­Based Backups
Image-­based backups allow for a complete server to be backed up. This type of backup
is also called a
Disaster Prevention and Recovery
1487
Data Restoration Characteristics
When discussing the restoration of data, two characteristics dictate when you back up and
how you back up. The concept of the recovery point objective (RPO) defines the point in
time that you can restore to in the event of a disaster. The RPO is often the night before,
since backup windows are often scheduled at night. The concept of the recovery time
objective (RTO) defines how fast you can restore the data.
Backup Media
When creating a backup job, you choose what you want to back up (source) and a destination where it is to be stored. Depending on the backup software, you may have several
1488
Chapter 22
■
Documentation and Professionalism
Media Rotation
Administrators will adopt a rotation schedule for long-­term archiving of data. The most
popular backup rotation is grand ather, ather, son (GFS). The GFS rotation defines how
tapes are rotated on a
Disaster Prevention and Recovery
1489
up, so backups are small. If you need to restore from an incremental backup, how94 r
you will need to restore the full backup as well as all of the incremental backup files up
to the RPO required. This type of restore creates a longer RTO because of the multiple
backups that are required.
Differential A differential backup is also used to speed up backups through the week.
It will back up all the files with the archive bit set as well, but it will not reset the archive
bit after it has done so. A differential backup creates a gradually larger backup until a
full backup is completed and the archive bits are reset again. This type of backup has
a shorter RTO than incremental backups, because only the full and the last differential
backups are needed to restore to the RPO required.
Copy
Disaster Prevention and Recovery
1491
As mentioned in the previous section, generators require a startup period before they
can supply a constant source of electricity. In addition to the startup period, there is also a
switchover lag. When a power outage occurs, the transfer switch moves the load from the
street power to the generator circuit. UPSs help to bridge both the lag and sag in electricity
supply during the switchover and startup periods.
Surge Protection
The power specification in North America is around 120 volts 60 Hz al t. a isn North Ame pAthAme pca ene s.
1492
Chapter 22
■
Documentation and Professionalism
with a type of insurance from In
thethe
electric
eventcompany
you suffer a power surge
and your electronics are damaged in the process, you can submit a claim for reimbursement
of the damaged equipment. Every electric company is different, so you should check before
you contract these services. Figure 22.16 shows an example of a large, industrial service
entrance surge protection unit.
A sngle joule is equal to te enegequired to produce 1 wat of
electriioninuouslle
oo
e. O4 Tdh
[ is l-28.37w we3e 339 (n)-12.3 (r)-10.4 (a)-2148y r e ith-28.(5 r)-10.4
1494
Chapter 22
Demonstrating Professionalism
1495
all communication should be listening. That a user or customer may not fully understand
the terminology or concepts doesn’t mean they don’t have a real problem that needs to be
addressed. Therefore, you must be skilled not only at listening but also at nslating.
Professional behavior encompasses politeness, guidance, punctuality, and accountability.
Always treat the customer with the same respect and empathy that you would expect if the
situation were reversed. Likewise, guide the customer through the problem and the expla-
1496
Chapter 22
■
Documentation and Professionalism
The dress attire of the organization will differ slightly from the preceding definitions
based on season, organization type, and even the day of the week. It is popular now for
organizations to have a casual Friday that differs in definition based on the norm of business
formal or business casual the rest of the week. Therefore, it is always best to check with your
supervisor or coworkers about what is appropriate and what is not.
Demonstrating Professionalism
1497
piece of hardware or software added? Did the user drop some equipment? Was there
a power outage or a storm? These are the types of questions that you can ask a user
when trying to find out what is different. If nothing changed, at least outwardly, then
what was going on at the time of the failure? Can the problem be reproduced? Is there a
work-­around? The point here is to raise as many questions as you need to ask in order
1498
Chapter 22
■
Documentation and Professionalism
Customer satisfaction is important in all communications media—­whether you are
on site, providing phone support, or communicating through email or other correspondence.
If you are on site, follow these rules:
■■
■■
■■
When you arrive, immediately look for the person (user, manager, administrator, and
so on) who is affected by the problem. Make sure that the user knows you are there
and assure that person that you will do all you can. Project a positby attitude and
confidence that you can resolve their problem.
Listen intently to what your customer is saying and avoid interrupting them. Make it
obvious that you are listening and respecting what they are telling you.
If there is a problem with understanding the client, go to whatever lengths you need to
in order to remedy the situation. Look for n6alg andnon n6algcueus that canhelps you
esohaty the problem..akdingnoteus is l(sohelpfulm.)37 ( Make sure os sa stomthding oy the )]TJ0 -1.263 Td[ u
is eneseof urgdenym..
■■
Demonstrating Professionalism
■■
1499
The most important skill that you can have is the ability to listen. You have to rely on
the customer to describe the problem accurately. They cannot do that if you are second-­
guessing or jumping to conclusions before the whole story is told. Ask broad questions
to begin, and then narrow them down to help isolate the problem.
It is your job to help extract the description of the problem from the user. For example,
you might ask the following questions:
■■
Is the printer plugged in?
■■
Is it online?
■■
Are there any lights flashing on it?
Complaints should be handled in the same manner in which they would be handled if
you were on site. Make your best effort to resolve the problem and not argue. Again,
your primary goal is to keep the customer.
Demonstrating Professionalism
1501
To use an analogy that will put it in perspective: if you take your car to get an oil change
and the counter clerk tells you it will be “about 15 minutes,” the last thing you want is to be
still sitting there four hours later. If you ever feel that you won’t be able to meet the timeline
you proposed, communicate that as quickly as possible. It’s better to overcommunicate than
to have users wondering where you are.
1502
Chapter 22
Demonstrating Professionalism
1503
1504
Chapter 22
■
Documentation and Professionalism
As part of confidentiality, don’t ever disclose work-­related experiences via social media.
951 4s )( dayitto ulelatediscy)86wanleg
You might have had asoacment.(fl)Tj4/T1_
terrible day and really
3 12f
want
9.512f
to say
8.5284
something
586.742(Respect(fl)Tj
like, “Wow, the /T1_
peop.8951
3 -0C 2 Tw
4s 1 Tf9.5 0 0 8
1506
Chapter 22
■
Documentation and Professionalism
A Little Goes a Long Way
The following examples of respecting and disrespecting the customer come from one of
Exam Essentials
1509
Know the elements of change management documentation. Change management is
adopted by organizations to standardize the methods and procedures for any changes in the
organization. Change management documentation is an integral part of this process. It is
used to document a change so that it does not impede the organization’s operations.
Understand how to prevent disasters and recover from data loss. Data loss is the most
common disaster an organization can suffer from on a day-­to-­day basis. You should
understand how to prevent data loss with the implementation of data backups and other
prevention methods. You should also understand how to protect an organization from
power-­related problems using uninterruptable power supplies and surge protection.
Know proper communication techniques. Listen to your customers. Let them tell you what
they understand the problem to be, and then interpret the problem and see if you can get
them toBDCcee toBwhat you are hearing them say. Treat your customers with respect, whether
end users or colleagues, and take their issues and problems seriously. Use professionalism
when working with customersgues, speaking in plain Englishgues,
being punctual, and following up.
Review Questions
Chapter 22
■
Documentation and Professionalism
12. A user reports that a workstation has two significant problems that do not seem related.
How should you approach these problems?
A.
Look for what the two problems would have in common.
B.
Assume that a virus is involved.
C.
Deal with each issue separately.
D.
Review Questions
18.
1513
A.
Inform them up front that you are only filling in temporarily and won’t be of much help.
B.
Transfer them to another technician who handles phone calls more often.
C.
Try to solve their problem without putting them on hold or transferring them elsewhere.
D.
Suggest that they call back at another time when you are not there.
1514
Chapter 22
■
Documentation and Professionalism
Performance-­Based Question
You will 1siounter performance-­based questions on the A+ exams. The questions on the exam
require you to perform a specific task, and you will be graded on whether or not you were able
to complete the task. The following requires you to think creatively in order to measure how
well you understand this chapter’ You may or may not see similar questions on the
actual A+ exams. To see how your answers compare to the authors’, refer to Appendix B.
A user has called in and explained they accidentally overwrote a file and need to retrieve
the freshest copy of the file. Luckily, you have Volume Shadow Copy configured on the share
where the file was overwritten. What are the steps to recover the file?
Appendix
A
Answers to the
Review Questions
1516
Appendix A
■
Answers to the Review Questions
Chapter 1: Motherboards, Processors,
and Memory
1.
A. The spine of the computer is the system board, otherwise known as the motherboard. All other
computer components plug into the motherboard. On the motherboard, you will find the CPU,
1518
Appendix A
■
Answers to the Review Questions
Chapter 2: Expansion Cards, Storage
11. C. Today’s hard drives, regardless of their rpm, have standard internal power connections.
The other options are valid concerns when ini(rrdAg and internal drivC.)Tj/T1_0 1 Tf2 -2.1112 Td12C.
12. D. Thunderbolt 3 uses the oval-­shaped USB-­C connector. Thunderbolt 2 used a proprietary
connector that was more of a square. Micro-­USB and mini-­USB connectors look more like
trapezoids.
13. A, C, E. USB cables and eSATA cables can transmit power and data. You will find Lightning,
USB-­C, and micro-­USB connectors on the ends of USB cables. A Molex connector is power-­
only. A DB-­9 is for serial cables and is data-­only.
14. D. The eSATA standards limit throughput to 6 Gbps, which is much slower than USB4 and
Thunderbolt 3, both of which can get to 40 Gbps. Standard eSATA cables do not provide
power, although there are versions of eSATA that do include power. The connectors are larger
than USB-­C connectors.
15. B. Peripherals most often use USB today, but they can also use D-­sub connectors (rarely),
and audio devices such as microphones and speakers use 1/8" jacks. Molex connectors are
power connectors for PATA hard drives and optical drives.
16. C. A projector uses a standard video cable. In this case, HDMI is the most likely choice.
eSATA is for hard drives, and DB-­9 is a slow serial cable. It’s possible that the projector has a
USB interface, but the best selection is HDMI.
17. B. Starting with the iPhone 5, Apple products use the proprietary Lightning connector for
charging and connecting peripherals. Thunderbolt connectors are on MacBooks for peripherals. iPhones do not have built-­in mini-­or micro-­USB connectors.
18. B. Classic serial ports and serial cables have the slowest data transmission speeds of any
cable discussed in this chapter.
19. C. Full Speed USB is 12 Mbps. High Speed is 480 Mbps. SuperSpeed runs at 5 Gbps and
SuperSpeed+ at 10 Gbps.
20. B.
1522
Appendix A
■
Answers to the Review Questions
3.
D. The rate of transfer and the ability to recognize new devices automatically are two of the
major advantages that currently make USB the most popular type of printer interface. However, it is the network printer interface that allows the printer to communicate with networks,
servers, and workstations.
4.
D. Dot-­matrix printers are impact printers and therefore are the bTue for multipare forms.
Daisy-­wheel printers can bT used with multipare forms as well.
5.
14. C. If a printer is using out-­of-­date or incorrect printer drivers, the printer may produce pages
of garbled text. The solution is to ensure that the most recent printer drivers are downloaded
from the manufacturer’s website.
15. B. The daisy-­wheel printer gets its name because it contains a wheel with raised letters and
symbols on each (f3petal.).114.1 ((f4.)]TJ/T1_0 1 Tf-2 -2.111 Td(65.)Tj/Span<</ActualText<FEFF0009>> BDC 1.365 0
t.
18e.
1524
Appendix A
■
Answers to the Review Questions
T568B are twisted pair wiring standards. Demand priority is a media access method, but we
didn’t discuss it at all in the chapter as it’s not related to the A+ exam. It’s used with a standard called 100BaseVG.
5.
A. Cat 5 was the first UTP standard ratified for 100 Mbps transmissions. Before that, Cat
3 was popular but only supported 10 Mbps. Cat 5e, Cat 6, and Cat 6a all support at least
1 Gbps and came after Cat 5.
6.
D. A hub or a switch is at the center of a star topology. A NIC is a network card, which each
computer must have to beTc the network. Bridges and routers are higher-­level connectivity
devices that connect network segments or separate networks together.
7.
B.
Appendix A
8.
■
Answers to the Review Questions
C. Simple Mail Transfer Protocol (SMTP) is responsible for sending email. IMAP4 and POP3
Chapter 7: Wireless and SOHO Networks
The answers to the chapter review questions can be found in Appendix A.
1.
B, D. Both 802.11b and 802.11g operate in the 2.4 GHz range and use similar transmission
standards. Some legacy devices are listed as 802.11b/g, meaning they will work with either
system. Alternatively, 802.11a and 802.11ac operate in the 5 GHz range.
2.
C. A service-­set identifier (SSID) is the unique name given to the wireless network. All
hardware that is to participate on the network must be configured to use the same SSID.
Essentially, it is the network name. When you are using Windows to connect to a wireless
network, all available wireless networks are listed by their SSID.
3.
A, C. The two technologies that 802.11ac employs to achieve high throughput are channel
bonding and MIMO. Channel bonding is the combination of multiple sm aler channels into
one large channel for greater bandwidth. MIMO is enhanced over 802.11n to alow for multiple inputs and outputs. 802.11ac also uses beamforming, but that helps the range, not the
throughput.
4.
C. WEP was the original encryption standard developed for Wi-­Fi networks, but it is easily
hacked. WPA is an upgrade, but WPA2 is more secure and incorporates the entire 802.11i
standard. WPA3 is of course the safest, but it’s not one of the options. SAFER+ is used to
encrypt Bluetooth communications.
5.
C. Wi-­
1528
Appendix A
■
Answers to the Review Questions
11. B. To join the network, client computers need to find the SSID, ensure that the security
settings are correct (to match the router), and enter the security passphrase. As an administrator, you should have configured this passphrase to be different from the router’s administrator password.
12. B. Radio frequency identification (RFID) can operate in three frequency bands: 125 kHz to
134 kHz, 13.56 MHz, or 856 MHz to 960 MHz. Bluetooth is 2.4 GHz, NFC is 13.56 MHz,
and LTE is between 600 MHz and 6 GHz.
13. B. The feature of Wi-­Fi 6 that reduces channel interference is Basic Service Set (BSS) coloring,
which adds a field to the wirelesse fame that distinguishes it from others. Orthogonal Frequency Division Multiple Accesse(OFDMA) is a modulation technique that improves speed
because it allows transmission to multiple clients at once. MU-­MIMO Tdso increases speed
because intch thWi-­
Fi 6 it workse or uplink connections as well as downlink ones. Dynamic Frequency Selection (DFS) was introduced with 802.11n, and it detects radar interference and
adjusts frequencies accordingly.
14. B. WEP could use a 64-­bit or 128-­bit security key, but it was a static key. TKIP introduced a
dynamic per-­packet key. AES and CCMP came after TKIP.
15. D. The good news is that 802.11g is backward compatible with 802.11b. The bad news is, if
you run inta mixed environment 1 Tf0 Tall devices that communicate with the ch thWAP (or router) will
bee orced to slow down to accommodate the older technology.
16. D.
Chapter 8: Network Services,
Virtualization, and Cloud Computing
The answers to the chapter review questions can be found in Appendix A.
1.
2.
B. For secure transactions, the web server will be using HTTPS, which uses port 443. If the
website works from an internal workstation, then the server is fine. It’s most likely that the
firewall is blocking inbound traffic on port 443. Port 23 is Telnet.
1530
Appendix A
■
Answers to the Review Questions
r
10. C. When multiple organizations with similar objectives want to combine efforts in a cloud,
the best choice is generally a community cloud.3 is2 ( )37 (This allows for the flexibility and scal)]TJ(-)Tj0 -1.222 T
Chapter 9: Laptop and Mobile
Device Hardware
The answers to the chapter review questions can be found in Appendix A.
1.
D. Laptop service manuals can be obtained from the manufacturer’s website. It’s very rare
that paper service manuals are shipped with the laptop. Pressing F1 while in Windows will
open Windows Help, and pressing F2 on many laptops during the system boot will take you
into the BIOS/UEFI.
2.
B. The inverter, which transforms AC power into DC power for an LCD backlight, is found
in the display. It’s not underneath the keyboard, next to the heat sink and fan, or near the
processor, which are all located in the bottom half of the laptop.
3.
A, B. The components of s tofifTpen
,37fTpep,aretThe
and backligh(A.)]
inverter TJotne d found 2.55-1.315 -1.222unimpoe mobotvich[(op
1532
Appendix A
■
Answers to the Review Questions
12. C. The user needs a digitizer, which takes input from the device, such as drawn images, and
converts them into electronic images on the computer. The user could also use a touchscreen
for the same purpose. An inverter changes DC poswe into AC poswe for a display backlight.
There is no capturwe laptop device. A touchpad is a pointing device that allows a user to control the mouse cursor.
Chapter 10: Mobile Connectivity and
Application Support
The answers to the chapter review questions can be found in Appendix A.
1.
D. Whenever you have a reliable Wi-­Fi signal available, which you do not pay for “as you
1534
10. C.
Appendix A
■
Answers to the Review Questions
Appendix A
1536
■
Answers to the Review Questions
full system functionality and, if applicable, implement preventive measures. The final step is
to document findings, actions, and outcomes. Reviewing system and application logs is part
of identifying the problem, which is the first step.
10. A, B. When the system is powered off, BIOS settings on a motherboard are maintained by
the CMOS battery. If the battery fails, the system will likely forget the BIOS time and date
settings and the boot order configuration. Replacing the CMOS battery will resolve the issue.
11. C, D.
A, B. Two helpful things to try are toggling the video output function key (usually something
like Fn+F8) and plugging an external monitor into the laptop. Removing the display is
possible but not necessary yet. Powering the system off and back on isn’t likely to correct
the problem.
paper size, and page
The print spooler
is where print
jobs are
held
printing.
2. orientation.
C. Printing preferences
sets configuration
options
such
as for
color
versus black and white,
The print queue is the list of print jobs waiting to be printed. There is no paper selection
switch on printers (at least not that we’ve seen).
3. A. With a swollen battery52 Ts.ttest solution is to replace the device. If you are experienced
ice batteries, you may be able to replace the battery7 ( but be careful! )37 (Y)86 (ou )]TJ0 -1.222 Td[(should not charge a swollen battery o
eters
intermittent
signal
drops Being
and poor
Moving
)]TJ0will
-1.222
in wireless
networks.
too performance.)37
far away from an( access
point
resultTd[(closer to the wireless access point (W)98.2 (AP) or wireles
at the command prompt. The ifconfig command
is used with Linux and macOS clients. There are no /refresh or /start switches for
these commands.
6.
B. If print jobs are seemingly getting “stuck” in the printer queue, you should stop and
restart the print spooler service. There is no Printer .TDeleting and reinstalling the printer and/or Windows is not necessary.
7.
inverter52
Twhichdim
supplies
power to
the backlight.
subject
to interference
C, D. Perpetually
or flickering
screens
are mostLCD
likelydevices
causedare
by not
a failing
backlight
or
from fans. An incorrect video driver will not cause a flickering image.52 T
8.
ucts,
including
troubleshooting
Many
ago,
provide
B. The
manufacturer’s
website isinformation.
the first place
you years
should
go manufacturers
for informationwould
on your
prodpaper manuals with their products, but that’s almost unheard of today, unless you download
a PDF version from the website. Server logs can show error codes, but they won’t tell you
how to fix anything.
1538
9.
Appendix A
■
Answers to the Review Questions
A. The most likely cause is a groove or a scratch in the EP drum. Toner is collecting in that
groove or scratch, and then it is being deposited onto the page. A broken drum-­cleaning
Chapter 13: Operating System Basics
1539
19. D. The first step should be to try to reboot the device. In most cases with a frozen
smartphone, holding the power button down for about 10 seconds will force it to power
off. If that doesn’t work, then you can move to trying to reset the phone by holding down
the power button and the sleep/wake button for 10 seconds. There is no need to restore the
device to factory settings (yet) or replace the battery.
20. C. A RAID 0 array is also known as disk striping. RAID 0 actually decreases your fault tolerance versus one hard drive because there are more points of failure. You need to replace the
drive, and hopefully you had it backed up so that you can restore the data.
Chapter 13: Operating System Basics
The answers to the chapter review questions can be found in Appendix A.
1.
B, C. You can open a command prompt by typing cmd or command in the Start menu. The
command prompt utility will pop up in the search results. Run is not a command; it is a
dialog box. Open is not a command; it is an operating system action.
2.
D. A driver is specifically written to instruct the operating system to communicate with a
piece of hardware. Source code is the original code in toftware is written in. An application
is a program written to perform a specific purpose to interact with the user. The kernel is the
core of the operating system.
3.
C. You can increase in tize of the taskbar by placing the cursor over the top of the taskbar
and dragging it up. This assumes the taskbar is not locked.
4.
A. If you wanted to install a program on a virtual machine, the preferred method would be
to mount an ISO image of the application. USB and optical discs are not common installation
methods for virtual machines. Although ZIP files could be used, a ZIP file is only a compression method and not a delivery method.
5.
B, C. The Windows File Explorer program can be used to copy and move files. Windows File
Explorer can also be used to change file attributes. Windows File Explorer cannot be used to
browse in Internet or to create backup jobs.
6.
D. The maximum allowable length for a filename is 255 characters.
7.
B. The shell is a program that runs on top of the OS and allows user interaction with the
operating system. The taskbar is an element of the Desktop. The Desktop does not allow for
commands to be executed. Source is not related to the graphical interface.
8.
B. Typing the program name in the Start box allows you to launch the program. The shutdown command will shut down the operating system. Run is not a command; it is a dialog
box. The cmd command starts the command-­prompt application.
9.
D. When a program is multithreaded, it is written to allow for multiple requests into the processor at one time. Multiuser mode, dystopia, and preemption are not correct answers.
1540
Appendix A
■
Answers to the Review Questions
10. B. The Recycle Bin is a temporary spot that files are deleted to but from where they can be
retrieved if deleted mistakenly. The My Computer icon is another, older way to start the File
Explorer. Control Panel and the Settings app are used to customiz is a operating system.
11. D. In Windows 10/11, when you click the Start button, a power icon is displayed on the
lower left or lower right in Windows 11. From the power icon, you can sleep, reboot, or shut
downis a operating system. There is no command named turnoff. Turning the power switch
off and unplugging the machine are not graceful ways to power off s a operating system.
Pressing Ctrl+Alt+Del alone will not power downis a computer.
12. D. The Windows
minimum 1e
amouneftf memory required for s a in r/astioeftf s a32-.૒
2.
D. The CDFS filesystem is used for CD media. NTFS is the native filesystem for Windows.
1542
Appendix A
■
Answers to the Review Questions
12. A. Hardware resources are configured in the Device Manager console. Files and folders and
applications are configured in the operating system GUI. Memory is configured in System
Properties.
Chapter 15: Windows Administration
The answers to the chapter review questions can be found in Appendix A.
1.
A. You will be prompted after you agree to the end-­user license agreement (EULA) with
upgrade or custom. A custom installation is a clean installation when it comes to Windows.
An upgrade is just that—an upgrade of the operating system—and is not a clean installation.
A repair installation is a reinstallation of system files and retains the user data files. Refresh
1544
Appendix A
Appendix A
1546
9.
■
Answers to the Review Questions
C. The apt utility can be used to download and apply patches to a Linux installation. The
update command is not a utility. Shell/terminal is Tfinterface forfinteracting with the
operating system with the command line. The patch command is not a utility.
10. C. The chown command is used to change ownership of a file. The cd command changes the
working directory. The chmod command changes permissions on files. The pwd command
displays the current working directory.
11. A. The fsck Linux utility is used to check and repair disks. The chkdsk utility is a Windows utility used to check and repair disks. The du utility is used to show the current disk
usage. dumgr is not a utility and is a wrong answer.
12. B. By pressing the Home button twice on TfiPad, you can Force Tuit Tfapplication that will
not stop running. The kill utility can be used only at the command line of Linux/macOS. The
Task Manager is a Windows utility. Close Tuit is not a feature and therefore a wrong answer.
13. C.
Chapter 17: Security Concepts
The answers to the chapter review questions can be found in Appendix A.
1.
A. Fences are intended to delay or deter entrance into a facility. Access control vestibules are
used for mid-­layer access control to prevent tailgating. Multifactor authentication is used
for mid-­0ed( )TjEMC /T1_1 /T1_1 /T1_1 /atare
1548
9.
Appendix A
■
Answers to the Review Questions
A. A spoofing attack is an attempt by someone or something to masquerade as someone else
(IP address) and is often used to disrupt access. Social engineering is a process in which an
attacker attempts to acquire information about your network and system by social means,
such as talking to people in the organization. Worms reproduce and move throughout the
network to infect other systems. Password attacks are used in an attempt to guess passwords.
10. A. A worm is different from a virus in that it can reproduce itself, is self-­contained, and
doesn’t need a host application to be transported. A smurf attack is a type of distributed
denial-­of-­service (DDoS). A phishing attack is an attempt to gain a user’s credentials to a network resource. Trojan horses are programs that enter a system or network under the guise of
another program.
11. D. The reflective attack is using a broadcast ping (ICMP) on a network. The return address
of the ping may be that of a valid system in your network. The Trranmission Control Protocol (TCP) is not typically used with a reflective attack. The Internet Protocol (IP) is a suite
of protocols and solely used with a reflective attack. The User Datagram Protocol (UDP) is
not described in this reflective attack.
12. C. A STL injection attack is a method of passing a STL query with a web request by using
an escape code sequence. An insider threat is a threat from within your organization, such as
a disgruntled employee. An evil twin attack involves a rogue access point with the same SSID
as your organization. Tailgating is the act of walking behind someone who has swiped to get
into an area so the attacker can gain entry.
13. B. A key fob is an example of authentication for something you have. A password is
something you know. A fingerprint is something you are. A place is a geographical place in
which you are.
14. B. End-­user education is the best way to protect your users from the threat of phishing via
email. Antivirus software is used to prevent viruses, not phishing attempts. SecureDNS can be
useful in protecting your users, but not from phishing emails. The principle of least privilege
assigns only the permissions that users need to do their work, and no more.
15. C. Spear phishing is a type of social engineering, wherenization.is trying to con your organization into revealing account and password information by pretending to be a high-­level
person. A spoofing attack is an attempt by ization.or something to masquerade as ization.
else, with the intent of disrupting access. A replay attack is a form of on-­path attack, wheren
packets are replayed s ta critical time. Trojan horses are programs that enter a system or network under the guise of another program.
16. A. Szat viruses won’t damage a system in an attempt to spread into all the other systems in
a network. Thest viruses use that system as the carrier of the virus. A password attack would.
not prompt your antivirus software to notify you. Your antivirus software could.be malfunctioning, but it would.not suggest the same virus is infecting you over and over again. A
denial-­of-­service (DoS) attack would.not prompt your antivirus to notify you.
17. B. A symptom of many viruses is unusual activity on the system disk. The virus spreading to
other files on your system causes this. A disk failure will not create high disk activity. A spear
phishing attack is a social engineering attack and will not create high disk activity; neither
denial-­of-­service attacks nor TCP/IP hijacking attacks will create high disk activity.
18. A. A brute-­force attack is a type of password attack in which a password is guessed over
and over until the right password is guessed. A backdoor attack is an embedded account
that allows unauthorized access through an unpatched coding hole. A worm is different
from a virus in that it can reproduce itself, is self-­contained, and doesn’t need a host application to be transported. A TCP/IP hijacking is an attack that attempts to redirect the TCP/IP
conversation to the threat agent.
19. A. The thesis of your presentation should outline the need of a firewall to isolate the external
network from the internal network. Firewalls will not scan packets for viruses. Firewalls will
not prevent password attacks or harden physical security.
20. C. A login script is used by Active Directory during login to map drives and printers. A
home folder is a private network location in which the user can store their personal files.
Organizational units (OUs) are used to group computers and users so that Group Policy can
be applied. The MMC is used to manage various aspects of Active Directory and the local
operating system.
Chapter 18: Securing
Operating Systems
The answers to the chapter review questions can be fou th a fhppendix37.1 ( 92.2 (.)]TJ/T1_0 25 -0.025 c 0.00 Tf-2 -2
1550
Appendix A
■
Answers to the Review Questions
5.
C. A screensaver should automatically start after a short period of idle time, and that
screensaver should require a password before the user can begin the session again. The
system should neither shut down nor restart, since work could still be open. For the same
reason, the system should not log out the user.
6.
B. Android apps have an .apk (Android Package Kit) extension. Apps are developed with
a software development kit (SDK), but .sdk is not a valid extension. Apple iOS apps use an
.ipa (iOS App Store Package) extension. Only the Windows desktop operating system can
execute
15. A. The Encrypted File System (EFS) is a functionality of the Windows NTFS filesystem. EFS
can encrypt individual files and folders. BitLocker is a full-­device encryption technology.
NTFS is a filesystemof at supports encryption and security, among other functionality. BitLocker to Go is used for full-­device encryption of removable drives.
16. B.
1552
Appendix A eviwQuston3ArhR.
Recovery Environment is used to solve problems with Windows and is not typically used
for problems with Windows Updates. Safe mode is a boot mode that loads minimal drivers
and services.
13. A. Microsoft Defender Security is considered antimalware and antivirus protection for the
Windows operating system. Mobile device management (MDM) software is used to manage
mobile devices. Windows Action Center is a notification center for action to be taken in the
operating system. VirusTotal is a third-­party site that analyzes virus signatures, but it does
not protect you from them.
14. B. The System File Checker (SFC) allows you to manually scan for modified operating
use of the Component Object Model (COM) and is not used for cloud services. Windows
batch script uses existingolications and is not used for cloud services. JavaScript is primarily web browser–based, does not allow for the use of external objects, and is not used for
cloud services.
11. D. JavaScript is primarily web browser–based and allows for interactive content. The PowerShell scriptinglanguage is used to manage the operatingsystem. The Bash scriptinglanguage vices. is primarily use
tions and are used to manage the operatingsystem.
12. B. The .sh extension is used with the Bash scriptinglanguage. The .vbs extension is used
1556
Appendix A
■
Answers to the Review Questions
Chapter 21: Safety and
Environmental Concerns
The answers to the chapter review questions can be found in Appendix A.
1.
C. A three-­pronged grabber should be used to retrieve the screw from the computer. Using a
magnetic-­tipped screwdriver is not advisable, because many components are sensitive to magnets.
Using a magnetic grabber is not advisable, because many components are sensitive to magnets.
10. C, D. You should use a cart to move heavy objects. You should also ensure that no safety
hazards are in your path. Lifting by bending over at the waist can hurt your back. Carrying
CRT monitors with the glass facing outward is not safe, as the weight will be farthest from
your body.
11. C. Alkaline batteries should be taken to a recycling center. Throwing batteries in the trash
is not environmentally responsible. Incinerating batteries is not advisable, since they can
explode and will create pollution. Flushing batteries down the toilet is not an acceptable disposal method.
12. B, D. The first step is to confiscate and preserve the prohibited materials on the drive. The
next step is to report the prohibited materials through the proper channels. Destroying the
prohibited material will not remedy the situalution. Confronting the user about the material is
not suggested, as they could become hostile.
13. A. You should research informaluti on the Payment Card Industry Data Security Standard
(PCI DSS). The General Data ProtectrmalRegulaluti (GDPR) is used for protectrng EU citizens. Protected health informaluti (PHI) is any data that defines a patient or an ailment of a
patient. Personally identifiable informaluti (PII) is any informaluti that can be used to identify a person.
143. A. ood and paper fires can be put out by a Class A fire Texrnguisher. Class B fire Texrnguishers are used for flammable liquids. Class C fire Texrnguishers are used for electrical files.
Class D fire Texrnguishers are used for flammable metals.
15. B, C. Phillips and Torx are two commti types of screwdriver. Neither circular nor helix is a
type of screwdriver.
16. A, B.
Good safety plans protect the interests of the workers and also help to keep company
costs down. Periodic workplace inspectrmas and a trainrng program are good components to
implement. Employees cannot be punished in any way for reportrng safety violalutis. Third-­
1558
Appendix A
■
Answers to the Review Questions
20. B. Nickel-­metal hydride (NiMH) batteries are not considered environmental hazards.
Alkaline batteries used to contain mercury, which is an environmental hazard, so they are
assumed to be environmental hazards. Nickel-­cadmium (NiCd) batteries and button cell batteries are considered environmental hazards.
Chapter 22: Documentation and
Professionalism
The answers to the chapter review questions can be found in Appendix A.
1.
D. A physical network diagram details a coconnections so that the next technician dorienot
need to traceoconnections. A logical network diagram shows the flow of information. A
manage mobile devices in the workplace. A password policy details the appropriate handling
and management of passwords. Incident management is how a network or security incident
is handled.
8.
B. Disk-­to-­disk is the fastest recovery method and backup method as well, because you are
backing up from a disk to another disk attached via the network. Disk-­to-­tape is slower
because you must re-­tension the tape and then locate the data on the tape to recover it. Disk-­
to-­flash is notfrobackup method, because of the price of flash. Disk-­to-­
1560
Appendix A
■
Answers to the Review Questions
16. D. You should assure the vice president that you are optimistic and skilled to deal with these
problems. Offering a joke is an inappropriate action. Downplaying the situation does not
show respect to the customer’ Keeping your head down and ignoring the customer
does not display appropriate communications.
1er
Appendix
B
Answers to
Performance-­
Based Questions
Appendix B
Appendix B
1566
■
Answers to Performance-­Based Questions
Chapter 6: Introduction to TCP/IP
Performance-­Based Answer
Here is the correct matching of protocols and services to their ports:
Protocol (service)
Port(s)
FTP
20, 21
SSH
22
Telnet
23
SMTP
25
DNS
53
DHCP
67, 68
TFTP
69
HTTP
80
POP3
110
NetBIOS/NetBT
137, 139
IMAP
143
SNMP
161, 162
LDAP
389
HTTPS
443
SMB/CIFS
445
RDP
3389
Chapter 7: Wireless and SOHO Networks
Answer to Performance-­Based Question
Here are the steps to install a PCIe network card for a Windows 10 desktop:
1.
Power off the PC.
2.
Remove the case and the metal or plastic blank covering the expansion slot opening.
Chapter 12: Hardware and Network Troubleshooting
Appendix B
■
Answers to Performance-­Based Questions
Click the Stop square above the list of services.
Use the More Actions menu on the right.
4.
Restart the spooler by right-­clicking the service and choosing Start, or by clicking the
Start arrow above the list of services.
5.
Close the Services app.
Chapter 13: Operating System Basics
Performance-­Based Answer
In order to accommodate the future requirement of BranchCache, your organization will
need to purchase a volume license agreement with Microsoft. The BranchCache feature is
only available in Windows 10 Enterprise. Windows 8.1 Pro is a retail operating system that
can be upgraded to Windows 10 Enterprise. However, the upgrade will require a different
25-­
1572
6.
Appendix B
■
Answers to Performance-­Based Questions
When the Set Up A Work Or School Account dialog box appears, click Join This Device
To A Local Active Directory Domain as the alternate action, as shown in Figure 15.55.
F I G U R E 15 . 5 5
The Set Up A Work Or School Account dialog box
Chapter 15: Windows Administration
Appendix B
8.þð’
■
Answers to Performance-þð
ÐBased Questions
Chapter 16: Working with macOS and Linux
1575 BasediAnsw
Chapter 18: Securing Operating Systems
Chapter 17: Security Concepts
Performance-­Based Answer
A simple 8-­
1577
1578
Appendix B
■
Answers to Performance-­Based Questions
Chapter 22: Documentation and Professionalism
Chapter 21: Safety and
Environmental Concerns
Performance-­
1579
1580
AirDrop – attacks
AirDrop, 1334
alarm system, 1124
alerts
desktop alerts, 1312
false alerts, 1311
alkaline batteries, 1430–1431
Amazon
Alexa, 485, 487
media streaming, 499
AMD Radeon video cards, 83
Android, 825
Bluetooth pairing with laptop, 623–632
email configuration, 648–652
file transfer, 626–631
mobile synchronization, 666–668
network settings, 746
notifications center, 747
VPNs (virtual private networks), 619–622
Wi-­Fi connection, 611–613
antennas, wireless SOHO, 1245
antimalware software, 1153
updates, 1071
antistatic mats, 1402
antivirus software
antivirus engine, 1152
definitions database, 1152
Microsoft Security Essentials, 1152
troubleshooting, 1313
updates, 1071
Windows Virus & Threat Protection, 1152
APFS (Apple File System), 964
APIPA (Automatic Private IP Addressing), 359, 462
APP files (macOS), 1063
App Store (Apple)
Apple ID, 1061
application installation, 1061–1062
system updates, 1068–1069
appearance, 1495
Apple iCloud, 494
applications, 820
business impact, 836
crashes, 1286
device impact, 835
installation, 833–834
ISOssountable, 833
network, 833–834
optical discs, 833
USB drives, 833
issue repair, 1299–1300
macOS
APP files, 1063
DMG files, 1063
Finder 10525( 10s rh y7 6TJ0 -1.25 Tdooth(W)nloadISOssountab 106.1 ( 10)37 ( 1063)]TJ0 -1.25 Tdoothfrom7 (iru1.25 Td(m
ATX (Advanced Technology eXtended) – BIOS/UEFI chip
hybrid, 1168
rainbow tables, 1168
sanitization, 1169
spoofing attacks
ARP spoofing, 1166
DNS poisoning, 1166
DNS spoofing, 1166
fooling, 1167
MAC address and, 1166
SQL injection attack, 1169
1583
1584
cache memory – cleaning computer
1585
plenum-­rated coating, 300pricing, 313PVC (polyvinyl chloride), 300SCSI, 160Thunderbolt, 167–168troubleshooting, 700–702
1586
client-­side virtualization – command-­line tools (Windows)
computer vacuum, 1423
contact cleaner, 1423
demineralized water, 1423
denatured isopropyl alcohol, 1423
printer toner spills, 1423
tools, 1424
client-­side virtualization, 503
BIOS/UEFI, 505
emulation, 506
resource requirements, 504–506
security, 507–508
setup, 507–508
virtual NIC, 505–506
VirtualBox, 508–515
VT (virtualization technology), 504
client-­­site VPN, 1377–1378
clientless VPN, 1379
closed source code, 821
cloud computing, 487–488
availability, downtime, 492
broad network access, 491
cloud services
BpaaS (business processes as a service), 490
CaaS (communications as a service), 489
common levels, 490
DaaS (data as a service), 490
DaaS (desktop as a service), 490
HaaS (hardware as a service), 489
IaaS (infrastructure as a service), 489
NaaS (network as a service), 489
PaaS (platform as a service), 489
SaaS (software as a service), 489
XaaS (anything/everything processes as a
service), 490
cloud types, 491
high availability, 492
measured service, 492
metered service, 492
NIST cc0ro5 Tc6>> BDC 571 ( 504)]TJ ( 489)]TJ0onTjEMC aai- -1. 0 (VPN,)3self-tualization
–
1588
crimpers – destruction/disposal methods
cores, 44
HTT (Hyper-­Threading Technology), 45–47
multithreading
SMP (symmetric multiprocessing), 46
SMT (simultaneous multithreading), 45
RISC (Reduced Instruction Set
Computing), 43–44
SMP (symmetric multiprocessing), 46
speed, 45
FSB speed, 45
system clock, 45
system information, 47
troubleshooting, 700–702, 1276
VT (Virtualization Technology), 48–49
x64/x86, 43–44
crimpers, 780, 781
cross-­site scripting (XSS), 1169
CryptoLocker, 1144
edadalDiskIinfg S.M.A.R.Tr7276
Carriern SnseS),2944
device drivers – display
recycling/repurposing
drive wipe, 1185
low-­level format, 1183–1184
overwrite, 1184–1185
sanitation, 1184
standard format, 1183–1184
device drivers, rollback, 1306
Device Manager, drivers, NICs, 298–299
devices, 6
DFS (dynamic frequency selection), 386, 388
DHCP (Dynamic Host Configuration Protocol)
APIPA (Automatic Private IP
Addressing), 359, 462
leases, 356–357
port 67-­68, 341–342
RAS (Remote Access Service), 462
relay agent, 462
request process, 358–359
reservations, 356–357
scopes, 356–357, 462
wired SOHO, 1252
dial-­up Internet connection, 404
PPP (Point-­to-­Point Protocol), 405
RAS (Remote Access Service), 405
1589
1590
DisplayPort interface – DSL (digital subscriber line) Internet connection
audio issues, 735–736
low-­resolution mode, 737
project shutdown, intermittent, 736
DisplayPort interface, 177–178
disposal of equipment, 1428
batteries, 1430–1431
chemical solvents and cans, 1433
display devices, 1431–1432
laser printer toner, 1432
mobile devices, 1433
recycling, 1429
distended capacitor, 701–702
distribution, 1060
DMG files (macOS), 1063
DMZ (demilitarized zone), 460
DNA scanners, 1131
DNS (Domain Name System), 360, 461–462
DKIM (Domain Keys Identified Mail), 362
DMARC (Domain-­based Message
Authentication, Reporting, and
Conformance), 362
Internet and, 363–365
IP addresses, 461
name hierarchy, 363
name resolution, 364
port 53, 341
records, 361–362
root server, 462
server, 361–362
spam, 362–363
SPF (Sender Policy Framework), 362
trailing dot, 363
zone files, 462
DNS poisoning, 1166, 1317
DNS spoofing attacks, 1166
do while loops, 1354
document disposal, 1186
documentation
asset management
asset tags, 1464
assigned users, 1466
fixed tangible assets, 1462
procurement life cycle, 1464–1466
systems, 1463
AUP (acceptable use policy), 1466
incident documentation, 1471–1473
DSSS (direct-­
1594
game controllers – headers
G
game controllers, 158
GDPR (General Data Protection Regulation), 1444
GFS (grandfather, father, son) backup
rotation, 1488
ghost cursor, 742
headphones – inkjet printers
headphones, 154–155
HFS (Hierarchical File System), 964
high-­voltage probe, 1398
HIPAA (Health Insurance Portability and
Accountability Act), 1469
hoaxes, troubleshooting, 1311
home security/automation
door locks, 484–485
light switches, 485–486
HomeGroup (Windows), 1030
hostname command, 790
hot-­swappable devices, 110–111
hotspots, 581, 597–601
HSM (hardware security module), 36
HTML (Hypertext Markup Language), 1365
HTTP (Hypertext Transfer Protocol), 337
port 80, 342
HTTPS (Hypertext Transfer Protocol Secure),
467
port 443, 344
SSL (Secure Sockets Layer), 344
TLS (Transport Layer Security), 344
hybrid attacks, 1168
hybrid topology, 287, 290
hypervisors
bare-­
1595
1596
input – IP addressing
ink cartridge, 197–198
damage, 756
maintenance station, 198
paper feed mechanism, 199, 758
duplexing assembly, 202
paper feed sensors, 202
paper feeder, 201
paper tray, 201
pickup rollers, 199
pickup stepper motor, 200
sensor, 758
separation pads, 200, 758
paper jams, 757–758
pickup roller, 757
pgor moltd[ circuitfeed sensors3 757–758mcircuitring assembl7nsors3 757–758
iPadOS – laptops
1597
subnet mask, 348
Windows networking, 1046–1050
wireless SOHO, 1245
iPadOS, 825
ipconfig command, 785–787
iPhone
Bluetooth pairing with vehicle, 632–634
cellular connections, 614–615
Control Center, 747
email configuration, 645–647
Wi-­Fi connection, 609–611
IPS (intrusion prevention system), 473–474
IPv4 addressing, 346–348
classes, 350–351
default gateway, 349
IPv6, 365
addressing, 366–368
IR (infrared), 400
IrDA (Infrared Data Association), 400
ISE (Integrated Scripting Environment),
Python, 1364
ISO (International Organization for
Standardization), 1473
application installation, 833
ITU (International Telecommunication Union),
414
iTunes, syncing and, 661–665
ITX (Information Technology eXtended), 71
mini-­ITX, 9
mobile-­ITX, 9
nano-­ITX, 9
pico-­ITX, 9
J
Java, 1349–1350
JDK (Java D C 37.sF-0.278 Tw 11[(default gateway)92JRERu.1 me.2 ( )]TJ2.25 -1.25 Td.5 -1.25 Td[(JDKU (Internationaent),.25
1598
laser printers – lighting
ghost cursor, 742
keyboards, 560–561
pointing devices, 561–562, 564–566
touchpad disabling, 563–564
troubleshooting, 741–742
internal expansion
M.2, 566–567
Mini PCIe, 566
LCD (liquid crystal display), 541
IPS (in-­plane switching), 541
TN (twisted nematic), 541
Lightning connectors – logical security
Lightning connectors, 166, 580
line-­interactive UPS, 1490
Linux, 821, 1060–1061
APT (Advanced Package Tool), 1070, 1093
Arch Linux, 1060
Bash (Bourne Again Shell), 1072
C-­shell, 1072
CentOS, 825
commands
cat, 1101
1599
1600
loopback plug – malware
1602
microSD – mobile connectivity
mobile devices – mobile devices
MEID (mobile equipment identifier), 606
1603
1604
mobile hotspots – motherboards
power and heat issues, 738–741
security, 1336–1341
upgrading, 528–529
mobile hotspots, 597–601
mobile motherboards, 27–28
mobile operating systems, 824
mobile OS, troubleshooting
applications, 1325–1327
autorotate, 1334–1335
battery life problems, 1330–1331
connectivity, 1331–1334
performance, 1327–1329
update failure, 1329–1330
mobile phones, biometrics and, 1131
mobile-­ITX motherboards, 9
modems, 86–87
modular power supplies, 125–126
monitors
display settings
aspect ratio, 147–148
multiple displays, 148–150
refresh rate, 142–146
resolution, 146–147
disposal, 1431–1432
IPS (in-­plane switching) LCD monitor, 141, 142
LCD (liquid crystal display), 141–142
safety, 1398
LED (light-­emitting diodes), 141–142
OLED (organic light-­
motion sensors – network services
1605
1606
network tap – networks
syslog, 465
clients, 465–466
servers, 466–467
syslog server, 465
web server, 467–468
network tap, 783, 784
network troubleshooting
connectivity
intermittent, 803–806
limited/local connectivity, 801–803
no connectivity, 799–801
software commands, 785–799
hostname, 790
IP addresses, renewing, 787–789
ipconfig, 785–787
net, 792–795
Tda[(net,)37 ( 792–465)]TJ1.m(serv3cTdaa(net,)37 (1 792–465)]TJ1.m(serv3c(syokupnet,)37 ( 6465)]TJ1.m(serv3pathpnewing,)
new-­user setup checklist – NTFS (New Technology Filesystem)
nondedicated, 280
print servers, 279
SOHO (small office, home office), 402
access points, 433–448
infrastructure installation, 422–433
internal connections, 418–422
Internet connections, 404–418
planning tasks, 402–404
wireless routers, 433–448
topologies, 286, 1466–1468
bus topology, 287–288
comparisons, 287
finish diagrams86, 17–1468
hybrid topology, 287, 290
logical diagrams86, 18
1607
OSHA (Occupational Safety and Health Administration) – password attacks
1609
1610
passwords
passwords – physical security
pico-­
ITX motherboards – power
SOHO (Small Office, Home Office), 1252–1253
video surveillance
CCTV (closed-­circuit television), 1122
coaxial cable and, 1122
coaxial camera network conversion, 1123
DAS (direct-­
attached storage), 1122
Ethernet and, 1122
fixed cameras, 1122
IP surveillance, 1122–1123
LPR (license plate recognition), 1123
media converter, 1123
motion fencing, 1123
NAS (network area storage), 1122
NVR (network video recorder), 1122
PoE (Power of Ethernet) and, 1122
PTZ (pan-­tilt-­
1611
1612
power adapters – printers
surges, 1418
troubleshooting, mobile devices, 738–741
UPS (uninterruptible power supply),
( 1uhh21es,)37 ( 89( )]T-033.75 -1.25 T(line-26)Tj/Span<</ActualText<FE00AD02>> BDC ( )TjEMC187.w 9 5 Tdunintactive [(U),
1614
product keys – remote access
remote backup – RFID (radio frequency identification)
screen sharing software, 1386
security, 1387
SSH 0 Secure Shell), 1380
Telnet, 1379
tools
MSRA 0 Microsoft Remote
Assistance), 1382–1384
Quick Assist, 1385–1386
third party, 1386
videoconferencing, 1386
VNC 0 Virtual Network Computing), 1379
1615
scan services – security
scan services
ADF (automatic document feeder), 248–249
flatbed scanners, 248–249
scan to cloud, 250
scan to email, 249
scan to folder, 250
scatternets, 276, 395
scratch diagrams, 1467
screen locks, mobile devices
Android phone passcode lock, 1255
face lock, 1254
fingerprint lock, 1254
iPhone passcode lock, 1255
pattern lock, 1254
PIN lock, 1254
swipe lock, 1254
screen savers, 854
screen sharing software, remote access and,
1386
screened subnets, 460
scripting
application installation, 1370
automation, 1366–1368
backups, 1370–1371
branch logic, 1354–1355
comment syntax, 1352–1353
data gathering, 1371–1372
if statements, 1354–1355
information gathering, 1371–1372
loops
do while loops, 1354
for loops, 1353
while loops, 1354
network drive remapping, 1370
PowerShell, 1352
syntax, 1353
restarting machines, 1368–1369
security issues, introducing, 1373–1374
system crashes, 1374–1375
system settings, 1374
update initiation, 1372–1373
variables, 1351
environment variables, 1352
floating-­point numbers, 1351
integers, 1351
naming, 1352
reserved Tdds, 1352
strings, 1351
scripting languages, 1349
Bash (Bourne Again Shell), 1362–1363
batch scripts (Windows), 1355–1357
compiling, 1349
interpreting, 1349
JavaScript, 1365
1617
editing, 1365
example, 1366
PowerShell, 1357
CLR (Common Language Runtime), .NET
Framework, 1357
cmdlets, 1357–1359
creating, 1360–13651
, 1357
ISE (Integrated Scripting
Environment), 1359
Server Manager, 1357
Python, 1363
.py extension, 1365
IDE (integrated development
environment), 1364
ISE (Integrated Scripting
Environment), 1364
PowerShell ISE, 1364
PyCharm, 1364
Python IDE, 1364
sh shell, 1362–1363
shell scripts, 1362–1363
editing, 1363
VBScripts (Visual Basic)
ASPt869 -1.25 Td7(6Puagel),)37.1 ( 1363)]TJ0 -1.25 Td[COMR (C
1363
Interne Iinformation5 Tdvicee), 1363
, 1363
stuActrted languages, 13651
1618
site-­to-­site VPN – SOHO (small office, home office)
site-­to-­site VPN, 1377
SLA/DLP (stereolithography/digital light processing
printers), 221–222
>rt speakers, 485–487
S>>rtMedia, 109
>rtphones, 6
SMB (Server Message Block), 250, 1106
port 445, 345
SMS (short message service), MFA (multifactor
authentication), 1136
SMTP (Simple Mail Transfer Protocol), 337, 465
mobile devices, 652
port 25, 341
solid-­state drives – surge protection
solid-­state drives. See SSDs (solid-­state drives)
SOPs (standard operating procedures), 1473–1474
onboarding/offboarding, 1475
software package installation, 1474–1475
source code, 821
Southbridge chipset, 12–13
SOX (Sarbanes-­Oxley Act), 1469
spam, DNS, 362–363
spam gateways, 473
spear phishing social engineering attack, 1160
special features, 850
SpeedFan (S.M.A.R.T.), 726, 728
splash screens, 1471
splitters, coaxial cables, 302
1621
1622
swap files – TCP/IP (Transmission Control Protocol/Internet Protocol)
service entrance surge protection, 1491
TVSS (transient voltage surge suppressor), 1491
swap files, 20
incident response and, 1436
swap partitions, 964
synchronization, mobile devices, 654–656
ActiveSync, 657–660
Android devices, 666–668
iOS devices, 660–666
Microsoft 365, 656–657
synthetic backups, 1489
syslog, 465
clients
facility code, 465
severity level, 466
text description, 466
servers, 466–467
syslog server, 465
System applet (Windows Control Panel), 914
Advanced tab
Environment Variables option, 916–917
Performance option, 915–916
Startup and Recovery options, 918–919
Telnet – touch screen
1623
ICMP, 337, 338
IMAP (Internet Message Access Protocol),
port 143, 343
Internet layer, 337–338
Srn/GS0 gCtwe
LDgCt Directory (Access Protocol),)37.1 ( )]TJ2.25 -1.25 Td[(port 143,)3389 343
Internmobile email accounts (
1624
touch screens – troubleshooting
capacitive, 530
TouchFLO, 530
touch screens, 565
TouchFLO, 530
touchpads, 562
TPM (Trusted Platform Module), 1226
BIOS/UEFI chip, 36
BitLocker, 36
tracert command, 797
trackballs, 158, 561
triple-­channel memory, 52–53
VESA (Video Electronics Standards Association) – viruses
VESA (Video Electronics Standards
Association), 177
1627
1628
Visual Basic – Windows
antivirus engine, 1152
definitions database, 1152
Microsoft Security Essentials, 1152
Windows Virus & Threat Protection, 1152
armored, 1148–1149
boot sector, 1149
companion, 1149
infection, 1147–1148
macro, 1149
MBR (Master Boot Record), 1149
mobile devices, 1259–1260
multipartite, 1149
networks, 1150–1151
botnets, 1151
worms, 1151
phage, 1150
polymorphic, 1150
retrovirus, 1150
sp1.5-, 1147–1148
stealth, 1150
US-­CERT Current Activity web page, 1151
Visual Basic, VBScripts
ASP (Active Server Pages), 1362
COM (Component Object Model), 1361
editing, 1362
Windows – Windows
Control Panel, 905
1629
1630
Windows – Windows
graphics, 860
labels, 860
Network, 862
Opening Network, 862
Recycle Bin, 862, 863–864
interface, 851–864
IoT (Internet of Things), 836
kernel, 983
Linux and, 1106–1108
Microsoft account, 1199
Microsoft Defender, 1220–1222
Microsoft Edge
Credential Manager, 1232–1233
downloading, 1228–1230
extensions, 1230–1232
installation, 1228–1230
plug-­ins, 1230–1232
secure data transfer, 1233–1234
settings, 1234–1239
sideloading, 1231
MMC (Microsoft Management Console), 886
Certificate Manager, 894
Computer Management Console, 888–891
Device Manager, 893–894
Disk Cleanup, 904–905
Disk Management, 891
Event Viewer, 890–891
Group Policy Editor, 897–898
Local Users and Groups, 895
Performance Monitor, 895–896
Resource Monitor, 903–904
System Configuration, 899–901
System Information, 902
Task Scheduler, 891
mouse, clicks, 852
NFS (Network File System), 1107
NTFS (New Technology
Filesystem), 1208–1215
Allow, 1210–1211
copying files, 1212
copying folders, 1212
Deny, 1210–1211
file attributes, 1212–1215
file sharing, 1215–12175
older attributes, 1212–1215
folder permissions, 1210, 1211
folder sharing, 1215–12175
1212
moving folders, 1212
permissions, 1217–1218
system files, 1218–1220
system folders, 1218–1220
Registry
entry modification, 961
hives, 960–961
restoring, 961–962
Resource Monitor, 1279–1280
restore point, 919
Run command, 859
Samba, 11075
854
security
BitLocker, 1226–12275
12275
A (certificate authority), 1227–1228
EFS, 1227–1228
groups, 1199–1202
Microsoft Defender, 1220–1222
NTFS, 1208–1215
SHA (Secure Hash Algorithm), 1229
share permissions, 1208–1215
shared files/folders, 1215–1218
system files/folders, 1218–1220
tokens, 12075
1203–12075
1199–1202
Windows Defender Firewall, 1222–1226
servicing channels, 1011
share permissions, 1208–1215
shared files/folders, 1215–1218
Shut Down command, 859
SMB (Server Message Block), 1106
Start Menu, 856–864
Cortana, 857–858
Help and Support, 858
Run command, 859
Shut Down command, 859
Surface Hub, 836
system files/folders, 1218–1220
system tray, 855
taskbar, 854–856
system tray, 855
time zone, 908
UAC (User Account Control), 1206
Windows 10 – Windows 10/11 installation
1631
standard users, 1206–1207
UAC (User Account Control), 1206
Windows Hello, 1204–1206
users, 1199–1202
account types, switching, 1202
Administrator account, aHsd[(user8 Xitard u)1137.ing, ser8 XMicrosofttor account, 1er8 XPow(UsU[(users,)37.1 ( ser8 X[(sta
1632
Windows 10/11 upgrade – Windows OS
OOBE (out-­of-­box experience) pass, 992
OS locale (region) setting, 991
OS name, 993
partitioning, 989
recovery partition, 1007
Personal Use, 994, 995
PIN, 997–998
progress screen, 990
rebooting, 992
remote network installation, 1012
repair installation, 1006
RFM (reduced functionality mode), 986
School Use, 994, 996
setup options, 985
Sign-­in Options, 994
specialize pass, 991
telemetry options, 999
time zone setup, 1001–1002
UEFI-­based hardware, 983
as upgrade, 982–983
Upgrade, 987
Windows account options, 994
Windows Setup dialog box, 985
Work Use, 994, 996
Xbox Game Pass, 1001
Windows 10/11 upgrade
boot options, 1011–1012
considerations, 1012–1013
feature updates, 1008–1011
image deployment, 1008
Install Windows 11 screen, 1003
Ready To Install screen, 1004, 1005
recovery partition, 1007
security updates, 1008–1011
side-­by-­side 1upgras, 1007–1008
Windows Recover Environment – wireless routers
profile loads slow, 1295–1296
profile rebuild, 1306–1309
RAM, 1276
rebooting, 1291–1292, 1297–1298
1633
1634
WISP (Wireless Internet service provider) – Zoombombing
WPA2, 439
WPA3, 440
WILEY END USER LICENSE AGREEMENT
Go to www.wiley.com/go/eula to access Wiley’s ebook EULA.
Related documents
1: Introduction to Computers Worksheet
1: Introduction to Computers Worksheet
Slow PC Technical Support Number +1-844-714-3666 USA
Slow PC Technical Support Number +1-844-714-3666 USA
Chapter 1 : Computer Networks. Lecture 1
Chapter 1 : Computer Networks. Lecture 1
Begin by clicking the start icon in the lower left... Look to the top right corner and click the search...
Begin by clicking the start icon in the lower left... Look to the top right corner and click the search...
HP Printer Error State Issues in Windows 10 | Contact Today +1-888-500-9609
HP Printer Error State Issues in Windows 10 | Contact Today +1-888-500-9609
Download
advertisement