CompTIA A+ 1201 - 3.0 Software Troubleshooting Flashcards
Administrative Tools (Windows)
Component Services
Computer Management
Data Sources
Event Viewer
Local Security Policy
Print Management
Performance Monitor
Services
regedit
Run command for Registry Editor.
- Good practice to back up via File\Export
devmgmt.msc
Run command for Device Manager
diskmgmt.msc
Run command for Disk Management
compmgmt.msc
Run command for Computer Manager
Location of Windows Registry Backups
C:\Windows\System32\Config\RegBack
HKEY_LOCAL_MACHINE (HKLM)
The most important key in the registry.
Contains Hardware, Software and Security data.
HKEY_CURRENT_CONFIG (HKCC)
A registry key that contains information that identifies each hardware device installed on the PC
HKEY_CLASSES_ROOT (HKCR)
A registry key that stores information, determining which application is used when opening a file (default apps)
Data for this key is gathered from the HKLM and the HKCU key.
HKEY_CURRENT_USER (HKCU)
A registry key that stores information about the current user of the PC, data that is stored in the HKEY_USERS key.
Read-Only
A file attribute that prevents changes being made to a file. Users will be prompted to create a new copy of the file if they need to edit it.
Hidden (File Attribute)
Specifies if a file is visible in the default view. This can be modified in file explorer
System (File Attribute)
Specifies that the file should not be accessible to standard users.
Archive (File Attribute)
Shows whether a file has changed since the last backup or not. Useful for incremental backups as the file will be flagged depending if it has been backed up or not.
MMC
Microsoft Management Console
A toolbox creation utility that will allow admins to create portable .mmc files, for use in troubleshooting / administrative tasks (Performance Monitor, Event Viewer etc)
diskpart
A CLI command that engages the Disk Partitioning utility in CMD.
Can select, detail, and initialize by formatting drives ready for use.
format (CMD)
Formats a drive by erasing all data on it.
Syntax: Format volume:\ switch
/fs: (Format switch)
Specify the file system to format drive to
(FAT, FAT32, NTFS etc)
/v: (Format switch)
Specify a label for the formatted drive.
/q (Format switch)
Perform a quick format, without checking for bad sectors.
/a: (Format switch)
Specify the size of allocation units (512, 1024, 2048 etc)
/x (Format switch)
Forces the selected volume to dismount, which may cause errors if files are currently being accessed.
/c (Format Switch)
Enables files compression (good for backup drives / storage)
DO not enable on the system drive as this will compress essential files for the OS to run.
Linux Disk Management Tools
df
du
Fsck
MacOS Disk Utility App
Disk Management for MacOS
tasklist /sv
Command line tool, used to display the list of processes and services running in Windows
Data Collector Sets
Windows log files that record system information for viewing in real-time or later.
Useful for creating Baselines for a PC to compare when functionality appears affected.
Counter Logs
Windows log files that allow you to collect statistics on resources and analyse them for performance and system health purposes.
Trace Logs
Windows log files that allow you to collect statistics on Services, including extensions to Event Viewer that allow you to log data that would be otherwise inaccessible.
bootrec /fixmbr
CLI tool that rewrites the master boot record to fix any issues that may arise from corrupted data within.
Ie; “No OS Found”
bootrec /fixboot
CLI tool that fixes system startup failures and boot errors on Windows 10 & 11
Ie; “No OS Found”
bootrec /rebuildbcd
CLI tool that rebuilds the boot configuration data to fix startup issues & errors.
Ie; “No OS Found”
C:\Windows\Ntbtlog.txt
This is the location that Boot Logging will drop the boot log txt file for analysis once it is enabled in Windows RE.
C:\Windows\System32\rstrui.exe
This is the location of the System Restore executable. You can run this from the CLI.
