Dion Training CompTIA A+ Core 2 Flashcards
○ Windows
■ A graphical operating system developed and published by Microsoft
■ One of the most popular operating systems in the world
○ Versions
■ Windows 1.01
■ Windows 2.01
■ Windows 3.01
■ Windows 95
■ Windows 98
■ Windows 2000
■ Windows Me
■ Windows XP
■ Windows Vista
■ Windows 7
■ Windows 8
■ Windows 8.1
■ Windows 10
■ Windows 11
○ The oldest one that we’re going to support is known as
windows 8.1
○ Currently supported versions
■ Windows 10 support is going to continue to operate until October of
2025
■ Windows server 2016 will be supported by Microsoft up until January of
2027
■ Windows server 2019 will be supported all the way up through January of
2029
■ Windows server 2022 will be supported all the way up until October of
2031
○ Windows used to have a 90% market share when
it came to home computer
operating systems
○ Linux
■ Made by lots and lots of different companies, organizations, and
individual people
○ An open-source operating system
■ You have access to all the underlying code, and you can make any
changes you want
○ Some distributions use a subscription-based model with they only give you
access to their code
■ Ubuntu
● A free software you can install on your desktop or your server
■ Fedora, Debian, Mint, Arch, or CentOS
● Community supported distributions
○ Two different formats for lifecycle support
■ Standard release model
● A version number associated with
■ Rolling release model
● There is no long-term support version and there’s no version
numbers at all because you’re dealing with this constant update
Android
○ Android operating system
■ A specific operating system that was designed to be able to support the
smartphone and tablet market
■ Originally released by the open handset Alliance, which is primarily
backed and driven by Google
● Android
○ Uses a much shorter lifecycle than does desktop or server environments
○ Older devices can’t necessarily support the newer operating systems
■ Android is based on Linux
■ Each manufacturer can make their own version of Android
○ Chrome OS
■ Proprietary operating system developed by Google
■ Developed to run specifically on laptops and desktop hardware created
by Google
■ This hardware was designed to keep costs very low
○ Chrome OS devices have built-in virus protection and firewalls
■ Chrome OS is extremely safe and secure
○ Proprietary operating system created by Google
■ Designed to run on specific hardware
■ Stripped down operating system
■ Primarily uses web applications and supports Android apps
○ macOS
■ Operating system used on Mac computers, built by Apple
● iMac
● Mac desktop
● MacBook
○ macOS was previously called
OSX
● macOS
○ Desktop operating system that only operates on Apple devices
○ iOS and iPad iOS
■ Developed by apple for their smartphones and tablets
● iOS operating system
○ Developed as a closed source operating system
○ Have a very high percentage of total market share for
mobile devices
● iPad iOS
○ Developed as a fork of the mean iOS branch
○ Organize data and information on a
hard drive, solid state drive, or other storage
device
○ File systems must be created before
you can install an operating system or storage device like a hard disk drive
○ Types supported by operating systems
■ Windows operating systems use NTFS, FAT32, or exFAT
■ Linux will use ext3, ext4, or exFAT for your filesystem
■ macOS uses the Apple file system known as APFS
○ New Technology Filesystem (NFTS)
■ Linux and macOS cannot read NTFS by default, you would have to use
third party utilities to read and write NTFS
■ A 64-bit filesystem that allows for large volumes and very large file sizes
■ POSIX supports Unix and Linux compatibility between NTFS and a Unix or
Linux filesystem
■ Indexing is a catalog of file and folder locations to help speed up searches
■ Dynamic discs can combine physical discs into one larger disc that is
understood by the operating system
○ New Technology Filesystem (NFTS)
■ Has a lot of key features such as journaling, snapshots, security, POSIX
compliance, indexing, and dynamic discsJournaling allows for faster
recovery from power outages and crashes
● Snapshots allow you to make a read-only copy of a file, even if it is already locked
■ NTFS has a higher security level and allows you access to audit trails,
quota management, and an encrypting filesystem
● Each file can be protected against unauthorized access
■ Windows and NTFS are not case sensitive
● JASON and jason would be the same file to NTFS
● Windows doesn’t rely on case sensitivity when reading NTFS, but Linux and Unix will
○ File allocation table 32, also known as FAT32
■ You can only have a total drive size of up to 2 TB and the maximum file
size is 4 GB
■ FAT is limited due to it being a 32-bit allocation table, where the
maximum file size is around 4.2 billion bytes or 4 GB
■ FAT is supported by Windows, Unix, Linux, and macOS
■ FAT32 is usually used on removable drives like external hard drives or
USB flash drives
○ Extended file type system, also known as ext3 and ext4
■ These are supported by Linux and Unix systems, but not by Windows or
macOS by default
■ ext3 has a maximum volume size of 32 TB and maximum file size of 2 TB
■ ext4 has a maximum volume size of 1 EB and maximum file size of 16 TB
○ Apple file system or APFS
■ APFS has been the default file system of macOS since 2018
■ APFS is considered a journaled filesystem, and provides same journaling
benefits as in NTFS
■ APFS has a higher level of performance when dealing with SSD than a
traditional HDD
○ Extensible file allocation table, also known as exFAT
■ exFAT supports large volumes of up to 128 PB in size and file sizes of up
to 16 EB
■ exFAT is considered cross platform capable and can be used on Windows,
Unix, Linux, or macOS
● Windows
○ NTFS
● Linux
○ ext4
● macOS
○ APFS
● Compatibility Concerns
○ Every software application is coded to run on a specific operating system
○ Devices that are running different operating systems can communicate on the
same data network
○ Most computers can talk the same language using TCP/IP
○ The ability of end users to use different operating systems
○ A traditional user may be used to work with just one or two operating systems
○ Train users to understand how to use your operating system
○ Windows support
Windows 11
● 64-bit version
■ Windows 10
● 32-bit or 64-bit version
■ 32-bit Version
● 32-bit programs
■ 64-bit Version
● 32-bit or 64-bit programs
■ Each piece of hardware will be 32-bit or 64-bit based on the processor
○ Choose the version of the operating system that will align with your processor
■ 32-bit version of Windows has lower memory requirements
■ Have a minimum of 4 GB of RAM to run Windows
■ Check if your processor can support 32-bit or 64-bit operations
○ Windows Home
■ Basic edition of the Windows operating system
● Not designed to be used in a business environment
● Upgrade to Windows Pro or Windows Enterprise for additional
business features
○ Windows Home
■ Storage device encryption (not Bitlocker)
■ Windows 11 Home edition is only in 64-bit version
■ Windows Home edition support multi-core processors
■ A multi-core processor has 2, 4, 6, 8, or even up to 64 cores
■ It does support hyper-threading
■ You can move up from Windows 10 to 11 using the same edition
○ Windows Home
■ 64-bit can support large amounts of memory
● OEM
○ The OEM license is used by the original manufacturers
● Retail
○ Windows Pro
■ Windows operating system that focuses on business use
■ Windows Pro can be used in a domain environment
■ OEM is the original equipment manufacturer license
■ Retail license allows you to buy one license for one piece of hardware
■ Windows Pro is designed to be used by small and medium-sized businesses
○ Windows Pro
■ BitLocker
● Full disk drive encryption schema that is provided inside of Windows Pro and Windows Enterprise editions
○ Windows Pro
■ Group Policy Editor
● Creates and applies operating system and software application settings across all the users
● The group policy editor is not available within the Home edition
○ Windows Pro
■ Remote Desktop Protocol (RDP)
● Remotely connect to your Windows Pro machine from anywhere in the world
○ Windows Pro
■ Windows Information Protection (WIP)
● Helps identify and protect against potential data leakage or data exfiltration
○ Windows Pro
■ Windows Pro for Workstations is an improved version of the Windows Pro
edition
● It provides support for additional hardware
● Windows Pro for Workstations can support up to four-way multiprocessing
○ Windows Enterprise and Education
■ Windows Enterprise is a fully featured version of Windows
■ Enterprise edition can only use volume licensing
■ UE-V is used to capture, save, and manage Windows 10 operating system
■ Allows multiple people to use the same machine but separates all their
settings
■ Direct access is used to allow connectivity for remote users without the use
of a VPN
■ Credential guard allows for virtualization-based security and only grants
access to privileged systems
■ Windows To Go creates an image version of a corporate Windows 10
environment that can be run on a user’s personal computer
■ Windows Enterprise edition has a limit of 6 TB of memory
■ Windows Enterprise supports up to 4 physical processors
■ Both are only going to be using a volume licensing
■ Windows Education and Windows Pro Education are the same as Windows
Enterprise and Windows Pro editions
○ Windows Enterprise and Education
■ Application virtualization under a tool known as App-V
● App-V protects the rest of the operating system from any kind of malware
○ Upgrading Windows
■ In-place upgrade means the setup program for the new version will be
launched within the current operating system
■ Verify the system meets the minimum requirements for the new operating
system
■ Download the Windows 11 installation media and place it on a USB drive
■ Launch the setup program from that USB within Windows 10 and then
perform a full upgrade
■ Data-only upgrade keeps all personal files, but not any applications or
settings
■ Clean install will delete all personal settings, files, and folders
○ Clean installation
■ When an operating system is installed onto a new computer
■ In this type of installation, all data, user settings, and programs will be
deleted
○ In-place upgrade
■ Changes the current version of the operating system into a newer version
■ Clean installation does not bring over any of your data, applications, or
user settings
○ Attended installation
■ Requires a system administrator to sit in front of the computer during the
installation process
○ Unattended installation
■ Used by the system administrator when multiple machines need the
installation
○ Image deployment
■ Copies an image file of a hard drive onto the new system
■ This image can be stored on a DVD or USB media
○ Remote network installation
The image to be used will be sent over the network
○ Look at the system requirements
■ Hardware compatibility
■ Application support
■ Backup files and user preferences
■ Third-party drivers
○ Make sure the processor, chipset, and memory can support the new OS
■ In Windows 11, 64-bit edition, the hardware requirements are doubled
from Windows 10
■ x86 or x64
● Upgrade Considerations
○ Verify the new operating system has support for the peripherals that you need
○ Run the PC Health Check app before performing an in-place upgrade
○ Remain with the older operating system
○ Replace the peripheral to something supported by the new operating system
○ Run a backup first
○ Obtain any third-party drivers that you may need
○ Make sure to obtain the right third-party drivers
● Product Lifecycle
○ Mainstream support is for every version of the operating system for a minimum
of five years
○ Extended support is the additional period for some of the products that can
extend another three to five years
○ End of life means that product is no longer supported
○ Legacy Operating System
■ A product that is no longer supported and considered abandoned or
orphaned
○ Windows 10 and 11 get mainstream support for at least five years
■ Feature updates usually occur every 6 to 12 months
■ Feature updates are not going to change the requirements for that
operating system
■ Every product, including operating systems, has a defined life cycle
■ Windows will provide at least five years of mainstream support
■ Once that operating system reaches end of life, there will be no more
security patches
○ Optical Media
■ Any type of disk that uses laser or light to read and write data
■ Many newer computers don’t have optical drives, so using optical media
is less common
○ USB connected drives
■ Can be many types of drives
■ USB connected drives can be CDs, DVDs, Blu-ray, solid state drives, flash
drives, or hot swappable hard drives
■ To make sure your USB device is bootable, you need a media creation
tool to create the installation media
○ Network boot devices
■ Take advantage of something inside your BIOS or UEFI
■ This allows you to read boot media over the network
■ Windows generally use the PXE environment to boot up the setup
program to install Windows
■ If you rely on network boot, you need to ensure you have DHCP enabled
to get an IP address assigned to your server
○ Internet-based boot method
■ Allows the system to boot up its system over the Internet
■ The computer will boot up a minimalist version of an operating system
that is used to download the setup files
○ Internal hard disk drive partition
■ A hidden device partition created by your manufacturer
■ If your purchased Windows 11 laptop gets corrupted, do a clean install by
booting from the internal hidden partition
● Boot Methods
○ Configure your BIOS or UEFI to have the proper boot order
○ If booting from a USB drive, you need to place it above the hard disk in the boot
order
● Partitioning Storage Devices
○ Once you boot up the setup program, ensure the storage devices are properly
partitioned
○ By default, at least one partition on a fixed disk is needed before you can
perform a high-level disk format for your file system
● Partitioning Storage Devices
○ Types
■ Hard Disk Drives
● Also known as HDDs
■ Solid State Devices
● Also known as SSDs
■ Both HDDs and SSDs require partitioning and formatting before using
them to store an operating system
○ There are two styles of partitioning
■ Master Boot Record (MBR)
● The traditional style of doing partitions on a particular fixed
storage device
● The first 512-byte sector on a disk contains the MBR, which has
the info about the physical disk on it
● Inside the MBR, you will be able to carve up the physical disk into
four primary partitions
● Any of these partitions can be marked as active, which signals the
system to look for the operating system to boot up
● When booting up initially, it will read the first 512-byte sector
from the hard disk which will have the MBR on it
● That will be partition zero, but the boot loader will ask which
device you would like to boot up, Windows or Linux
● You can also use partitioning to make multiple areas of storage
instead of just having one single drive
● One drive for the operating system and one for the data in two
different partitions
● MBR has limitations, such as only able to run four primary
partitions and only supports a disk size of 2 TB
■ GUID Partition Table (GPT)
● Provides a more up-to-date schema to address MBR limitations
● Windows can support up to 128 partitions with GPT
● GUID partition table can support drives over 2 TB, which is good
for its 128 partitions
● The system must support UEFI as its boot method to be able to
use GPT
● Most systems use UEFI for its 64-bit processors since BIOS only
supports 32-bit processors
● Windows supports NTFS, macOS supports APFS, and Linux
supports either ext3 or ext4 (depending on the distribution used)
● Choose the file system that works best with your operating
system, like Windows with NTFS or macOS with APFS
● This may be a good reason to have two partitions, if you are using
macOS and Windows, or Linux and Windows
● It is important to understand what limitations you have when
choosing file systems
○ Recovery and Reset is used when your Windows has been corrupted with
malware, or there is a system issue
■ Recovery and reset is helpful when there is some malware, or you are
going to sell your machine
■ Normally, a message will pop up with the required key, such as F11 or
CTRL + F11
■ A text or graphics display will walk you through how to do a full recovery
or repair
○ The factory recovery only works if you have the original hard drive in the system
■ A disadvantage of a full recovery is you lose everything on the system
■ A disadvantage of a full recovery is you lose everything on the system
● Recovery and Reset
○ With a full recovery, all files will be lost, unless you have them saved on a backup
drive to bring back into the system
○ Under refresh or repair mode, your machine will reset and try to repair itself
without doing a full recovery
○ To repair instead of factory reset, you go to the same menu and just choose the
repair/reset options
○ With Windows, most hardware will include a recovery partition that you can
boot up from
○ Every application is going to have different processing requirements
■ 32-bit or 64-bit processor
■ Processor speed and cores available
■ Memory available for that application
■ Have more than the minimum required for best performance
■ Amount of storage space available
○ Graphic requirements
■ Dedicated graphics card or integrated graphics card
■ VRAM available
● Application Requirements
○ Graphics cards can be embedded into the motherboard or into the processor
○ Integrated GPU can handle most day-to-day applications in an office environment
○ Dedicated graphics card is for more high-end graphics and intense applications
■ 8 to 16 gigabytes of RAM available
■ External Hardware Token
■ Digital key that can unlock an application
● Distribution Methods
○ Download from the app store
■ These app stores will handle all the installation process for you
■ These app stores take precautions to ensure that the software is of good
quality
■ Not all applications can be found inside the app store
○ Physical copy of the software
■ CD or DVD as a distribution method is known as Physical Media
■ Physical media is not the most convenient way to install software
■ Requires to be picked up at some retail location
■ Software is not going to be the most up to date version
○ Downloadable software directly from the manufacturer
■ ISO File
● Digital file format used to replicate a physical CD, DVD or Blu-ray
Disc
○ Windows
■ Right click and select “Mount”
○ Mac
■ Use the Disk Utility
○ Licensing
■ Single user license means you can install one copy of that application on
one system
■ Some applications will support multiple copies being installed on multiple
systems for use by a single user
■ Never install an application on a system without a valid license
■ Understand the terms of a software license
○ Provide support for that application
■ Manufacturer’s Support
● Extended support agreement between the company and the
manufacturer
○ How are you going to be training your users?
■ Third-party manufacturer who made that software to train your users
■ Make sure to budget for that in terms of time and costs
○ Impacts can be to
■ Single component
■ Larger network
■ Larger enterprise system
○ Methods of deployment
■ Send a technician to every machine to manually update it
■ Use automation to push that software over the network to all the clients
● The user doesn’t have to be logged into the system and the administrator doesn’t have to go to that system
○ Considerations
■ What clients are on the network
■ What servers are being used
● Windows Deployment Service
● Microsoft Deployment Toolkit
● Apple Business Manager
● Private repositories
○ Processing power
■ Some applications are going to slow down the system
○ Memory
Some applications are going to be memory intensive
○ Storage
Some applications are going to take a lot of storage space
● Device Impacts
Test the applications on a sample system to see impacts
● Network Impacts
○ Some applications will rely heavily on the network
○ Consider what network impacts would there be when installing certain tools
■ Backup tools will steal a lot of the network’s performance by
overwhelming the connection
○ Consider the actual installation of the application itself
■ Break down the deployment into small groups
■ Use times that are the least impactful for the users
○ Wired connections can come in the form of copper or fiber
■ Fiber connects directly into a network interface card
■ Copper connection uses a Cat 5, Cat 6, Cat 7, or Cat 8 connector using a
UTP or STP cable
● Wired Connections
○ Use the device manager to see what network adapter is installed on the system
and its specifications
● Wireless Connections
○ Wi-Fi connections are set up and managed through the device manager
● WWAN Connections
○ Connect to a wide area network over a wireless connection, and is most seen
with cellular modems or cellular hotspots
○ Be aware of how much data your plan has as service providers can have different
limits
■ Some are done monthly, some are unlimited, and some are allocated
over a given period
■ Additionally, some plans will cap your transferable data and cut off your
connection
○ Some plans features
■ Overage Fees
● Some cellphone carriers charge $10 to $20 per GB beyond the
data cap
■ Throttling
● With throttling, you will still be able to use data, but at a much lower speed
■ Unlimited
● Unlimited plans have no data cap, you can use as much as you want and at the highest levels of speed
● VPN Connections
○ Used to connect anyone or any resources from one private network to another
over a public network
○ VPNs will allow you to connect back to your office and access your data in a
secure manner
○ VPNs are easy to set up in Windows
■ They are built into the operating system
■ Set up through the Network Center
○ Anytime you connect to a network, whether wired or wireless, you need to make
sure the device has four basic items
■ IP address
■ Subnet mask
■ Gateway
■ DNS server
○ Types of Accounts
■ Administrator Accounts
● Can do everything on the system
■ Standard Accounts
● Has a limited subset of actions that can be taken
■ Guest Accounts
● Most limited subset of actions that can be taken
○ When accounts are created, profiles are also set up
■ Creates folders for the user
● Programs and Features
○ A Control Panel applet
○ Controls the different pieces of software on a particular Windows system
○ Can install and uninstall programs
○ Can set up features like Containers and Hyper-V
● Devices and Printers
○ Provide you with a wizard and an interface to add devices manually and create
shortcuts to the different configuration pages
○ There is a lot you can do with devices, which are things like mice, keyboards,
webcams, etc.
○ This area of the control panel is where you can edit the functionality of mice,
keyboards, monitors, etc.
● Internet Options
○ An older legacy applet that can be used to configure the old legacy web browser
Internet Explorer
○ Most places don’t use Internet Explorer anymore, and use things like Microsoft
Edge or Google Chrome, but some places still rely on Internet Explorer
○ When using the Internet Options, you are only configuring Internet Explorer
● Network and Sharing Center
○ Status of any network adapter
○ Change settings
○ Configure media streaming
● Windows Defender Firewall
○ Software-based/ Host-based Firewall
○ Determines which processes, protocols, and hosts are allowed to communicate
over a network
■ Public Networks
● Airports, hotels, etc.
■ Private Networks
● Business/home networks
○ Configures Microsoft Outlook, but not other mail apps like Thunderbird or webbased mail like Gmail
○ Mail only works with Microsoft Outlook and allows for the configuration of email
clients under different profiles
● Sound
○ Used to select your input such as your microphone or your output
● System Settings
○ The exam objectives list the system as part of the control panel
○ Windows Settings can be accessed through the control panel
Has all information about the system settings
● Device Manager
○ Allows for the viewing and editing of properties of the different pieces of
hardware installed on a system
○ Device Manager is a separate program that lets you view and edit the properties
of hardware
○ installed on a given system
● Administrative Tools
○ Collection of tools that can be used for more in-depth configuration or
troubleshooting
○ Accessed through Control Panel
■ Actually links to programs
● Indexing Options
○ Configures how the search capability inside File Explorer is going to work
○ Indexing options configure how things will be indexed to increase search speeds
● File Explorer Options
○ Applet in the Control Panel
○ Can set options for how the file explorer opens and how files, folders, and
contents are viewed
○ File Explorer
■ Shows the file, folders, and contents for the entire system
● Power Options
○ Allows to control the power management on a Windows system
■ Turn off or reduce the power
■ Use less energy
○ Advanced Configuration and Power Interface
○ Industry standard for power management services designed to allow software
and hardware to have compatibility
○ S3
■ Most of the devices are going to lose power
○ S4
■ Power will be maintained to the memory
○ S5
■ This applet conserves energy or maximizes performance by choosing how
the computer will manage power
○ Ease of Access
■ Gives access to all sorts of settings to configure the input and output
options
■ Accessibility area
● Windows Settings
○ Used to administer and configure the Windows 10 and 11 operating systems
○ The Windows Setting application provides easy to use applets
● Task Manager
○ Monitors the computer’s key resources, like processing, memory, storage, and
network capacity
○ Task Manager is used to monitor the computer’s key resources, things like
processing, memory, storage, and network capacity
● Device Manager
○ A tool used for investigating and troubleshooting system hardware, components,
and peripherals
○ Device manager is used to investigate and troubleshoot all sorts of system
hardware, components, and peripherals
● Disk Management Console
○ Provides a summary of all the fixed and removable disks on the system, including
HDDs, SSDs, and optical drives
○ This is a tool that formats disk drives, creates partitions, shrinks volumes, creates
RAIDs, and more
○ Main problems with storage devices
■ Fragmentation
● Disk fragmentation only truly affects hard drives, and this is
because of the way data is written
■ Capacity
● Capacity is the cap of data you can have on your disk
■ Damage
● Damage can happen when you cut off power to a disk being read
or written, or if you drop the device
○ Maintenance tools
■ Disk defragmenter
■ Disk cleanup utility
● Task Scheduler
○ Used to run commands and scripts automatically in the background at any given
interval
● Event Viewer
○ Allows you to go through log files and see what has happened on a given
Windows system
○ Levels of notification
■ Information
● Least serious issue
● Doesn’t require actions
■ Warning
● Event that could lead to an error or critical issue if not remediated
● Don’t need to be investigated or addressed immediately
■ Error
● Should be investigated and addressed
● It won’t stop the system from operating
■ Critical
● Fix as soon as possible
● Most serious
■ Verbose
● Provides more details about what is happening
● Performance Monitor
○ Provide real-time information about system resources by keeping track of what
things are happening in the operating system
○ Monitor performance over time and find the issue by looking at some key
counters
● Local Users and Groups
○ Provides the ability to create, modify, disable, and delete user accounts along
with the setting or resetting of passwords
● Group Policy Editor
○ Provides a way of configuring different Windows settings across all machines in
the network
● Certificate Manager
○ Looks at the different digital certificates installed on the system and provides a
way of requesting and importing new certificates
○ Certificate manager provides the ability to manage all digital certificates on the
system
● System Information
○ Produces a comprehensive report on the different pieces of hardware and
software inside a Windows system
● Resource Monitor
○ Gives a better version of the type of monitoring provided by the task manager
○ Resource Monitor is essentially an enhanced or better version of the snapshot
and overview monitoring inside the Task Manager
● System Configuration
○ Used to modify various settings and files that affect the way a computer boots
up and loads Windows
○ Windows Registry
A database which has all the different settings and configurations across
the entire operating system
● Microsoft Management Console
○ A container for plugins or snap-ins that can be used to create custom admin
tools to configure a system
● Windows Command Line Tools (see each video below for definitions of tools included
in this video)
○ CLI – Command Line Interface
○ Command Prompt
■ Provides a text-based user interface
■ Some commands are run in the administrative command prompt only
■ Syntax (how the command is typed) is important
● Always use the proper syntax when entering commands
○ Command Line
Text base
○ Graphical User Interface (GUI)
Uses a mouse or finger to navigate
○ Command Prompt
■ Allows to run a series of different text-based commands and be able to
run different tools or utilities
■ An administrative user can do a lot of things that may not be available to
a standard user
● Create a new user account
● Access files or folders
● Using the Command Prompt
Use the regular command prompt first
○ cd
■ used to move into a different directory
○ dir
used to display a list of directory and subdirectory files
○ md
used to create new directories and subdirectories within the file system
○ rmdir
■ used to delete or remove a directory or subdirectory within the file
system
○ Copying commands
■ copy
● used to copy one or more files
■ xcopy
● used to copy files, directories, and subdirectories
■ robocopy
● used to copy files, directories, and subdirectories with support for
longer file names and network paths
○ Movement commands
■ Moving files can function like copying files
● Disk Management commands
○ diskpart
■ used to manage the computer’s disk drives, partitions, volumes, and
virtual hard disks
○ format
■ used to delete the contents of the storage device and create a new file
○ chkdsk
■ used to scan the file system for file system metadata errors
● Shutdown
○ This command can run at various times when the user is not at the computer
● System File Checker
○ Provides a manual interface for verifying system files and restoring them from
the cache
● Windows Version
○ Use winver command
○ ipconfig
■ ipconfig provides information about own network connection
■ displays the current TCP/IP network configuration
■ refreshes DHCP and DNS settings
○ ping
■ ping verifies there is good connectivity between the client and the
remote destination
○ tracert
■ tracert shows each stop along the way by using multiple pings all the way
out and all the way back
■ used to determine the path by sending an ICMP echo request
○ pathping
■ pathping gives a more accurate round-trip time being calculated
■ provides network latency and network loss information
○ hostname
■ Finds the device’s name
○ nslookup
Finds a domain name from the IP address
● The netstat Command
○ Checks for open ports on a given client
○ Looks for ports or connections on listening mode
○ Netstat is helpful for malware removal or threat hunting against bad actors
● Group Policy Commands
○ Set of policies across all users on a given system or across all systems on a given
domain
○ gpupdate
○ gpresult
○ Domain-Based
■ Used for larger environments
○ Workgroup-Based
■ Used in a single computer environment
○ Workgroups and Domains
■ Represent the two different methods for organizing workstations inside
of a Windows-based computer network
■ When dealing with a workgroup, you’re dealing with a decentralized
model of administration, so there is no main computer in control
■ Workgroups are better used with smaller sized networks, all on the same
network of less than about 15 to 20 computers
■ Domains are used for large scale networks, one or more computers
acting as a server, which makes it easier to automatically connect to the
network from anywhere
■ Domains can support hundreds of thousands of computers on a single
domain
■ The main difference between the two is how workstations and resources
on the network are going to be managed
● Workgroup
○ Decentralized model
● Domain
○ Centralized architecture
● net command
○ An entire suite of commands
● Printer Sharing
○ Sharing a printer over a network is easier in a small office environment
● macOS
○ macOS generally has same features and functionality like Windows
○ Time Machine
A backup feature in macOS
○ Finder
■ macOS file management app (file explorer)
○ Dock
Used for managing applications from the desktop (taskbar)
○ Spotlight
■ Search function
○ .pkg (Package)
macOS installer that supports complex setup tasks using a setup wizard
○ .dmg (Disc Image)
macOS installer for copying self-contained apps to an app folder
● Mission Control
○ Enables the user to set up multiple virtual desktops with different sets of
applications and backgrounds
● File Vault
○ Disk encryption tool that encrypts the data that’s stored on the hard drive or
solid-state device
● Remote Disc
○ Utility that allows to access an optical disc drive over the network
○ Most Mac computers don’t have an internal optical drive
○ One requires CD or DVD drive installed on the network
● Keychain
○ Application designed to help manage passwords for all the different accounts
● iCloud and Apple ID
○ Apple’s online storage solution for all its users
● System Preferences
○ Provides a centralized and standard location for mail, contacts, calendar, photos,
notes, reminders, and more
○ The free account gives 5GB worth of storage
■ Apple ID
● Account with Apple used across the entire Apple ecosystem
○ Mac App Store
■ Central area that Apple and developers can use to distribute free and
paid apps
● Best Practices for macOS
○ Antivirus
○ Backups
○ Updates
○ Force quit apps
○ Always have antivirus or antimalware on the system
○ Mac doesn’t run the same types of software as Windows
○ There is no built-in antivirus software for Mac system
○ Apple Business Manager
■ Supervises the use of macOS systems, restricts which apps can be
installed, locates any systems, and ensures they’re up to date with the
latest security patches
○ ls
■ Used for listing file system objects
○ pwd
■ Used to print the current directory
○ cd
■ Used to change the directories
○ mv
■ Used to move files from one location to another
○ cp
■ Used to copy files from one location to another
○ rm
■ Used to delete files
■ The mv, cp, and rm commands are used in both files and directories in
Linux
○ df
■ Used to display the amount of free disk space
○ du
■ Used to estimate the file space usage
○ nano
■ Easy to use command line text editor
○ vi
■ Old command that supports modal editing
○ vim
Supports normal, visual, insert, and command line mode
○ pico
Text editor that provides less features and less complexity
○ cat
Used to create, view, or concatenate files
○ find
Used to search the file system or directory
○ grep
■ Used to search for characters within the specified file using regular
expressions
○ su
■ Used to switch users
○ sudo
■ Used to switch to the root user
○ usermod
■ Used to modify the user’s account
○ userdel
■ Used to delete a user’s account
○ passwd
■ Used to change or reset the password of the user’s account
○ groupadd
■ Used to add a new group
○ groupmod
■ Used to modify a group
○ groupdel
■ Used to delete a group
○ chmod
■ Used to change the access permissions
○ chown
Used to change the owner
○ apt-get
■ Used to install and remove software on Debian
○ yum
Used to install and remove software on Red Hat
○ dnf
■ Updated version of yum command and used to install and remove
software on Red Hat
○ rpm
Low-level tool that is used to install and remove software on Red Hat
○ ps
■ Used to display a list of currently running processes
○ top
Task manager that is used to display information about CPU and memory
○ ip
■ Used for configuring network interfaces
○ ping
Used to test a host’s reachability on an IP-based network
○ traceroute
■ Used to display the route and transmit time across an IP-based network
○ dig
■ Used to query the DNS to get information about the different DNS
records
○ man
■ Used for accessing and searching online reference manuals
○ –help
■ Written after the name of a command to give information on how to use
a specific command
○ Samba
Cross-platform file sharing protocol that supports the SMB
○ ls
■ Used for listing file system objects
○ pwd
Used to print the current directory
○ cd
■ Used to change the directories
○ mv
■ Used to move files from one location to another
○ cp
■ Used to copy files from one location to another
○ rm
■ Used to delete files
○ df
■ Used to display the amount of free disk space
■ Shows
● Free space
● Filesystem
● Total size
● Space used
● % used
● Mount point
○ du
■ Used to estimate the file space usage
■ The du command shows the disk usage and how the device is used
○ Nano and Pico are both considered visual editors and are easy for anyone to use
■ nano
● Easy to use command line text editor
■ pico
● Text editor that provides less features and less complexity
○ VI and VIM are more difficult to use, but they have a lot more capabilities if you
can use them
■ vi
● Old command that supports modal editing
■ vim
● Supports normal, visual, insert, and command line mode
● Text Manipulation
○ The cat command is used for concatenating or displaying the contents of a file to
the screen
○ Find
■ Search for a file
■ Used to search the file system or directory
○ grep
■ Used to search for characters within the specified file using regular
expressions
■ Search for content within a file
○ su
■ Used to switch users
○ sudo
■ Used to switch to the root user
○ usermod
Used to modify the user’s account
○ userdel
■ Used to delete a user’s account
○ passwd
Used to change or reset the password of the user’s account
○ groupadd
■ Used to add a new group
○ groupmod
■ Used to modify a group
○ groupdel
■ Used to delete a group
○ chmod
■ Used to change the access permissions
○ chown
Used to change the owner
○ apt-get
Used to install and remove software on Debian
○ yum
Used to install and remove software on Red Hat
○ dnf
■ Updated version of yum command and used to install and remove
software on Red Hat
○ rpm
Low-level tool that is used to install and remove software on Red Hat
● Resource Management Commands
○ PS and top are the two commands you should be aware of for resource
management
○ ps
■ Used to display a list of currently running processes
○ top
■ Task manager that is used to display information about CPU and memory
○ ip
■ Used for configuring network interfaces
○ ping
■ Used to test a host’s reachability on an IP-based network
○ traceroute
Used to display the route and transmit time across an IP-based network
○ dig
■ Used to query the DNS to get information about the different DNS
records
○ man
■ Used for accessing and searching online reference manuals
○ –help
■ Written after the name of a command to give information on how to use
a specific command
○ Update and patch systems
■ Debian based systems use the apt-get command
■ Red Hat based systems use the rpm, yum, or dnf commands
○ Use an antivirus program
■ Linux and Windows malware do not affect each other’s systems
■ There are Linux viruses
■ Linux is more secure, but it isn’t risk-free
○ Use an antivirus program
■ Options
● Clam AntiVirus
● Snort
● Any IDS/IPS
○ Make regular backups
■ Use a Task Scheduler
■ Cron is a Linux scheduling service
■ Backups will generally result in a tar or gzip package
○ Samba
■ Integrate Linux into a Windows environment
○ Install samba on a Linux device to communicate with a Windows host or server
○ Threat
Person or event with the potential to have an impact on a valuable
resource
○ Vulnerability
■ Quality within a resource or its environment that might allow a threat to
be realized
○ Risk
■ The likelihood of a threat exploiting a vulnerability
■ A threat without a matching vulnerability has no risk
○ Information Security
■ Protects data and information from unauthorized access
■ Protects the data itself
○ Information System Security
■ Protects the systems that hold and process critical data
■ Protects the entire system in which the data exists
○ Internal Threat
■ Threats that originate within the organization
○ External Threat
Threats that come from outside of the organization
○ Confidentiality
■ How secure the information is
■ Relies on
● Physical protection
● Electronic protection
○ Encryption
○ Integrity
■ How correct the information is?
■ Has it been modified during transit, retrieval, or storage
○ Integrity
■ Tools
● Hashing
○ Put data through a one-way encryption algorithm that
gives us a unique digital fingerprint
● Checksums
○ Used for data in transit
○ Availability
■ How much uptime is the system providing?
■ Best method to accomplish availability is a redundant system design
■ Have good backup strategies and disaster recovery plans
■ Relies on Redundancy
○ Balance between Security and Operations
■ Always a trade-off
■ As security increases, usability often decreases
○ Vulnerability
■ Flaw or weakness within a system that can be exploited
○ Threat Actor
■ Any person or organization that intentionally causes harm
○ Non-compliant systems
■ System that is not on the baseline of what is approved by the
organization
■ Configuration baseline
● A set of recommendations for deploying a computer in a
hardened configuration
○ Unpatched systems
■ Systems without patches and updates
■ Unpatched systems are vulnerable to exploits that the available patches
mitigate
○ Unprotected systems
■ Systems not protected by any antivirus, anti-malware, or firewall
■ Operating systems often have a firewall built into them
○ EOL Operating Systems
■ An operating system that the manufacturer stops providing security
patches for
■ Not protected against new vulnerabilities (those that are not already
patched)
■ An EOL operating system should be upgraded to a newer system if
possible
Examples of EOL Operating Systems
● Windows XP
● Windows Vista
● Windows 7
○ BYOD
■ Bring Your Own Device
■ A policy that allows users to use their personal devices in the office
environment
■ Can lead to unpatched or unprotected system being connected to the
system
○ Zero-day Vulnerability
■ Vulnerability that is discovered or exploited before the vendor can issue a
patch to fix it
○ Bug Bounty programs used to find zero-day vulnerabilities
○ Zero-day exploit
■ Is an unknown exploit that exposes a previous unknown vulnerability
○ Zero-day malware
■ The malware used to exploit the vulnerability
○ DoS (Denial of Service)
■ Used to describe an attack that attempts to make a computer or server’s
resources unavailable
○ Flood Attack
■ Specialized type of DoS that attempts to send more packets to a server or
host
Ping Flood
● Happens when too many pings (ICMP echo) are being sent
■ SYN Flood
● Attacker initiates multiple TCP sessions but never completes the
three-way handshake
■ Flood attacks can be mitigated with
● Flood Guards
● Time Outs
● Intrusion Prevention
○ Permanent Denial of Service (PDoS)
■ Attack that exploits a security flaw to permanently break a networking
device by re-flashing its firmware
■ Rebooting won’t bring the system back online
○ Fork Bomb
■ Attack that creates many processes to use up the available processing
power of a computer
■ Not a worm because it doesn’t infect the programs
○ Distributed Denial of Service (DDoS)
■ Uses lots of machines to attack a server to create a DoS
○ DNS Amplification
■ Allows an attacker to send packets to flood the victim’s website to
initiate DNS requests
■ Blackhole/Sinkhole
● Identifies attacking IP addresses and routes them to a nonexistent server through the null interface
■ Intrusion Prevention
● Identifies and responds to small-scale DoS attacks
■ Elastic Cloud Infrastructure
● Scales up when demand increases
DOS Prevention - Software
● Cloudflare
● Akamai
● Spoofing
○ Occurs when an attacker masquerades as another person by falsifying their
identity
○ IP Spoofing
■ Modifies the source address of an IP packet to hide the identity of the
sender or impersonate another client
■ Is focused on Layer 3 of the OSI model
○ MAC Spoofing
■ Changing the MAC address to pretend the use of a different network
interface card or device
■ MAC Spoofing will allow an attacker to get around MAC Filters
● MAC filters rely on lists of known MAC addresses
○ ARP Spoofing
■ Sending falsified ARP messages over a local area network
■ Can be used as a precursor to other attacks
○ On-Path Attack
■ When an attacker puts themselves between the victim and the intended
destination
■ Also known as a Man-in-the-Middle attack
○ On-Path Attack
■ Can be done by
● ARP poisoning
● DNS poisoning
● Introducing a rogue WAP
● Introducing a rogue hub or switch