a+ part 2 (220-1002)
TRANSCRIPT
A+ Part 2 (220-1002)Project WorkbookFirst Edition
LearnKey provides on-demand training courses and online learning solutions to education government business and individuals world-wide With dynamic video-based courseware and effective learning management systems LearnKey provides expert instruction for popular computer software technical certifications and application development LearnKey delivers interactive courses online For a complete list of courses visit
httpwwwlearnkeycom
All rights reserved No part of this book may be reproduced or transmitted in any form or by any means now known or to be invented electronic or mechanical including photocopying recording or by any information storage or retrieval system without written permission from the author or publisher except for the brief inclusion of quotations in a review
copy 2019 LearnKey wwwlearnkeycom
104629
3 | A+ Part 2 (220-1002) Project Workbook
Table of ContentsA+ Part 2 (220-1002) ________________________________________________________________________2Using This Workbook ________________________________________________________________________7Best Practices Using LearnKeyrsquos Online Training _____________________________________________________8Skills Assessment ___________________________________________________________________________9A+ Part 2 (220-1002) Time Tables ______________________________________________________________11
Domain 1Fill-in-the-Blanks Domain 1 ___________________________________________________________________1332-Bit vs 64-Bit Operating Systems _____________________________________________________________15Desktop and Mobile Operating Systems _________________________________________________________16Features of Windows Versions _________________________________________________________________17Boot Methods for Installation _________________________________________________________________18Installation Types __________________________________________________________________________19Partitioning ______________________________________________________________________________21File Systems and Formats ____________________________________________________________________22The Final Installation Steps ___________________________________________________________________24File and Folder Commands ___________________________________________________________________26Using Network and Shutdown Commands _______________________________________________________28Imaging and Disk Commands _________________________________________________________________29Task Policy and Format Commands ____________________________________________________________30Copy Commands __________________________________________________________________________31Net and Help Commands ____________________________________________________________________32Introducing Administrative Tools _______________________________________________________________33Using System Configuration __________________________________________________________________35Using Task Manager ________________________________________________________________________36Using Disk Management to Add Disks ___________________________________________________________38Working with Disk Partitions _________________________________________________________________40Using Arrays and Storage Spaces _______________________________________________________________41System Utilities ___________________________________________________________________________42Using the Microsoft Management Console ________________________________________________________44Using DxDiag ____________________________________________________________________________45Internet Options __________________________________________________________________________46Controlling Display Settings __________________________________________________________________48Configuring User Accounts ___________________________________________________________________49Folder Options ___________________________________________________________________________50Using the System Applet _____________________________________________________________________51Setting Power Options ______________________________________________________________________52Credential Manager and Programs and Features ____________________________________________________53Devices and Printers _______________________________________________________________________54Controlling Sound _________________________________________________________________________55Troubleshooting ___________________________________________________________________________56Device Manager ___________________________________________________________________________57BitLocker and Sync Center ___________________________________________________________________58System and OS Requirements and Installation Methods ______________________________________________59
4 | A+ Part 2 (220-1002) Project Workbook
FolderFile Access _________________________________________________________________________60Security Considerations _____________________________________________________________________61Peer-to-Peer Networks _____________________________________________________________________62Joining a Computer to a Domain _______________________________________________________________64Setting Up and Mapping to Shares ______________________________________________________________65Printer Sharing and Mapping __________________________________________________________________67Establishing Network Connections _____________________________________________________________68Controlling Proxy Settings ___________________________________________________________________69Using Remote Desktop Connections ___________________________________________________________70Network and Sharing Center _________________________________________________________________72Using Windows Firewall _____________________________________________________________________73Configuring an Alternative IP Address ___________________________________________________________74Network Card Properties ___________________________________________________________________75Mac Best Practices _________________________________________________________________________76Mac Tools _______________________________________________________________________________78Mac Features _____________________________________________________________________________80Linux Commands __________________________________________________________________________82
Domain 2Fill-in-the-Blanks Domain 2 ___________________________________________________________________85Physical Security __________________________________________________________________________87Active Directory Concepts ___________________________________________________________________89Software Tokens and MDM Policies _____________________________________________________________90Port Security MAC Address Filtering and Certificates _______________________________________________91AntivirusAntimalware and Firewalls ____________________________________________________________92Passwords and Multifactor Authentication ________________________________________________________93Directory Permissions ______________________________________________________________________94VPN DLP ACLs and Smart Cards ______________________________________________________________95Email Filtering and Trusted or Untrusted Software Sources ____________________________________________96Principle of Least Privilege ___________________________________________________________________97WEP WPA WPA2 TKIP and AES _______________________________________________________________98Authentication Factors and Servers _____________________________________________________________99Types of Malware _________________________________________________________________________100Malware Tools and Methods _________________________________________________________________101Common Security Threats and Vulnerabilities _____________________________________________________102Windows Users and Groups_________________________________________________________________104NTFS vs Share Permissions _________________________________________________________________105File Attributes ___________________________________________________________________________107Shared Files and Folders ____________________________________________________________________108Other Basic Windows OS Security Settings ______________________________________________________110BitLocker and BitLocker To Go _______________________________________________________________111Using Encrypting File System (EFS) ____________________________________________________________113Password Best Practices ____________________________________________________________________114Account Management______________________________________________________________________115Basic Active Directory Functions ______________________________________________________________116Other Security Best Practices ________________________________________________________________117
5 | A+ Part 2 (220-1002) Project Workbook
Setting Screen Locks on Mobile Devices ________________________________________________________118Remote Applications on Mobile Devices ________________________________________________________119Authentication Types and Restrictions __________________________________________________________120Other Mobile Device Security Methods _________________________________________________________121Physical Destruction _______________________________________________________________________122Recycling or Repurposing Best Practices ________________________________________________________123Wireless Security in SOHO Networks _________________________________________________________124Securing SOHO Networks __________________________________________________________________125
Domain 3Fill-in-the-Blanks Domain 3 __________________________________________________________________128Windows OS Problems ____________________________________________________________________130Defragment a Hard Drive ___________________________________________________________________132Reboot Kill Tasks and Restart Services _________________________________________________________133Update Network Settings ___________________________________________________________________134ReimageReload OS _______________________________________________________________________135Roll Back Updates and Device Drivers _________________________________________________________136Apply Updates Repair Applications and Update Boot Order _________________________________________137Disable Windows Services Applications and Application Startup _______________________________________138Safe Boot and Windows Profiles ______________________________________________________________139Common PC Security Issues _________________________________________________________________140Best Practices for Malware Removal ___________________________________________________________142Common Mobile Operating System Issues _______________________________________________________143Mobile OS and Application Security Issues _______________________________________________________145
Domain 4Fill-in-the-Blanks Domain 4 __________________________________________________________________148Documentation Best Practices _______________________________________________________________150Documented Business Processes _____________________________________________________________151Plan for Change __________________________________________________________________________152Approvals and Backout Plans ________________________________________________________________153Backup and Recovery ______________________________________________________________________154UPS and Surge Protectors __________________________________________________________________155Storage Backups and Account Recovery Options __________________________________________________156Equipment Grounding _____________________________________________________________________157Proper Component Handling and Storage _______________________________________________________158Personal Safety __________________________________________________________________________160Material Safety Data Sheet __________________________________________________________________161Power Surges Brownouts and Blackouts ________________________________________________________162Keeping a Solid Work Environment ____________________________________________________________163Incident Response ________________________________________________________________________164Software Licensing ________________________________________________________________________165Regulated Data and Best Practices ____________________________________________________________166Using Proper Communication Techniques _______________________________________________________167Showing Professionalism ____________________________________________________________________168Script File Types __________________________________________________________________________170Environment Variables and Comment Syntax _____________________________________________________171
6 | A+ Part 2 (220-1002) Project Workbook
Basic Script Constructs ____________________________________________________________________172RDP Telnet and SSH _______________________________________________________________________173Third-Party Tools and Security Considerations ____________________________________________________174
AppendixA+ Part 2 (220-1002) Suggested Study Plan ______________________________________________________176A+ Part 2 (220-1002) Domain 1 Outline _______________________________________________________199A+ Part 2 (220-1002) Domain 1 Outline - Conrsquot __________________________________________________200A+ Part 2 (220-1001) Domain 2 Outline _______________________________________________________201A+ Part 2 (220-1001) Domain 2 Outline - Contrsquod _________________________________________________202A+ Part 2 (220-1002) Domain 3 Outline _______________________________________________________203A+ Part 2 (220-1002) Domain 4 Outline _______________________________________________________204
7 | A+ Part 2 (220-1002) Project Workbook
Using This WorkbookThis project workbook contains practice projects and exercises to reinforce the knowledge you have gained through the video portion of the A+ Part 2 (220-1002) course The purpose of this workbook is twofold First to get you further prepared to pass the second of the two exams needed to get your A+ certification Secondly to get you job-ready skills and increase your employability in the IT field specifically for a computer technician or similar position
This project workbook is versatile in that the projects follow the order of the video portion of this course You can complete the workbook exercises as you go through each section of the course complete several of these at the end of each session or complete them after viewing the entire course The key is to go through these projects as they will help strengthen and solidify your knowledge of this course
Each project is mapped to a specific video (or videos) in the course and specific test objectives The materials you will need for this course include
bull Hardware to practice with including a smartphone tablet laptop and desktopbull An avenue in which virtual machines can be deployedbull Images of Windows 7 8 81 and 10 to practice with (especially Windows 10)bull An image of Linux (Ubuntu is used in this course)
Benefits bull Learn what it takes to be a computer technician while getting the second half of your A+ certificationbull View your online courseware anytime and anywherebull Put your skills to the test with dozens of PrePost test questions and practice labs
8 | A+ Part 2 (220-1002) Project Workbook
Best Practices Using LearnKeyrsquos Online TrainingLearnKey offers video-based training solutions which are flexible enough to accommodate the private student as well as educational facilities and organizations
Our course content is presented by top experts in their respective fields and provides clear and comprehensive information The full line of LearnKey products has been extensively reviewed to meet superior standards of quality The content in our courses has also been endorsed by organizations such as Certiport CompTIAreg Cisco and Microsoft However it is the testimonials given by countless satisfied customers that truly set us apart as leaders in the information training world
LearnKey experts are highly qualified professionals who offer years of job and project experience in their subjects Each expert has been certified in the highest level available for their field of expertise This provides the student with the knowledge necessary to also obtain top-level certifications in the field of their choice
Our accomplished instructors have a rich understanding of the content they present Effective teaching encompasses not only presenting the basic principles of a subject but understanding and appreciating organization real-world application and links to other related disciplines Each instructor represents the collective wisdom of their field and within our industry
Our Instructional TechnologyEach course is independently created based on standard objectives provided by the manufacturer for which the course was developed
We ensure that the subject matter is up-to-date and relevant We examine the needs of each student and create trainingthat is both interesting and effective LearnKey training provides auditory visual and kinesthetic learning materials to fit diverse learning styles The following are three levels of implementation
Course Training ModelThe course training model allows students to proceed through basic training building upon primary knowledge and concepts to more advanced application and implementation In this method students will use the following toolset
Pre-assessment The pre-assessment is used to determine the studentrsquos prior knowledge of the subject matter Itwill also identify a studentrsquos strengths and weaknesses allowing the student to focus on the specific subject matterheshe needs to improve most Students should not necessarily expect a passing score on the pre-assessment as it isa test of prior knowledge
Video training session Each course of training is divided into sessions that are approximately two hours inlength Each session is divided into topics and subtopics As this is a test prep course there is only one session in this course
Practice Labs In addition to the video training there are practice labs available for students to use to reinforce the skills learned in the video training portion of the course
Post test The post test is used to determine the studentrsquos knowledge gained from interacting with the training Intaking the post test students should not consult the training or any other materials A passing score is 80 percentor higher If the individual does not pass the post test the first time it is taken LearnKey would recommend theincorporation of external resources such as the workbook and additional customized instructional material
9 | A+ Part 2 (220-1002) Project Workbook
Instructions Rate your skills on the following tasks from 1-5 (1 being needs improvement 5 being excellent)
Skills 1 2 3 4 5Compare and contrast common operating system types and their purposes
Compare and contrast features of Microsoft Windows versions
Summarize general OS installation considerations and upgrade methods
Given a scenario use appropriate Microsoft command line tools
Given a scenario use Microsoft operating system features and tools
Given a scenario use Microsoft Windows Control Panel utilities
Summarize application installation and configuration concepts
Given a scenario configure Microsoft Windows networking on a clientdesktopGiven a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
Summarize the importance of physical security measures
Explain logical security concepts
Compare and contrast wireless security protocols and authentication methodsGiven a scenario detect remove and prevent malware using appropriate tools and methods
Compare and contrast social engineering threats and vulnerabilities
Compare and contrast the differences of basic Microsoft Windows OS security settingsGiven a scenario implement security best practices to secure a workstation
Given a scenario implement methods for securing mobile devices
Given a scenario implement appropriate data destruction and disposal methodsGiven a scenario configure security on SOHO wireless and wired networks
Given a scenario troubleshoot Microsoft Windows OS problems
Given a scenario troubleshoot and resolve PC security issues
Given a scenario use best practice procedures for malware removal
Given a scenario troubleshoot mobile OS and application issues
Given a scenario troubleshoot mobile OS and application security issuesCompare and contrast best practices associated with types of documentation
Skills Assessment
10 | A+ Part 2 (220-1002) Project Workbook
Skills 1 2 3 4 5
Given a scenario implement basic change management best practices
Given a scenario implement basic disaster prevention and recovery methods
Explain common safety procedures
Explain environmental impacts and appropriate controls
Explain the processes for addressing prohibited contentactivity and privacy licensing and policy conceptsGiven a scenario use proper communication techniques and professionalism
Identify the basics of scripting
Given a scenario use remote access technologies
11 | A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1002) Time Tables
Domain 1 Actual TimeCompare and Contrast Operating Systems
000659
Windows Versions 000822OS Installation and Upgrade Methods 001942Windows Command Line Tools 001934Operating System Features and Tools 003454Control Panel Utilities 002438Application Installation Concepts 000410Windows Networking Configuration 001822MAC Features 001244Basic Linux Commands 001038
Total Time 024003
Domain 2 Actual TimePhysical Security Measures 000551Logical Security Concepts 001842Wireless Security Protocols 000408Detect Remove and Prevent Malware 001056Threats and Vulnerabilities 001251Windows OS Security Settings 001414Workstation Security Best Practices 001548Securing Mobile Devices 001131Destruction and Disposal Methods 000433SOHO Network Security 001109
Total Time 014943
Domain 3 Actual TimeWindows OS Troubleshooting 002127Troubleshoot PC Security Issues 001039
Malware Removal Best Practices 000450
Common Mobile Device Symptoms 001040
Mobile OS and App Security Issues 000811
Total Time 005547
Domain 4 Actual TimeDocumentation Best Practices 000431Change Management Best Practices 000657Disaster Prevention and Recovery 000647Common Safety Procedures 000340Personal Safety 000245Environmental Impacts and Controls 000641Licensing Privacy Prohibited Content 001103Communication and Professionalism 001206Scripting Basics 000650Remote Access Technologies 000330Final Thoughs 000130
Total Time 010620
12 | Appendix A+ Part 2 (220-1002) Project Workbook
13 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Fill-in-the-Blanks Domain 1Instructions While watching Domain 1 fill in the missing words according to the information presented by the instructor [References are found in the brackets]
Compare and Contrast Operating Systems
1 A 32-bit operating system will never use more than of RAM [32-Bit vs 64-Bit]
2 Vendors will not provide security updates for an operating system once it has reached the stage [End-of-Life and Update Limitations]
Windows Versions
3 Windows 7 edition is a 32-bit only operating system [Windows 7 Features]
4 BitLocker is used to encrypt entire while EFS encrypts files and [BitLocker EFS]
OS Installation and Upgrade Methods
5 The two most common operating system installations for homes and small businesses are
upgrades and installs [Installation Types]
6 A hard drive using MBR can have up to four partitions [Partitioning]
7 After a Windows installation check to see if any drivers are needed for peripherals [Drivers and Updates]
8 Windows cannot upgrade directly to Windows 10 [OS CompatibilityUpgrade Path]
Windows Command Line Tools
9 Dir and cd commands are commands [Dir Cd]
10 Any command with a on the end of it will show the help for that command [Help on Commands]
11 sfc and chkdsk are commands that must be run under an elevated command prompt [Standard vs Administrative Privileges]
Operating System Features and Tools
12 Computer Management is a tool that serves as a gateway to several system [Computer Management and Device Manager]
13 Task Manager is used to show running and processes and monitor system resources [Task Manager]
14 Drive statuses can be checked using the tool [Drive Status and Mounting]
15 Extending a partition will increase the of the partition [Extending Partitions]
16 The Windows registry has five of information that store system preferences and settings [Regedit]
14 | Domain 1 A+ Part 2 (220-1002) Project Workbook
17 System Restore is a tool used to Windows to a prior state [System Restore]
Control Panel Utilities
18 The contains options for network and Internet settings security programs troubleshooting and other app and tool settings [Internet Options]
19 The two main types of user accounts on Windows systems are and
[User Accounts]
Application Installation Concepts
20 When installing software the three most important factors are drive space and operating system compatibility [System and OS Requirements]
21 When installing software security considerations need to be made for the impact to a and the impact to the network [Security Considerations]
Windows Networking Configuration
22 A HomeGroup or workgroup is a peer-to-peer network while a is a clientserver network [HomeGroup vs Workgroup]
23 With a network setting on a Windows device others cannot see the device or information on the device [Network Settings]
Mac Features
24 The Terminal app on a Mac allows one to run [ShellTerminal]
Basic Linux Commands
25 The ls and cd commands are commands in Linux [ls]
15 |Domain 1 A+ Part 2 (220-1002) Project Workbook
32-Bit vs 64-Bit Operating SystemsWhen installing Windows one of the first determinations to make is whether to install a 32-bit version of Windows or a 64-bit version of Windows The vast majority of computers can easily handle a 64-bit installation The determining factor for support is the CPU If the CPU is a 32-bit CPU only 32-bit Windows installations are possible If the CPU supports 64-bit installations a 64-bit Windows installation is possible
The biggest advantages to a 64-bit Windows installation arebull 64-bit CPUs can process many more instructions simultaneously than that of 32-bit
CPUsbull Applications built for 64-bit processors can run at maximum capacitybull 64-bit operating systems can support up to 17 exabytes of RAM while 32-bit
operating systems can only support up to 4 GB of RAMWhile a 32-bit operating system can be installed on a 64-bit CPU the reverse is not true The same goes for apps 32-bit apps can be installed on either a 32-bit or 64-bit operating system
PurposeAfter completing this project you will know how to see whether a 32-bit or 64-bit operating system is installed
Steps for Completion1 On a Windows 7 8 81 or 10 device access the System Information screen2 Is your device running a 32-bit or 64-bit version of Windows
3 A technician notices that a device has 8 GB of RAM but is only showing that it has 4 GB of RAM What is the most likely reason for this
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Compare and Contrast Operating SystemsSubtopic 32-Bit vs 64-Bit Software Compatiblity
Objectives Covered1 Operating Systems
11 Compare and contrast common operating system types and their purposes
111 32-bit vs 64-bit1111 RAM limitations1112 Software compatibility
16 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Desktop and Mobile Operating SystemsThe A+ exam focuses on three main desktop operating systems For the exam you will want to know when Windows Mac OS and Linux are recommended for use Windows is not recommended for any particular reason except that it is by far the most popular operating system in use Mac OS is most popular with those who specialize in graphic design and audio and video editing People who prefer an open source operating system will gravitate toward Linux
For mobile operating systems make sure to understand the differences among Windows Android iOS and Chrome OS specifically knowling that Android is an open operating system hence its multiple iterations on mobile devices from different companies
For any operating system whether desktop or mobile one should pay attention to the end-of-life date for the system This is the date in which the operating system is no longer supported and for that reason should be upgraded Operating systems in the end-of-life stage have no official support meaning no more updates and no more patches against what will be an increasing number of security vulnerabilities
PurposeAfter completing this project you will know how to see whether a 32-bit or 64-bit operating system is installed
Steps for Completion1 A customer wants to be able to customize an operating system as much as possible
Which operating system should the customer get2 A customer does a lot of graphic design and video editing Which operating system
best suits this customer 3 Which mobile operating system is the most customizable among mobile operating
systems 4 What does one need to look out for regarding end-of-life dates with Windows 10
5 Which disk file format is compatible with both Windows and MacOS
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Compare and Contrast Operating SystemsSubtopic Microsoft Windows Apple Macintosh OS Linux Tablets End-of-Life and Update Limitations Compatibility Concerns
Objectives Covered1 Operating Systems
11 Compare and contrast common operating system types and their purposes
112 Workstation operating systems1121 Microsoft Windows1122 Apple Macintosh OS1123 Linux
113 Cell phonetablet operating systems
1131 Microsoft Windows1132 Android1133 iOS1134 Chrome OS
114 Vendor-specific limitations1141 End-of-life1142 Update limitations
115 Compatibility concerns between operating systems
17 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows VersionsSubtopic Windows 7 Features Windows 8 and 81 Features Windows 10 Features Domain Access BitLocker Media Center and BranchCache EFS Desktop Styles
Objectives Covered1 Operating Systems
12 Compare and contrast features of Microsoft Windows versions
121 Windows 7122 Windows 8123 Windows 81124 Windows 10125 Corporate vs personal needs
1251 Domain access1252 BitLocker1253 Media center1254 BranchCache1255 EFS
126 Desktop stylesuser interface
Features of Windows VersionsThis version of the A+ exam covers the four current versions of Windows 7 8 81 and 10 For the exam make sure you know the distinguishing features of each version of Windows Fortunately the core of each operating system is similar Differences appear mostly in the form of interface changes (Start menu vs tiles for example) and that in Windows 10 the Settings tool does many Windows tasks available only through the Control Panel in previous Windows versions
Note At this point if you have access to all four Windows versions via virtual machines you will get optimal practice through this and other projects
Among the different versions of Windows the Professional and higher editions can join a domain and run encryption tools such as BitLocker and EFS BranchCache which allows network content to be cached on a local hard drive is available on Enterprise or higher editions of Windows Windows 7 uses a traditional Start menu Windows 8 and 81 use tiles to display shortcuts to apps and features and Windows 10 has a combination of both a Start menu and tiles
PurposeAfter completing this project you will have a better understanding of features among the different versions of Windows
Steps for Completion1 Which version of Windows 7 is only available in 32-bit
2 Which feature was removed in Windows 8 but put back in Windows 81
3 What is the name of the voice-activated feature in Windows 10
4 Which was the last version of Windows officially to have Windows Media Center
5 Which version of Windows has both a Start menu and app shortcuts on tiles
6 If you have a Windows device that can join a domain join it to a domain7 If you have a Professional or higher edition of Windows enable BitLocker on your C
drive8 If you have a Professional of higher edition of Windows do the following
a Create a new folder on your C drive and name it EFS Filesb Encrypt the folder using EFS
18 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Boot Methods for InstallationWhen planning a Windows installation whether it is for one computer or thousands of computers or somewhere in between the first determination to make is the boot method one will use to perform the installation Here are some boot methods and situations in which these methods are typically used each with the goal of using the default Windows image or a custom image to deploy Windows
Boot Method When it is typically usedOptical discs CD-ROMs only hold 700 MB of data and even many Linux
installations are upwards of 1 GB so CD-ROMs are rarely used DVDs are used for installations to where the installation files are 45 GB or less Blu-ray Discs can be used but this is rare
USBeSATA Most flash drives are large enough to hold a Windows installation image The BIOS must be set to boot the USB for this installation method to work The same holds true for eSATA drives
Preboot Execution Environment (PXE)
A method used to deploy Windows over a network especially for a large number of machines A computer using PXE needs a network card and PXE boot needs to be enabled in the BIOS
Internal fixed disks An installation image can be used from the same disk on which the installation will reside However this usually involves having the image on a separate partition than that of the partition on which Windows will be installed
If installing Windows from an internal drive the Sysprep tool may need to be run on the system after the installation is complete Sysprep gives a computer a unique security identifier (SID) Sysprep should also be run on a system used to create a Windows image before the image is captured
PurposeAfter completing this project you will have a better understanding of which boot method to use given an installation scenario
Steps for Completion1 For each situation identify the boot method which should be used to start a
Windows installation a A technician needs to install the same image of Windows 81 to a network of
200 computers b One user needs Windows 10 The userrsquos laptop does not have an optical disc
drive
c Two computers need Windows 7 d A user wants to keep the installation image on the same disk as the installation
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic OS Installation and Upgrade MethodsSubtopic Boot Methods
Objectives Covered1 Operating Systems
13 Summarize general OS installation considerations and upgrade methods
131 Boot methods1311 Optical disc(CD-ROM DVD Blu-ray)1312 External driveflash drive (USBeSATA)1313 Network boot (PXE)1314 Internal fixed disk (HDDSSD)1315 Internal hard drive (partition)
19 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Installation TypesOnce a boot method is determined for an installation the next determination to make is the type of installation to take place Many installations will take place as brand new installations but there are several other types of installations Here is a list of common Windows installations along with the situations in which these installations are used
Installation Type When It Is UsedUnattended installation This installation method is used when the same image is going to be deployed to a large number of
machines An answer file is created and used to answer questions automatically which come up during the installation such as keyboard type and default language The answer file can also allow or block features such as games Often the answer file is created using the System Image Manager (SIM) inside of the Windows Automated Installation Kit (WAIK)
In-place upgrade Make sure the current operating system has the latest service pack before upgrading Installing a new operating system on top of the previous operating system will move the previous operating system files to a Windowsold directory Running Disk Cleanup after the installation will delete the Windowsold directory Windows 7 and 81 can be upgraded to Windows 10 Windows 8 must be upgraded to 81 before it can be upgraded to Windows 10 When upgrading the general rule is that the edition must stay the same For example Windows 7 Professional can be upgraded to Windows 10 Professional but not Windows 10 Enterprise
Clean install The most common install This install does not save settings or files from any previous installations The two types of clean installs areBare metal An installation on a machine with no previously installed operating systemInstall on existing system A fresh installation overriding an existing operating system
Repair installation On the first installation screen choose the Repair Windows option This will run in a similar mode to an in-place upgrade With this installation the goal is to repair or replace corrupted system files Existing Windows data will be moved to a Windowsold folder
Multiboot Also known as a dual boot In this setup two or more operating systems are installed on the same machine At boot time the user will make a choice as to which operating system to boot Install the operating systems on different partitions Install the newest operating system last If this is a WindowsLinux combination always install Windows first
Remote network installation
The installation will start from a network share usually in the form of a Universal Naming Convention (UNC) as indicated with a servershare notation The network speeds need to be fast in order for the installation to work well A speed of 10 Gbps is recommended The remote network installation can also start from a PXE boot so long as that boot type is supported in a system BIOS
Image deployment All Windows installations for Windows 7 and newer start with an image of the operating system The image can be the default image (installwim) on the DVD or it can be a custom image containing specific hardware drivers and applications The image needs to first be captured and then it can be deployed to multiple machines
Recovery partition This is an extra partition on a hard drive holding the original image for the computer A recovery image could also be on a DVD instead of the hard drive Running the recovery will usually erase any existing data on the hard drive
Refreshrestore A refresh installation is done when a system wonrsquot boot up properly and you suspect one or more system files have become corrupt You actually have two options in Windows 8 and 10 reset or refresh Refresh looks for and replaces system files Reset will keep your files but you will need to reinstall all of your apps At least you will get a list of apps you need to reinstall The final type of installation we can do for repair is a system restore This will restore your system back to a restore point and is often used when a recent change or installation is the cause of your system instability
At the end of this project you will have a better idea on which installation type to use given an installation scenario
Steps for Completion1 For each situation indicate which installation type you will use for installing Windows
a Windows is installed on the machine but cannot boot due to boot errors b The same image needs to be deployed to multiple machines without users having to answer questions during the installation
20 | Domain 1 A+ Part 2 (220-1002) Project Workbook
c A Windows 8 machine needs Windows 81 on it and the userrsquos files need to be
preserved d Windows 7 and Windows 81 both need to be installed on a test machine
e For the machine needing both Windows 7 and Windows 81 which operating
system should be installed first
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic OS Installation and Upgrade MethodsSubtopics Installation Types Image Deployment and Recovery Partition RefreshRestore
Objectives Covered1 Operating Systems
13 Summarize general OS installation considerations and upgrade methods
132 Type of installations1321 Unattended installation1322 In-place upgrade1323 Clean install1324 Repair installation1325 Multiboot1326 Remote network installation1327 Image deployment1328 Recovery partition1329 Refreshrestore
21 |Domain 1 A+ Part 2 (220-1002) Project Workbook
PartitioningOne choice to make when installing Windows is the disk partition on which the installation will take place By default Windows will want to install on the main partition (and usually the only partition on the hard drive) If a partition is not present and the disk space is unallocated a partition will need to be created Here are the types of partitions which can be created for Windows installations along with a description of each partition
Partition DescriptionDynamic A versatile partition which allows for up to 2000 partitions on a hard
disk This partition does not support a dual boot The types of volumes which can be created are
Striped Writes data to multiple disks at once (a RAID 0) with no fault tolerance Uses between 2 and 32 disksMirrored Data writes to one disk and then mirrors to another disk (a RAID 1) This is supported on Windows 7 or newer operating systemsSpanned This partition includes space on more than one physical disk but appears as one physical disk If one of the spanned disks fails the entire volume is lost Boot and system volumes cannot be spanned
Basic A standard volume which supports up to four partitions The most common type of volume is a Master Boot Record (MBR) volume which has a size limit of 2 TB Basic disks can be converted to dynamic disks but dynamic disks cannot be converted back to basic disks
Primary Used for a single bootable volume This partition is located for an operating system during the bootup process
Extended This partition allows for adding multiple logical drives (with drive letters) to a physical disk Only one extended partition is allowed per basic volume (in addition to three primary partitions)
Logical Partitions which reside inside of an extended partition This allows for a disk to have more than four partitions overall (three primary and one extended with however many logical partitions are needed)
GPT Globally Unique Identifier (GUID) Partition Table (GPT) partitions are used for hard drives larger than 2 TB A GPT volume supports up to 128 primary partitions and up to 94 zetabytes (ZB) of data GPT volumes are supported on most Linux installations and on Windows 7 or later installations
PurposeUpon completing this project you will have a better understanding of which type of partition to create depending upon a need in a Windows installation
Steps for Completion1 For each situation indicate the type of partition needed to fulfill an installation
requirement
a Windows is to be installed on a 3 TB partition b A machine with two disks needs a partition which supports a RAID 0
c A partition needs to support five drive letters so that files can be organized by
category
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic OS Installation and Upgrade MethodsSubtopic Partitioning
Objectives Covered1 Operating Systems
13 Summarize general OS installation considerations and upgrade methods
133 Partitioning1331 Dynamic1332 Basic1333 Primary1334 Extended1335 Logical1336 GPT
22 | Domain 1 A+ Part 2 (220-1002) Project Workbook
File Systems and FormatsWhen installing Windows the default file system format used is the New Technology File System (NTFS) format NTFS supports encryption compression and granular security permissions on files and folders While that is the predominant disk format used for Windows installations there are several other file system formats a technician needs to be aware of should a technician come across one of these formats or need to use one of these formats Here are some common file system formats along with a description of each
File System
Description
exFAT FAT64 format supported mostly on Windows-based systems This format is used mostly on flash drives to overcome the limits of FAT32 (mainly the file size limit)
FAT32 File Allocation Table (FAT32) was common prior to Windows XP The three available permission categories are Read Change and Full Control FAT32 does not support Windows Vista or newer so this format is found mainly on USB thumb drives The maximum file size is 4 GB and the maximum partition size is 32 GB
NTFS New Technology File System (NTFS) is the most common file system format for Windows Permissions can be assigned to files and folders Encryption and compression are available (but not both at the same time) There is no defined file size limit The maximum partition size is 2 TB on MBR disks or 256 TB on GPT disks
CDFS Compact Disc File System (CDFS) is the standard format for optical discsNFS Network File System (NFS) is a distributed file system which allows a client computer to access files on another
computer as if it were the userrsquos own computerext3 A Linux file system which supports up to 32 Tibibytes (TiB) of data TiB is similar to TB ext3 does not support the
recovery of deleted files ext3 supports up to 32000 subdirectoriesext4 A Linux file system which support up to 1 Exbibyte (EiB) of data ext4 supports an unlimited number of
subdirectoriesHFS Hierarchical File System (HFS) is the default file system for Mac OS versions 1012 and older 1013 and newer use the
Apple File System (APFS)A swap partition also known as a swap space is to Linux what the pagefile is to Windows Both have one purpose to use hard drive space as RAM should a system run out of RAM With Linux this exists on its own partition On Windows this exists on the C drive by default Both should only be used when absolutely necessary as hard drives arenrsquot meant to act as RAM and will use this page space very slowly
In addition to file system types Windows supports two types of formatting (erasing) when a disk is formatted for a Windows installation or a disk is formatted after a Windows installation The two types of formatting are
Quick Format Formats a disk but does not check for and isolate bad sectorsFull Format Formats a disk and while doing so checks a disk for bad sectors and marks them so that there is no attempt to write data to those sectors
After completing this project you will know which file system format to use given a situation and you will know which type of formatting to use when formatting a hard drive
Steps for Completion1 For each situation identify the file system format either in use or needed to fulfill a computer need
a A user needs to access files on another computer without it looking like the files are on another computer
b A thumb drive needs to hold 5 GB installation files
c A Linux installation needs to support the recovery of deleted files
d A file system format to work on Mac OS version 1013 2 A user needs to install Windows on an NTFS partition of 2 TB Can the user use an MBR partition type
23 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project FilesNA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic OS Installation and Upgrade MethodsSubtopics File System Types Swap Partition Quick vs Full Format
Objectives Covered1 Operating Systems
13 Summarize general OS installation considerations and upgrade methods
134 File system typesformatting1341 ExFAT1342 FAT321343 NTFS1344 CDFS1345 NFS1346 ext3 ext41347 HFS1348 Swap partition1349 Quick format vs full format
3 On a Windows machine obtain the file system format of your C drive What is the format
24 | Domain 1 A+ Part 2 (220-1002) Project Workbook
The Final Installation StepsAs one goes through a Windows installation there are decisions to be made both during and after the installation process In addition to choosing a boot method installation type partition and file system format here are some other decisions which need to be made during a Windows installation process
Decision DescriptionLoad alternate third-party drivers
These can be loaded at the same time as a partition is selected Or they can be added to a custom image prior to the installation through the Windows Automated Installation Kit (WAIK)
Workgroup vs domain
After a Windows install a computer will be in a workgroup (a peer-to-peer network) by default Workgroups are best served for small office home office (SOHO) networks A Windows device can have up to 20 concurrent connections A domain is a clientserver network with a central server which controls access to resources This is most commonly seen in a medium to large business setting
TimeDateRegion language settings
The first decision to be made after starting the Windows installation Choices needs to be made for language time format currency format and keyboard settings These can be changed after the installation via the Region and Language applet in the Control Panel
Driver installation Most hardware will install automatically when connected to a computer However a technician should still have the latest available drivers for the hardware in case the drivers are needed The Device Manager will show hardware with missing or incorrect drivers
Software and Windows updates
Software updates are dependent upon the app manufacturer Windows updates are controlled via the Windows Update applet The choices for Windows Updates arebull Always install updatesbull Download updates but choose which ones to installbull Choose what to download and updatebull Never update
Factory recovery partition
For many pre-built computers a factory recovery partition is present on the hard drive to restore a device to factory settings if needed To invoke the recovery press F8 (Shift+F8 on Windows 881) when booting and then choose to restore the device This will often erase the data currently on the device If Secure Boot is enabled on a device F8 will not work One will need to boot into Windows RE in order to recover Windows
For Windows 7 8 81 or 10 installations the prerequisites are as followsbull 1 GHz or faster processorbull 1 GB of RAM for a 32-bit install or 2 GB of RAM for a 64-bit installbull 16 GB of hard disk space for a 32-bit install or 20 GB of hard disk space for a 64-bit installbull A graphics card that supports DirectX 9
When working with newer versions of an operating system you may have older apps that struggle to run on the new system You can try to run these apps in compatibility mode Compatibility mode is available under an apprsquos Properties tab
Lastly remember these two key points for upgrade pathsbull Upgrades for the most part need to keep the same edition going from version to version In other words Windows 7
Professional can upgrade to Windows 10 Professional but Windows 7 Home cannot upgrade to Windows 10 professionalbull Windows 7 and 81 can upgrade to Windows 10 Windows 8 must be upgraded to 81 before it can be upgraded to 10
PurposeUpon completing this project you will know how to make the choices necessary for your environment when installing Windows This project uses a DVD or USB drive to install Windows 10 on a system
Steps for Completion1 Insert your installation media for your Windows installation If you are using a DVD make sure your computer is set to boot to
the DVD in the BIOS If you are using a USB drive make sure your computer is set to boot to a USB drive in the BIOS2 With your installation media present in your system reboot your machine After a few moments the first setup screen will
appear3 If you need to change the default language time or currency format or keyboard click the drop-down arrow for the appropriate
25 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files A Windows image on an installation disk
Estimated Completion Time
15-30 minutes
Video Reference Domain 1Topic OS Installation and Upgrade MethodsSubtopics Drivers and TimeDateLanguage Settings Workgroup vs Domain Setup Drivers and Updates Factory Recovery and Proper Boot Drive Hardware Prerequisites and Compatibility Application Compatibility OS CompatibilityUpgrade Path
Objectives Covered1 Operating Systems
13 Summarize general OS installation considerations and upgrade methods
135 Load alternate third-party drivers when necessary136 Workgroup vs Domain setup137 Timedateregionlanguage settings138 Driver installation software and Windows updates139 Factory recovery partition1310 Properly formatted boot drive with the correct partitionsformat1311 Prerequisiteshardware compatibility1312 Application compatibility1313 OS compatibilityupgrade path
field and make the change When you are done making changes click the Next button
4 On the next screen click the Install now button5 The next screen is the License terms screen Select the I accept the license terms
check box and click the Next button6 If you are upgrading from a previous version of Windows you would select the
Upgrade option For this installation select the Custom Install Windows only (advanced) option
7 On this screen you could click Load driver and load third-party drivers The Refresh option allows for a refresh of the available disks should you plug in a hot swappable drive The Delete Extend Format and New options all allow you to work with disk partitions For this installation take the default settings and click the Next button Note The remaining steps could vary depending upon the edition of Windows you are installing
8 The installation process will take between 10 and 30 minutes to complete When the installation is done the next screen you will be given a chance to name the computer
9 Click in the PC name box and type a name for your computer10 Click the Next button11 On the Settings screen click the Use express settings button12 To bypass using a Microsoft account click the Create a new account option13 At the bottom of the screen click the Sign in without a Microsoft account option14 Click in the User name text box and type a username15 Click in the Password text box and type a password16 Click in the Reenter password text box and reenter the password you typed in the
previous text box17 Click in the Password hint text box and type a password hint18 Click the Finish button After a few more minutes of setting up the installation will
be complete
26 | Domain 1 A+ Part 2 (220-1002) Project Workbook
File and Folder CommandsWhen working in a command prompt technicians will sometimes need to create or remove folders add or remove files and check to see what files and subfolders are in a folder Several commands are used to fulfill these needs Here are some common file and folder commands and their descriptions including important attributes and switches
Command DescriptionMD Makes a directory (folder) The MKDIR command also works hereRD Removes a directory RMDIR will also work Two important switches for this command are
s Removes subdirectories This switch must be used if there are files andor folders in the directory one is trying to removeq Removes directories without prompting the user for confirmation
CD Changes the directory one is working in CHDIR also works here Some ways to use CD includeCD Moves up a folder in a folder structure For example when focused on CHRDocs CD moves the focus up to CHRCD Moves back to the root of the drive (C for example)
DIR Lists the contents of a folder Wildcards can be used to filter a file listDEL Deletes individual files Wildcards can be used to delete multiple files Some important switches include
p Prompts before deletionf Forces deletion of read-only filess Deletes file in all subdirectoriesq Suppresses confirmation when using wildcards For example the DEL q command removes all files in a folder without confirmation
The dir and cd commands are the two most important commands to know for the exam One shortcut one can take advantage of when entering a command is to type part of the command and then press the Tab key For example if there is a folder named Southern Region and one wants to navigate to that folder one can type CD SOU and then press the Tab key until Southern Region shows on the screen The results will cycle through anything starting with the letters SOU once part of the text is typed and the Tab key is pressed
In addition any files or folders with spaces must be in quotes when used in commands For example to delete a text file called Old Policy the command needs to look like this DEL ldquoOld Policytxtrdquo and not DEL Old Policytxt In the latter instance the DEL command would be trying to delete a folder named Old as it cannot read past the space after the word Old
PurposeAfter completing this project you will be familiar with these file and folder commands in a command prompt
Steps for Completion1 On a Windows device open File Explorer2 Navigate to the C drive3 On the C drive create a folder Name the folder HR4 Inside the HR folder create a folder Name the folder West5 Inside the HR folder create another folder Name the folder North6 Inside the HR folder create a text file Name the file Old Policy You do not need to put any text in the file7 Inside the HR folder create another text file Name the file New Policy You do not need to put any text in the file Your
completed file structure should look like the file structure below
27 |Domain 1 A+ Part 2 (220-1002) Project Workbook
8 Open a command prompt9 To navigate back to the root drive type CD C and then press the Enter key10 To navigate to the HR folder type CD HR and then press the Enter key11 To list the contents of the HR folder type DIR and then press the Enter key You
should see two folders and two files as seen below
12 Close the command prompt window
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Command Line ToolsSubtopics Dir Cd
Objectives Covered1 Operating Systems
14 Given a scenario use appropriate Microsoft command line tools
141 Navigation1411 Dir1412 Cd
28 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Using Network and Shutdown CommandsNetwork commands are used either to troubleshoot a devicersquos network connectivity or gain information about network activity or both Here are some network commands you need to know for the exam along with their descriptions
Command Descriptionipconfig Used to get the IP address for each network adapter on a system
Switches includeall Gets IP address DNS server and DHCP server informationrelease Releases IP address leases on a devicerenew Renews IP address information on a deviceflushdns Clears the DNS cache on a device
ping Used to send packets to a device with the intent of getting a response ping -t runs a continuous ping until one presses Ctrl+C to stop sending packets
tracert Used to see each hop from a source to a destination This can help track down the source of a problem with a source reaching a destination
netstat Shows current connections on a device Netstat can also be run with these attributes
-a Shows connected and listening ports for both TCP and UDP-p Used with a protocol shows established connections for that protocol
nslookup Used to return a DNS server for a host This can be run as a standalone command or as a tool
One other command you need to know for the exam but is not a network command is the shutdown command which as you may have guessed shuts down a system Running shutdown -r restarts a system
PurposeAfter completing this project you will have a better understanding of network commands and their usage
Steps for Completion1 On a Windows device open a command prompt2 Run the command that will return the IP address of your device What is your IP
address Answers will vary
3 Ping wwwlearnkeycom Do you get a response 4 Run a trace to wwwlearnkeycom How many hops are between you and the
destination 5 Run the command that will return the IP address of your DNS server What is that
address
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Windows Command Line ToolsSubtopics Ipconfig Ping Tracert Netstat Nslookup Shutdown
Objectives Covered1 Operating Systems
14 Given a scenario use appropriate Microsoft command line tools
142 Ipconfig143 Ping144 Tracert145 Netstat146 Nslookup147 Shutdown
29 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Imaging and Disk CommandsThere are several disk commands a technician needs to be aware of in order for a technician to be able to format partition or check disks for errors Occasionally a technician may need to extract a single file from an installation file on a CD DVD or similar media for the purpose of replacing a bad system file Here are some common disk commands used in a command prompt along with their descriptions
Command DescriptionDISM Deployment Image Servicing and Management (DISM) is used to
either prepare a system image for deployment or to scan and repair a system image
SFC Attempts to repair system files Switches includeSCANNOW Scans system files and repairs files when possibleVERIFYONLY Scans system files for integrity but does not repair filesSCANFILE Scans the integrity of a single file and repairs it if possibleVERIFYFILE Verifies the integrity of a system file but does not attempt to repair it
CHKDSK Looks for and fixes disk errors Some common switches includeF Fixes errors on the diskR Locates bad sectors and recovers readable information
DISKPART A shell app which lists partition information and can format convert expand or shrink a volume
DISM SFC and CHKDSK all need to be run in an elevated command prompt An elevated command prompt is one that requires administrator privileges Commands which check for and attempt to repair system files will require adiministrator privileges
PurposeAfter completing this project you will have some familiarity with disk commands
Steps for Completion1 On a Windows device open an elevated command prompt (a command prompt in
administrator mode)2 Run the DISM command with the help to get a list of possible ways to run the
DISM command3 Run the SFC command with the verifyonly switch4 Run the CHKDSK command with the f switch5 To start DISKPART type DISKPART and then press the Enter key If you get a
User Account Control prompt click the Yes button to continue DISKPART will open in a separate window
6 In the DiskPart window type LIST and then press the Enter key to see several LIST commands
7 Type LIST DISK and then press the Enter key to see the list of disks on the computer
8 Type SELECT DISK 0 and then press the Enter key to select the first disk in your disk list
9 To see a list of available commands on the disk type and then press the Enter key You will see a list of commands for tasks you can perform on your selected disk
10 To exit the DiskPart window type EXIT and then press the Enter key11 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
15 minutes
Video Reference Domain 1Topic Windows Command Line ToolsSubtopics Dism Disk Checking Commands Diskpart
Objectives Covered1 Operating Systems
14 Given a scenario use appropriate Microsoft command line tools
148 Dism149 Sfc1410 Chkdsk1411 Diskpart
30 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Task Policy and Format CommandsA technician may need to use a command prompt to list running tasks end a running task update policies or format a hard disk For instance a technician may need to identify a process and then end it This can be done with these two commands
TASKLIST Lists running tasks The results here will be similar to what one would see for running processes in Task ManagerTASKKILL Stops a running task by process number
An A+ technician is unlikely to control Group Policy a centrally based policy management tool which controls configurations on machines based on users and the organizational units to which they belong However a technician does need to know how to update Group Policy settings on a computer and be able to run a report showing which Group Policies have been applied to a computer and user The two commands which accomplish this are
GPUPDATE Used to perform an immediate Group Policy update on a computer Though Group Policy changes update computers on a regular basis sometimes an update is done at the server level and needs to be applied on a client machine immediatelyGPRESULT Used to run a report to show which Group Policies have been applied to a computer and user The r switch runs a report while the h switch combined with a filename and a html extension on the end puts the report in HTML format For example the command GPRESULT h gpreporthtml places a report called gpreport in the directory the user is working with in the command prompt
The FORMAT command is used to reset a hard drive and make its data inaccessible This is only done when someone wants a drive completely wiped of its data
PurposeAfter completing this project you will know how to use command lines to list running tasks end a running task update and show a group policy and format a hard drive
Steps for Completion1 On a Windows device open a command prompt2 Type TASKLIST and press the Enter key You will see a description and some
attributes3 Scroll down through the descriptions4 Type TASKLIST and press the Enter key You will see a list of tasks and process ID
numbers5 Find the process number for the cmdexe executable6 Type TASKKILL PID and the process ID number for cmdexe (TASKKILL PID
1044 is an example)7 Press the Enter key The cmdexe process will end closing the command prompt8 Open another command prompt window9 Type GPUDATE and press the Enter key Wait for the Group Policy updates to
take effect10 Type GPRESULT and press the Enter key You will see the policies that apply to the
current device11 Exit the command prompt window
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 1Topic Windows Command Line ToolsSubtopics Taskkill Gpupdate and Gpresult Format
Objectives Covered1 Operating Systems
14 Given a scenario use appropriate Microsoft command line tools
1412 Taskkill1413 Gpupdate1414 Gpresult1415 Format
31 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Copy CommandsWhen working with files and folders a technician will sometimes need to copy files and folders andor move files and folders using command-line commands For example a backup script may need to be created to be run on a nightly schedule As part of that script certain files and folders may need to be copied from a hard drive to an external drive There are three copy commands one can use in a command prompt setting each with a distinct role in copying files and folders The three copy commands along with their roles are as follows
Command DescriptionCOPY Copies files and folders from a source to a destination Switches
includeCopy a Used for ASCII-based text filesCopy v Verifies files were copied correctlyCopy y Suppresses prompts for overwriting filesCopy file1 + file2 + file3 file4 Combines the first three files into a fourth file This is generally only done with text files
XCOPY Unlike the COPY command XCOPY can also copy subdirectories using the s switch
ROBOCOPY Includes all COPY and XCOPY features Also copies metadata including attributes time stamps permissions owner information and auditing information Switches include
copyall Copies all metadatae Includes empty subdirectories when copying files and folderspurge Deletes destination files and folders which no longer exist at the sourcemove Copies files and folders and then deletes the source files This is the command prompt equivalent of cut and paste
PurposeUpon completing this project you will have enough knowledge of all three copy commands to use them effectively in a real-life situation
Steps for Completion1 This project builds on the previous project File and Folder Commands If you have
not completed that project do so and then come back to this project If you have completed the previous project open a command prompt on a Windows device
2 In the command prompt type CD CHR and then press the Enter key to navigate to the HR folder
3 To copy the New Policy file into the East folder type COPY ldquoNew Policytxtrdquo East and then press the Enter key
4 To make sure the New Policy file is in the East folder type DIR East and then press the Enter key
5 To make a backup copy of the HR folder and all of its subfolders type XCOPY s CHR CHRBackup and press the Enter key You will be prompted to choose a file or directory
6 To create the HRBackup directory and copy the files from HR to HRBackup type D You should see a message indicating the number of files copied
7 To make sure the HRBackup directory has the file and two folders from the HR directory type DIR CHRBackup and then press the Enter key You should see two folders (East and West) and one file (New Policytxt)
8 To move the policy file from the HR folder into a new folder called HRPolices type ROBOCOPY CHR CHRPolicies move and press the Enter key
9 To make sure the New Policytxt file has been moved type DIR CHRPolicies and press the Enter key The New Policy file should show in the file list
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 1Topic Windows Command Line ToolsSubtopic Copy Commands
Objectives Covered1 Operating Systems
14 Given a scenario use appropriate Microsoft command line tools
1416 Copy1417 Xcopy1418 Robocopy
32 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Net and Help CommandsThe NET command has multiple uses within Windows The two main uses are
NET USE to map a user to a network driveNET USER to get information on a user
For the NET and any other commands typing the name of the command with a space and a will return information on how the command is used and the attributes and properties associated with the command You should run this for each command covered in this domain
Lastly you may recall that commands such as SFC and CHKDSK are commands that check and possibly alter system files These are commands that require administrative privileges in order to run Most other commands can be run with standard privileges
PurposeAfter completing this project you will know how to use the NET command and be able to get help on it and other commands
Steps for Completion1 On a Windows device open a command prompt2 Obtain help for the NET USE command3 Type NET USER ADMINISTRATOR and press the Enter key to see a list of
characteristics on the Administrator account4 Obtain help for the IPCONFIG command5 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Windows Command Line ToolsSubtopic Net Use Net User Help on Commands Standard vs Administrative Privileges
Objectives Covered1 Operating Systems
14 Given a scenario use appropriate Microsoft command line tools
1419 Net use1420 Net user1421 [command name] 1422 Commands available with standard privileges vs administrative privileges
33 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Introducing Administrative ToolsAdministrative tools aid in configuring and managing Windows With administrative tools a technician can check event logs manage printers shared on the computer view and schedule tasks and check system configuration and system information The Administrative Tools window has one purpose to provide shortcuts to these configuration tools Many of these actual tools are covered in detail in other projects throughout this workbook The purpose of this project is to locate the Administrative Tools area in the Control Panel and be able to describe the function of each tool Here are the tools one will typically find in the Administrative Tools window along with a description of each tool
Administrative Tool DescriptionComputer Management Area in which tasks events shares users groups and disks can be viewed and managed Shortcuts
are also available to Performance Monitor and Device Manager This area is broken down into three groups System Tools Storage and Services and Applications
Device Manager The Device Manager shows all drivers for all hardware Yellow warning signs on hardware indicate potential problems Black arrows on hardware indicate the item in question is disabled Through Device Manager one can update hardware drivers or if needed roll back a driver on a hardware device to a previous version
Local Users and Groups Found in Computer Management This helps manage users and the groups to which they belong Similar to the Device Manager any black arrow on a user indicates a disabled account The built-in Administrator and Guest accounts should be disabled as they are easy targets for an attacker
Local Security Policy Area in which password policies and account policies are set for a local machine On domain-based networks the Local Security Policy will be overridden by a domainrsquos Group Policy
Performance Monitor Shows how a computer is performing in four main areas processor memory disk and network One can take Data Collector sets to show how a computer is performing over time
Services Used to start stop and configure services If a service should be set to start automatically and is not one should go here to configure that service
System Configuration Also known as MSCONFIG This area controls general configuration settings boot settings services tools and startup settings in Windows Vista and Windows 7 For Windows 881 and Windows 10 startup settings are now controlled via the Task Manager
Task Scheduler Used to schedule maintenance tasks such as a defragmentation of a hard drive or a system backup Tasks can be based on triggers (such as day and time) actions a user takes or conditions with one example being only running defrag if the computer is on Task settings control how a task operates Task History shows a list of successful and failed attempts to run a task
Component Services Component Object Model (COM) objects These are objects of code which can be used in multiple applications For example many financial applications can use a COM object to calculate an interest rate for a loan For Windows Vista this is not found in the Administrative Tools window In Windows Vista Component Services has to be run as a Microsoft Management Console (MMC) snap-in or as comexpmsc
Data Sources Stores Open Database Connectivity (ODBC) data sources This allows a user to store a connection to SQL Oracle Access and similar databases so long as the user has the proper credentials to those databases
Print Management Used to manage multiple shared printers on a systemWindows Memory Diagnostics
Used to check for memory problems This tool is usually set to run on a restart
Windows Firewall Used to allow or block data and apps based on ports protocols and programs The Advanced Security feature allows one to be more specific about which ports andor protocols to allow or block
Event Viewer The Windows tool that stores event logs for applications security and the system as a wholeUser Account Management Works with User Account Control (UAC) settings which determine the level of notification a user
gets when trying to install an app or make a system change
PurposeAfter completing this project you will have a basic familiarity with the location of these administrative tools
Steps for Completion1 For each situation identify the administrative tool to use
34 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopics Computer Management and Device Manager Local Users and Groups Local Security Policy Performance Monitor and Services System Configuration Task Scheduler Component Services and Data Sources Print Management Windows Memory Diagnostics Windows Firewall and Advanced Security Event Viewer User Account Management
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
151 Administrative1511 Computer Management1512 Device Manager1513 Local Users and Groups1514 Local Security Policy1515 Performance Monitor1516 Services1517 System Configuration1518 Task Scheduler1519 Component Services15110 Data Sources15111 Print Management15112 Windows Memory Diagnostics15113 Windows Firewall15114 Advanced Security15115 Event Viewer15116 User Account Management
a A user needs to connect to a SQL database b An administrator needs to see who attempted to log on to a specific server
c An administrator suspects a device is missing a driver
d An administrator needs to set a password policy on a single device
2 On a Windows device open the Control Panel If necessary change the view to the Category view
3 In the Category view click the System and Security link You will see a list of system and security options
4 Click Administrative Tools5 Though many of these tools will be covered in later projects feel free to double-
click a shortcut to explore a tool For example double-click Performance Monitor to see your computerrsquos current CPU Disk Network and Memory performance
6 When you are finished exploring any of these administrative tools close all open windows
35 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopic Msconfig
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
152 MSConfig 1521 General1522 Boot1523 Services1524 Startup1525 Tools
Using System ConfigurationThe System Configuration window also known as MSCONFIG helps a technician to control startup options and services on a computer In addition through MSCONFIG one can launch a number of Windows configuration tools The tabs on the System Configuration window along with a description of each are as follows
Tab DescriptionGeneral Controls startup information from the standpoint of a normal startup vs a
diagnostic startup (in case one needs to troubleshoot startup problems)Boot Controls how a system starts If a system is set to multiboot the boot
order of the operating systems can be changed A system can also be set to boot into Safe Mode if needed
Services Shows which services are running In this window services can be disabled Further service configurations take place in the Services window
Startup Shows apps that start when Windows starts Clearing a check box will stop an app from starting up
Tools Many system tools are found in this window One can select a tool and click the Launch button to launch the tool
For Windows 8 and beyond the Startup tab has been moved to the Task Manager As one works with the System Configuration window here are two best practices to followbull If Safe Mode is enabled under the Boot tab make sure to clear that check box once
troubleshooting on the machine is complete Otherwise the computer will always boot into Safe Mode
bull On the Startup tab if an app which is starting up is not recognized it is best to research the app to make sure it is a legitimate app and if it needs to start up before deciding to not have the app start at startup
PurposeAt the completion of this project you will know the purpose of the System Configuration window and be able to make configuration changes as needed
Steps for Completion1 On a Windows device open Administrative Tools2 Double-click the System Configuration shortcut The System Configuration window
will launch3 Click the Boot tab On this tab you can set the computer to boot into Safe Mode
andor boot without a Graphical User Interface (GUI) which can help troubleshoot startup problems or allow one to run a thorough antivirusantimalware scan
4 Click the Services tab A list of enabled services will appear Clearing a check box on the Services tab will disable that service
5 Click the Tools tab You will see a list of tools many of which are administrative tools
6 Click a tool and then click the Launch button to launch the tool7 If you are running Windows 7 return to the System Configuration window and click
the Startup tab A list of apps which start up when Windows starts will be listed If you wish to not have an app start up when Windows starts clear the check box next to the app
8 Close all open windows
36 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Using Task ManagerTask Manager is a Windows feature which allows one to see which applications and processes are running how a system is performing the network bandwidth being used and which users are logged on to a system Here are the different areas of Task Manager for Windows Vista and Windows 7 along with a description of each area
Area DescriptionApplications Shows applications which are running and those which are not responding A new task can be started here or a task
can be stoppedProcesses Shows all of the running processes and the CPU and memory those processes are usingServices Shows running services A service can be started or stoppedPerformance A visual indicator of the CPU and memory CPU usage and history shows for the last 60 seconds Total and available
physical memory shows System information such as system uptime is also present as well as a link to the Resource Monitor
Networking Shows the percentage of network bandwidth being consumedUsers Shows the active users logged on to the machine
The Task Manager has a different look in Windows 88110 The changes made to the Task Manager are as followsbull Applications now display as apps on the Processes tab and display in three groups Apps Background Processes and Windows
Processesbull An App History tab has been added to show how built-in Windows apps are utilizing the CPU and Network performance of the
computerbull The Startup tab has been moved from the System Configuration feature to the Task Manager The Startup tab controls which
apps start up when Windows startsbull A Details tab has been added to show more details on running processes such as the Process ID and Description Some of these
items have been moved from the Processes tab in Windows 7
PurposeAt the end of this project you will be able to see a machinersquos overall performance and be able to adjust that performance through the Task Manager This project has two exercises one for Windows 7 computers and one for Windows 88110 computers
Steps for Completion (Windows 7)1 On a Windows 7 machine navigate to the desktop2 Right-click the taskbar and click Task Manager The Task Manager will appear3 If necessary click the Applications tab A list of running applications will display4 To end an application click the application to end and then click the End Task button5 Click the Processes tab6 To see which process is taking up the most CPU click the CPU column heading A downward-pointing arrow will appear above
the CPU column heading indicating that the column is sorting in descending order The processes using the highest percentage of CPU will be at the top of the list
7 Click the Services tab to see a list of services both running and stopped8 Click the Performance tab You will see the current CPU and Memory usage9 Click the Networking tab You will see the amount of bandwidth being consumed on your current network connection10 Click the Users tab You will see a list of users connected to your computer If there is a user showing who should not be logged
on click the user and then click the Logoff button11 Close the Task Manager
Steps for Completion (Windows 88110)1 On a Windows 88110 computer navigate to the desktop2 Right-click the taskbar and click Task Manager The Task Manager will open3 If necessary click the More Details link4 Click the Processes tab if needed Notice the three groups of processes running Apps Background Processes and Windows
Processes5 To see which processes are consuming the most memory click the Memory column heading A downward-pointing arrow will
appear next to the percentage indicator in the Memory column heading and the processes consuming the most memory will
37 |Domain 1 A+ Part 2 (220-1002) Project Workbook
appear at the top of the list of processes6 To return the view to the previous three groupings click the Name column heading7 Click the Performance tab You will see a snapshot of CPU memory disk and
Ethernet performance8 Click the App history tab Here you will see the built-in Windows apps and the
CPU time they have consumed since the date indicated on the tab 9 Click the Startup tab Any apps which are set to start up when Windows starts will
display here To prevent an app from starting up when Windows starts click the App and click the Disable button
10 Click the Users tab This tab shows a list of users connected to your computer If there is a user who does not need to be connected at this time click the user and then click the Disconnect button
11 Click the Details tab Here you will see the processes which showed on the Processes tab but with more details such as process ID (PID) the user or system account running the process and a process description If you need to end a process click the process and then click the End Task button
12 Click the Services tab This tab will show a list of running and stopped services on your computer To control any of these services click the Open Services button to open the Services window
13 Close the Task Manager window
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopic Task Manager
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
153 Task Manager1531 Applications1532 Processes1533 Performance1534 Networking1535 Users
38 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Using Disk Management to Add DisksDisk Management is a Windows tool which allows a technician to control the hard drive setup on a computer With Disk Management disk partitions can be added extended split and shrunk Drive letters can also be assigned through Disk Management If a computer supports disk arrays such as a RAID 0 (striped volume) or RAID 1 (spanned volume) the arrays can be set up through Disk Management Hard drives can either be physical (as in magnetic hard drives or solid-state drives) or virtual Virtual hard drives are large storage files which can store as little as a few documents or as much as an entire operating system as is the case with virtual machines Whenever drives are present in Disk Management each disk will have one of the following statuses present
Unreadable This is most likely due to a hardware failure The disk will probably need to be replacedForeign This status will show on a dynamic disk which has been moved from another computer Right-click the disk and import itOnline The status one wants The disk is available for read and write accessOffline Either the disk is new or it may have a problem Right-click the disk and click the Online or Reactivate optionMissing If one of the disks for a RAID volume is not accessible this status will displayFailed A possible hardware problem exists Use CHKDSK to diagnose the disk If CHKDSK does not fix the disk it will need to be reformatted or replaced
The following specific disk management tasks can be performed in Disk Management so long as the computer has the hard drive(s) and hard drive space necessary to perform these tasks Here is a list of Disk Management tasks along with a description of each
Task DescriptionMounting A drive is mounted as an empty volume within a folder instead of having a letter assigned to it This can only be
done on empty NTFS folders This is often done with virtual hard drives which can then be easily moved from one computer to another
Initializing When a hard disk is added to a system the disk needs to be initialized New hard disks should be prompted to initialize automatically when starting disk management
Drive letters Drive letters can be assigned or changed through right-clicking the drive and clicking Assign Drive Letter or Change Drive Letter
Adding a drive
If a drive is added it should show right away If it does not have Disk Management rescan the computer for new disks
Disk Management is located inside the Computer Management window
PurposeUpon completing this project you will know how to add initialize and mount disks through Disk Management
Steps for Completion1 On a Windows device create a folder on the C drive and name it Sales This folder will be used later in this project for a
mounted volume2 Open Administrative Tools3 From the Administrative Tools window double-click the Computer Management shortcut to open the Computer Management
window4 In the Storage group on the left side of the screen click Disk Management 5 To create a virtual hard drive which will then be mounted to the Sales folder you just created click the Action menu and then
click Create VHD 6 Click the Browse button7 Navigate to your Documents folder8 Click in the File name box and type Western Sales9 Click the Save button10 Click in the Virtual hard disk size text box and type 1011 Click the drop-down arrow to the right of the number you just typed and click GB This will set the size of the virtual hard drive
to 10 GB12 Click the OK button The drive will be created and should show in the Disk Management window13 To initialize the new disk right-click the Disk 1 area and then click Initialize Disk In the Initialize Disk window click the OK
button The disk status should switch to Online14 To mount part of the drive to the CSales folder right-click inside the space marked Unallocated and click New Simple Volume
The New Simple Volume wizard will appear
39 |Domain 1 A+ Part 2 (220-1002) Project Workbook
15 Click the Next button The Specify Volume Size step will appear 16 Change the Simple volume size in MB to 5000 and click the Next button 17 Select the Mount in the following empty NTFS folder option18 Click the Browse button19 Click the + to the left of the C drive20 Click the Sales folder21 Click the OK button22 Click the Next button The Format Partition screen will appear23 To name the volume click in the Volume label field erase the existing text and type
Western Sales24 Click the Next button25 Click the Finish button26 To format the remaining 5 GB with a drive letter right-click the Unallocated space
and click New Simple Volume27 On the welcome page click the Next button28 Make sure all of the remaining space is in the volume size and click the Next button29 On the Assign Drive Letter or Path page take the default letter given and click the
Next button30 To name the volume click in the Volume label text box erase the existing text and
type Eastern Sales31 Click the Next button32 Click the Finish button33 Open Windows Explorer (File Explorer for Windows 8)34 Notice the Eastern Sales drive on the left side of the window35 Navigate to the C drive Notice the Sales folder mounted as a drive 36 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
15 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopics Drive Status and Mounting Initializing
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
154 Disk Management1541 Drive status1542 Mounting1543 Initializing
40 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
15 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopics Extending Partitions Splitting Partitions and Drive Letters
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
154 Disk Management1544 Extending partitions1545 Splitting partitions1546 Shrink partitions1547 Assigningchanging drive letters
Working with Disk PartitionsIn addition to basic disk management tasks the following can be done with disk partitions on disks
Extend partitions Extending a partition allows for the creating of logical disks (multiple drive letters) inside of a primary partition Extending a volume is the task of allowing an existing volume to take advantage of unallocated spaceShrink partitions This process takes advantage of unused space With the remaining space a new partition can be created Defragmenting a magnetic hard disk drive could free up a slightly higher amount of space with which to shrink a partitionSplit partitions This process involves shrinking a partition and then creating a new partition with the remaining space
Once partitions are set one may want to change the drive letters on a drive as to avoid conflict with a drive letter which users may be familiar with using for a network drive
PurposeUpon completing this project you will know how to extend shrink and split partitions using the Disk Management tool
Steps for Completion1 On a Windows device open Disk Management2 Using the Disk Management tool create a virtual hard drive called Regions with a
size of 10 GB and store the virtual hard drive in your Documents folder 3 Initialize your new disk 4 Right-click the unallocated space and click New Simple Volume The New Simple
Volume Wizard will appear5 Click the Next button 6 Adjust the size of the volume to be 5000 MB7 Click the Next button8 Make sure the Assign the following drive letter option is selected and click the Next
button9 Label the volume with the label North10 Click the Next button11 Click the Finish button 12 To extend the North disk to use the unallocated space right-click the North disk
and click Extend Volume The Extend Volume Wizard will appear13 Click the Next button You will see the Select Disks screen14 Make sure the maximum amount of MB space is allocated to the Select the amount
of space in MB field and click the Next button15 Click the Finish button The North disk should now have a size of 10 GB16 To split the volume into two disks (North and South) the North partition must first
be shrunk Right-click the North disk and click Shrink Volume 17 Click in the Enter the amount of space to shrink in MB text box erase the number
in the box and type 400018 Click the Shrink button19 Using the remaining unallocated space create a new simple volume with a drive
letter and label the volume South To rename the South drive as the S drive right-click the South drive and click Change Drive Letter and Paths
20 Click the Change button21 From the list of available drive letters click the drop-down arrow and click S If S is
not available because it is assigned to another drive choose a different letter22 Click the OK button23 Click the Yes button to continue the process Your South drive will have a new drive
letter
41 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopics Adding Drives Adding Arrays Storage Spaces
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
154 Disk Management1548 Adding drives1549 Adding arrays15410 Storage spaces
Using Arrays and Storage SpacesOne aspect of disk management is having the ability to create an array of disks An array is a group of disks working together to make data storage faster andor redundant thus speeding up data transfers protecting data in case a disk fails or both Windows supports three types of arrays
RAID 0 Instead of data being written to a single disk data is written to two disks at once speeding up writing performance However should one disk fail the entire volume is lost In Disk Management creating a new striped volume creates a RAID 0RAID 1 Data is written to one disk and then mirrored to another disk In this scenario should one disk fail the data is still intact In Disk Management creating a new mirrored volume creates a RAID 1RAID 5 Three or more disks are required Data is written to two of the three disks and then a parity bit is store on the third disk to help restore data should a disk fail RAID 5 is only supported in Windows 881
RAID volumes can either be created through Disk Management or they can be created using storage spaces Storage spaces new to Windows 8 allow for pooling of multiple disks (known as a storage pool) into a single storage area For disks to be included in a storage space disks must be initialized but cannot be allocated a volume or drive letter There are three types of storage spaces
Simple space Same as a RAID 0 in that data is striped over two disksMirror space One disk in a two-disk or three-disk set is set aside for mirroring purposes to protect against data failure This is similar to a RAID 1Parity space Same as a RAID 5 in that data is striped over two disks and a parity bit on a third disk helps to restore data should a disk fail
The advantage of a storage space is that disks can easily be added to the space at a later time In addition storage spaces support thin provisioning a concept in which more space can be allocated than physical space available For example a storage space can be provisioned for 2 TB of space even if only 1 TB of physical disk space is available Of course another 1 TB of disk space will be needed if the original 1 TB space becomes full
PurposeAfter completing this project you will know how to create a storage space with an array of disks
Steps for Completion1 On a Windows 8 81 or 10 device open the Disk Management window2 Using Disk Management create two virtual disks named Storage 1 and Storage 2
and 10 GB each in size Store these disks in your Documents folder 3 Initialize the disks but leave the space in each disk unallocated 4 Open the Control Panel5 If necessary display the Control Panel in Category view Click the System and
Security link6 On the System and Security link screen click Storage Spaces If the User Account
Control screen appears click the Yes button 7 Click Create a new pool and storage space8 Make sure both check boxes (one for each drive) are selected and click the Create
pool button9 Click in the Name box erase the current text and type International Files10 Notice that the resiliency type is set to Two-way mirror thus the maximum size is
the size of a single disk To change the Resiliency type click the drop-down arrow on the field and click Simple This will use the entire storage space as a striped volume
11 Click the Create storage space button 12 Open File Explorer Notice that the new storage space appears in the disk list13 Close all open windows
42 | Domain 1 A+ Part 2 (220-1002) Project Workbook
System UtilitiesTo help configure and manage Windows a number of system utilities are available Here are several of the main system utilities along with a description of each utility
System Utility
Description
REGEDIT A database which stores all of the system and app settings One should only change the registry if the exact changes are known and done carefully One bad change to the registry can cause an application or worse Windows not to function
COMMAND This used to be the program run for the command prompt Now CMD is the program of preference for the command prompt as in the COMMAND version the 83 naming convention (eight characters maximum for a file name and three characters for the extension) must be used
SERVICESMSC This command opens the Services window In this window services can be started stopped restarted enabled and disabled
MSTSC Microsoft Terminal Services Client (MSTSC) is the app which runs Remote Desktop the app used to connect remotely to other systems
NOTEPAD Used to create text files with no formatting otherwise known as plain-text filesEXPLORER The window which shows the drive folder and file structure on a computer This is known as Windows
Explorer in Windows 7 and File Explorer in Windows 88110MSINFO32 The System Information tool used to show hardware components CPU RAM BIOS and other important
system informationDXDIAG The DirectX diagnostic tool This is used to show the current version of DirectX diagnose DirectX problems
and show current video and audio configuration informationDEFRAG Used to defragment a magnetic hard disk drive As data is saved to disk sectors it becomes fragmented and
slows down disk performance thus necessitating the occasional use of the DEFRAG toolSystem Restore Used to revert Windows to a previous point in time from the standpoint of system settings and installed apps
This is often done when an app install causes instability within the system System Restore does not affect individual user files
Windows Update
A tool which installs operating system updates for performance reliability and security Updates can be classified as important recommended or optional Windows Update can be set to one of four settings
Always install Installs are downloaded and installed automaticallyDownload but let me choose to install Updates are downloaded but it is up to the user to decide which installs will runLet me choose what to download and install The user selects which updates to obtainNever check for updates Updates are neither downloaded nor installed
Another tool administrators will use is the Microsoft Management Console (MMC) MMC is a tool in which administrators can add other tools known as snap-ins and customize the MMC environment to show the tools an administrator works with the most Here are some common MMC utilities the snap-in names and their role in computer management
Command Snap-in What It DoesEventvwrmsc Event Viewer Views logsGpeditmsc Group Policy Editor Manages local Group Policy settingsPerfmonmsc Performance Monitors system performanceSecpolmsc Local Security Policy Controls local system security settingsServicesmsc Services Starts stops and configures servicesTaskschdmsc Task Scheduler Schedules tasksWfmsc Advanced Windows Firewall Controls advanced settings for Windows Firewall
Many of these system utilities are covered in other projects throughout this project workbook
PurposeAfter completing this project you will know which utility to use given a situation and you will have familiarity with some of these system utilities
43 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Steps for Completion1 For each situation identify the system utility needed to resolve the situation
a A user trying to write instruction files is saying customers cannot read the format used in these files The user is currently using Microsoft Word to write
these files b You are training a Mac user in using Windows 8 You want to show the user
how to find the userrsquos document libraries c A new technician is told to use cmdexe for a command prompt instead of
using the older command prompt tool Which tool is the technician currently
using 2 To run MSINFO32 on a Windows device click the Start button and type msinfo323 When you see the msinfo32 tool appear click it The System Information window
will appear4 Scroll up and down the system information summary to see information such as
name model processor BIOS version and default directories5 When you have finished viewing the summary of the system information close the
System Information window
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopics Regedit Command Servicesmsc MMC MSTSC Notepad and Explorer Msinfo32 and DxDiag Disk Defragmenter System Restore Windows Update
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
155 System utilities1551 Regedit1552 Command1553 Servicesmsc1554 MMC1555 MSTSC1556 Notepad1557 Explorer1558 Msinfo321559 DxDiag15510 Disk Defragmenter15511 System Restore15512 Windows Update
44 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Using the Microsoft Management ConsoleThe Microsoft Management Console (MMC) is a management tool which allows an administrator to add management tools and then store a console configuration so that the same tools can be accessed when needed This concept is similar to someone with a toolbox and a favorite compartment for onersquos favorite tools
PurposeAfter completing this project you will know how to use MMC to start a new console add tools to the console and save the console
Steps for Completion1 On a Windows device click the Start button2 Type mmc3 When the mmcexe shortcut appears click the shortcut If the User Account
Control window appears click the Yes button The Microsoft Management Console window will appear
4 To add a tool to the console click the File menu and then click AddRemove Snap-in The Add or Remove Snap-ins window will appear
5 In the Available snap-ins area on the left side of the window click Component Services
6 Click the Add button7 In the Available snap-ins area on the left side of the window click Performance
Monitor8 Click the Add button9 Click the OK button Both snap-ins will be added to the console10 In the console window double-click Performance Monitor The Performance
Monitor will appear11 To save the console click the File menu and then click Save12 Click in the File name text box erase the current console name and type My
Console13 Click the Save button14 Close the Microsoft Management Console window15 Reopen the Microsoft Management Console16 Click the File menu Your My Console file should be in the file list17 Click the My Console file It will reopen and the two snap-ins you added earlier in
this project will appear18 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Operating System Features and ToolsSubtopics MMC
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
155 System utilities1554 MMC
45 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Using DxDiagThe DirectX Diagnostic tool (DxDiag) is a tool which shows information for DirectX a collection of application programming interfaces for video and game programming The tool also shows the current display and sound devices and their drivers Furthermore this tool will show input devices (such as a mouse and a keyboard) currently connected to a computer DxDiag also shows any potential problems with display sound and input devices
PurposeUpon completing this project you will know how to use DxDiag to see DirectX information and information about display sound and input devices including potential problems with those devices
Steps for Completion1 On a Windows device click the Start button (press the Windows logo key if you are
using Windows 8)2 Type dxdiag When the dxdiag shortcut appears click it If you get a message asking
if you want to check to see if your drivers are digitally signed click the Yes button The DirectX Diagnostics window will open
3 Note the DirectX version at the bottom of the screen It should be DirectX 11 or newer
4 Click the Display tab The device drivers for your video display and the enabled DirectX features will appear If any problems exist with the display drivers they will be indicated as such in the Notes area
5 Click the Sound tab On this tab you will see the sound device and driver(s) for the device Look at the Notes section to make sure there are no problems with the sound setup
6 Click the Input tab You will see the status of the mouse and keyboard on your computer Again the Notes section will indicate any problems with any input devices
7 If you are running a 64-bit version of Windows you will see a Run 64-bit DxDiag button Click the button to run the 64-bit DirectX Diagnostics test
8 After viewing the test results close the DirectX Diagnostic tool
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video ReferenceDomain 1Topic Operating System Features and ToolsSubtopic Msinfo32 and DxDiag
Objectives Covered1 Operating Systems
15 Given a scenario use Microsoft operating system features and tools
155 System utilities1559 DxDiag
46 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Internet OptionsA commonly used Control Panel utility (also known as applet) is the Internet Options utility This utility allows one to set options for Internet Explorer In addition one can set options for a default mail application and default HTML editor The Internet Options utility has several areas of configuration known as tabs Here is each tab along with each tabrsquos description
Options Tab
Description
Connections Shows possible Internet connections including dial-up and VPN connections This tab also shows possible LAN settings
Security This tab controls how active (scripted) content is rendered from websites Content deemed potentially malicious should not be allowed The settings for websites are
Restricted Sites Active content is not runTrusted Sites Sites in this list are trusted not to cause damage to a computer Many intranet sites will be placed here so that custom coded content will run without warning
General On this tab the home page (the first page that loads when Internet Explorer loads) can be configured The browsing history can be viewed from here A default search engine can be set The overall appearance can be configured as well If a website does not control its display through style sheets a user can set a preferred color scheme for webpages
Privacy This tab configures how cookies are used Cookies are text files which store information on how a user visits a website with the intent of helping the userrsquos next visit to that website For example a user could shop for products and then return to the website later with the website using a stored cookie to retrieve those products and recommend them for purchase Other privacy areas which can be controlled include
Location Controls whether a website can obtain a userrsquos locationPop-up blocker Controls pop-up windowsInPrivate Browsing session is not stored in a userrsquos browser history but is still stored on a web server
Content This tab shows certificates obtained for connections to encrypted websites AutoComplete settings (for filling out forms) and Feeds and Web Slices settings are also set here
Programs This tab sets the default browser manages add-ons (enhancements) for Internet Explorer sets the default HTML editor and has a link to setting default programs for files
Advanced This tab is used for specific Internet Explorer settings including multimedia settings security settings and script settings
PurposeUpon completing this project you will know which browser options can be set using the Internet Options utility
Steps for Completion1 On a Windows device open the Control Panel If necessary switch the view to the Large icons or Small icons view2 Click Internet Options If necessary click the General tab3 To change the home page for Internet Explorer click in the text box in the Home page section erase the existing text and type
httpwwwlearnkeycom4 Click the Security tab5 Click through each of the four Internet zones to see the security levels for those zones6 Click the Privacy tab You should see the following
7 To disallow websites from requesting your physical location select the Never allow websites to request your physical location check box
47 |Domain 1 A+ Part 2 (220-1002) Project Workbook
8 Click the Content tab On this tab you will see areas to control family safety settings certificates AutoComplete settings and feeds and web slices
9 Click the Connections tab 10 To see if a proxy server is in use click the LAN settings button When you are
finished viewing the LAN Settings window click the Cancel button11 Click the Programs tab 12 To choose an HTML editor click the drop-down arrow on the HTML editor field
and click an option13 To set programs to use for Internet services click the Set programs button The
Default Programs area in the Control Panel will open14 Close the Control Panel window15 Click the Advanced tab Take the time to scroll through the available options in the
Settings area16 Click the OK button to save changes made to your settings17 Open Internet Explorer Your new home page should load18 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video ReferenceDomain 1Topic Control Panel UtilitiesSubtopic Internet Options
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
161 Internet Options1611 Connections1612 Security1613 General1614 Privacy1615 Programs1616 Advanced
48 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Controlling Display SettingsOne area of performance on a computer is that of the display Specifically having the correct screen resolution color depth and refresh rate will ensure optimal display performance The specifics on these three settings are
Resolution The amount of pixels for width and height on the screen As an example a resolution of 1366 x 768 is 1366 pixels wide by 768 pixels high The native resolution is the recommended resolution for the display Any time the screen resolution is set to something other than the native resolution the picture can appear distortedColor Depth The amount of colors a screen can show 16-bit colors can show 216 or 65536 colors while 24-bit colors can show 224 or over 16 million colorsRefresh Rate The number of times a screen redraws per second A higher refresh rate makes for a clearer picture but too high of a refresh rate and the video card will cease functioning until the refresh rate is lowered to one the video card can handle
PurposeAt the completion of this project you will know how to adjust the resolution color depth and refresh rate for a display
Steps for Completion1 On a Windows device right-click the desktop2 From the shortcut menu that appears click Display Settings3 Click Display The Display window will appear4 To change the screen resolution click the drop-down arrow on the Resolution field
and click a different resolution5 Click the Apply button6 If you wish to keep the new resolution click the Keep Changes button If not click
the Revert button or let the time run out at which point your original screen resolution will return
7 Click Advanced Display Settings 8 Click Display Adapter Properties The adapter settings will appear9 If necessary click the Adapter tab To see color depth possibilities for your display
click the List All Modes button A list of modes will appear10 If you need to change the color depth click a color depth and click the OK button
Otherwise click the Cancel button11 Click the Monitor tab You will see a screen resembling this
12 Click the drop-down arrow on the Screen refresh rate field to see if any other screen refresh rates are available Leave the refresh rate on the current setting
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopic User Accounts
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
162 DisplayDisplay Settings1621 Resolution1622 Color depth1623 Refresh rate
49 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopic User Accounts
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
163 User Accounts
Configuring User AccountsOn a Windows machine there are two basic types of user accounts
Standard user These accounts can install software and change system settings as long as what they do does not affect other users on a computerAdministrator These accounts have complete control over the computer and can change files folders and any system settings
Often a single computer will have multiple accounts as multiple people will share a computer In those cases each user should have a separate user profile which includes folders for documents pictures videos and music In addition each user has a separate desktop and separate app settings such as Internet Explorer settings When a standard user account is created it is not password-protected by default All accounts on a computer should be password-protected As a best practice a technician should set a password on an account as soon as the account is created
PurposeUpon completing this project you will know how to add a local user account to a computer
Steps for Completion1 On a Windows device open the Control Panel If necessary switch the view to
Large icons or Small icons2 Click User Accounts 3 Click Manage another account You will see a screen with the current list of
accounts and their settings (administrator or standard user)4 Click Create a new account5 Click in the New account name text box and type TekkieVetsTest6 Make sure the Standard user option is selected and then click the Create Account
button7 To set a password click the TekkieVetsTest account8 Click Create a password9 Click in the New password text box and type Aplu$201910 Click in the Confirm new password text box and type Aplu$201911 Click in the Type a password hint text box and type Course12 Click the Create password button13 Close all open windows
50 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Folder OptionsOne aspect of a userrsquos experience in Windows is the way in which folders are controlled and displayed Of particular interest is whether to show extensions for files and whether one needs to see files which are typically hidden such as system files and application data files Users also have some options as to how items open While files usually open with a double-click folders can be configured to where files are opened with a single click if one desires
PurposeAfter completing this project you will be able to control how folders are viewed how files are opened and whether to hide files andor extensions
Steps for Completion1 On a Windows device open File Explorer2 Navigate to the C drive the Users folder and then the folder with your username
on it 3 If you are using Windows 7 click Organize and then Folder and search options On
Windows 88110 click the View tab and then the Options drop-down button and Change folder and search options
4 If you want to open each folder in a new window as you open folders select the Open each folder in its own window option
5 If you want a single click to open a file or folder select the Single-click to open an item (point to select) option
6 In the Navigation pane area select the Show all folders check box to display all folders in the Navigation pane
7 Click the View tab You will see this screen
8 To show hidden files and folders click the Show hidden files folders and drives option
9 To show all file extensions make sure the Hide extensions for known file types check box is cleared
10 Click the OK button Notice that the previously hidden AppData folder is now showing with a fainted icon indicating it is by default a hidden folder
11 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video ReferenceDomain 1Topic Control Panel UtilitiesSubtopic Folder Options
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
164 Folder Options1641 View hidden files1642 Hide extensions1643 General options1644 View options
51 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopics Virtual Memory Remote Settings System Protection
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
165 System1651 Performance (virtual memory)1652 Remote settings1653 System protection
Using the System AppletFrom the Control Panel the System applet is used to configure three distinct system settings
Performance (virtual memory) System performance can be affected by the visual effects enabled on the machine To improve performance some of these visual effects can be disabled Virtual memory is a paging file used to store temporary RAM on a hard drive This goes into effect when the physical memory is running very low on RAM Virtual memory is much slower than physical memory so it should only be used as a last resort As a best practice virtual memory should be set to 15 times that of the physical RAM Remote settings This area has Remote Assistance which is used to provide assistance to another computer while that computerrsquos user watches the session and Remote Desktop which is used to log on to a machine as if the user was there in personSystem protection This area controls system restore points System restore points are snapshots of the system settings and installed apps Should an installation take place which destabilizes the system the system can be rolled back to a restore point and act as if the app was never installed System restore points do not affect files created since or edited since the last restore point
Remote Assistance Remote Desktop and System Restore are all covered in detail in other projects in this course
PurposeAfter completing this project you will see how controlling Visual Effects and setting the virtual memory paging file can affect overall system performance
Steps for Completion1 On a Windows device open the Control Panel If necessary switch the view to
either the Large icons view or the Small icons view2 Click System 3 Click Advanced System Settings The System Properties will appear and the
Advanced tab will show4 In the Performance area click the Settings button5 To improve performance select the Adjust for best performance option Notice that
most if not all of the check boxes will be selected6 Click the Advanced tab7 In the Virtual Memory area click the Change button8 If the Automatically manage paging file size for all drives check box is selected clear
it9 Select the Custom size option10 Click in the Initial size (MB) text box and type the number which matches the
recommended paging file size at the bottom of the window11 Click in the Maximum size (MB) text box and type the number which matches the
recommended paging file size at the bottom of the window12 Click the Set button13 Click the OK button14 On the screen indicating a restart is needed click the OK button15 On the Performance Options window click the OK button16 On the System Properties window click the OK button17 Restart your computer
52 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Setting Power OptionsWith the increasing need for mobility in computers and the increasing need to try to save energy costs through not keeping computers fully powered at all times technicians are often asked to help users find the right combination of performance and power optionsThe Advanced Configuration Power Interface (ACPI) defines four power states
G0 Everything is on and workingG1 The system is in a low-power stateG2 The system is off but power is availableG3 The system is completely disconnected from power
A system should only be worked on if the power state is G3 meaning completely disconnected from power In addition to the four power states four sleeplow-power states are available
S1 The CPU is in Power on Suspend The CPU is not executing instructionsS2 The CPU is powered offS3 The system is in SleepSuspendStandby modeS4 The system is in a Hibernation state
In between the G0 and G3 power states there are three basic power settings available to most computers Here they are along with the classifications they belong to for power states and low-power states
Hibernate A power state of S4G1 A snapshot of the RAM is taken and stored on the hard drive and then the computer is shut down When the computer is powered back up the RAM is restoredSleepsuspend A power state of S3G1 This state allows the computer to return to full power quickly Any user action wakes up the computerStandby A power state of S3G1 This is another name for the sleepsuspend state
On Windows computers (especially mobile devices) power can be managed through a power plan In this power plan there are three normal settings
Balanced No emphasis is given to the performance or the batteryPower saver Saves the battery but performance is lower Some laptops switch to this by default when a battery reaches a low percentageHigh performance Performance is as fast as possible but the battery drains more quickly Some systems have this hidden by default
Another setting Advanced Power Settings allows one to set up a customized power plan Part of a customized power plan involves setting a time limit a computer is inactive before it goes into a power-saving mode
PurposeAfter completing this project you will know how to set up a power plan on a Windows system
Steps for Completion1 On a Windows device open the Control Panel If necessary change the view to the
Large icons view or the Small icons view2 Click Power Options3 If a Show additional plans area is present click the drop-down arrow to the right of
the section A high-performance plan option should display4 Next to the Power saver plan click the Change plan settings option 5 Click the drop-down arrow to the right of the Turn off the display setting and click
10 minutes6 Click the Save changes button7 If you want to change the power plan to the Power saver plan select the Power
saver option8 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopics Power Plans Power States
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
167 Power Options1671 Hibernate 1672 Power plans1673 Sleepsuspend1674 Standby
53 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Credential Manager and Programs and FeaturesThe Credential Manager is a Control Panel applet that stores usernamepassword combinations for websites and Windows accounts When a user is on a website logs on to the site and then allows a web browser to store the username and password combination the Credential Manager is the location in which that combination is stored
The Programs and Features applet in the Control Panel allows one to uninstall change and repair apps view and uninstall Windows updates and enable or disable Windows features Windows updates should only be uninstalled if the updates caused instability within the system
PurposeAfter completing this project you will know how to perform administrative tasks using the Programs and Features applet in the Control Panel You will also know how to verify stored usernames and passwords in the Credential Manager
Steps for Completion1 On a Windows device open the Control Panel2 If you are in the Category view click Programs3 Click Programs and Features4 To uninstall an app click an app you wish to uninstall 5 Click Uninstall6 When you are asked if you are sure you want to uninstall the app click the Yes
button If you get the User Account Control screen click the Yes button After several moments your app will be uninstalled
7 To see the recently installed Windows updates click View installed updates If you need to uninstall an update you can click the update and click uninstall but for now just view the updates
8 To turn a Windows feature on or off click Turn Windows features on or off 9 Return to the Control Panel home10 Switch to Large icons or Small icons view11 Click Credential Manager12 Review the list of web credentials If there are any you do not need remove them13 Review the list of Windows credentials If there are any you do not need remove
them14 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 3Topic Control Panel UtilitiesSubtopics Credential Manager Programs and Features
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
168 Credential Manager169 Programs and features
54 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Devices and PrintersAs part of supporting a Windows computer a technician needs to know how to install printers and similar devices This is often done through the Control Panel The printer does not necessarily need to be connected to the computer in order for it to be installed but the drivers for the printer need to be present Some drivers are present in Windows and some need to be downloaded from the printerrsquos support website
For computers sharing multiple printers the printers can be managed through the Print Management console While this is more commonly done on servers than workstations a technician still needs to know how to support and configure printers through this console
PurposeAfter completing this project you will know how to install a printer through the Control Panel and you will know how to view printers in the Print Management console
Steps for Completion1 On a Windows device open the Control Panel If necessary change the view to the
Large icons view or the Small icons view2 Click Devices and Printers A list of installed devices and printers will display3 Click Add a Printer 4 Click Add a local printer5 On the screen to choose a printer port click the Next button 6 Choose a manufacturer and a printer and click the Next button (or if you have the
drivers downloaded click the Have Disk button and browse to the disk location containing the drivers)
7 Click the Next button If you wish to change the Printer name click in the Printer name text box erase the printer name and type a new printer name
8 Click the Next button 9 On the Printer Sharing screen make sure the Share this printer so that others on
your network can find and use it option is selected and click the Next button10 Clear the Make this printer the default printer check box11 Click the Finish button The printer will show in the Devices and Printers area12 Open Administrative Tools13 Double-click the Print Management shortcut You will see a screen resembling the
following
14 Double-click the All Printers folder in the middle of the screen You will see the printers installed on the computer and their statuses
15 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel Utilities Subtopic Devices and Printers
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1611 Devices and printers
55 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Controlling SoundA technician needs to know how to control sound and speaker settings (and for some users microphone settings) A lot of this work can be done through the Sound applet in the Control Panel
PurposeAt the end of this project you will know which sound options can be controlled through the Control Panel
Steps for Completion1 On a Windows device open the Control Panel If necessary switch the view to the
Large icons view or Small icons view2 Click the Sound link The Sound applet will open3 To configure the speakers click the speakers and click the Configure button 4 If your computer is part of a surround sound system click the matching surround
option and click the Test button5 Click the Next button6 If your speaker set has full-range speakers select the Front left and right check box7 Click the Next button8 On the Configuration complete screen click the Finish button9 Click the Recording tab If there is a microphone present it will show on the
Recording tab To view its properties click the Properties button10 When you are done viewing the microphone properties click the Cancel button11 Click the Sounds tab You will see this
12 If you wish to change the sound scheme click the drop-down arrow on the Sound Scheme field and click a different scheme
13 Click the Communications tab You will see an opportunity to adjust the volume if you are using your computer to place or receive telephone calls
14 Click the OK button15 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel Utilities Subtopic Sound
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1612 Sound
56 | Domain 1 A+ Part 2 (220-1002) Project Workbook
TroubleshootingMost troubleshooting in Windows is specific to an app a known hardware issue or some kind of network connectivity Occasionally a Windows problem is not easy to find even though the system may not be running at optimal capacity and efficiency For these situations the Troubleshooting tool located in the Control Panel can sometimes help diagnose a Windows problem The Troubleshooting tool has many categories available to choose from A technician can run one or more troubleshooting tasks from the tool
PurposeAfter completing this project you will know how to access and run the troubleshooting wizard
Steps for Completion1 On a Windows device open the Control Panel If necessary switch the view to
Large icons or Small icons2 Click Troubleshooting3 In the System and Security group click Improve power usage4 On the introductory screen of the wizard click the Next button When the wizard
is done you will see the results They will look similar to these
5 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Control Panel Utilities Subtopic Troubleshooting
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1613 Troubleshooting
57 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Device ManagerWhen a hardware device inside of a computer is not functioning properly the first place a technician should check for clues as to what may be causing the issue is Device Manager Device Manager has a complete list of hardware devices on a computer If Device Manager opens and within the list of the devices none of the devices are expanded then all of the recognized hardware devices are functioning If there is a hardware issue the hardware device will be expanded and one of these three symbols will show
A blue question mark Windows knows a device is there but it cannot determine what the device is One should reinstall the device with the correct drivers for the deviceA yellow exclamation point Windows recognizes the device but it is not functioning properly usually due to an incorrect driver The device should be reinstalled using the latest correct driversA black arrow This indicates a device has been disabled In the case of a virtual network adapter such as a VPN adapter it should be disabled unless the VPN connection is on Otherwise right-clicking the device and clicking the Enable option should solve the problem
PurposeUpon completing this project you will know how to access Device Manager and be able to investigate possible hardware problems
Steps for Completion1 On a Windows device open the Control Panel If necessary switch the view to
Large icons or Small icons2 Click Device Manager You will see a list resembling this
3 If any devices have a yellow exclamation point on them right-click the device and click Properties In the Device status area a message will display suggesting a solution (usually updating the driver which can be done on the Driver tab)
4 If any devices have a black arrow and the device should be enabled right-click the device and click Enable
5 Close the Device Manager
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopic Device Manager
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1615 Device Manager
58 | Domain 1 A+ Part 2 (220-1002) Project Workbook
BitLocker and Sync CenterThe final two Control Panel utilities covered in this set of exam objectives are the BitLocker and Sync Center tools BitLocker is used to encrypt entire hard drives BitLocker encrypts internal hard drives while BitLocker To Go encrypts external hard drives The next domain in this course will have a project in which you will get some practice using BitLocker
Sync Center allows one to synchronize files with a network drive and then work on those files locally that is without being connected to a network This is done through setting up sync partnerships between the local device and a network folder This feature is similar to cloud storage apps such as OneDrive GoogleDrive or Dropbox which also allow one to sync files between a local folder and a network folder
PurposeUpon completing this project you will know the basics of both BitLocker and SyncCenter
Steps for Completion
1 Which type of hard drives does BitLocker encrypt 2 Which type of hard drives does BitLocker To Go encrypt
3 How does sync center sync files between a local drive and a network drive
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopics BitLocker SyncCenter
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1616 BitLocker1617 SyncCenter
59 |Domain 1 A+ Part 2 (220-1002) Project Workbook
System and OS Requirements and Installation MethodsRAM drive space and operating system compatibility are the most important CompTIA installation requirements to consider when installing software These are minimum requirements and the software may not run well on the minimum requirements
The most common install method for software is to download the software and install it For the exam realize that software can be installed through optical media USB and through network connections as well
PurposeUpon completing this project you will know the minimum software installation requirements and how to find the information You will also know which is the most common method used to install software given a situation
Steps for Completion1 What is the minimum RAM required to install Office 2019
2 What is the recommended amount of RAM for Office 2019
3 What is the minimum drive space required to install Office 2019
4 What Windows operating system is compatible with Office 2019
5 Which methods are most commonly used for software that needs to be installed on
a device with no Internet connection 6 Which software installation method involves an administrator pushing installations
to devices
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Application Installation ConceptsSubtopics System and OS Requirements Installation Methods
Objectives Covered1 Operating Systems
17 Summarize application installation and configuration concepts
171 System requirements1711 Drive space1712 RAM
172 OS requirements1721 Compatibility
173 Methods of installation and deployment
1731 Local (CDUSB)1732 Network-based
60 | Domain 1 A+ Part 2 (220-1002) Project Workbook
FolderFile AccessFolderfile access requires the user to have local user permissions to install the app in the appropriate installation folder The only exceptions are standard user accounts as they can usually install apps to the Program Files folder The Program Files folder requires no special permissions for installing apps
PurposeUpon completing this project you will know what types of situations will require local user permissions to install apps on a system
Steps for Completion
1 Where are 32-bit apps installed on a 64-bit system
2 Where are 64-bit apps installed on a 64-bit system 3 Which type of permissions are needed to install apps in a folder other than the
Program Files folder 4 What on a Windows domain could prevent standard users from installing apps
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Application Installation ConceptsSubtopic FolderFile Access
Objectives Covered1 Operating Systems
17 Summarize application installation and configuration concepts
174 Local user permissions1741 Folderfile access for installation
61 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Security ConsiderationsSecurity considerations need to be made for the impact a program will have on an individual device and on the network Every app that moves data back and forth through a firewall can also move malware into a system It is important to make sure apps will not open ports that should not be open and put the system security at risk
PurposeUpon completing this project you will know what to look for to determine the impact an app will have on an individual device or network
Steps for Completion1 How can you make sure an app will not open unnecessary holes in the systemrsquos
security
2 What will happen to a network if an app requires a constant network connection
3 If an app does require a constant network connection what can you do to lessen the impact on the network
4 What types of apps should not be installed in a corporate environment Why
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 1Topic Application Installation ConceptsSubtopic Security Considerations
Objectives Covered1 Operating Systems
17 Summarize application installation and configuration concepts
175 Security considerations1751 Impact to device1752 Impact to network
62 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Peer-to-Peer NetworksPeer-to-peer networks are networks which usually contain 10 or fewer devices and are best suited for homes and small businesses In a peer-to-peer network there is no central authority controlling accounts and permissions Thus every computer has its own set of usernames passwords and shared resources such as folders and printers Windows peer-to-peer networks are known as workgroups When Windows is installed on a computer at the point it joins a network it joins a workgroup unless a technician specifically joins the computer to a domain (a clientserver network with a central point of authority)
In Windows 7 a new type of workgroup called a HomeGroup became a standard for peer-to-peer networks A HomeGroup makes it easier for computers to share resources in two ways First a user does not have to share a resource through setting up a share which is a task the average home user will not know how to do With a HomeGroup a wizard helps a user decide which resources are to be shared Secondly a HomeGroup has a single password This is in contrast to a traditional peer-to-peer network in that for those networks each computer will have a different password For another user to join a HomeGroup the user just has to have a computer on the same network as the computer which started the HomeGroup and know the password to the HomeGroup Any computer with Windows 7 8 or 81 can join a HomeGroup so long as the computerrsquos network settings are set to Private (as opposed to Public or Domain) Computers with Windows 7 Starter or Home Basic editions cannot initiate a HomeGroup As of the later versions of Windows 10 HomeGroups are no longer availalble
PurposeUpon completing this project you will know how to identify the type of network a computer is on you will know how to start a HomeGroup and you will know how to join another computer to a HomeGroup For this project you will need two Windows 7 8 or 81 computers on the same network
Steps for Completion1 On a Windows 7 Professional Ultimate or Enterprise computer or a Windows 8 or 81 computer open the Control Panel If
necessary switch the view to Large icons or Small icons2 Click HomeGroup3 Click the Create a homegroup button You will be asked which libraries you wish to share4 Select the check boxes for the folders you wish to share and clear the check boxes for the folders you do not wish to share5 Click the Next button6 Write down the password you see as you will need this to connect any other computers to the HomeGroup7 Click the Finish button8 On a second Windows 7 8 or 81 computer on the same network open the Control Panel If necessary switch the view to
Large icons or Small icons9 Click HomeGroup If you get a message saying that the computer needs to be on a private network click the link and then click
Yes to the message on finding other computers You should a screen similar to this
10 Click the Join Now button11 Click the Next button You will see a screen asking which folders you wish to share12 Make any desired changes to the folders you wish to share or not share and click the Next button13 Click in the Type the password text box and type the password you were given earlier in this project14 Click the Next button You should see a message indicating yoursquove joined the HomeGroup15 Click the Finish button
63 |Domain 1 A+ Part 2 (220-1002) Project Workbook
16 Open Windows Explorer (File Explorer for Windows 881)17 Look for the HomeGroup section on the left side of the screen You should see at
least two computers in the HomeGroup area 18 Click each computer in the HomeGroup area to see the libraries each computer
has shared19 Close all open windows on both computers
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopic HomeGroup
Topic Windows Networking ConfigurationSubtopic HomeGroup vs Workgroup
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1610 HomeGroup18 Given a scenario configure Microsoft Windows networking on a clientdesktop
181 HomeGroup vs Workgroup
64 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Joining a Computer to a DomainWhereas most networks in homes and small businesses are peer-to-peer networks most corporate networks are clientserver networks A clientserver network is a domain network in which accounts resources and permissions are centrally controlled in a database residing on a server For Windows that database is Active Directory and it resides on Windows Server
An A+ technician is not expected to manage all of the nuances of Active Directory What a technician is expected to be able to do is join a computer to a domain To join a domain the edition of Windows on a machine must be the Professional edition or higher and an account with permissions to join computers to a domain must be available
PurposeAfter completing this project you will know how to join a computer to a domain
Steps for Completion1 On a Windows device with the Professional or higher edition and not joined to
a domain open the Control Panel If the Control Panel is in Category view click System and Security
2 Click System The System window will appear3 In the Computer name domain and workgroup settings click Change settings You
will see the a screen resembling this
4 Click the Change button The Computer NameDomain Changes dialog box will appear
5 Select the Domain option6 Click in the text box below the Domain option and type the name of the domain
you wish to join7 Click the OK button You will see the Windows Security login window8 In the logon window click in the User name text box and type a username of an
account with permissions to join the domain9 Click in the Password text box and type the password for the account you are
using to join the domain10 Click the OK button11 Click the OK button12 On the window telling you to restart the computer click the OK button13 On the System Properties window click the Close button14 Click the Restart Now button15 When the computer restarts log on to the computer using a domain account
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Domain Setup
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
182 Domain setup
65 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Setting Up and Mapping to SharesWhen a computer user has files to share with others on a network the easiest way to accomplish this is through setting up a network share with permissions to users and groups which need access to those files Once the network share is set up other computers on the network can access the share and if desired create a connection to that share through creating a map to that folder A map involves assigning a drive letter to the folder
Another type of share and one which does not need to be created is an administrative share Those with administrative permissions on a computer can access that computer (as long as it is on the same network) through preset administrative shares Some examples of administrative shares include
computernamec$ Accesses the C drive on another computer (substitute computername with the computerrsquos name)computernameprint$ Locates printer drivers on another computercomputernameadmin$ Locates the Windows folder on another computer
After completing this project you will know how to set up a network share and then create a map to that share For this project you will need two devices on the same network
Steps for Completion1 On a Windows device create a folder on the C drive and name the folder Proposals2 Inside of the Proposals folder add a text file and name it First Draft3 Navigate back to the C drive4 Right-click the Proposals folder and click Share with and then click Specific people You will see a screen resembling this
5 To share this folder with the Users group click in the Type a name and then click Add field or click the arrow to find someone text box and type Users
6 Click the Add button Notice that the Users group is added with a permission level of Read meaning they can read what is in this folder but they cannot edit the contents of the folder
7 Click the Share button After a few moments you will see this screen
8 Make note of the computer name as you will need it later in this project and click the Done button9 Log on to another computer in the same network as the computer on which you just created the share10 Open File Explorer11 Click in the address bar erase the existing text and type COMPUTERNAME (where the computer name is the one you
used to create the share)
66 | Domain 1 A+ Part 2 (220-1002) Project Workbook
12 Press the Enter key 13 Right-click the Proposals folder and click Map network drive You will see a screen
that looks like this
14 Click the Finish button The folder will open as a mapped drive and you should see the First Draft file
15 Click This PC Notice the mapped drive to the Proposals folder16 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Shares and Mapping
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
183 Network sharesadministrative sharesmapping drives
67 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Printer Sharing and MappingIn addition to network shares and administrative shares on computers printers can be shared and then connected to over a network The only difference between printer shares and folder shares is that in printer shares one can access a printer and also install it This is possible because when a printer is shared its drivers are made available for use for installation
PurposeAfter completing this project you will know how to share a printer and then connect to it and install it on another computer
Steps for Completion1 On a Windows device with a printer installed open the Control Panel2 Click View Devices and Printers (Devices and Printers if the Control Panel is in
Large icons or Small icons view)3 Right-click the printer you wish to share and click Printer Properties4 Click the Sharing tab You will see this image
5 Select the Share this printer check box6 Click the OK button7 Before continuing make sure you know the computer name on which you just
shared the printer8 On another Windows device on the same network open File Explorer9 Click in the Address bar erase the text in the address bar and type
computername where computername is the name of the computer on which you shared the printer
10 Press the Enter key You should see a shortcut to the printer you just shared11 Right-click the printer and click Open A screen will appear indicating the printer is
looking for and then downloading the driver When the printer status box appears the installation is complete
12 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Printer Sharing and Mapping
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
184 Printer sharing vs network printer mapping
68 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Establishing Network ConnectionsThough an A+ technician is not expected to perform all of the duties of a network administrator a technician does need to know how to connect a client computer to a network There are several different types of network connections each with its own set of steps to establish a connection
Connection Type
Steps for Setting Up a Connection
Dial-up Needed in areas where high-speed Internet is unavailable This can be the case in remote areas A connection is established through the Network and Sharing Center
Wireless To connect to a wireless access point one needs to know the wireless standards available (80211a b g n or ac) the Service Set Identifier (SSID) the security method and the passphrase
Wired Plug a network cable into the client machine and then plug the other end into a wall unit or in the case of a home network a switch or router
WWAN A wireless wide area network connection is an Internet connection using a cellular card such as a wireless air card The air card will usually have accompanying software used to configure the connection
Through one of these network connections a computer may need to set up a secure connection to a corporate network as in the case of a company employee working remotely The most common type of connection for this situation is that of a virtual private network (VPN) connection A VPN is a private connection using public means such as the Internet Upon establishing a VPN connection a private tunnel is created using one of the following protocolsbull Point-to-Point Tunneling Protocol (PPTP)bull Layer Two Tunneling Protocol (L2TP)Data should be encrypted when transmitting over a VPN The most common means for encryption is Internet Protocol Security (IPSec) IPSec encrypts both the authentication information and the data being transferred through the VPN tunnel
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopics VPN and Dial-Ups Wireless and Wired WWAN
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
185 Establish networking connections
1851 VPN1852 Dial-ups1853 Wireless1854 Wired1855 WWAN (Cellular)
PurposeUpon completing this project you will have familiarity with the different types of network connections which can be established
Steps for Completion1 For each situation identify the type of network connection needed
a A user in a remote location does not have any high-speed network capabilities
b A user needs to use a cellular connection to reach the Internet due to no wireless access point nearby
c A user needs a private secure connection to a workplace from a remote location 2 To set up a VPN connection on a Windows Vista 7 8 or 81 machine open the Control Panel If you are in the Category view
click Network and Internet3 Click Network and Sharing Center4 In the Network and Sharing Center window click Set up a new connection or network5 Click Connect to a workplace6 Click the Next button7 Click Use my Internet connection (VPN) 8 Click in the Internet address text box and type an address for the VPN connection9 Click in the Destination name text box erase the text in the box and type Test VPN10 Click the Create button If this is a real connection and you wish to test it click the connection and enter the credentials you
use to get onto the network
69 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Controlling Proxy SettingsA proxy server is a server which is used to control network traffic for client computers mainly through controlling Internet requests made by computers on a network Proxy servers provide a number of protection services on a network including
Network Address Translation (NAT) A proxy server can act as a NAT server in that it can provide an IP address to add to any packet requesting data over the Internet This protects the IP addresses of computers inside of the networkContent caching Proxy servers can store content from frequently visited websites This prevents computers from having to download content from a website each time a website is visited In content caching the proxy server checks on behalf of a requesting computer to see if there is any new content from a website Otherwise the client computer receives the cached contentContent filtering Some proxy servers can also act as content filters Administrators can place filters on proxy servers to deny requests for websites administrators feel are inappropriate to a business environment
Proxy servers can work in conjunction with firewalls Firewalls in some cases can be set to block all Internet traffic except that which is allowed by a proxy server
PurposeAfter completing this project you will know how to set proxy server settings in Internet Explorer This is a skill a technician needs to have in order to set client machines to use a proxy server set up by a network administrator
Steps for Completion1 On a Windows device open the Control Panel If necessary change the view to
Large icons or Small icons2 Click Internet Options The Internet Properties window will appear3 Click the Connections tab4 Click the Settings button You will see this screen
5 To set a proxy server select the Use a proxy server for this connection check box6 Click in the Address text box and enter the address for the proxy server7 Select the Bypass proxy server for local addresses check box if you do not wish to
use the proxy server for local websites8 Click the OK button9 Click the OK button to close the Internet Properties window
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Proxy Settings
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
186 Proxy Settings
70 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Using Remote Desktop ConnectionsOne tool a technician can use to help troubleshoot a system is to remotely access the system This allows one to work on the computer as if the person is physically sitting at the computer For Windows computers there are two types of remote access
Remote Assistance In this remote access setup a user can request remote assistance from a designated user such as a technician or administrator This is often used when a user is requesting technical support but wants to watch what the technician is doing on the computer A user can then use Windows Remote Assistance to initiate a request to another computer for help This request can be saved as an invitation file and emailed to the technician who can then open it connect to the userrsquos computer and assist the userRemote Desktop A person logs on to another computer and completely takes it over The original user computer cannot see what the remote user is doing This is typically set up when a user needs to access a work machine from a remote location or when an administrator needs to log into a server in a remote location The actual system utility used for Remote Desktop is Microsoft Terminal Services Client (MSTSC) A computer can receive remote connections for Remote Desktop if the edition of Windows is the Professional edition or higher
For either of these remote connections to work the features must be enabled on the computer needing remote access An access list then needs to be created for users and groups which will be allowed to access the computer via Remote Desktop
PurposeUpon completing this project you will know how to set up both Remote Assistance and Remote Desktop You will also know how to access another computer using Remote Desktop For this project you will need two computers with both computers belonging to the same network
Steps for Completion1 On a Windows device that does not have a Home edition of Windows open a command prompt2 Type IPCONFIG and press the Enter key3 Note the IP address of the computer as you will need this address later in this project4 Close the Command Prompt window5 Open the Control Panel If necessary switch the view to either Large icons or Small icons6 Click the System link The System window will open7 Click Remote Settings You will see the System Properties dialog box8 To enable Remote Assistance make sure the Allow Remote Assistance connections to this computer check box is selected9 To enable Remote Desktop make sure the Allow connections from computers running any version of Remote Desktop (less
secure) option is selected10 Click the Select Users button11 Note that your user account already has access to this computer If you wish to add any other users or groups for remote
access click the Add button type in a username or group you wish to grant access to this computer and click the OK button twice
12 On another computer running Windows and on the same network as the computer you just configured for remote access click the Start button (press the Windows logo key if using Windows 8)
13 Type mstsc When the mstsc shortcut appears (it may say Remote Desktop Connection instead of mstsc) click it You will see this
71 |Domain 1 A+ Part 2 (220-1002) Project Workbook
14 Click in the Computer text box and type the IP address of the machine on which you configured remote access
15 Click the Connect button16 Click Use another account17 Click in the User name text box and type your username18 Click in the Password text box and type your password19 Click the OK button If you get a message about an identity of the remote computer
click the Yes button You will then be logged on remotely to the computer on which you configured remote access
20 Click the X in the blue bar at the top of the screen to close the remote connection
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Remote Desktop Connection Remote Assistance
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
187 Remote Desktop Connection188 Remote Assistance
72 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Network and Sharing CenterPart of a technicianrsquos role in supporting systems is to identify configure and when needed troubleshoot their network connections The Network and Sharing Center accessible from the notification area of the desktop and from the Control Panel allows a technician to identify and troubleshoot network connections create network connections and connect to existing networks There is also a shortcut to change settings for the network adapter(s) on a computer Any time a computer joins a workgroup-based network (as opposed to a domain) the computer is in one of three types of network locations
Home Network discovery is enabled meaning the device can be seen by others in the network Devices using the home network setting can join a HomeGroupWork Discovery settings are the same as for the Home type of network A computer on a Work network cannot join a HomeGroupPublic In this network type network discovery is disabled meaning the device will not be seen by other devices on the network This setting should be used any time a device is on a public network such as a wireless network in a store coffee shop or airport Unless the device is in a home or small business network this should be the network setting
PurposeUpon completion of this project you will be familiar with available settings in the Network and Sharing center and you will know how to set a network location through the Network and Sharing center
Steps for Completion1 On a Windows device which is not joined to a domain open the Control Panel 2 If you are in Category view click View network status and tasks If you are the Large
icons or Small icons view click Network and Sharing Center 3 Take a few moments to go through the Change your networking settings area to see
which network settings can be affected through this tool When you are done look for the Network location in the View your active networks area It will say Home network Public network or Work network Click the setting
4 If your computer is in a Home network click Work network If it is in a Work or Public network click Home network You will see a screen similar to this (the screen will depend upon the network location chosen)
5 On the screen indicating your new network location click the Close button6 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Control Panel Utilities Subtopic Network and Sharing Center
Topic Windows Networking Configuration Subtopic Network Settings
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
1614 Network and Sharing Center18 Given a scenario configure Microsoft Windows networking on a clientdesktop
189 Home vs Work vs Public network settings
73 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Using Windows FirewallWindows Firewall is a software app used to help protect systems from unwanted traffic Firewalls are set to allow or deny traffic based on ports protocols and programs On a computer the firewall can be turned on or off and settings can be made for the following networks
Public A network a computer is connected to in an area such as a coffee shop airport or other place with public Wi-Fi networksPrivate A workgroup or HomeGroup network usually present in a home or small business environmentDomain A network controlled by a Windows Server hosting Active Directory
Every system should have a firewall turned on even if is not Windows Firewall This project focuses on configuring Windows Firewall
As part of Windows Firewall a technician may need to allow a program which is ordinarily blocked by the firewall through the firewall This is known as an exception Technically an exception is a detour from the normal rules For example if all ports from 55000 to 55100 are blocked unblocking port 55010 would be an exception
PurposeAfter completing this project you will know how to allow or deny traffic based on a port in Windows Firewall which is a task a technician will need to do in a situation in which a custom app runs on a custom port and the port needs to be opened in order for traffic to flow from the app to the computer
Steps for Completion1 On a Windows device open the Control Panel If necessary change the Control
Panel view to either the Large icons or Small icons view2 Click Windows Firewall 3 Click the Turn Windows Firewall on or off link on the left side of the screen4 Make sure Turn on Windows Firewall is the option selected for each location and
click the OK button5 Click the Allow program or feature through Windows Firewall link 6 To allow an exception for Windows Remote Management on a private network
scroll down to the Windows Remote Management setting and select the check box for that role under the HomeWork (Private) column
7 Click the OK button8 Click the Advanced Settings link on the left side of the screen You will be taken to
the Windows Firewall with Advanced Security screen9 On the left side of the screen click Inbound Rules A list of inbound rules will
appear10 On the right side of the screen click New Rule 11 To set a rule to open a port select the Port option Click the Next button12 To open a specific port (we will use port 81 in this example) click in the Specific
local ports box and type 8113 Click the Next button14 On the Action screen make sure the Allow the connection option is selected and
click the Next button You will see the Profile screen15 Make sure all three check boxes are selected Click the Next button and the Name
box will appear16 Click in the Name box and type Open port 81 for custom app17 Click the Finish button Your new rule will be at the top of the inbound rules list18 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Control Panel UtilitiesSubtopics Windows Firewall
Topic Windows Networking ConfigurationSubtopics Firewall Exceptions Firewall Configuration Enabling and Disabling Firewalls
Objectives Covered1 Operating Systems
16 Given a scenario use Microsoft Windows Control Panel utilities
166 Windows Firewall18 Given a scenario configure Microsoft Windows networking on a clientdesktop
1810 Firewall settings18101 Exceptions18102 Configuration18103 Enablingdisabling Windows Firewall
74 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Configuring an Alternative IP AddressMost devices when joining a network obtain an IP address through a DHCP server For the vast majority of home networks and small business networks this is the only configuration a network adapter will need However in larger businesses an alternative IP address will occasionally need to be configured This is especially the case when a device frequently switches back and forth between networks and one network uses DHCP to manage IP addresses and the other network has devices set to use static IP addresses If an alternative IP address is not configured the device will usually resort to having an automatic private IP address (APIPA) and not be able to communicate with other devices except for those which also have an APIPA
In order to configure an alternative IP address a technician needs to know the following informationbull IP addressbull Subnet maskbull DNS server addressbull Default gateway address
PurposeAfter completing this project you will know how to add an alternative IP address to a device
Steps for Completion1 On a Windows Vista 7 8 or 81 computer open the Control Panel If the Control
Panel is in the Category view click Network and Internet2 Click Network and Sharing Center3 Click Change Adapter settings4 Right-click the network adapter for which you wish to set an alternative IP address
and click Properties5 Click Internet Protocol Version 4 (TCPIPv4)6 Click the Properties button 7 Click the Alternate Configuration tab8 Select the User configured option9 Click in the IP address text box and enter an IP address10 Click in the Subnet mask text box and enter an IP address to
represent the subnet mask11 Click in the Default gateway text box and enter an IP address
for the default gateway12 Click in the Preferred DNS server text box and enter an IP
address for the DNS server A finished set of entries will look similar to the example on the right
13 Click the OK button14 Click the Close button
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Atlternative IP Addressing
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
1811 Configuring an alternative IP address in Windows
18111 IP addressing18112 Subnet mask18113 DNS18114 Gateway
75 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Network Card PropertiesAs part of setting up and troubleshooting networks technicians need to be aware of network card properties Normally network card properties are not the cause of a devicersquos inability to connect to a network However a technician still needs to know about the following network card properties and their characteristics
Property CharacteristicsDuplex settings
Simplex One-way network traffic This is a very uncommon settingHalf-duplex Network traffic is allowed in both directions but in only one direction at a time This often shows as an amber colored light on a network interfaceFull-duplex Data can be sent and received as the same time This often shows as a green blinking light on a network interfaceAutonegotiation The network card automatically sets the speed and duplex settings as needed
Speed Speed can be set on a network card When two network interfaces with differing speeds wish to exchange data the data will only transfer at the speed of the slower of the two interfaces
Wake on LAN
A network card can receive a signal from a server to turn on a machine when the machine is off or in sleep or hibernation mode This feature is used when an administrator needs to send updates to machines during non-business hours This feature needs to be enabled both on the network card and in the BIOS
QoS Quality of Service (QoS) controls network traffic through type prioritization For example a higher or lower priority can be given to an app using a specific port
BIOS settings
The most common BIOS setting for a network card is the enabledisable setting For example if a network card is installed on a computer with an on-board network card a technician will often disable the on-board network card
PurposeAfter completing this project you will know where in a network cardrsquos properties to go to in order to find these features and if necessary configure them
Steps for Completion1 On a Windows device open the Control Panel If the Control Panel is in Category
view click Network and Internet2 Click Network and Sharing Center3 Click Change adapter settings4 Find the network card you wish to use to view network card properties right-click
the network card and click Properties5 On the Local Area Connection Properties window click the Configure button 6 Click the Link Speed amp Duplex property7 Click the drop-down arrow on the value field You will see several half-duplex and
full-duplex settings all categorized by speed 8 Click Auto Negotiation to choose to let the network card figure out the speed and
duplex mode it needs for its network connections9 Click the Power Management tab10 If you wish to change any Power Management settings select or clear any check
box for the setting you wish to change11 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Windows Networking ConfigurationSubtopic Speed and Duplex Wake on LAN Power Management
Objectives Covered1 Operating Systems
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
1812 Network card properties18121 Half duplexfull duplexauto18122 Speed18123 Wake-on-LAN18124 QoS18125 BIOS (on-board NIC)
76 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Mac Best PracticesMacs are considered to be fairly self-reliant with maintenance and update tasks However there are still some best practices to follow with maintenance and update tasks on a Mac Maintenance and update best practices can fall into several categories Here are those categories along with a description and best practices for each category
Category Best PracticesScheduled backups
Many Mac items can be exported to an archive Two possible ways to back up files are to synchronize them with iCloud or a third-party cloud storage tool The best practice for using a scheduled backup is to use Time Machine since Time Machine runs an hourly backup by default
Scheduled disk maintenance
Disk maintenance typically happens automatically on a Mac but the Disk Utility can be run if a disk problem is suspected
System updates System updates can be automatically turned on through System Preferences Apps can be set to download automatically to other Macs belonging to the same Apple ID The Last Check shows the time of the last automatic updates Password saving and re-entry policies can be controlled for both free apps and purchased apps
Patch management
Most Mac apps have automatic updates so long as automatic updates are enabled Third-party tools can help manage system patches
Driverfirmware updates
Firmware update notifications are usually automatic but can be downloaded from the support area of Applersquos website If a gray screen appears and freezes the system detach and disable non-Mac add-ons and run a disk check Driver updates come from the respective device manufacturers
Antivirusantimalware updates
Third-party antivirusantimalware tools are available Keep the definitions on these tools updated
After completing this project you will have a better understanding of best practices for maintenance and updates on a Mac
Steps for Completion1 For each best practice situation identify the tool one can use to fulfill the listed need
a A cloud-based storage tool to which to back up files iCloud
b A disk maintenance problem is suspected Disk Utility
2 If you have a Mac available to look at the configuration for system updates click the Apple logo near the top-left corner of the screen
3 Click System Preferences You will see the following
77 |Domain 1 A+ Part 2 (220-1002) Project Workbook
4 Click the App Store icon You will see a screen similar to the one below
5 Make sure the first four check boxes are selected6 Close the App Store window
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Mac FeaturesSubtopics Scheduled Backups Schedule Disk Maintenance System Updates
Objectives Covered1 Operating Systems
19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
191 Best practices1911 Scheduled backups1912 Scheduled disk maintenance1913 System updatesApp Store1914 Patch management1915 Driverfirmware updates1916 AntivirusAntimalware updates
78 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Mac ToolsMacs have several maintenance tools technicians can use to make sure a userrsquos Mac is performing at its optimum level and that the data is backed up on a regular basis to protect the data from destruction due to a hardware failure or accidental deletion In addition Macs have unique tools used for allowing remote access and for terminating an app which is open but has stopped working Here are some common tools used on Macs along with a description of each
Tool DescriptionTime Machine Used to set up automatic backups for a Mac A second hard drive or network location is needed Backups take
place every hour Hourly backups are consolidated into a daily backup once a day Daily backups are consolidated into weekly backups once a week Weekly backups are kept until disk space runs out When disk space is needed the oldest backups are removed
RestoreSnapshot
If a file or folder needs to be restored it can be restored from Time Machine MacBooks will take a snapshot of a hard drive while the drive using Time Machine is disconnected from the MacBook Then when the drive using Time Machine is reconnected the backups move to that drive
Image Recovery Disk images can be created using the Disk Utility tool These images can be created from a disk or a folder on the disk These images can be used to recover files and folders in case files or folders need to be restored
Disk Utility Similar to Disk Management in Windows Disk Utility can create expand and shrink partitions Disks can be mounted unmounted and formatted
ShellTerminal A command prompt app used to run commands and scripts and can be used to access other machines through Secure Shell (SSH) Terminal is a UNIX-based app used to run commands many of which are similar to Linux commands
Screen Sharing An app which allows others to remotely access a Mac similar to Remote Desktop Connection in Windows Permissions need to be given to any user or group needing access to the machine (or they can be given globally) Screen Sharing can use the Virtual Network Computing (VNC) protocol to allow a Windows or Linux machine to remotely access a Mac
Force Quit Allows a user to terminate an app at any time This becomes necessary when an app stops responding The Force Quit feature is available from the Apple menu
On the rare occasion that a system disk needs to be recovered there are three methods one can use to recover Mac OS All of these methods involve the use of a recovery hard drive (Recovery HD) which contains installation files used to restore Mac OS (Mac OS does not come on a DVD)
Starting up Hold down the Option key and the letter R as the Mac starts up From Startup Manager the choices for using the Recovery HD are to restore the hard drive from a Time Machine backup reinstall Mac OS or use the Disk Utility to fix erase or partition a hard driveInternet recovery Hold down the Option key and the letter R as the Mac starts up When presented with a choice of Wi-Fi networks choose a Wi-Fi network and the recovery will begin with the installation coming over the Wi-Fi connectionPhysical recovery disks A bootable OS X flash drive needs to be created To start the process download the Mac OS Installer from the Mac App Store Mount a USB drive and then using Terminal use the createinstallmedia command to create the bootable disk Then with the flash drive in the Mac hold down the Option key during startup and choose a Wi-Fi connection The script needed for creating a bootable disk is found at httpssupportapplecomen-usHT201372
PurposeAfter completing this project you will be able to determine which tool should be used on a Mac given a description of a situation
Steps for Completion1 For each situation identify the Mac tool to use
a A technician needs to connect to another machine through SSH
b A user wants to make sure files are backed up on a regular basis
c A user has an app which is no longer responding
d A disk image needs to be created
e An app that uses the VNC protocol
79 |Domain 1 A+ Part 2 (220-1002) Project Workbook
2 If you have a Mac do the followinga Open any appb Force quit the appc Open the Terminal appd Type ifconfig and press the Enter key You will see IP address information for
your Mace Close all open windows
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Mac FeaturesSubtopics BackupTime Machine Recovery and Utilities ShellTerminal Screen Sharing Force Quit
Objectives Covered1 Operating Systems
19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
192 Tools1921 BackupTime Machine1922 RestoreSnapshot1923 Image recovery1924 Disk maintenance utilities1925 ShellTerminal1926 Screen sharing1927 Force Quit
80 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Mac FeaturesIn addition to knowing the best practices for maintaining a Mac and tools used to manage and configure a Mac a technician needs to know how to support some of the basic features of a Mac Here are several key features of Macs along with a description of each
Mac Feature
Description
Multiple Desktops
Also known as Mission Control this allows for multiple desktops to be present with each desktop acting as its own set of shortcuts and open apps
Keychain A central place for storing passwords while logged on to the machine The keychain can be customized to control which passwords are stored and which ones are not stored
Spotlight A search feature which allows for searching within apps folders the web and WikipediaiCloud The online cloud storage space for Macs and iOS devices Through iCloud users can synchronize documents
music videos pictures and other files across all of their devices using an Apple ID as the central point for synchronization
Gestures Finger movements which can be made on a trackpad to navigate around a Mac These are similar to navigating directly on an iPhone or iPad These gestures work primarily on the Safari web browser but can work on other apps Examples of gestures include
Pinch and spread Zooms in and out on the screenTwo-finger double tap Magnifies a blockTwo-finger swipe A left two-finger swipe moves back a screen while a right two-finger swipe moves to the next page (if there is one)Three or four-finger swipe Swipes between full-screen appsTwo-finger swipe from right edge of trackpad Shows the notification areaUp or down swipe with three fingers Displays Mission ControlThree-finger swipe downward Shows One-App ExposePinching with three fingers and thumb Displays the LaunchpadSpreading three fingers and thumb Shows the DesktopThree fingers on word or map area Shows the definition of the word or other data featureTap once in lower-right corner of trackpad The equivalent of a right-click with a mouse
Finder Shows and helps to organize files folders and drivesRemote Disk Disk shared from another machine Disks can be shared through System Preferences and accessed through the
FinderDock Area at the bottom of the screen which stores shortcuts to apps files and folders The left side of the Dock holds
shortcuts to applications while the right side of the Dock holds shortcuts to files and foldersBootcamp A feature which allows a Mac to run Windows and allows for an easy restart to Windows from a Mac or OS X
from WindowsMany of these features can be configured through System Preferences which is accessible from the Apple menu in the top-left corner of the desktop
Purpose At the conclusion of this project you will know which Mac features apply to user situations and you will have some familiarity with these features
Steps for Completion1 For each user situation identify the Mac feature the user is working with
a User is accessing a DVD drive from another machine
b User is running Windows 8 on a Mac
c User is storing passwords from frequently visited websites 2 If you have a Mac to access the Finder click the Finder icon located on the left side of the Dock The Finder icon looks
like the icon on the right
81 |Domain 1 A+ Part 2 (220-1002) Project Workbook
3 Double-click the Applications folder to see the apps installed on your particular Mac4 Click and drag the calculator app down to the left side of the Dock5 Click and drag the iBooks app down to left side of the Dock6 To remove an app from the Dock click the iBooks app and drag it off of the Dock7 To configure how the Dock appears click the Apple icon near the top-left corner
of the screen and click System Preferences The System Preferences window will appear
8 Click the Dock icon You will see this
9 If you wish to change the position of the Dock on the screen select a different option than the option selected
10 To make sure the Dock does not automatically hide when the mouse is not focused on it make sure the Automatically hide and show the Dock check box is cleared
11 To show indicator lights on open applications make sure the Show indicator lights for open applications check box is selected
12 Click the red dot in the top-left corner of the Dock window to close it13 Move your mouse over the Dock location The Dock will appear14 On the Dock click the Calculator app The Calculator app will open and an indicator
light will show below the app on the Dock15 To search for a term using Spotlight click the magnifying glass near the top-right
corner of the screen16 Click in the Spotlight text box and type icloud You will see the results
on the right17 If you wish to see the web search results or Wikipedia search results
for iCloud click the respective links18 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 1Topic Mac ToolsSubtopics Multiple DesktopsMission Control Keychain Spotlight iCloud Gestures Finder and Remote Disk Dock Boot Camp
Objectives Covered1 Operating Systems
19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
193 Features1931 Multiple desktopsMission Control1932 Keychain1933 Spotlight1934 iCloud1935 Gestures1936 Finder1937 Remote Disk1938 Dock1939 Boot Camp
82 | Domain 1 A+ Part 2 (220-1002) Project Workbook
Linux CommandsNot all commands run on computers are Windows commands A technician may occasionally need to support a computer with Linux as its operating system To help support a Linux machine there are a number of commands which can be run Many of these are similar to the command-line tools one sees on a Windows machine Here is a list of common Linux commands along with a description of each one
Command Descriptionls Lists directory contents This is similar to the dir command in Windowsgrep Used to find text or a pattern of text within files and folderscd Changes directories Unlike Windows directory names in Linux are case-sensitive For example ldquoDocumentsrdquo and
ldquodocumentsrdquo are two separate directoriesshutdown Shuts down a Linux machine Similar to Windows the shutdown ndashr command shuts down and restarts Linuxpwd Displays the name of the current working directory on the screenpasswd Used to change a userrsquos passwordmv Moves files from one directory to another directorycp Copies files and directories from one location to anotherrm Removes files or directorieschown Changes ownership of a file or directory For example the chown tekkievets1 test command changes the
ownership of the test file to the tekkievets user One needs administrative permissions in order to run this command
ifconfig Similar to ipconfig in Windows as it displays the IP address of a computer and related information such as the subnet mask The ifconfig command can also be used to configure a network interface controller (NIC)
iwconfig Similar to ifconfig but works for wireless interfacesps Shows a report of all processes This is similar to the tasklist command in Windowssu Used to change a user ID or become a superuser the Linux equivalent of an administratorsudo Used to run a command as a superuser This is similar to running an elevated command prompt in Windowsapt-get A command line tool for installing packages Often this needs to be run with a superuser account For example
sudo apt-get install emacs installs the emacs text applicationvi Used as a text editor The newer version of this is the vim commanddd Converts and copies files This is often used to copy a hard drive image from one partition to anotherkill Used to kill a process This is similar to the taskkill command in Windows
One more Linux command to be familiar with is the chmod command The chmod command changes the mode (permissions) on files and folders There are three entity types on which permissions can be changed
u userg groupo others
There are three permission types which can be assigned on files and folders in Linuxr readw writee execute
Mode bits (permissions on entities) are changed with a + or ndash designation For example the command chmod u+r test adds read permissions (r) to the users group (u) on the test file
To get information on any Linux command in a Terminal window type the word man and then the command The word man is short for manual This is the equivalent of the command in Windows For example typing man ls in a Linux command prompt and then pressing the Enter key will show the different ways in which the ls command is used
PurposeAfter completing this project you will know which Linux commands to use given a user situation
83 |Domain 1 A+ Part 2 (220-1002) Project Workbook
Steps for Completion1 For each situation identify the Linux command to be used
a A user needs to move files from one directory to another
b An administrator needs to install the latest version of the vim package
c An administrator needs to find out what the IP address is on a machine
d A user wants to find the text fox inside of the files in a folder
e An administrator needs to find out the full path of the current working
directory f An administrator needs to change permissions on a directory
2 If you have a Linux installation launch the ShellTerminal app and obtain the manual for each command covered in this project For example use man cp to see how the cp command is used
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 1Topic Basic Linux CommandsSubtopics ls grep pwd vs passwd mv cp and rm chmod and chown iwconfigifconfig ps and susudo apt-get vi dd kill
Objectives Covered1 Operating Systems
19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
194 Basic Linux commands1941 ls1942 grep1943 cd1944 shutdown1945 pwd vs passwd1946 mv1947 cp1948 rm1949 chmod19410 chown19411 iwconfigifconfig19412 ps19413 susudo19414 apt-get19415 vi19416 dd19417 kill
84 | Domain 2 A+ Part 2 (220-1002) Project Workbook
85 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Fill-in-the-Blanks Domain 2Instructions While watching Domain 2 fill in the missing words according to the information presented by the instructor [References are found in the brackets]
Physical Security Measures1 Some physical security measures that can be given to employees are a badge reader smart card and key
[Physical and Document Security]
Logical Security Concepts
2 For logical security a business could have one or one could be present for each department [Login Scripts and Domains]
3 A Group Policy is used to control rights and throughout a domain [Group Policy]
4 Logical security checks to make sure ports that do not need to be open are not open and that all unnecessary
traffic is blocked [Port Security]
Wireless Security Protocols
5 should be used for wireless security in homes and small businesses because it has the strongest encryption algorithm [WEP WPA WPA2 TKIP and AES]
6 In a large corporate network or TACACS+ is used for wireless security to authenticate clients logging on to a server [Authentication Factors and Servers]
Detect Remove and Prevent Malware
7 A accesses areas of a system that are off-limits and causes damage or takes over the administrative area of the computer [Malware]
8 A DNS server needs enabled to provide authentication and protect the system from malware [DNS Configuration]
Threats and Vulnerabilities
9 A DDoS attack floods a network with useless data that is then sent to every device in the network [DoS and DDoS]
Windows OS Security Settings
10 NTFS permissions are granted on the tab while Share permissions are granted through the Sharing tab [Allow vs Deny]
11 When permissions are set on a drive or folder the permissions down to any subfolders underneath it and then those folders will inherit permissions from the folders above [Permissions System Files and Folders]
Workstation Security Best Practices
12 A good password policy is set up in on a domain and in a local system it is set up in Local Security Policy [Strong Password Policy]
13 The Guest account should be to prevent an attack on a device [Password Resets and Account Activities]
14 is used to encrypt files and folders [Data Encryption]
15 A patch is a fix to a feature that is not working or a hole within an app or system [Patch UpdateManagement]
86 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Securing Mobile Devices
16 It is important to have a lock on a mobile device [Fingerprint Lock Face Lock]
17 If a mobile device is lost or stolen a remote wipe will all the data on the mobile device [Remote Wipes and Locator Apps]
18 A firewall on a mobile device has the same basic function as a firewall on a PC control and
traffic [Mobile Firewalls]
Destruction and Disposal Methods
19 A hard drive must be physically destroyed to protect data from divers [Drills and Hammers]
20 A drive needs multiple before data is completely inaccessible and the drive can be reused [Recycling and Repurposing Best Practices]
SOHO Network Security
21 Assigning a static IP address to a printer is done through [MAC Filtering and Static IP Addresses]
22 A wireless access point needs to be in a location where it is not easily reached [Physical Security]
87 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Physical SecurityAn aspect of security which is often overlooked is that of physical security Technicians and administrators can spend many hours making sure servers workstations and mobile devices are secure but if someone can walk into a building without authorization and take those items all the work done to secure these items will be for naught Here are some aspects to consider for physical security along with a description of each
Physical Security Aspect
Description
Mantrap A room between two security doors The purpose of a mantrap is to trap someone who came in through the first door when not authorized to do so
Badge reader A device for which people swipe badges through in order to gain entry to a building or a physical location within a building The badges themselves are programmed by user to know if a user should be allowed into a location or not Badge readers should be placed within the view of a physical security control like a camera so that people have less of an incentive to try to circumvent using the badge reader
Smart card A credit card-like device with a chip which stores authentication information Some devices such as laptops have smart card readers
Security guard A barrier between people and high-security places Security guards are trained to ask the right questions of users and can ensure users provide proper identification fill out the proper paperwork and if necessary get an escort before being allowed into a building Plus if someone is scoping out a place to break into it and sees one or more security guards chances are the bad actor will look for an easier target elsewhere
Door locks In lieu of more advanced ways in which to secure a building sometimes a simple lock is all that is needed Of course the lock only works if the door stays locked Besides a traditional lock and key set you could use a cipher lock which is a lock that requires a combination to be entered before the lock will unlock
Biometric lock A lock that requires something on a person such as a fingerprint or eye retina to be scanned in order to gain entry into a building or room within a building Because everyone has a unique fingerprint this type of lock is considered to be far more secure than that of a regular lock
Hardware token A device used to get one into a secure system One type of hardware token a one-time password token has a numeric code that changes every 60 seconds or so You may need this plus your regular username and password in order to log in to a specific server or maybe just to log in to your network from a remote location
Cable lock Similar to a bike lock a cable lock can help secure items such as laptops to desksServer lock A mini-cabinet with a lock that houses one or more servers This provides extra protection for a
server rack even if it is inside of a secure server room USB lock A device used on a USB port to do one of two things either lock a USB device in so it cannot be
removed or lock the port itself so that it is blocked from being usedPrivacy screen A shield which dims a monitor screen and cuts off the angles of people trying to see what is on a
screen These help guard against shoulder surfingKey fob A device which displays a number which changes on a regular basis One needs to enter that
number to authenticate into a system This device often attaches to a keychain These devices are also known as tokens
Entry control roster Roster which lists who can access an area Often IDs need to be verified and escorts provided for people on the entry control roster
PurposeAt the completion of this project you will have a better understanding of what to recommend for a physical security device given a security situation
Steps for Completion1 For each situation indicate the device needed to ensure better physical security
a An employee needs to have a fingerprint read in order to enter a high-security area of a building
88 | Domain 2 A+ Part 2 (220-1002) Project Workbook
b A list of people allowed to access an area c A person tailgates behind an employee into an entry way with a second secure
door to go through d An employee waves a badge at a reader and a door opens
e A card with a chip is used to pay for supplies at a supply store
f An employee wants to minimize the risk of shoulder surfing
g A device that can hold a numeric code that is then used as part of
authentication to a system
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Physical Security MeasuresSubtopics Physical and Document Security Locks and Tokens Cable Locks Server Locks USB Locks Privacy Screen Key Fobs Rosters
Objectives Covered2 Security
21 Summarize the importance of physical security measures
211 Mantrap212 Badge reader213 Smart card214 Security guard215 Door lock216 Biometric locks217 Hardware tokens218 Cable locks219 Server locks2110 USB locks2111 Privacy screen2112 Key fobs2113 Entry control roster
89 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Active Directory ConceptsActive Directory is a centralized database for all objects within a domain For the exam you need to know what a domain is and a few other basics about Active Directory Here they are
Active Directory Concept
Description
Logon script Controls what a user gets when logging on to a domain A login script can include drive mappings and other network settings
Domain A set of users computers security settings and policies for an entire company or in the case of larger companies a group within a company
Group Policy A tool used to control rights and permissions throughout a domain As updates are made they can be forced to users using the gpupdate force command
Organizational unit A logical group of users and computers that can be given specific permissions and can have specific group policies applied to it
Home folder A user folder which houses a userrsquos documents pictures videos and desktop settings
Folder redirection The act of taking onersquos home directory and moving it from a default location to a different location
PurposeUpon completing this project you will be able to identify the basics of Active Directory
Steps for Completion1 A group needs to be restricted from changing their desktop backgrounds Answer
these questions about how this is accomplished in Active Directory
a What does the group need to be placed in b Which tool is used to restrict desktop backgrounds
2 A group needs to have their documents stored on a network drive What needs to
be changed for each user in the group 3 Which file handles user mappings to network drives in Active Directory
4 On a Windows device open a command prompt and then run the command that will force a policy update on the device
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopics Logon Scripts and Domains Group Policy Organizational Units Home Folder and Folder Redirection
Objectives Covered2 Security
22 Explain logical security concepts221 Active Directory
2211 Logon script2212 Domain2213 Group PolicyUpdates2214 Organizational Units2215 Home Folder2216 Folder redirection
90 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Software Tokens and MDM PoliciesSoftware tokens and mobile device management (MDM) polices are two types of logical security that involve mobile devices A software token is a two-factor authentication application MDM involves making policies that dictate mobile device use on a corporate network
PurposeUpon completing this project you will be aware of software tokens and MDM polices that companies may use to govern mobile device use on their network
Steps for Completion1 Name a common factor of authentication for a software token
2 Define these forms of an MDM policy
a COPE
b CYOD
c BYOD 3 Which MDM policy allows a user to choose a device from an approved list of
devices
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopic Software Tokens MDM Policies
Objectives Covered2 Security
22 Explain logical security concepts222 Software tokens223 MDM policies
91 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Port Security MAC Address Filtering and CertificatesPorts allow a computer to connect to external devices like printers and routers All traffic in and out of the computer goes through a port If a port is open traffic will move without being monitored
Using MAC addressing will determine which devices are allowed on a network Because virtual devices have virtual MAC addresses this is considered part of logical and physical security
Certificates store keys that encrypt data between two communicating parties It is important to check a website for a valid certificate before entering personal information or sensitive data
PurposeUpon completing this project you will know where to find a list of apps that are allowed through a network firewall and how to change app settings to allow them through a firewall You will also be able to use MAC filtering and check website certificates to see if they are valid
Steps for Completion
1 Which type of traffic does a firewall block by default 2 On a Windows device open Windows Firewall with Advanced Security3 Access the list of apps allowed through the firewall Which is the first app listed
4 Which size of network is best suited for MAC address filtering
5 What do secure website addresses start with 6 Open a web browser7 Navigate to wwwgooglecom
8 Check the website certificate When will it expire
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopics Port Security MAC Address Filtering Certificates
Objectives Covered2 Security
22 Explain logical security concepts224 Port security225 MAC address filtering226 Certificates
92 | Domain 2 A+ Part 2 (220-1002) Project Workbook
AntivirusAntimalware and FirewallsAntivirusantimalware software and firewalls keep unwanted or malicious traffic from entering a network or individual device
PurposeUpon completing this project you will know how to monitor antimalware and how firewalls can protect a network
Steps for Completion1 Where will you find the information to monitor antimalware on a Windows device
2 What two things need to be checked on your antimalware software
3 What does a typical firewall use as a basis for controlling traffic
4 What does a NGFW do in addition to a regular firewall to control traffic
5 On a Windows device open Windows Defender
6 Within Windows Defender update your antimalware definitions
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopic AntivirusAntimalware Firewalls
Objectives Covered2 Security
22 Explain logical security concepts227 AntivirusAntimalware228 Firewalls
93 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Passwords and Multifactor AuthenticationPasswords are the most common way to authenticate a user trying to access data Logical security needs a strong password on devices apps and websites that have accounts with sensitive data
Multifactor authentication requires more than one of the different forms of the following factors to be used to authenticate a server what you know what you have and who you are The username and password authentications both fall under the what you know form and they only constitute one form of authentication
PurposeUpon completing this project you will know what is required for strong passwords with CompTIA and what is required to create multifactor authentication
Steps for Completion1 Which local tool on a device can enforce a strong password
2 Define a strong password
3 What type of authentication is used when entering a username and password
4 What type of authentication is used when entering a code sent to a mobile device
and swiping a key fob 5 What type of authentication is used when swiping a smart card and scanning a
fingerprint
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopic Authentication and Passwords
Objectives Covered2 Security
22 Explain logical security concepts229 User authenticationstrong passwords2210 Multifactor authentications
94 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Directory PermissionsDirectory permissions are set properties on a file or directory that allow an individual or group to access the data in the specified area Users and groups should only be given permissions to access files that are needed to perform their job
PurposeUpon completing this project you will be able to set folder permissions for a group
Steps for Completion1 Open to your personal computerrsquos This PC window2 On the C drive create a folder named Techies3 Access the properties of the Techies folder4 On the Security tab adjust the permissions of the Users group to have the ability to
modify the folder5 Click OK on each window to accept the changes for the group permissions
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopic Directory Permissions
Objectives Covered2 Security
22 Explain logical security concepts2211 Directory permissions
95 | Domain 2 A+ Part 2 (220-1002) Project Workbook
VPN DLP ACLs and Smart CardsA virtual private network (VPN) allows members of a company or group to access the company or group network securely from locations away from the server Data transferred to and from the network is encrypted and secured
A data loss prevention (DLP) software-based system is another way to secure data logically DLP examines and secures confidential of sensitive data from leaving the company or group network
Access control lists and smart cards give a user permission to access an area An access control list (ACL) is a basic permissions list that contains the groups and users that have been given some type of permission to access information or assets
A smart card allows access control in the form of a card or key fob to a physical area in a building or storage area Smart cards can also be used as a form of authentication when logging on to a device such as a laptop
PurposeUpon completing this project you will be familiar with how both a VPN and DLP work You will also know the uses of ACLs and smart cards
Steps for Completion1 Describe how a VPN transmits data back and forth
2 Which three states of data do DLP protect
3 Which part of a smart card stores user information and permissions
4 On a Windows device open File Explorer5 Access the properties for the CUsers folder6 Through the Security tab view the ACL for the folder What permissions does the
Users group have on the folder
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopics VPN DLP Access Control Lists Smart Card
Objectives Covered2 Security
22 Explain logical security concepts2212 VPN2213 DLP2214 Access control lists2215 Smart card
96 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Email Filtering and Trusted or Untrusted Software SourcesFor strong logical security one should set up email filtering and only use apps from trusted sources Email filtering is the act of keeping unwanted email (junk mail) away from email servers and client devices Large software companies are trusted sources If you have not heard of a company from which you are about to download an app research the company before downloading the app
PurposeUpon completing this project you will know how to allow or block email from specific domains or senders You will also know how to tell if an app is from a trusted source
Steps for Completion1 Open your student email account2 Set the Junk E-mail options to block the 163com domain from sending email to
your email
3 On which two levels should an email filter be placed 4 On a Windows device which apps are considered trusted by Microsoft
5 If you have a Windows 10 device available open the Apps and Features area under Settings to view and control trusted app settings What is the current trusted app setting
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopic Email Filtering TrustedUntrusted Software Sources
Objectives Covered2 Security
22 Explain logical security concepts2216 Email Filtering2217 Trusteduntrusted software sources
97 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Principle of Least PrivilegeThe principle of least privilege is an important piece of logical security This principle requires that a user only be given the least amount of permissions required to do their job It is a best practice to grant as few permissions as possible and grant additional permissions as needed
PurposeUpon completing this project you will be familiar with the principle of least privilege and know when to grant permissions to users
Steps for Completion1 Which accounts should be disabled on a Windows device
2 Which type of account should most users have 3 What should be done with permissions if a userrsquos role in a company changes
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Logical Security ConceptsSubtopic Principle of Least Privilege
Objectives Covered2 Security
22 Explain logical security concepts2218 Principle of least privilege
98 | Domain 2 A+ Part 2 (220-1002) Project Workbook
WEP WPA WPA2 TKIP and AESWired Equivalent Privacy (WEP) Wi-Fi Protected Access (WPA) and WPA2 are all wireless security protocols Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) are wireless encryption standards For the exam you will want to know which security protocol and encryption are strongest and which security protocol should not be used because it is weak and has been cracked
PurposeUpon completing this project you will be familiar with the different wireless security protocols and which are the best to use
Steps for Completion1 Which wireless security protocol should never be used Why
2 Which wireless security protocol is considered the strongest
3 Which form of encryption is considered to be the strongest for wireless networks
4 Find an access point you can configure or use a wireless access point emulator online
5 In your access point or emulator set the security for a wireless network using the strongest security protocol and encryption combination possible
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Wireless Security ProtocolsSubtopic WEP WPA WPA2 TKIP and AES
Objectives Covered2 Security
23 Compare and contrast wireless security protocols and authentication methods
231 Protocols and encryption2311 WEP2312 WPA2313 WPA22314 TKIP2315 AES
99 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Authentication Factors and ServersWireless routers use a single-factor authentication (SSID) and a password to access a wireless network If further authentication is needed for a network such as authentication to a domain a RADIUS server or TACACS+ will need to be used For these situations one will want to use WPA2 Enterprise for wireless security as enterprise security requires a RADIUS or TACACS+ server as part of the overall authentication process
Multifactor authentication has two or more of these factors what you know what you have and who you are A common example is an attempt to use a username and password to logon to a network and if that succeeds a code is sent to a userrsquos smartphone and then must be entered to finish the authentication process
PurposeUpon completing this project you will be familiar with Personal and Enterprise wireless protocols and what is required for each
Steps for Completion1 What network environment will a WPA2 Personal wireless protocol be used in
2 What environment will a WPA2 Enterprise wireless protocol be used in
3 What does RADIUS stand for
4 What is the main purpose of a RADIUS server
5 Which type of authentication server can be used outside of Cisco devices
even though it started as a Cisco proprietary authentication server
6 What is required in order to use WPA2 Enterprise for a wireless security protocol
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Wireless Security ProtocolsSubtopic Authentication Factors and Servers
Objectives Covered2 Security
23 Compare and contrast wireless security protocols and authentication methods
232 Authentication2321 Single-factor2322 Multifactor2323 RADIUS2324 TACACS
100 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Types of MalwareMalware a word which originates from the term malicious software is malicious software with the intent to disrupt functionality on a computer Many people think all types of malware are viruses but a virus is only one type of malware Here are the different types of malware along with a definition of each type
Malware DefinitionRansomware Code which compromises data (usually through encryption) The
initiator then demands money for the fix (usually a decryption key)Trojans Known as Trojan horses An imposter program which claims to be a
helpful program but is actually malicious in natureKeylogger A device used to record keystrokes on a device These keystrokes are
then used later to log on to a device using the stolen keystrokes and launch an attack on a network
Rootkit Software which is masked and has the purpose of damaging rootadministrative areas on a computer such as the Master Boot Record (MBR)
Virus Malicious code needing a carrier in order to carry out an attack on programs files andor boot sectors Virus types includePolymorphic A virus which morphs to avoid antivirus softwareStealth A virus which hides from antivirus softwareMultipartite A virus which affects multiple components (files and boot sectors for example)
Botnet A network of computers used to launch a coordinated attack on an infrastructure
Worms Malicious code needing no carrier in order to propagate itselfSpyware Used to snoop computers for information Sometimes this is covertly
included with software installed on a system An example of this is a userrsquos web cookies being spied on and then the information is turned over to advertisers with the intent of flooding the user with advertisements
PurposeAfter completing this project you will be able to identify malware better by its type
Steps for Completion1 For each situation identify the type of malware taking place
a A user installs software which ends up encrypting the userrsquos data folders and a message appears stating it will send a decryption key when the user pays $500
b A program claims to be an antivirus program but when installed it turns out to
be a multipartite virus c An Excel macro is run on a machine and ends up unbeknownst to the user
renaming several system files d A system is infected with malware which damages the MBR
e An attacker uses information previously obtained to log on to a device
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Detect Remove and Prevent MalwareSubtopic Malware
Objectives Covered2 Security
24 Given a scenario detect remove and prevent malware using appropriate tools and methods
241 Malware2411 Ransomware2412 Trojan2413 Keylogger 2414 Rootkit2415 Virus2416 Botnet 2417 Worm2418 Spyware
101 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Malware Tools and MethodsHaving covered different types of malware in the previous project letrsquos take a look at some tools and methods we can use to combat malware Here are the tools and methods mentioned in the exam objectives (which means know these of course) and a description of each
Tool or Method DescriptionAntivirusantimalware
Always have at least one antivirusantimalware program available and keep the definitions updated Antivirusantimalware programs should scan on a regular schedule and definition files must be kept up to date
Recovery console When malware is suspected on a Windows 10 device one should boot into this environment and then from there boot into Safe Mode On a Windows 8 or earlier device holding down F8 while booting up will usually get a device into Safe Mode
Backuprestore Though not directly related to malware files should be backed regularly in case an operating system needs to be reinstalled due to malware And for any backup the restore process should be tested occasionally to ensure it is working properly
End-user education Users should be trained to avoid websites and downloads that look suspicious They should also be trained not to download anything unknown from an email attachment
Software firewalls These firewalls normally installed on a client device can help block traffic based on ports and protocols Unneeded inbound traffic should be blocked by default
DNS configuration Domain Name System Security Extensions (DNSSEC) should be enabled whenever possible on a DNS server DNSSEC forces authentication which helps keep attackers out of a DNS server
PurposeAt the end of this project you will be better equipped to identify tools and methods to help prevent or erase malware
Steps for Completion1 For each digital security situation identify what should be done given the concepts
covered in this projecta What should be employed to minimize the risk of a DNS server being attacked
b How can a technician best block a file-sharing app which does not belong in the
workplace c How is a device booted into Safe Mode in Windows 10
d What needs to be kept up to date on antimalware software
2 If you have a software firewall make sure it is on and blocking any unnecessary inbound traffic
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Detect Remove and Prevent MalwareSubtopic AntivirusAntimalware Software Recovery Console Backup and Restore End-User Education Software Firewalls DNS Configuration
Objectives Covered2 Security
24 Given a scenario detect remove and prevent malware using appropriate tools and methods
242 Tools and methods2421 Antivirus2422 Antimalware2423 Recovery console2424 Backuprestore2425 End user education2426 Software firewalls2427 DNS configuration
102 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Common Security Threats and VulnerabilitiesIn addition to malware covered in the last two projects there are many other types of security threats and vulnerabilities a technician needs to be aware of While an A+ technician is not necessarily in charge of trying to mitigate these threats and vulnerabilities a technician needs to be aware of these threats and vulnerabilities A vulnerability is a possible weakness in a computer setup the weakness being a source for a possible attack A threat is a possible action to an asset (such a computer) which often preys upon vulnerabilities For example a weak password on a computer is a vulnerability The possibility of an attacker obtaining that weak password and using it for malicious purposes is a threat Here are some common threats and vulnerabilities along with a description of each
ThreatVulnerability
Description
Social engineering The act of getting people to give up information usually through some type of impersonation For example a help desk imposter could call a user while posing as a help desk technician and solicit username and password information from the user
Phishing An attack in which an email looks like it is from a legitimate company but is asking for personal information such as usernames passwords or account numbers
Spear phishing A phishing attack with a specific target in mind such as a specific organization or specific individual usually with a prominent title
Impersonation A form of social engineering where a person acts as someone else for the purpose of trying to extract confidential information from an unsuspecting resource
Shoulder surfing The act of looking over someonersquos shoulder (usually through an inconspicuous camera) to view andor record what is being typed This information can then be used to launch an attack at a later point in time
Tailgating The act of a person illegitimately following someone into a building after that person enters legitimatelyDumpster diving The act of physically going into a dumpster or similar location to look for and find valuable information
people have thrown out Confidential information should be shredded before it is thrown outDDoS A Distributed Denial of Service (DDoS) attack is an attack in which multiple machines launch a
coordinated attack on a network with the idea of flooding the network with enough useless data packets to prevent the network from doing its real duties
DoS A Denial of Service (DoS) attack is an attack in which a device launches an attack on a network with the idea of flooding the network with enough useless data packets to prevent the network from doing its real duties
Zero-day attack An attack in which a software vulnerability is taken advantage of The attack is called a zero-day attack because software vendors have zero days of notice before the attack takes place
Man-in-the-Middle An attack in which one intercepts data going from a source to a destination This can range from a network transmission to intercepting a conversation between two people over instant messaging
Brute force An attack in which all possible guesses are made to break into data This includes guessing on decrypting data and guesses that are made on passwords
Dictionary An attack in which one uses dictionary words to attempt to guess a password or part of a passwordRainbow table A table of hashes for common words or phrases Hashes are compared against table entries in order to
attempt to crack a passwordSpoofing An attack in which someone or something impersonates a legitimate entity and obtains data through
that impersonation For example an attacker can steal a MAC address and then spoof a device with that MAC address allowing that device to get onto the network and steal data andor launch an attack
Zombiebotnet A zombie is a computer used to carry out an attack on a network A network of zombies is a botnet controlled by a host computer known as a command and control server
Companies should have rules which govern what systems need to have for an operating system antivirus and antimalware software and other rules to limit vulnerabilities Systems which do not meet this criteria are known as non-compliant systems and are usually partially or completely quarantined from the network until they are brought into compliance For example a company policy can state that no machines with Windows XP are allowed and such machines will be in quarantine until they are upgraded to a newer operating system
Companies should also make sure all users know what the best practices are for security The two main ways to accomplish this are through setting and enforcing an acceptable use policy (AUP) and simple training of end-users for what is acceptable and what is not
103 | Domain 2 A+ Part 2 (220-1002) Project Workbook
acceptable Users should also clearly know the consequences of violating these policies
Should a security violation be detected the following steps where applicable should be followedbull Notify the security teambull Restrict access where neededbull Shut down any device where neededbull Record the eventbull Restore securitybull Implement prevention measures including an emphasis on further end-user training
PurposeUpon completing this project you will be better equipped to recognize common security threats and vulnerabilities
Steps for Completion1 For each situation identify the threat or vulnerability taking place
a An individual claiming to be a plumber states that access is needed to pipes
near the secure documents area b An attacker is using phrases like ldquopassrdquo and ldquowordrdquo to try to guess someonersquos
password c An attacker takes over a network of computers and uses them to launch an
attack on the rest of the network d An email is sent to a company CFO asking for bank information in order to fix
a problem with the bank account e An employee swipes a smart card to enter a building and is followed in by
someone who did not swipe a smart card to enter the building
f An attacker steals a MAC address and then uses it to get a rogue device onto a network and then steal data packets from the network
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Threats and VulnerabilitiesSubtopics Social Engineering Phishing Spear Phishing Impersonation Shoulder Surfing Tailgating Dumpster Diving DoS and DDoS Zero Day Attack Man-in-the-Middle Attack Password Attacks Rainbow Tables Spoofing Non-Compliant Systems ZombiesBotnet
Objectives Covered2 Security
25 Compare and contrast social engineering threats and vulnerabilities
251 Social engineering2511 Phishing2512 Spear phishing2513 Impersonation2514 Shoulder surfing2515 Tailgating2516 Dumpster diving
252 DDoS253 DoS254 Zero-day255 Man-in-the-middle256 Brute force257 Dictionary258 Rainbow table259 Spoofing2510 Non-compliant systems2511 Zombie
104 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Windows Users and GroupsThough users and groups for most users in a corporate environment are centrally controlled through Active Directory an A+ technician needs to know how to set up proper permissions for local machines should a need arise to share files and folders locally as is often the case with a small business There are two built-in accounts with Windows
Administrator Has complete permissions on the computer to install configure and change anything necessaryGuest Has standard access on the computer but cannot install software The account does not have a password associated with it
Built-in accounts are easy targets for attackers mostly due to their common names These accounts are disabled by default in Windows and should continue to be disabled due to their vulnerability of being used in an attackThere are several built-in groups for Windows accounts Three prominent groups are
Users Can run applications and work with files but cannot install apps which will affect system-wide settings without having their permissions elevatedAdministrators Have complete control over files apps installations and controlling permissionsPower Users Can install programs but do not have the same permissions as administrators do For example they do not have access to all usersrsquo files on a computer The Power Users group can be given additional administrator permisisons
PurposeAt the conclusion of this project you will have a further understanding of local users and groups on a Windows system including the ability to add a user and then add that user to a group
Steps for Completion1 On a Windows device open Administrative Tools via the Control Panel2 Double-click Computer Management to open the Computer Management window3 On the left side of the screen click Local Users and Groups You will see two folders
Users and Groups4 Click the Users folder You will see a list of users5 Look for a black arrow on the icons for the Administrator and Guest accounts This
indicates the accounts are disabled If either account does not have a black arrow on the icon right-click the account and click Properties and then select the Account is disabled check box and click OK to set the account to be disabled
6 Right-click in the blank space and click New User 7 Click in the User name box and type a username of your choice8 Click in the Password text box and type APlus20169 Click in the Confirm Password text box and type APlus201610 Clear the User must change password at next logon check box11 Click the Create button The account will be created12 Click the Close button13 Right-click the new account you just created and click Properties14 To see which groups this new account is a part of click the Member Of tab The new
account should be a part of the Users group15 Click the Cancel button to close the Properties window16 Under Local Users and Groups click the Groups folder17 Right-click the Administrators group and click Properties The built-in administrator
plus at least one other account (maybe yours) should appear Notice that you can add another account to the Administrators group if you desire to do so
18 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopic User Types
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
261 User and groups2611 Administrator2612 Power user2613 Guest2614 Standard user
105 | Domain 2 A+ Part 2 (220-1002) Project Workbook
NTFS vs Share PermissionsDescription For any NTFS-formatted drive permissions on a file or folder can be granted through a share or through specific NTFS permissions given on the Security tab of the file or folderrsquos properties Share permissions which are available (and the only permissions available to grant) on a FAT32-formatted drive as well as an NTFS drive come in three categories
Read Users with this permission can view but not change files and foldersChange (also known as ReadWrite) Users with this permission can view and change files and foldersFull Control (also known as Owner) Users with this permission can view and change files and control permissions on files and folders
By comparison NTFS has a more granular set of permission choices In addition to read and full control NTFS also has the following available permissions
Write Users with this permission can add filesList folder contents Users with this permission can see folder contents but if this is the only permission they have they cannot read or change files in these foldersRead amp execute Users with this permission can read files and run executable programsModify Users with this permission can modify files This is the same as the Change permission in shares
If a user has a permission via both a share and through NTFS permissions the more restrictive permission is granted For example if user A is in both group A and group B and group A has an NTFS permission of read and group B has a share permission of change user A will have read permissions as it is the most restrictive However if both permissions are either NTFS or share permissions the least restrictive permission wins In this example if group A were to have an NTFS permission of read and group B were to have an NTFS permission of modify user A would have modify permissions When NTFS permissions are granted users and groups can either be specifically allowed a permission or denied a permission By default users are denied permission to resources This is known as an implicit deny and should be the basis for controlling permissions on files and folders
One other area to pay attention to with regard to permissions is what happens to a file or folderrsquos NTFS permissions if those files or folders are moved or copied By default permissions are inherited from a parent file or folder For example for NTFS drives if a file is moved from the Sales folder to any other folder on that drive the permissions will stay with the file If the file is moved to a different drive the file will inherit the permissions of its new folder on its new drive If a file is copied to another folder the copy of the file (technically a different file) will inherit the permissions of the folder it is copied to For FAT32 drives or any share permissions files lose their permissions when they are either moved or copied
PurposeAfter completing this project you will know how to set NTFS permissions on folders and you will see what happens to those permissions when the files are copied from one folder to another
Steps for Completion1 On a Windows Vista 7 8 or 81 computer create a folder named Files inside of the C drive2 Inside of the Files folder create a folder and name it Sales3 Inside of the Files folder create a folder and name it Marketing Your folder structure should look like this
4 Navigate to the Sales folder5 Right-click inside of the Sales folder and click New and then Text Document Name the document Copy Example6 To set NTFS permissions on the Sales folder right-click the Sales folder and then click Properties7 Click the Security tab8 Click the Users group You will see the following image on the next page
106 | Domain 2 A+ Part 2 (220-1002) Project Workbook
9 To modify permissions for the Sales folder (and the two files inside of it) to the Users group select the Allow check box in the Modify row
10 Click the OK button to set the permissions on the folder11 Click the OK button on the Sales properties window to close the window12 Right-click the Marketing folder and click Properties13 Click the Security tab14 Click the Users group Notice that the group does not have Modify permissions on
the folder15 Close the Marketing properties window16 Copy the Copy Example file from the Sales folder to the Marketing folder17 Before checking the permissions on the files within the Marketing folder indicate
with a Yes or No whether you think the Users group has Modify permissions on the
Copy Example file within the Marketing folder 18 Navigate to the Marketing folder19 Right-click the Copy Example file and click Properties20 Click the Security tab21 Click the Users group Notice that because the file was copied the custom
permission set was not retained and thus members of the Users group cannot modify this document
22 Close all open windows but leave the file and folder structure in place for the next project
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopics Allow vs Deny Moving vs Copying Folders and Files
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
262 NTFS vs share permissions2621 Allow vs deny2622 Moving vs copying folders and files
107 | Domain 2 A+ Part 2 (220-1002) Project Workbook
File AttributesFile attributes (and folder attributes) describe the filersquos (or folderrsquos) characteristics These attributes can either be viewed andor changed in a file or folderrsquos properties or they can be viewed andor changed using the ATTRIB command in a command prompt Here are the different attributes which can be controlled on files and folders
Name Command Prompt Letter
Description
Archive A If checked the file has not been backed up If cleared a file has been backed up
Hidden H Indicates a file is hidden by defaultIndexed I Indexed files show more quickly in Windows
searches than non-indexed filesRead-Only R File cannot be changedSystem S System file which by default is protected from
changeIn a command prompt setting running the ATTRIB command with the file name the attribute letter (as indicated in the table above) and a + or ndash will turn on or turn off the attribute Technicians will occasionally need to change an attribute such as make a file or folder read-only or indexed or make a file or folder not read-only nor indexed
PurposeAt the end of this project you will know how to use either method to change a filersquos attributes
Steps for Completion1 If you created the folders and files in the previous project open File Explorer and
navigate to CFilesSales If necessary perform steps 1 through 5 on the previous project before continuing with this project
2 Inside the Sales folder right-click the Copy Example file and click Properties Notice the Read-Only and Hidden attributes near the bottom of the General tab
3 Click the Advanced button The Advanced Attributes window will show with the Archive and Indexed attributes
4 Close the Advanced Attributes dialog box5 On the Properties screen for the Copy Example file select the Read-only check
box to make the Copy Example file a Read-only file6 Click the OK button7 Open a command prompt8 Navigate to the CFilesSales folder9 Type ATTRIB10 Press the Enter key The Copy Example file will show its attributes A for Archive
and R for Read-Only11 To turn off the Read-only attribute for the file type ATTRIB ldquoCopy Example
txtrdquo ndashR12 Press the Enter key13 Press the Up arrow twice to bring back the ATTRIB command14 Press the Enter key Notice that the Copy Example file no longer has the Read-only
attribute15 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopics Allow vs Deny Moving vs Copying Folders and Files
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
262 NTFS vs share permissions2623 File attributes
108 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Shared Files and FoldersWhile giving out NTFS permissions is one way to give users and groups permissions on files and folders another method of giving permissions is to create shares on folders The advantage of creating shares is that users can then find the shared folder more easily than they can if just NTFS permissions were granted The disadvantage is that permissions given via shares (Read and ReadWrite) are not as granular as that of NTFS permissions (Read Write Read amp execute Modify and Full control) Shares are created through either the Computer Management window or through a folderrsquos properties These shares are known as local shares
An administrative share is one which does not need to be created Those with administrative permissions on a computer can access the computerrsquos drives printers and Windows admin folder Administrative shares all have a $ associated with them Some examples of administrative shares are
computernamec$ Accesses the C drive on another computer (substitute computername with the computerrsquos name)computernameprint$ Locates printer drivers on another computercomputernameadmin$ Locates the Windows folder on another computer
By default permissions on a folder inherit themselves from their parent folder or drive For example if a Users group has Read permissions on a C drive the Users group will then have the same permission on all folders subfolders and files on a C drive unless the permissions are explicitly changed on those folders This is known as either inheritance (permissions on files and folders receiving permissions from their parent folders) or propagation (permissions transferring from a parent folder down to a child folder)
On a Windows folder gray check marks in the permissions area indicate an inherited permission from a parent folder or drive Black check marks on a folder indicate granted permissions instead of inherited permissions These permissions will propagate by default to files and subfolders inside of the selected folder
PurposeAfter completing this project you will know how to create a share on a folder You will also have gained an understanding of inheritance and propagation Note that the steps in the project assume you have completed the first 10 steps of the NTFS vs Share Permissions project
Steps for Completion1 If you have not completed the NTFS vs Share Permissions project go back and complete the first 10 steps of that project Once
that is done open Windows Explorer (File Explorer on Windows 8) and navigate to the CFiles folder You should see both a Sales folder and a Marketing folder present
2 Right-click the Files folder and click Properties3 Click the Security tab4 Click the Users group Notice the permissions the Users group has on the Files folder (Read amp execute List folder contents and
Read) Close the Properties window5 Right-click the Sales folder and click Properties6 Click the Security tab7 Click the Users group8 Note that the three permissions seen in the files folder are indicated with gray check marks indicating inherited permissions The
Modify and Write permissions have a black check mark indicating that those permissions were directly granted on that folder9 Close the Sales Properties window10 To set up a share on the Marketing folder right-click the Marketing folder click Share with and then click Specific people You will
see this
109 | Domain 2 A+ Part 2 (220-1002) Project Workbook
11 Click in the Type a name and then click Add field and type Users12 Click the Add button The Users group will be added to the share with Read
permissions13 To change the permission level to ReadWrite click the drop-down arrow next to
Read and click ReadWrite14 Click the Share button You will see this screen
15 Click the Done button
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopics Administrative vs Local Shares Permissions System Files and Folders
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
263 Shared files and folders2631 Administrative shares vs local shares2632 Permission propagation2633 Inheritance
110 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Other Basic Windows OS Security SettingsIn addition to permissions and shares there are several other basic Windows OS security settings an A+ technician needs to be aware of One of these settings encryption is covered in the next two projects Here are three security settings a technician needs to be familiar with along with their descriptions
Security Setting
Description
System files and folders
The two common system folder locations arebull CWindowsSystem32 for 32-bit system filesbull CWindowsSysWOW64 for 64-bit system filesUnless there is a need for administrators to work with these files they should be kept hidden
Single sign-on In this concept a user should theoretically be able to sign on to a system once and then access every needed file folder and app For example a user signing on to a Windows network should be able to access network folders and a company SharePoint site without having to log on again
Running apps as an administrator vs a standard user
Sometimes apps need elevated privileges in order to run with full functionality Most apps have this capability through right-clicking the app and clicking Run as Administrator If the user does not have administrator privileges a username and password will be needed As an example certain command prompt commands need to be run as an administrator
The User Account Control (UAC) feature aids in elevating a user to administrative mode in an app if necessary When one is running an app in standard mode and administrator mode is needed UAC runs admin approval mode prompting the user to approve the action
PurposeAt the end of this project you will know how to open an app in administrator mode
Steps for Completion1 In which folder would one find Windows 64-bit system files
2 What should be implemented so a user can sign on to a Windows network and
access a web app without having to log in again 3 On a Windows device click the Start button (press the Windows key if in Windows
8) and type cmd4 When the Command Prompt shortcut appears right-click Command Prompt and
click Run as administrator A User Account Control box will appear5 Click the Yes button The Command Prompt window will open in elevated mode6 Close the Command Prompt window
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopics Permissions System Files and Folders Single Sign-On Run As Options
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
264 System files and folders265 User authentication
2651 Single sign-on266 Run as administrator vs standard user
111 | Domain 2 A+ Part 2 (220-1002) Project Workbook
BitLocker and BitLocker To GoBitLocker is an encryption tool used to encrypt the contents of an entire hard drive BitLocker is used to protect data on a hard drive from being seen by unauthorized users especially in case the hard drive is lost or stolen BitLocker makes the data on the hard drive inaccessible without a password or decryption key Thus whoever sets up BitLocker must make sure that the password or decryption key is kept in a safe place If both are lost the data will not be accessible at all In cases where a smart card can be used in the device containing the data a smart card can be used to unlock the drive as well as a password or decryption key BitLocker is a feature which can be used in the following Windows editions
Windows 7 Ultimate or EnterpriseWindows 88110 Professional or Enterprise
BitLocker To Go is BitLocker for external hard drives Again a password or decryption key is needed to access the data once it has been encrypted on an external hard drive
PurposeAt the completion of this project you will know how to use BitLocker and BitLocker To Go
Steps for Completion1 On a computer with an operating system eligible for BitLocker open the Control Panel2 If the Control Panel is in Category view switch the view to either Large icons or Small icons3 Click the BitLocker Drive Encryption link4 Next to the drive for which you want to turn on BitLocker click Turn on BitLocker You will see this
5 Select the Use a password to unlock the drive check box6 Click in the Enter your password text box and type Password7 Click in the Reenter your password text box and type Password8 Click the Next button 9 Click the Save to a file link A Save as dialog box will appear10 Navigate to your Documents folder and click the Save button Click the Yes button if you get a question about saving the
recovery key on your computer11 Click the Next button12 Leave the setting on Encrypt used disk space only and click the Next button13 Click the Start encrypting button Depending upon the amount of data to encrypt this could take several minutes
112 | Domain 2 A+ Part 2 (220-1002) Project Workbook
14 When the BitLocker process is complete plug an external drive into your computer Your BitLocker window will resemble this
15 To begin the BitLocker To Go process click the expansion arrow to the right of the external drive
16 Click Turn on Bit Locker 17 Select the Use a password to unlock the drive check box18 Click in the Enter your password text box and type Password19 Click in the Reenter your password text box and type Password20 Click the Next button The BitLocker Drive Encryption screen will appear21 Click Save to a file22 Save the recovery key to your Documents folder23 Click the Next button24 Leave the setting on Encrypt used disk space only and click the Next button25 Click Start Encrypting When the encryption process is complete close all open
windows If you wish to turn off BitLocker for either the hard drive or external drive you encrypted in this project click the Turn off BitLocker link next to the respective drive(s)
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopic BitLocker and BitLocker To Go
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
267 BitLocker268 BitLocker To Go
113 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Using Encrypting File System (EFS)Encrypting File System (EFS) is a means by which one can encrypt files andor folders on a computer and thus prevent anyone else who logs into the system from seeing the contents of those files This is an effective way to protect folders on computers with multiple users After completing this project you will know how to implement EFS on a folder and test the encryption to make sure another user cannot access the data in an encrypted folder When using EFS it is important to back up the encryption key so that if the key is needed to decrypt the data later one has the encryption key If the folder is moved to another device the encryption key will be needed Encryption keys can be found in the Manage Your File Encryption Certificates area under User Accounts
PurposeAfter completing this project you will be able to set up file and folder encryption through EFS Note that you need two user accounts to complete this project in full
Steps for Completion1 On a Windows Vista 7 8 or 81 computer create a folder on the C drive and name
the folder Private2 Inside the Private folder create a text file and name it Top Secret The file does
not have to have any text in it3 Right-click the Private folder and click Properties4 From the General tab click the Advanced button5 On the Advanced Attributes screen select the Encrypt contents to secure data
check box6 Click the OK button7 Click the OK button on the Properties box 8 Click OK to confirm the Attribute changes You will get a message indicating that
you should back up your encryption key In a real-life situation you would want to back up the encryption key to an external drive You can skip that step for now Notice that the folder text is now green indicating that the folder is encrypted
9 To test the encryption log on to the computer with a different user account10 Open Windows Explorer (File Explorer in Windows 881) and navigate to the C
Private folder11 Try to open the Top Secret file You should get a message indicating Access is denied12 Log off the computer and log back on as the original user you used for this project13 Navigate to the CPrivate folder14 Right-click the Private folder and click Properties15 Click the Advanced button16 Clear the Encrypt contents to secure data check box17 Click the OK button18 Click the OK button on the Properties window19 Click OK to decrypt the folder Note that the folder is no longer green
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Windows OS Security SettingsSubtopic EFS
Objectives Covered2 Security
26 Compare and contrast the differences of basic Microsoft Windows OS security settings
269 EFS
114 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Password Best PracticesPart of securing a computer is making sure all accounts have passwords which are hard for attackers to steal Mobile devices including tablets and smartphones should also have a password or PIN so that one cannot just pick up a device and start to work with it In addition to requiring passwords on devices here are some guides for how to set passwords and specifically where to set passwords
Setting strong passwords Strong passwords are defined as passwords which have at least three out of the four characteristics uppercase letters lowercase letters numbers and symbols In addition passwords should not have words one can find in a dictionary This helps strengthen passwords against dictionary attacks which are attacks in which an attacker tries to use dictionary words to help guess a passwordPassword expiration Passwords should not have a permanent life They should be set to expire on a regular basis usually somewhere between 42 and 90 days at which point one needs to change a passwordChanging default usernamespasswords Anything with a default password should have the password changed For example wireless routers all come with default passwords and many times those passwords are easily found on web searchesScreensaver required password If a screensaver is being used a screensaver password should be implemented so one cannot just walk by move the mouse to turn off the screensaver and see what is on the screenBIOSUEFI passwords For computers needing an extra layer of security a password can be set in the BIOS or UEFI to force users to enter a password when the computer is turned on A supervisory password can be set to force one to enter a password before changing anything in the BIOS or UEFI
To summarize passwords here is one big tip Always require passwords on devices Under no circumstances should the minimum password length be set to zero By the way in order to utilize tools like Remote Desktop Connection to remote into a device the device must have a password
PurposeAfter completing this project you will know how to set a password policy on a local computer
Steps for Completion1 On a Windows device which is not joined to a domain open Administrative Tools2 Double-click the Local Security Policy shortcut The Local Security Policy will open3 Double-click the Account Policies folder in the middle of the window4 Double-click Password Policy You will see the password policy characteristics5 Double-click the Minimum password length setting6 Click in the characters text box and change the number to 87 Click the OK button8 To change the amount of time before a password needs to be changed double-click
the Maximum password age setting9 Click in the Password will expire in text box and change the number to 6010 Click the OK button11 To force passwords to be strong passwords double-click the Password must meet
complexity requirements setting 12 Select the Enabled option13 Click the OK button14 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 2Topic Workstation Security Best PracticesSubtopics Strong Password Policy Screen Saver Passwords BIOSUEFI Passwords Requiring Passwords
Objectives Covered2 Security
27 Given a scenario implement security best practices to secure a workstation
271 Password best practices2711 Setting strong passwords2712 Password expiration2713 Screensaver required password2714 BIOSUEFI passwords2715 Requiring passwords
115 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Account ManagementIn addition to having a strong password policy a network infrastructure needs to have a strong account policy Users should have just the permissions they need to get their work done A specific account policy which is a best practice is that of implicit deny In an implicit deny situation users are implicitly denied permission to all files and folders Permissions are then granted to users on an as-needed basis In addition to using implicit deny here are some specific account policies which should be implemented
Restricting user permissions In addition to using implicit deny users should have permissions removed when they are no longer needed For example if a group no longer needs permissions to modify a folder that permission should be removedLogon time restrictions If users should not be on the network at certain times their accounts should not be allowed to log on at those times On local accounts time restrictions can be set under an accountrsquos parental controls On a larger corporate network time restrictions can be set in onersquos account properties in Active DirectoryDisabling the Guest account The Guest account is disabled by default It should stay disabled unless it is really needed Default accounts such as the Guest account and Administrator are known by name to attackers and thus are targets for network attacksFailed attempts lockout In this setting an account is locked out after a set number of incorrect passwords are entered This prevents an attacker from having unlimited guesses on a password when trying to take over an accountTimeoutscreen lock In most business settings a screen should not be left unattended for a long length of time Setting either a screen saver or setting the power options for a computer to make the screen go dark after a length of time will prevent the screen from being unattended for too long of a timeChange default admin user accountpassword The default administrator account should be disabled as that account is a target for attacks If the administrator account is to be used the default name and password for the account should be changed
PurposeAfter completing this project you will know how to accomplish account management tasks for local accounts on a computer
Steps for Completion1 On a Windows device not joined to a domain open the Administrative Tools
window2 Double-click the Local Security Policy shortcut to open the Local Security Policy
window3 In the middle of the Local Security Policy window double-click the Account Policies
folder4 Double-click the Account Lockout Policy folder 5 To set the number of invalid logon attempts before an account is locked out
double-click the Account lockout threshold option 6 Use the spin arrows to increase the invalid logon attempts to 37 Click the OK button You will see the following suggested values for account
lockout duration should someone have too many invalid logon attempts and for the duration before onersquos count of invalid logon attempts is set back to 0
8 Click the OK button to take the default values for the lockout duration and lockout counter duration
9 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 2Topic Workstation Security Best PracticesSubtopics Restricting User Permissions Logon Time Restrictions Guest Accounts and Failed Attempts TimeoutScreen Lock Change Default Admin Account
Objectives Covered2 Security
27 Given a scenario implement security best practices to secure a workstation
272 Account management2721 Restricting user permissions2722 Logon time restrictions2723 Disabling guest account2724 Failed attempts lockout2725 Timeoutscreen lock2726 Change default admin user accountpassword
116 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Basic Active Directory FunctionsFor the A+ exam there are four basic Active Directory functions you need to know about account creation account deletion resetting a password and disabling an account When a password is reset you also have the opportunity to unlock an account if it has been locked due to a user entering an incorrect password too many times within a defined time span
PurposeUpon completing this project you will know how to perform four basic Active Directory functions This project does require you to have access to an instance of Active Directory
Steps for Completion1 On a Windows Server with an instance of Active Directory installed open Active
Directory Users and Computers2 Create a user with the name TVAlex and another user with the name TVBart
and set both accounts to have a default password of TekkieVets1 Accept all other default settings
3 Delete the TVBart user4 Change the password on the TVAlex user to TekkieVets25 Disable the TVAlex account
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Workstation Security Best PracticesSubtopic AD Account Creation AD Account Deletion Password Resets and Account Activities
Objectives Covered2 Security
27 Given a scenario implement security best practices to secure a workstation
272 Account management2727 Basic Active Directory functions
27271 Account creation27272 Account deletion27273 Password resetunlock account27274 Disable account
117 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Other Security Best PracticesThere are three more security best practices to consider for securing a workstation They are
Disable autorun This task disables autorun files often found on optical media from running automatically This can help prevent malware from launching from a rogue package of filesData encryption This protects data from being intercepted while in transit and also protects data at rest Two common methods for encryption which we have seen are BitLocker (for encrypting drives) and Encrypting File System (for encrypting files and folders)Patchupdate management This best practice ensures Windows Update is configured to receive and install updates as they become available especially in the area of security patches
PurposeUpon completing this project you will be more familiar with disabling autorun encrypting data and patch and update management
Steps for Completion1 On a Windows device not joined to a domain open the Local Security Policy2 Navigate to Computer Configuration Administrative Templates Windows
Components and then AutoPlay Policies3 Set AutoRun to be disabled4 Close the Local Security Policy window5 Through either the Control Panel or the Settings area open Windows Update6 Make sure Windows Update is set to receive important updates automatically7 A user wants to encrypt three folders on a hard drive What should the user use
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Workstation Security Best PracticesSubtopic Disable Autorun Data Encryption PatchUpdate Management
Objectives Covered2 Security
27 Given a scenario implement security best practices to secure a workstation
273 Disable autorun274 Data encryption275 Patchupdate management
118 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Setting Screen Locks on Mobile DevicesA mobile device should have a mechanism set by which a screen locks after it has been idle for an amount of time Furthermore a mobile device should have some sort of authentication method for unlocking the device Someone should not just be able to pick up a mobile device turn it on and start using it
Not every type of screen lock is available on every mobile device Most devices will have at least some of these common screen lock mechanisms
Fingerprint lock A fingerprint is taken and set to use to unlock the deviceFace lock A device is set up to where it uses facial recognition to unlock the device Another unlocking mechanism should be present in case the facial recognition does not work (such as in lighting different than when the facial recognition was set)Swipe lock Swipe the device to unlock it If this is a single swipe it is not considered secure If the swipe is a pattern (sometimes called a knocking pattern) it is at least somewhat secure because the person needs to know the pattern to swipe or knock for unlocking the devicePasscode lock A four-digit PIN or password is set and used to unlock the device
The face lock and fingerprint lock are biometric means of authentication Biometrics is the who you are form of authentication as biometrics uses a personal trait such as the face fingerprints retina scan or even voice recognition
PurposeAfter completing this project you will have an idea of how to set up a screen lock on a mobile device This project is done on an Android smartphone but can be done on an iOS device The steps to complete the project will vary for different devices
Steps for Completion1 Which screen lock is considered the least secure screen lock
2 When using a face lock what else should be set up on the device
3 On an iOS or Android device access the settings area4 Look for a place to set the screen lock The actual location will vary by device 5 Practice setting the available screen locks (Face Fingerprint Passcode and Swipe)
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Securing Mobile DevicesSubtopics Fingerprint Lock Face Lock Swipe Lock Passcode Lock
Objectives Covered2 Security
28 Given a scenario implement methods for securing mobile devices
281 Screen locks2811 Fingerprint lock2812 Face lock2813 Swipe lock2814 Passcode lock
119 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Remote Applications on Mobile DevicesOne inherent problem with mobile devices such as smartphones or tablets is that they may be misplaced or worse stolen To make sure data is not accessed should a mobile device be lost or stolen the data should be backed up on a regular basis so that if needed the device can have its data wiped before the data gets into unwanted hands In addition a mobile device should have a secure lockunlock mechanism such as a PIN password or some type of biometric authentication Most mobile devices have the following remote capabilities
Remote wipe Remotely removes all of the data from the device This is done when the device is misplaced and the data is at riskLocator application A mobile app used to locate a device through GPS Devices usually need to be configured to be accessible remotely For Android devices the website for locating a device is httpgooglecomandroiddevicemanager For iOS devices the website for locating a device is httpicloudcomfind For Android devices devices are linked to onersquos Gmail account For iOS devices devices are linked to onersquos Apple IDRemote backup applications For iOS devices iCloud when enabled through an Apple ID is the backup application used to back up data on a device Data can then be restored if needed For Android devices the backup location will vary depending upon the device manufacturer The best tool to use to back up files on Windows devices is OneDrive
PurposeAfter completing this project you will know how to find a device remotely To complete this project make sure the device you are using has GPS on and if needed has been configured to be located through a remote locator application This project is done on an iOS device For Android and Windows devices the steps for using a remote locator application will vary
Steps for Completion1 On the device you wish to be able to find remotely make sure GPS is enabled2 If there is a setting to allow the device to be found remotely make sure it is
enabled 3 Log on to the website to where you will find your device4 Find the device and click on it5 If available click Play Sound to play a sound on your mobile device6 Note that there is an option to wipe the device remotely (do not click on that at
this time)7 Close your web browser
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Securing Mobile DevicesSubtopics Remote Wipes and Locator Apps Remote Backup Applications
Objectives Covered2 Security
28 Given a scenario implement methods for securing mobile devices
282 Remote wipes283 Locator applications284 Remote backup applications
120 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Securing Mobile DevicesSubtopic Failed Logon Attempts Restrictions Biometric Authentication Mobile Multifactor Authentication Authenticator Applications
Objectives Covered2 Security
28 Given a scenario implement methods for securing mobile devices
285 Failed login attempts restrictions288 Biometric authentication2810 Multifactor authentication2811 Authenticator applications
Authentication Types and RestrictionsWith mobile devices one of the most important aspects of security is authentication Authentication is the verification of a user attempting to log on to a system When a user attempts to log on to a mobile device the mobile device should have mechanisms set up to verity the authenticity of the user
One way in which this is accomplished is not to allow an unlimited number of failed logon attempts Should a mobile device be lost or stolen a hacker could try a number of different passwords or PIN combinations in order to break into the device Many mobile devices can have a failed logon attempts restrictions setting If this is set the device will actually wipe all of the data off of itself if the number of allowed failed logon attempts have been exceeded A best practice when enabling this setting is to make sure the data on the device is being backed up on a regular basis
Common authentication methods for a mobile device include password PIN codes swipes and knock patterns This is known as the what you know form of authentication
The what you have forms of authentication do not really apply to mobile devices but can include items such as smart cards and badges Some more secure forms of authentication include
Biometric authentication Authentication using part of a human body This is known as the who you are form of authentication Examples of biometric authentication include fingerprints retinal scans facial recognition and voice recognitionMultifactor authentication Authentication using two or more of the three authentication factors For example one may need both a usernamepassword combination (what you know) and a smartcard (what you have) in order to log on to a laptop
For very secure environments an authenticator application can supplement a normal authentication factor An authenticator application is an app which provides a temporary login code which is valid for a short length of time These are often found on RSA tokens and similar devices
PurposeAfter completing this project you will know how to set up a more secure authentication mechanism on a device
Steps for Completion1 For each situation identify the form of authentication (what you know what you
have who you are)
a The use of facial recognition to unlock a mobile device
b A badge to enter a building
c A knock pattern to unlock a mobile device 2 If you have an iOS device open the Settings app3 Tap the Passcode setting Enter a passcode if needed4 If you want turn on the Erase data setting in the Passcode settings Note that your
device will erase itself after 10 failed passcode attempts if you turn this feature on
121 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Securing Mobile DevicesSubtopics Mobile AntivirusAntimalware PatchingOS Updates Full Device Encryption Trusted vs Untrusted Sources Mobile Firewalls Policies and Procedures
Objectives Covered2 Security
28 Given a scenario implement methods for securing mobile devices
286 AntivirusAntimalware287 PatchingOS updates289 Full device encryption2812 Trusted sources vs untrusted sources2813 Firewalls2814 Policies and procedures
28141 BYOD vs corporate-owned28142 Profile security requirements
Other Mobile Device Security MethodsScreen locks remote backups and authentication methods are all important in their roles of securing mobile devices There are several other methods for securing mobile devices technicians and administrators need to consider Here are those security methods along with a description of each methodrsquos role in securing mobile devices
Security Method
Role
Antivirusantimalware
Though malware is not as prevalent on mobile devices especially on iOS devices where apps are heavily screened before being allowed into the App Store a mobile device should still have a reputable antivirusantimalware app installed The app should screen apps as they are downloaded and installed
Patching and OS updates
Most app updates are automatic with the exception of apps changing terms for their use on a device Operating system updates are usually presented in the form of a notification A device should synchronize its data to the cloud or a desktop before applying an operating system update
Full device encryption
This will encrypt all of the data on a mobile device and then require a PIN or password every time the device is turned on in order to decrypt the data
Sources There are two types of sources for apps on a mobile deviceTrusted This involves apps which come from each platformrsquos default location (Play Store for Android App Store for iOS and Store for Windows)Untrusted Apps which do not come from a platformrsquos default location On Android and Windows devices one can allow apps from other sources On many devices a setting is available to disallow untrusted apps
Firewalls Similar to desktops and laptops firewalls can control traffic to a device though ports and protocols On mobile devices the main role of a firewall is to control which apps are allowed on mobile devices
In addition to these security methods a business should have a policy which governs the use of mobile devices in a business environment This is especially important given that in many companies employees will want to use personal mobile devices for company business on company networks This policy known as a Bring Your Own Device (BYOD) policy governs the use of personal mobile devices on company networks and should include what the consequences are for breaking that policy As part of a BYOD policy a company should outline profile security requirements These requirements govern specifics for security requirements for both devices and groups of users using those devices For example a mobile device policy will most likely be far more restrictive for executives than it will be for IT employees
PurposeAfter completing this project you will be well-versed in security methods to use on mobile devices
Steps for Completion1 For each situation identify the security method which should be used to satisfy a user or policy need for mobile devices
a A company wants to control which apps are allowed on a mobile device
b A device needs to have a password set in order to decrypt data
2 What should a technician do with a phone before applying an operating system update 3 If you have an Android device look for the setting which allows or disallows apps from untrusted sources
122 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Physical DestructionWhen data is no longer needed it should be destroyed to the point to where it cannot be reformed Several types of tools may be used depending upon the data andor equipment needing destruction Here are a list of physical destruction tools and situations in which those tools are used to destroy data and if needed equipment
Tool Uses for DestructionShredder Used to destroy paper documents credit cards and if they can
smart cardsDrill Used to drill holes in equipment Useful for destroying
magnetic hard disk drivesHammer Used to break equipment up Again it can help destroy
magnetic hard disk drivesDegaussing Uses electromagnetism to affect data on a hard drive to the
point to where it is unreadableIncinerator Used to destroy larger hardware (such as desktops laptops
and servers)When using a drill or hammer always wear safety goggles as to avoid injury from flying equipment parts or debris Once data andor equipment has been destroyed a company can produce a certificate of destruction as proof of the data being destroyed In some industries certificates of destruction are required to prove old data has been destroyed
PurposeAfter completing this project you will know which physical destruction tool to use given a need to destroy data or equipment
Steps for Completion1 For each situation identify the tool or tools used for physical destruction of the
data or equipment involved
a Documents for drafts of contracts
b An old magnetic hard drive
c Debit cards for closed accounts
d A large outdated server 2 If you have a shredder and confidential documents which are no longer needed turn
the shredder on and shred those documents
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic Destruction and Disposal MethodsSubtopics Shredder Drills and Hammers Degaussing Incineration Certificate of Destruction
Objectives Covered2 Security
29 Given a scenario implement appropriate data destruction and disposal methods
291 Physical destruction2911 Shredder2912 Drillhammer2913 Electromagnetic (Degaussing)2914 Incineration2915 Certificate of destruction
123 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Project Details
Project FilesNA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic Destruction and Disposal MethodsSubtopic Recycling and Repurposing Best Practices
Objectives Covered2 Security
29 Given a scenario implement appropriate data destruction and disposal methods
292 Recycling or repurposing best practices
2921 Low-level format vs standard format2922 Overwrite2923 Drive wipe
Recycling or Repurposing Best PracticesMagnetic hard disk drives when containing data that is no longer needed do not necessarily need to be destroyed The drives can be repurposed for later data storage especially if the drives are relatively new and have a high amount of storage capacity
In these situations hard drives could be in storage and not in use for weeks or even months Thus a technician should make sure these hard drives are completely data-free so that sensitive information does not get into the wrong hands There are four basic methods used to wipe data off of a drive without destroying the drive They are
Data-erasing Method
How it is done
Low level format Done at the disk manufacturer This process defines positions for tracks and sectors Often a zero-fill program is used to fill all data sectors with binary zeros
Standard format The most common method to format the disk This can be done by anyone with the proper permissions in Windows This does not completely sanitize the drive
Overwrite A program is used to overwrite files with random binary ones and zeros to overwrite files and get rid of any remanence of data
Drive wipe In this process multiple overwrites wipe out the drive One example of such a tool is a UNIX tool called Shred Shred performs three overwrites on a hard drive
An example of multiple overwrites is this The first overwrite fills the hard disk with all binary numbers The second overwrite writes the disk with binary numbers which are the reverse of the first overwrite (ones where zeros were and zeros where ones were) The last overwrite writes random bits to the hard drive
PurposeAfter completing this project you will know how to perform a standard format on a hard drive using a graphical user interface (GUI) Make sure that the drive you are using does not have data you need to keep
Steps for Completion1 On a Windows device open File Explorer2 Find the drive you wish to format (do NOT use the C drive in this project)3 Right-click on the drive and click Format 4 If you wish to change the file format or volume label do so Otherwise click the
Start button to start formatting the drive When you get the message warning that all data will be erased click the OK button
5 When the formatting is complete click the OK button6 Close all open windows
124 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 2Topic SOHO Network SecuritySubtopics Changing Default SSID and Encryption Disabling SSID Broadcast Antenna and Access Point Placement Radio Power Levels WPS
Objectives Covered2 Security
210 Given a scenario configure security on SOHO wireless and wired networks
2101 Wireless-specific21011 Changing default SSID21012 Setting encryption21013 Disabling SSID broadcast21014 Antenna and access point placement21015 Radio power levels21016 WPS
Wireless Security in SOHO NetworksWhen setting up a small office home office (SOHO) network a technician needs to be aware of specific security settings as they pertain to wireless devices specifically wireless access points These settings should be addressed before allowing devices to join the wireless network Here are these wireless-specific settings along with a description of each
Setting DescriptionChanging default SSID
Many default SSID names give away the type of router being used thus making it vulnerable as default passwords are easily found online The SSID name and password should be changed
Setting encryption When possible use Wi-Fi Protected Access version 2 (WPA2) with Advanced Encryption Standard (AES) Avoid using Wired Equivalent Privacy (WEP) as it has been cracked
Disabling SSID broadcast
Disabling the SSID broadcast hides the network from some wireless devices This way only those who are given the SSID know what it is though attackers can still obtain the SSID CompTIA has this listed as the best way to secure a wireless network Some industry technicians disagree with this assessment
Antenna and access point placement
For a single room the closer the access point is placed to the center of the room the better Vertically facing antennas are best for one-floor settings Horizontally facing antennas are best for multi-floor settings as the signal will travel up and down
Radio power levels
Increasing the radio frequency (RF) signal increases the signal distance from the wireless access point Decreasing the RF signal decreases the signal distance from the wireless access point Decreasing the RF signal may become necessary in order not to allow a signal to reach the outside of a building Decreasing the RF signal also decreases the speed of the network
WPS Wi-Fi Protected Setup (WPS) is used to make it easy for WPS-enabled devices to connect to a wireless network in one of two ways (or both)
Push button When attempting to connect a device to a wireless access point a user is prompted to push the WPS button on the wireless access point to initiate a connection The device then scans for the wireless access point and if it finds the wireless access point the device will join the wireless networkPIN A user is prompted to enter the PIN assigned to the wireless access point
WPS is a risk as software exists that will discover a WPS PIN
PurposeAfter completing this project you will have the knowledge needed to address specific wireless security aspects of a SOHO network before allowing clients to connect to the network
Steps for Completion1 Name two things that should be done with the SSID before allowing clients to connect to a wireless access point
2 Which is the strongest type of encryption one can use for a wireless access point 3 If you have access to a wireless access point open a web browser log on to the wireless access point and look to change some
of the settings covered in this project When you are done configuring the wireless access point close the web browser
125 | Domain 2 A+ Part 2 (220-1002) Project Workbook
Securing SOHO NetworksOnce specific wireless security issues have been addressed on SOHO networks the rest of the security attention focuses on what to allow and disallow regarding client devices and their connecting to the network as well as what users and computers can do once they are on the network Here is a specific list of security settings to focus on when building a SOHO network Not every setting will apply to every network but a technician should know about these settings and be able to judge which settings to configure given a network situation Here are some of those settings and their uses
Setting How to use itChanging defaults Most wireless routers have default usernames and passwords (and IP addresses) which can easily be found
online so it is important to change theseMAC filtering This process limits the devices which can connect to a wireless network A devicersquos MAC addresses must
be added to a MAC filtering list before it is allowed onto the network This is a good method for controlling access on a very small network but is not as efficient for larger networks as the MAC filtering list can be too long to manage effectively One negative aspect of MAC filtering is a user may forget MAC filtering is on and become frustrated at what should be an easy process to connect a new device to the wireless network
Static IP addresses While a wireless router can use DHCP to give out IP addresses any device which multiple people will access (like a printer for example) should have a static IP address assigned as having a dynamic address will cause users to lose connectivity to the device should its IP address change
Firewall settings Every device on a network should be protected by a firewall A firewall can be enabled (when one exists) on a wireless router or Windows Firewall can be used on all of the Windows devices in a network A technician should know which firewall(s) are enabled on a SOHO network
Port forwardingmapping
Port forwarding (also known as port mapping) allows for Internet traffic to be forwarded to a specific system on an internal network For example a business owner may want to access a specific business machine from home A SOHO router can be configured to forward remote traffic (as in port 3389 for Remote Desktop for Microsoft) to that machine (so long as it has a static IP address) thus enabling the business owner to use Remote Desktop Connection to access the machine through the SOHO router
Disabling ports Any port to where traffic should not be allowed through should be disabled For example if traffic from a known game should not be allowed the port the game uses should be disabled
Content filteringparental controls
This can be set to limit what a user can do on the SOHO Some SOHO routers list known apps and games which can be disabled Other SOHO routers can limit bandwidth by app Some SOHO routers have proxy server capability thus allowing an administrator to filter web content
Firmware updates Firmware updates help fix possible security holes and can enable features not previously available (such as WPA2 on older SOHO routers) A SOHO routerrsquos configuration should be backed up before applying a firmware update
Physical security SOHO routers and other network equipment should be placed in a secure physical location The larger the network the more important this becomes
PurposeAfter completing this project you will know how to apply these concepts to best secure a SOHO network
Steps for Completion1 For each situation identify what a technician should do to best secure a SOHO network
a A business owner does not want employees to have access to multi-player games while at work
b You are setting an IP address on a printer Should the IP address be static or dynamic
c What should be changed on a SOHO router as soon as it is set up and visible d What should every device on a SOHO network have as a means of protection from unwanted traffic
e What is an efficient way to control which devices are allowed on a SOHO network
126 | Domain 2 A+ Part 2 (220-1002) Project Workbook
2 If you have access to a SOHO router (usually a wireless access point) log on to the router and practice some of the concepts covered in this project As an example here is what a parental control screen could look like on a SOHO router
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 2Topic SOHO Network SecuritySubtopic Change Default UsernamePassword MAC Filtering and Static IP Addresses Firewall Settings Port ForwardingMapping Disabling Ports Content Filtering Update Firmware Physical Security
Objectives Covered2 Security
210 Given a scenario configure security on SOHO wireless and wired networks
2102 Change default usernames and passwords2103 Enable MAC filtering2104 Assign static IP addresses2105 Firewall settings2106 Port forwardingmapping2107 Disabling ports2108 Content filteringparental controls2109 Update firmware21010 Physical security
127 | Domain 3 A+ Part 2 (220-1002) Project Workbook
128 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Fill-in-the-Blanks Domain 3Instructions While watching Domain 3 fill in the missing words according to the information presented by the instructor [References are found in the brackets]
Windows OS Troubleshooting
1 The is the first place to check for a process or app that is causing a system to run slowly [Slow Performance]
2 If you get a message that the BOOTMGR is missing rebuild it using the command through a command prompt [Failure to Boot]
3 The will show specific error messages for services that are failing to start in the System log [Services Fail to Start]
4 A slow hard disk drive can be sped up through defragmenting it [Defragment the Hard Drive]
5 One can boot into Safe Mode through the environment or through setting it up in the System
screen [Safe Boot]
Troubleshoot PC Security Issues
6 A PC that is locking up could indicate a problem with the system [System Failures]
7 If a Windows update tries to install and fails repeatedly run the feature [System Failures]
8 Invalid and valid certificates can be viewed through the Certificate [Common Security Symptoms]
Malware Removal Best Practices
9 Once malware
has been found on a system a system should be quarantined immediately [Quarantine and Disable System Restore]
10 Before antimalware is run the antimalware definitions
need to be updated [Scan and Use Removal Techniques]
11 The final steps in the malware removal process are to setup a scanning schedule enable System Restore create a restore
point and training
users [Final Steps]
Common Mobile Device Symptoms
12 Most Bluetooth devices need to be within or 33 feet of the devices they are pairing with [No Bluetooth Connectivity]
13 around the charging port could affect your ability to charge your mobile device [Common Mobile Device Symptoms]
14 If a touch screen is not working properly and is inaccurate run a app to attempt to fix the problem [Speaker Screen and System Issues]
Mobile OS and App Security Issues
15 If a mobile device cannot get a good signal in a building get a cellular to fix the problem [Signal Power and Data Issues]
16 To reduce power drain use to transmit data as much as possible [Signal Power and Data
129 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Issues]
17 surfing and using public Wi-Fi networks to view data will lead to leaked personal files or data from a mobile device [Unintended Connections and Leaks]
130 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Windows OS ProblemsOne of the areas of troubleshooting an A+ technician needs to be well-versed in is the performance of the operating system Problems here can range from slow performance to the system crashing on a regular basis Though each troubleshooting situation is unique there are some common steps to take should a system start to perform slowly or spontaneously crash Here are some common symptoms and the first step one should take to try to solve these problems
Problem First Step to Troubleshoot the ProblemSlow performance Besides a nearly full hard drive an over-utilized CPU andor RAM being utilized at a high percentage will slow
down the system If virtual memory is being used that too will slow down the system Use the Task Manager to see if there are any processes which need to be stopped
Limited connectivity
Often a result of a failing hardware device like a gateway or router Run the tracert command to attempt to isolate the problem
Failure to boot Boot to the Windows Recovery Environment (RE) The bootrec command with the fixboot or rebuildbcd option may need to be run depending upon the cause of the failure to boot
No OS found Usually the result of a missing boot sector Boot into Windows RE and try rebuilding those filesApp crashes Use the Event Viewer and online searches to try to get to the root of the problem You could also try repairing
the installation via the Control PanelBlue Screen of Death (BSoD)
If Windows crashes a blue screen appears with an error message Upon reboot look to the Event Viewer for guidance on the problem Stop errors start with 0x and an error number can be used in an online search for research
Black screens If this is not a hardware problem reboot the device into VGA Mode or Safe Mode and see if the resolution andor refresh rate need to be adjusted
Printing issues If a single device is having issues check to see if the IP address and port combination for a device are correct If multiple devices are having issues restart the print spooler
Service fails to start
Check to make sure the service is enabled and set to start automatically You may also need to check the dependencies of the service to make sure they are starting properly
Slow bootup Check to see which items are starting up and disable any items that do not need to start upSlow profile load Clean out the Temporary Internet Files and Cookies folder on a device
A special warning regarding missing dll files Always make sure to get the dll file for an application from the applicationrsquos installation source Never download the dll file from the Internet as many websites which claim to have dll files actually provide malware
PurposeAfter completing this project you will have gained knowledge in identifying problems which cause system performance issues and the steps needed to solve these issues specifically in the areas of services and file associations
Steps for Completion1 You get a help desk ticket explaining that a userrsquos computer is running more and more slowly Which tool should you check first
for possible slowdown causes 2 You are troubleshooting a machine which has had two BSoD incidents in the past 12 hours Which tool should you use to
attempt to get more information on these errors 3 On a Windows device open the Control Panel4 If necessary change the view to either Large icons or Small icons5 Click Administrative Tools6 Double-click Services The Services window will appear7 Scroll down and find the DHCP Client service It should be running and the startup type should be set to automatic as seen
here
8 Right-click the DHCP Client service and click Properties The DHCP Client Properties dialog box will appear9 Make sure the Startup type field is set to Automatic (it should be for any service which needs to run at startup)10 Click the Dependencies tab11 Note the components the service depends upon in order to start Close the DHCP Client Properties window
131 | Domain 3 A+ Part 2 (220-1002) Project Workbook
12 Close the Services window13 Using Task Manager (or Msconfig on a Windows 7 device) check to see what is
starting up and disable any apps that do not need to start up
Project Details
Project Files NA
Estimated Completion Time
10-15 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopics Slow Performance Limited Connectivity Failure to Boot Other Operating System Issues Black Screens and Printing Issues Services Fail to Start Slow Bootup Slow Profile Load
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
311 Common symptoms3111 Slow performance3112 Limited connectivity3113 Failure to boot3114 No OS found3115 Application crashes3116 Blue screens3117 Black screens3118 Printing issues3119 Services fail to start31110 Slow boot up31111 Slow profile load
132 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Defragment a Hard DriveDefragmenting a hard drive combines fragments of files together and creates more continuous free space on drive cylinders This task is only necessary on magnetic hard drives as solid-state drives do not store data in fragments across cylinders
PurposeUpon completing this project you will be familiar with solutions to increase file access and to optimize an operating systemrsquos performance
Steps for Completion1 When would you defragment a hard drive
2 Does a solid-state drive need to be defragmented 3 Open the Disk Optimizer tool on your device4 If you have a magnetic hard drive defragment it5 If you have a magnetic hard drive set it to be defragmented on a monthly basis
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopic Defragment the Hard Drive
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3121 Defragment the hard drive
133 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Reboot Kill Tasks and Restart ServicesRebooting is turning off an operating system and then turning it back on again whereas killing a task is instantly stopping an individual task in an operating system When a task is killed the data that was entered will be lost Instead of killing a task its accompanying service can be restarted which means that just the service is turned off and then turned back on
PurposeUpon completing this project you will know what can be done when the system freezes and how to reboot the system kill a task or restart a service
Steps for Completion1 When might a reboot be required on a system
2 What needs to be checked after a system freezes and is rebooted Why
3 What Windows feature should be used to kill a task when the system is frozen but
does not need to be rebooted 4 Open Task Manager5 If there are any processes that are not needed and are using up a high percentage of
system resources kill those processes6 What do you need to do if the task is frequently freezing and needing to be killed
7 What should you do if a service will not restart
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopics Reboot and Kill Tasks Restart Services
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3122 Reboot3123 Kill tasks3124 Restart services
134 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Update Network SettingsDifferent networks may use different methods of distributing IP addresses The two main options are Dynamic Host Configuration Protocol (DHCP) which assigns IP addresses dynamically and static assignments of IP addresses If a device is moved from one network to another the device will need to obtain an IP address from the new network If DHCP is being used this should be automatic though sometimes the IP address itself needs to be renewed
PurposeUpon completing this project you will know how to update an IP address on a device on a network that uses DHCP and you will know what is needed to assign a static IP address
Steps for Completion1 On a Windows device open a command prompt2 Use the ipconfig renew command to renew the IP address on the device3 Navigate to the devicersquos network card settings Is the DNS server address assigned
or is it automatic 4 What is needed besides an IP address in order to assign a device a static IP
address
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopic Update Network Settings
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3125 Update network settings
135 | Domain 3 A+ Part 2 (220-1002) Project Workbook
ReimageReload OSReimaging an operating system (OS) reinstalls an OS from a pre-built installation image With reimaging all files and apps are erased from the previous installation Reloading an OS involves rerunning the installation media with the intention of repairing or replacing missing or corrupt system files Reloading preserves the files and apps on a current OS
In Windows 10 there is also the option to reset a Windows installation Resetting an installation preserves files but deletes apps forcing a user to reinstall those apps
PurposeUpon completing this project you will know where to access the reimagereload options for an OS and when to reimage or reload an OS
Steps for Completion1 Before doing any operating system reinstall what should be done with the current
files on the system
2 What can be done in the Windows Recovery Environment in Windows 10 regarding Windows installations
3 If the files can be saved what should you do reset reinstall replace or recover a
previous version of the Windows OS 4 Which form of reinstalling Windows does not preserve files
5 If the OS crashes what should you do reimage or reload the Windows OS
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopic ReimageReload OS
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3126 Reimagereload OS
136 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Roll Back Updates and Device DriversUpdates can cause a system or device driver to be unstable When this happens the update will need to be rolled back Rolling back an update is uninstalling the update from an OS or device
PurposeUpon completing this project you will be familiar with how to roll back system and device driver updates
Steps for Completion1 On a Windows device open the Windows Update area2 Navigate to the area in which updates can be uninstalled (under Update History)
Are there updates that could be uninstalled if need be 3 Open Device Manager4 Access the properties for your video card5 Click the Driver tab Is the Roll Back Driver button enabled
6 If the Roll Back Driver button is not enabled what is the main reason for it
7 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopics Roll Back Updates Roll Back Device Drivers
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3127 Roll back updates3128 Roll back device drivers
137 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Apply Updates Repair Applications and Update Boot OrderCommon solutions to application and boot problems are to check and apply new updates repair the app and update the boot order Updates run on a regular basis but at times important system updates need to be updated manually by looking for new updates usually under the Help feature for an app If an app is freezing or crashing and an update is not available the app will need to be repaired
The boot order will show the sequence that programs and applications will boot up Often a boot order is changed when an operating system is being installed as the installation media is often not on a userrsquos hard drive If that happens the boot order should be changed to where a system boots first to a hard drive once the operating system installation in complete
PurposeUpon completing this project you will be able to apply manual updates know where to go to repair applications and be familiar with how to update the boot order
Steps for Completion1 What are two reasons to apply important system updates manually
2 Open an app you use often on your system3 Check to see if the app needs updating (only update the app if you have permissions
to do so)4 Where can an app be reinstalled
5 Where is the boot order for your drives located 6 What is the first item to boot on your computerrsquos boot sequence
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopics Apply Updates Repair Applications Update Boot Order
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3129 Apply updates31210 Repair application31211 Update boot order
138 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Disable Windows Services Applications and Application StartupServices and applications can be set to start when the operating system starts up To maintain a stable operating system all startup settings for services and apps should be stopped or disabled if they are not in use
PurposeUpon completing this project you will know where and how to disable a servicersquos startup and an apprsquos startup
Steps for Completion1 On a Windows device open the Services window2 Disable the Xbox Live Networking Service from starting up (or if you need that
service choose a service you do not need)3 Open the Task Manager window (Msconfig if on Windows 7)4 Find an app that does not need to start up and disable the app from starting up5 Close all open windows
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopic Disable ServicesApplicationsStartup
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions31212 Disable Windows servicesapplications31213 Disable application startup
139 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Safe Boot and Windows ProfilesThe final two topics we will cover under Windows OS Troubleshooting are Safe Mode and rebuilding a Windows profile A system should be bootedstarted in Safe Mode when you need to troubleshoot a system without all the systemrsquos drivers loaded Safe Mode will start the operating system by loading a minimal set of drivers Safe Mode is also a popular starting point for when a system needs to be cleaned from malware
User profiles in Windows can become corrupted and will need to be rebuilt Rebuilding a user profile is creating a new user profile and applying the old user profile files to the new user profile
PurposeUpon completing this project you will know when to boot in Safe Mode and how to use Safe Mode You will also know what to do if a user profile will not load
Steps for Completion1 What are three reasons to boot a system in Safe Mode
2 What two areas will allow a system to be booted into Safe Mode
3 If using the system configuration once you are done troubleshooting what needs to
be done so that the system will not continue to boot in Safe Mode
4 What will be the first sign that a user profile is corrupted
5 What do you do if a user profile will not load
6 A message stating that a user profile cannot be loaded when a system starts up In
which directory are user profiles located
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 3Topic Windows OS TroubleshootingSubtopics Safe Boot Rebuild Windows Profiles
Objectives Covered3 Software Troubleshooting
31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions31214 Safe boot31215 Rebuild Windows profiles
140 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Common PC Security IssuesIn addition to troubleshooting software a technician needs to be able to troubleshoot security issues on a machine Here is a list of common symptoms of security issues on a computer and a description of each symptom
Symptom DescriptionPop-ups These appear to attempt to get a user to click a link to something which looks good but is a link to malware
Most web browsers have a pop-up blocker activated so for a pop-up window to get past the blocker usually means it is a malicious pop-up
Browser redirection
A user attempts to visit a website and gets redirected to a different site This could be a sign of malware on the system If multiple users have the same redirection problem the problem is most likely a bad DNS server entry
Security alerts An antimalware program can pop up with a warning that a website or file is potentially harmfulSlow performance This could be caused by malware but could also be caused by having too many resources in use Check Task
Manager andor Performance Monitor to see which apps are using a lot of the CPU andor memory A hard drive near capacity will also cause slow system performance
Internet connectivity issues
Besides this being a hardware network card or configuration issue malware can change the proxy settings of onersquos Internet browser settings thus causing a connection to fail This is especially true if one browser does not work but the rest of the browsers work
PCOS locks up This could be caused by malware but more than likely this is caused by an overload in system resources specifically CPU and RAM This could be a hardware issue often caused by overheating
Application crash If an application keeps crashing check the Event Viewer application log for error messages and use those messages to research the problem Also try uninstalling and reinstalling the application
OS updates failures If a Windows update fails check the update history to see what is causing the failure It could be a break in Internet connectivity It is unlikely to be malware-related but that cause should not just be ruled out
Rogue antivirus Malware which disables antivirus software A system must be booted into Safe Mode in order to run the antivirus program In addition one may need to obtain a different antimalware program temporarily and run it in order to enable the original antivirus software
Spam Email which is unsolicited or unwarranted Most email providers have a solid junk email filter A senderrsquos email address can be added to a junk email list Clicking a link in a spam message can cause an infection known as a drive-by download (an unwarranted unknown download)
Renamed system files
Malware can rename system files andor extensions Check the modification date on these files if you are suspicious One may need to boot into the Windows Recovery Environment (WinRE) and run the SFC scannow command to identify bad system files and replace them
Disappearing files Before assuming malware check to make sure the files are not hidden Many system files and folders with user settings are hidden by default When in doubt run an antimalware scan
File permission changes
If boot files cannot be accessed a boot record fix needs to take place If other files cannot be accessed run the antivirusantimalware program to see if malware is present on the machine
Responses from users regarding email
If an email account is hijacked email will be sent to people in the accountrsquos address book If this happens a user needs to change all online passwords (especially the email password) and get a copy of the originating IP address of the email message and report that address to the email provider
Automated replies from unknown sent email
A sign that onersquos email has been hacked is the receiving of failed delivery notification messages from email addresses one does not recognize The user should change all online passwords find out the originating IP address of the email and report that address to the email provider
Access denied Malware can be caught by the User Account Control (UAC) feature when trying to install itself Or a RunDLL access denied message can appear if malware is trying to install itself A user should always be suspicious of these messages when the user did not purposely try to download a file or executable program
Invalid certificate This appears on a website when the certificate issued by the certificate authority (CA) for that website has not been verified to be trustworthy and current Unless one knows the site is trustworthy the site should be avoided Certificates originate from a root CA the top-level certificate authority server on a network
Systemapplication log errors
One place you always want to keep an eye on for potential problems is the Event Viewer If you have a problem with the system or an app you will want to review either the System log or Application log or perhaps both If you are seeing error messages take the time to read the details on them You may have to do an online search to get some interpretation of these details The more critical or error messages you have in a short amount of time the more severe the problem
141 | Domain 3 A+ Part 2 (220-1002) Project Workbook
PurposeAfter completing this project you will be better equipped to identify security symptoms on computers
Steps for Completion1 For each situation identify what the best first step would be to resolve the security
symptoma A user is getting complaints from coworkers about email the user sent when
the user did not send it
b The message Certificate cannot be verified is displayed on a website
c A technician runs the antivirus scan on a system with suspected malware The user is still exhibiting malware symptoms
d A Windows update keeps failing
e After being on for a while a computer starts to run very slowly
f A user tries to navigate to a website but keeps getting redirected to another site
Project Details
Project FilesNA
Estimated Completion Time
5-10 minutes
Video Reference Domain 3Topic Troubleshoot PC Security IssuesSubtopics Common Security Symptoms System Failures Common Security Symptoms SystemApplication Log Errors
Objectives Covered3 Software Troubleshooting
32 Given a scenario troubleshoot and resolve PC security issues
321 Common symptoms3211 Pop-ups3212 Browser redirection3213 Security alerts3214 Slow performance3215 Internet connectivity issues3216 PCOS lockup3217 Application crash3218 OS updates failures3219 Rogue antivirus32110 Spam32111 Renamed system files32112 Disappearing files32113 File permission changes32114 Hijacked email
321141 Responses from users regarding email321142 Automated replies from unknown sent email
32115 Access denied32116 Invalid certificate (trusted root CA)32117 Systemapplication log errors
142 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Best Practices for Malware RemovalInevitably a technician is going to need to detect and remove malware on a userrsquos computer CompTIA has a specific seven-step process as a list of best practices for malware removal Here are the seven steps along with a description of each step
Malware Removal Step
Description
Identify malware symptoms
Observe the system for changes in system files Use Task Manager to determine if any unfamiliar apps or processes are running If an app was installed which was advertised as a virus removal tool but does not do so it is a form of malware
Quarantine infected system
As soon as a system is deemed to have malware it should immediately be removed from the network so that it does not affect other systems
Disable System Restore
In Windows System Restore creates restore points for system settings on a regular basis or after a major installation If left enabled a system could revert to the state to where the virus was present Thus System Restore should be disabled
Remediate infected system
In this step make sure the antivirusantimalware software has the current updates This will best equip the software to remove malware Then run the antivirusantimalware software and scan the system so malware can be identified and removed If system files have been infected the antivirusantimalware tool may need to be run in Safe Mode or the Windows Recovery Environment
Schedule scans and run updates
Make sure the antivirusantimalware software is set to scan the system on a regular basis The software should also be set to update its definition files on a regular basis
Enable System Restore and create restore point
In Windows once a system is cleaned from malware a restore point should be created Re-enable System Restore and create a restore point
Educate end-user If user actions caused the malware problem educate the user on being careful about websites to visit and apps to download Users should be taught to not obtain anything which seems suspicious
Purpose After completing this project you will know which steps to take for malware removal given a userrsquos situation
Steps for Completion1 For each situation identify the step in the malware removal process a technician should
performa A user reports a message is appearing which says Click here or your C drive will
be erased b A userrsquos Mac has had all of its viruses removed
c A userrsquos Windows system diagnosed with malware has been quarantined
d A technician has concluded a userrsquos machine has a Trojan horse
2 How would you go about educating an end-user to avoid acquiring malware
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 3Topic Malware Removal Best PracticesSubtopics Identify and Research Symptoms Quarantine and Disable System Restore Update the Antimalware Software Scan and Use Removal Techniques Final Steps
Objectives Covered3 Software Troubleshooting
33 Given a scenario use best practice procedures for malware removal
331 1 Identify and research malware symptoms332 2 Quarantine the infected systems333 3 Disable System Restore (in Windows)334 4 Remediate the infected systems
3341 a Update the anti-malware software3342 b Scan and use removal techniques (safe mode pre-installation environment)
335 5 Schedule scans and run updates336 6 Enable System Restore and create a restore point (in Windows)337 7 Educate the end user
143 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Common Mobile Operating System IssuesGiven the nature of the size of mobile devices and their propensity to move around a lot operating system issues with these devices are bound to occur It is up to an A+ technician to categorize and diagnose these problems and then in many cases be able to take the first steps necessary to solve the problem Here is a list of common operating system problem symptoms with mobile devices along with a description and where applicable possible first steps taken to remedy the situation
Symptom Description and Possible First StepsDim display Check the brightness settings If they are set to auto consider manually setting the brightness When a device goes
into battery saver mode the display is usually dimmed On a laptop the backlight could be failing or have failedIntermittent wireless
The usual cause is the device being too far from a wireless access point Wireless access points should be placed in a central location in a room high above the ground Check also for interference from microwaves large magnetic devices and large water tanks
No wireless connectivity
Make sure the wireless onoff key or airplane key has not been pressed Make sure the wireless adapter is enabled Try connecting another device to the wireless network to determine whether the problem is with the device itself or as in the case where multiple devices fail to connect the wireless access point
No Bluetooth connectivity
Make sure Bluetooth is on When a device goes into battery saver mode Bluetooth will often turn off and not turn on after the device is charged If Bluetooth is on try re-pairing it with a device it was previously paired with
No broadcast to external monitor
Make sure any external displays are plugged in properly Check the screen settings on the original device to make sure it recognizes the second display and that projection settings are set to use both monitors Try another external display to see if the problem is with the display or the device
Touch screen unresponsive
First restart the device If the problem still exists remove the covering on the screen (if there is one) and clean the screen If the problem still exists gently knock each corner of the screen The last resort is to send the device to an authorized repair agent
Apps not loading
If an app will not load take the following steps to try to fix the appbull Force stop the appbull Clear the cache for the appbull Clear the data for the appbull Update the appbull Uninstall and reinstall the appbull Restart the devicebull Check for overall system updates
Slow performance
Similar to desktop computers mobile devices will slow down as apps are added and storage space is filled Check storage availability to see if it is low Check background processes to see if one or more is using a high amount of processor percentage Delete any unneeded apps
Unable to decrypt email
For many corporate email accounts a certificate is needed in order to decrypt email Check the email server to see if there is a certificate to import into the device If the device has full encryption it may need to be decrypted
Extremely short battery life
Make sure the device can hold a charge To isolate the problem to a device or a charger try a different charger Check for cracks around the charging port as that can affect a devicersquos ability to charge The following services when enabled will shorten battery life brightness (the higher it is the shorter the battery life) constant searching for signals streaming data GPS (the more apps using location services the faster the battery drains)
Overheating Overheating can ruin a battery and also the device itself Avoid subjecting a device to extreme temperature change The following factors can prevent overheatingbull Avoid direct sunlightbull Turn off unused appsbull Avoid the automatic brightness settingbull Disable unneeded network connections (like Bluetooth)bull Remove the case (on a phone) when it is not needed
Frozen system Try a soft reset If the battery is removable pull it out for 10-15 seconds and then put it back in Recent updates can cause instability which can cause a frozen system If an app is causing it uninstall the app The device itself may be defective
No sound from speakers
Check to make sure the volume is up and the speaker connector is plugged in all the way Try a different pair of speakers or headphones to rule out the sound card If these are Bluetooth speakers follow the same guidelines for troubleshooting Bluetooth connectivity
144 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Symptom Description and Possible First StepsInaccurate touch screen response
Run a calibration app to attempt to fix the problem
System lockout
This occurs when one cannot log on to a device The most likely solution is a factory reset unless the device supports a lock-disabling mechanism remotely (like iCloud for iOS devices)
App log errors App log errors for an iOS or Android device can be viewed through connecting the device to a laptop or desktop and using an app log reader Logs can be read directly on Android devices that have been rooted
Some of these mobile operating system problems can force a factory reset in order to fix the problem Factory resets erase data currently on the device Thus it is important that the data on devices be backed up on a regular basis
PurposeAfter completing this project you will have a better understanding of what to do when one of these symptoms appears
Steps for Completion1 For each situation involving a mobile device operating system problem explain the
first steps you would take to try to solve the problema A user can read personal email on a device but cannot read corporate email
even though that aspect once worked
b A user cannot pair a tablet with a Bluetooth keyboard
c A userrsquos display on a tablet is dim
d A userrsquos smartphone takes longer to charge and does not hold the charge for as long as it did before
e A userrsquos app for a favorite restaurant freezes the device whenever the app is loaded
f A user connected a laptop to an external monitor but cannot project to that monitor
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 3Topic Common Mobile Device SymptomsSubtopic Dim Display and Intermittent Wireless No Wireless Connectivity No Bluetooth Connectivity Cannot Broadcast to External Monitor Common Mobile Device Symptoms Speaker Screen and System Issues
Objectives Covered3 Software Troubleshooting
34 Given a scenario troubleshoot mobile OS and application issues
341 Common symptoms3411 Dim display3412 Intermittent wireless3413 No wireless connectivity3414 No Bluetooth connectivity3415 Cannot broadcast to external monitor3416 Touch screen unresponsive3417 Apps not loading3418 Slow performance3419 Unable to decrypt email34110 Extremely short battery life34111 Overheating34112 Frozen system34113 No sound from speakers34114 Inaccurate touch screen response34115 System lockout34116 App log errors
145 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Mobile OS and Application Security IssuesCompared to desktop computers mobile devices have their own set of unique operating system and application security issues Here are some common symptoms of security issues a technician may find on mobile devices and the first steps necessary to try to solve these issues
SymptomIssue First StepsSignal dropweak signal Caused when device is in a bad geographic area or there is interference inside of a building (like
very thick walls) If this is an indoor problem get and install a cellular repeater as this will boost cellular signals inside of a building
Power drain Check the battery settings on the device to see which apps and processes are using the highest battery percentage Having Bluetooth and location services on all of the time will lower the battery life
Slow data speeds If the device is on a Wi-Fi network it is sharing bandwidth with other devices on the network The user may be in a remote area or a zone that doesnrsquot get a good connection If a user goes over a data plan the provider could throttle the speed down for the remainder of the billing period
Unintended Wi-Fi connection Make sure the device is not set to connect automatically to Wi-Fi networks as it moves from area to area If a device can connect to a Wi-Fi network in this manner and without any form of authentication the network is most likely an open network and thus is not secure
Unintended Bluetooth pairing Make sure the device is not set to discover other Bluetooth devices automatically If one suspects a device has been paired without authorization Bluetooth should be turned off immediately
Leaked personal filesdata The following steps can be taken to avoid having personal data leak into unwanted sourcesbull Make it harder to shoulder surf by holding the device at an angle to where one cannot easily
look over a shoulder to see device activitybull Avoid viewing confidential data while connected to public Wi-Fi networksbull Use an antimalware programbull Consider third-party encryption for sending data to and from the cloudbull Change passwords frequently
Data transmission over limit If a mobile device has a cellular plan with a data limit during a billing cycle the cellular provider will often throttle data for the remainder of the billing period andor increase charges on the phone bill To avoid this situation one should use Wi-Fi as much as possible and only use the mobile device as a hotspot when necessary
Unauthorized account access On any suspicion of someone else accessing onersquos account the account password should be changed right away Many apps (such as Gmail) will show where and when a logon took place
Unauthorized root access When a device is rooted (known as jailbreaking in iOS) interfaces and apps which would not otherwise be allowed are allowed The problem caused with rooting a device is that a user has unrestricted access to the entire file system If a hacker accesses the device the hacker will also have unrestricted file access to the device
Unauthorized location tracking
Possible with some apps on devices and more possible if the device has been rooted Location tracking should only be on when needed and can usually be controlled on an app-by-app basis
Unauthorized cameramicrophone activation
Some malicious apps will take over a devicersquos camera andor microphone If this is suspected run an antimalware app to check for malware
High resource utilization Look at device settings to see what is running to cause the high resource utilization If the app or process is not needed turn it off or if necessary do a force stop on the app or process
To prevent problems caused by apps always check an app to see what kind of access it will want on a device before installing the app For example many apps need access to a devicersquos microphone If one does not feel comfortable with that scenario the app should not be installed
PurposeAfter completing this project you will have a better understanding of common symptoms for mobile operating system and app security issues
146 | Domain 3 A+ Part 2 (220-1002) Project Workbook
Steps for Completion1 For each situation indicate the best first steps to take to attempt to solve the
potential security issuea A user suspects someone has logged on to the userrsquos email account
b A user complains that 20 days into the billing cycle data streaming gets much slower
c A userrsquos device keeps getting notifications that it is connecting to unfamiliar Wi-Fi networks
d A user calls to complain that the battery on the userrsquos device has been draining very quickly lately
e A user asks you what it takes to minimize the risk of personal files being leaked
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 3Topic Mobile OS and App Security IssuesSubtopics Signal Power and Data Issues Unintended Connections and Leaks Unauthorized Access High Resource Utilization
Objectives Covered3 Software Troubleshooting
35 Given a scenario troubleshoot mobile OS and application security issues
351 Common symptoms3511 Signal dropweak signal3512 Power drain3513 Slow data speeds3514 Unintended Wi-Fi connection3515 Unintended Bluetooth pairing3516 Leaked personal filesdata3517 Data transmission over limit3518 Unauthorized account access3519 Unauthorized location tracking35110 Unauthorized cameramicrophone activation35111 High resource utilization
147 | Domain 4 A+ Part 2 (220-1002) Project Workbook
148 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Fill-in-the-Blanks Domain 4Instructions While watching Domain 4 fill in the missing words according to the information presented by the instructor [References are found in the brackets]
Documentation Best Practices
1 A business network should have a that is physical or logical [Internal Documentation]
2 A regulatory policy and other procedures regulations and practices add up to an overall policy [Internal Documentation]
3 Asset tags and are the most common methods to use to manage a companyrsquos IT inventory [Password Policy Inventory Management]
Change Management Best Practices
4 The form is the main document to complete when making a documented business change [Business Processes Purpose and Scope]
5 Risk analysis is the act of determining the risk of doing a project and then measuring that risk or quantitatively [Risk Analysis]
6 The approval board usually requires a backout plan to detail how changes will be reversed if changes
during a change process [Backout Plan Document Changes]
Disaster Prevention and Recovery
7 Images are created using the same tool used for backup in Windows [Image Level Backups]
8 When saving a image critical applications should be loaded on the image [File Backups Critical Applications]
Common Safety Procedures
9 Three types of equipment grounding are Earth chassis and [Equipment Grounding]
10 Hard drives network cards and video cards should be stored in an antistatic bag to avoid discharge [Proper Component Handling and Storage]
11 Restore mobile devices to settings before recycling or disposing of the devices to remove personal data [Cell Phone and Tablet Disposal]
Personal Safety
12 A label fire extinguisher will put out electrical fires and should be available in the workplace [Electrical Fire Safety Cable Management]
Environmental Impacts and Controls
13 A(n) should be available for any chemical found in the workplace which will outline proper handling and disposal [Temperature Humidity and Ventilation]
14 A is a dip in power that lasts a second or less while a is a dip in power that lasts longer than a second [Power Surges Brownouts Blackouts]
15 Air filters masks air cans and vacuums are items that can be used to protect against airborne particles [Airborne Protection]
149 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Licensing Privacy Prohibited Content16 Security incidents can be unauthorized applications installed unauthorized drives and unauthorized
to data [Incident Response]
17 The first response to a security incident involves identification reporting and data and device [Documents Chain of Custody Tracking]
18 A(n) outlines what can and cannot be done with software being installed [LicensingDRMEULA]
19 An open source license involves software found in Linux and the Android family and has freely available for anyone to modify and redistribute [Open Source vs Commercial Licensing]
Communication and Professionalism
20 When dealing with a difficult customer your voice to try to diffuse the situation [Difficult Customers and Situations]
Scripting Basics
21 Python and JavaScript are programming languages [ps1 vbs sh py and js Files]
22 Some Windows scripts require making changes to the environment in Windows [Environment Variables]
Remote Access Technologies
23 The Protocol runs on port 3389 [RDP]
24 SSH is the secure choice that runs on port for hardware such as switches routers and mainframes [Telnet and SSH]
25 RDP and SSH are not screen-share programs because they take over the device instead of sharing [Third-Party and Screen Shares]
150 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 4Topic Documentation Best PracticesSubtopic Internal Documentation Password Policy Inventory Management
Objectives Covered4 Operational Procedures
41 Compare and contrast best practices associated with types of documentation
411 Network topology diagrams412 Knowledge basearticles413 Incident documentation414 Regulatory and compliance policy415 Acceptable use policy416 Password policy417 Inventory management
4171 Asset tags4172 Barcodes
Documentation Best PracticesA company IT infrastructure must have solid documentation to describe the network topology the devices used within the network and the segmentation within the infrastructure Specifically for the exam you will want to know about these document types
Document DescriptionNetwork topology diagram
A document which shows both the physical and logical layout of a network The physical aspect shows placement of devices The logical aspect shows IP addressing schemes and network segmentations
Knowledge base
A collection of articles used to help solve problems This can be internal or external (such as is the case with TechNet or a similar online knowledge base) or a combination of both
Incident documentation
A suite of documents used to track security-related incidents such as unauthorized use of physical space andor files and folders acceptable use breaches and any other policy violations
Regulatory and compliance policy
A suite of documents which outline and specify regulations that must be followed Procedures regulations and practices one must follow add up to an overall compliance policy
Acceptable use policy
A document that governs the use of devices within a company This should be read and signed by every employee
Password policy A policy that specifies required length complexity age and frequency of change for passwords
Inventory management
A procedure in which asset tags barcodes or similar items are used to inventory and track devices within an IT infrastructure
PurposeAfter completing this project you will be able to better identify and use types of documentation within an infrastructure
Steps for Completion1 For each situation identify the type of documentation needed
a A database that shows fixes for common problems
b A document that shows the IP addressing of devices in a building
c A document that tells employees what they can and cannot do with their
laptops
d A database that tracks security breaches 2 Using your favorite search engine find and download a sample password policy3 Look at your own device Does it have an asset tag a barcode both or neither And
if not what is used to uniquely identify your device
151 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Documented Business ProcessesIt is important to have documented business processes when changes are being made to a system This process should be written on a change control form so that the changes can be evaluated
PurposeUpon completing this project you will be able to start the change documentation process
Steps for Completion1 What needs to be filled out first on a change control form
2 What must be present in order to make a structural change to a network
3 What must be clearly defined for any type of change
4 What is scope creep
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Change Management Best PracticesSubtopic Business Processes Purpose and Scope
Objectives Covered4 Operational Procedures
42 Given a scenario implement basic change management best practices
421 Documented business processes422 Purpose of the change423 Scope of the change
152 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Plan for ChangeIn planning for a change the risk needs to be analyzed and a plan to mitigate the risk needs to be created Once the plan is documented end-user approval needs to be sought even if the change is mandatory due to a regulatory or similar situation
PurposeUpon completing this project you will be able to create a plan for change that includes risk analysis and mitigating the risk
Steps for Completion1 What are the two types of risk analysis most commonly used in projects
2 Which type of risk analysis is considered to be subjective
3 What is risk mitigation
4 In projects key dates are known as
5 A good plan should include key milestones on key to be well documented
6 When implementing changes what needs to be done with end-users to educate
them on changing processes
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Change Management Best PracticesSubtopics Risk Analysis Plan Acceptance and Approval
Objectives Covered4 Operational Procedures
42 Given a scenario implement basic changemanagement best practices
424 Risk analysis425 Plan for change426 End-user acceptance
153 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Approvals and Backout PlansBackout plans need to be well-defined in case a change fails The change control board will normally require these plans before a change is approved There must be approval from the change control board before a change can occur Once the changes are being made every detail will need to be documented showing what happened and when it happened
PurposeUpon completing this project you will know how to finish drafting a change plan and know what is required to start the change process
Steps for Completion1 Describe the main role of a change control board
2 Which plan details how changes will be reversed should changes fail
3 What is best suited for tracking a project plan
4 (True or False) Documenting a change helps others who were not involved in the process know what was done so they can make similar changes in the future
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Change Management Best PracticesSubtopic Plan Acceptance and Approval Backout Plan Document Changes
Objectives Covered4 Operational Procedures
42 Given a scenario implement basic change management best practices
427 Change board4271 Approvals
428 Backout plan429 Document changes
154 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Backup and RecoveryA backup copy of a Windows system image with critical applications preloaded apps and settings should always be accessible to help with recovery after a disaster It is preferable to keep backup copies on an external drive Users should be trained to back up data on their own systems for any data not stored in the cloud or on a network Backups should be tested on occasion to confirm that they are working
PurposeUpon completing this project you will be familiar with how to create image level file level and critical application backups You will also be able to test those backups Note that for this project you will need an external hard drive or network drive with enough room to hold a system image
Steps for Completion1 Using the Backup and Restore feature create an image level backup and store it on
an external drive or network drive2 On a Windows 10 device use the File History feature to create a file-level backup
that will run weekly storing the backup on either an external drive or a network drive
3 How can a backup be stored using something other than an external drive or
network drive
Project Details
Project Files NA
Estimated Completion Time
5 minutes (15 if both backups are done)
Video Reference Domain 4Topic Disaster Prevention and RecoverySubtopic Image Level Backups File Backups Critical Applications Backup Testing
Objectives Covered4 Operational Procedures
43 Given a scenario implement basic disaster prevention and recovery methods
431 Back-up and recovery4311 Image level4312 File level4313 Critical applications
432 Backup testing
155 | Domain 4 A+ Part 2 (220-1002) Project Workbook
UPS and Surge ProtectorsUPS and surge protectors help mitigate electrical problems during a disaster They keep power going so data and computer components are protected until they can be shut down without loss
PurposeUpon completing this project you will know how UPSs and surge protectors can help mitigate your electrical needs during a disaster
Steps for Completion1 What does UPS stand for
2 What is the main purpose of a UPS
3 What is needed for a long-term power solution 4 What is a surge protector used for
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Disaster Prevention and RecoverySubtopic UPS and Surge Protectors
Objectives Covered4 Operational Procedures
43 Given a scenario implement basic disaster prevention and recovery methods
433 UPS434 Surge protector
156 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Storage Backups and Account Recovery OptionsLocal storage backups require physical components locally to store data while cloud storage backups do not need the investment of physical components
PurposeUpon completing this project you will know the differences between backing up data to local storage and cloud storage
Steps for Completion1 What is one advantage to using a cloud service to back up files
2 What is one disadvantage of using a cloud service to back up files
3 (True or False) Many backup tools will automatically back up files and folders placed
in designated locations 4 What should be done with user accounts for people who leave a company
5 Which cloud service(s) do you use for file backup and storage
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Disaster Prevention and RecoverySubtopics Cloud Storage vs Local Storage Backups Account Recovery Options
Objectives Covered4 Operational Procedures
43 Given a scenario implement basic disaster prevention and recovery methods
435 Cloud storage vs local storage backups436 Account recovery options
157 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Common Safety ProceduresSubtopic Equipment Grounding
Objectives Covered4 Operational Procedures
44 Explain common safety procedures441 Equipment grounding
Equipment GroundingIn order for equipment to work well and not risk shorting electrical parts equipment needs to be properly grounded There are three types of grounding to be aware of when working with equipment (and for the A+ exam)
Earth The path from the equipment into the EarthChassis The path to the equipment case (such as plugging a power cord into the back of a computer)Signal The return path for a signal This part involves the connectors of an electrical component An example of this is the screws in a motherboard which connect the motherboard to a case These screws provide a signal ground to the case
In addition to the three types of equipment grounding realize that some pieces of equipment conduct electricity even for a time after they have been unplugged For example one should never try to repair a power supply or an old CRT monitor as they conduct electricity even after being unplugged Should a power supply break replace it Should a CRT monitor stop working dispose of it properly
PurposeAfter completing this project you will be able to identify equipment grounding types given a situation
Steps for Completion1 For each situation identify the type of equipment grounding taking place keeping in
mind that more than one of the three grounding types can be involveda A power cord running from an equipment case into a ground plug
b Screws holding down a motherboard inside of a home theater PC
2 Name a piece of equipment you should never attempt to repair
158 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Proper Component Handling and StorageA concern technicians should have with storing and handling components is to avoid as much as possible electrostatic discharge (ESD) ESD can cause irreparable harm to computer components such as expansion cards hard drives and even motherboards These components should be stored in an antistatic bag An antistatic bag helps to protect components from ESD For handling components two tools are essential for helping technicians avoid ESD
ESD strap This is a strap worn around a technicianrsquos wrist while working on the inside of a computerESD mat A mat a technician should be standing on (if the technician is standing) while working on computer equipment In addition computers should be placed on flat surfaces and never on carpets as carpets are a source of ESD
If an ESD strap is not available a technician should practice self-grounding In self-grounding a technician should touch the metal part of a computer case once in a while to help offset any potential ESD buildup Of course the computer should be unplugged when practicing self-grounding and for that matter when any work is going to be done inside a computer case
In addition to protecting oneself from ESD a technician needs to know how to properly dispose of materials especially toxic materials Three types of toxic materials of note and their proper disposal methods are
Batteries In many jurisdictions it is unlawful to throw out some or all types of batteries Doing so can mean a major fine to the offender Find out and follow local and state regulations regarding proper battery disposal When in doubt take the batteries to a battery recyclingdisposal siteToner Once a toner cartridge is empty it should be taken to a place which recycles or disposes of toner cartridges Some toner manufacturers will include when shipping toner a paid return box for the purpose of sending back empty toner cartridgesCRT monitor A CRT monitor contains cadmium and lead two toxic chemicals CRT monitors when at the end of their life cycle should be taken to an e-waste site or similar site that knows how to properly dispose of these monitors
When disposing of cell phones and tablets you will first want to do a full wipe on these devices This will erase all data on the device A cell phone carrier may have a recycling program for old cell phones and tablets
With any components whether toxic or non-toxic the best and safest disposal method is to learn and comply with local government regulations Failing to do so can result in hefty fines for a business andor individual
Purpose In this project you will identify the best way to handle components given a situation At the end of this project you will have the knowledge needed to know how to handle computer components and toxic materials confidently
Steps for Completion1 For each situation identify what is needed to handle a computer component
a Two hard drives need to be stored for future use
b A technician needs to replace a hard drive but does not have an ESD strap
c What should a technician stand on when working on the inside of a computer d A technician discovers five empty toner cartridges near a multi-function printer Where should the toner be disposed
e All of the smoke detectors in a building have had new batteries placed in them Where should the old batteries go
f What could a company face from disposing of batteries illegally
159 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video ReferenceDomain 4Topic Common Safety ProceduresSubtopics Proper Component Handling and Storage Toxic Waste Handling Cell Phone and Tablet Disposal
Objectives Covered4 Operational Procedures
44 Explain common safety procedures442 Proper component handling and storage
4421 Antistatic bags4422 ESD straps4423 ESD mats4424 Self-grounding
443 Toxic waste handling4431 Batteries4432 Toner4433 CRT4434 Cell phones4435 Tablets
2 If you have computer components such as hard drives and expansion cards and they are not being stored in antistatic bags obtain some antistatic bags and then put these components inside of those bags
3 Take the time to research how batteries toner and CRT monitors should be properly disposed of in your jurisdiction
4 Look up one of the major cell phone carriers online and find out if the cell phone carrier has a recycling program for the carrierrsquos older devices
160 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Personal SafetySubtopic Disconnect Power Remove Jewelry and Lift Properly Weight Limitations Electrical Fire Safety Cable Management Facial Protection Regulation Compliance
Objectives Covered4 Operational Procedures
44 Explain common safety procedures444 Personal safety
4441 Disconnect power before repairing PC4442 Remove jewelry4443 Lifting techniques4444 Weight limitations4445 Electrical fire safety4446 Cable management4447 Safety goggles4448 Air filter mask
445 Compliance with government regulations
Personal SafetyWhen working with computers and their components personal safety is of utmost importance No task is worth risk of injury Before removing the case of a desktop or laptop computer a technician should do these two things
Disconnect power Always make sure a computer is unplugged before going to work on the inside of it If a laptop is being worked on remove the battery as wellRemove jewelry No dangling jewelry should be worn when working on a computer This includes dangling earrings dangling bracelets and dangling necklaces Avoid the risk of getting a piece of jewelry caught on something inside a computer
For this reason most technicians avoid wearing ties when working on a computer In addition long hair should be tied back and out of the way Again minimize the risk of something getting caught on the inside of a computer
When working on computers one will want to avoid risk of bodily injury Two processes to follow when working with equipment are as follows
Lifting techniques When lifting equipment lift with the legs not with the back Keep heavy items close to your body rather than out in front of youWeight limitations Simply put avoid lifting more than you can handle An attempt at heroism is not worth a back injury If equipment is too heavy to move get a cart to help move the equipment
When working in a building one should always make sure to know where the fire extinguisher is located The fire extinguisher should have a class C rating which will enable it to put out electrical fires The four important class ratings on fire extinguishers are
Class FireA Paper and woodB Flammable liquids and gasesC Electrical fireD Combustible metals
Another aspect of personal safety is that of cable management If cables need to be run across floors for example they should be taped down so that people do not trip over them Avoid daisy-chaining electrical cords and power strips Daisy-chaining is the act of plugging one power strip into another
In areas of dust and potentially hazardous materials safety goggles should be worn to protect the eyes and air filter masks should be worn to protect the nose and mouth Regulations and compliance needs for safety procedures should always be followed
PurposeUpon completion of this project you will be well-versed in knowing which personal safety practices to employ and which tools are needed given a potential safety situation
Steps for Completion1 You are about to begin working on the inside of a computer What should you make
sure of before opening the case
2 What part of the body should be used to lift equipment 3 Which class of a fire extinguisher should be nearby in case of an electrical fire
4 A remodeling company is coming in and will be doing some woodworking near your work area What should you wear to protect from dust
161 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Material Safety Data SheetThe Material Safety Data Sheet (MSDS) is a document which shows details for handling storing and disposing of potentially dangerous material The MSDS also contains information for what to do in case first aid is needed due to improper exposure to the material Proper disposal of any dangerous materials is especially important as one must follow local government regulations when disposing of these types of materials Failing to do so can result in hefty fines both for an individual and a business
For every type of potentially dangerous material handled in a work environment an MSDS should be present For example many printer manufacturers will furnish an MSDS for any toner they produce MSDSs should be kept in a well-known place in case they are needed
PurposeAt the end of this project you will know how to find and store an MSDS
Steps for Completion1 For your printer (or a printer if you donrsquot have one) go to the manufacturerrsquos
website and search for the MSDS accompanying the toner for your printer2 Download a copy of the MSDS to your Downloads folder3 Open the MSDS and read through it4 Using the text box below describe how to dispose of the toner properly
5 Discussion question Where is the best place to store MSDS documents
Project Details
Project Files NA
Estimated Completion Time
5-10 minutes
Video Reference Domain 4Topic Environmental Impacts and ControlsSubtopics Temperature Humidity and Ventilation
Objectives Covered4 Operational Procedures
45 Explain environmental impacts and appropriate controls
451 MSDS documentation for handling and disposal
162 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Power Surges Brownouts and BlackoutsOn occasion there will be a dip or surge in the power supply for a building For example an electrical storm could temporarily knock out power to an entire area As an A+ technician two major concepts to understand are the different types of power abnormalities and the tools used to keep power running at a proper consistent level A list of types of power abnormalities and their characteristics are as follows
Power Problem
Characteristic
Surge Short-term flood of powerSpike Quick sharp increase in voltageSag A dip in power lasting a second or less
Brownout A dip in power lasting longer than a secondBlackout Total loss of power
To help protect against these power problems two main tools are usedBattery backup Protects against blackouts with the idea that if there is a blackout the device will keep everything on for around 15 minutes to give technicians time to shut down servers and workstations The most common type of battery backup is an Uninterruptible Power Supply (UPS) The more devices plugged into the battery backup the shorter amount of time the battery backup will keep devices onSurge suppressor Protects against surges or spikes A surge suppressor turns off voltage when it detects a surge or spike
A surge suppressor is more intelligent than that of a regular power strip in that power strips do not have the intelligence to detect voltage
PurposeAt the end of this project you be able to identify power abnormalities and you will know which tools to use to combat them
Steps for Completion1 For each situation identify the type of power abnormality taking place
a The lights in a building dip for 60 seconds
b The lights in a building flicker for half a second c The voltage in the building experiences a sharp increase for half a second
2 For each power abnormality indicate which tool you would use to combat the problem
a Bursts in voltage b Making sure everything stays on in case of an outage
3 If you have a UPS in your area find the location of it and trace what is plugged into it in order to understand what should stay on in case of a blackout
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Environmental Impacts and ControlsSubtopic Power Surges Brownouts Blackouts
Objectives Covered4 Operational Procedures
45 Explain environmental impacts and appropriate controls
453 Power surges brownouts and blackouts
4531 Battery backup4532 Surge suppressor
163 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Keeping a Solid Work EnvironmentPart of keeping a work environment productive is to keep the environmental aspect of it clean and at the right climate settings This includes climate control both inside of computers and in any room with computers especially servers Here is a guide for the ideal temperature humidity and ventilation both for a computer and a computer room
Climate Part
Computer Computer Room
Temperature Keep under 40 degrees Celsius Keep around 65 degrees Fahrenheit
Humidity 50 50Ventilation Keep air flowing through the system Keep cold air coming in and
disperse warm airRegarding humidity too low of a humidity level and the area is subject to ESD Higher humidity can cause condensation which then causes water damage
For ventilation within a computer adding components such as an additional network card can block the air flow within the computer and cause the temperature to rise In addition having open spaces in the back of a computer allow cool air to escape again causing a temperature increase In addition to keeping computers and work areas well ventilated steps should be taken to protect computers and keep work areas free from airborne particles Cooling fans should be surrounded by enclosures to keep airborne particles away from getting into and clogging fans To help keep airborne particles out of a work area use one or more air filters and make sure to change the filters on a schedule according to the air filter manufacturerrsquos instructions
Computers and work areas should also be kept free of dust and debris The most effective way to keep a computer dust-free is to use a compressed air can to blow the dust out of the computer paying particular attention to the computerrsquos fans To clean out a work area a vacuum should be used One can use a vacuum on a computer but great care should be taken to make sure the vacuum used is an ESD vacuum as vacuums tend to cause ESD
Lastly make sure to understand and follow any local state and federal regulations regarding these environmental impacts and controls
PurposeAfter completing this project you will know how to keep a work area free from climate extremes airborne particles and dust and debris
Steps for Completion1 What is an ideal temperature in Fahrenheit to keep a computer at or below
2 How can one keep the temperature of a computer from becoming too high
3 What type of vacuum should be used to remove dirt and debris from computers or
peripherals 4 Take a computer and unplug it Then remove the outer case and use a compressed
air can to blow dust off of the inside parts especially the fans
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 4Topic Environmental Impacts and ControlsSubtopics Temperature Humidity and Ventilation Airborne Protection Compressed Air Vacuums Local Regulation Compliance
Objectives Covered4 Operational Procedures
45 Explain environmental impacts and appropriate controls
452 Temperature humidity level awareness and proper ventilation454 Protection from airborne particles
4541 Enclosures4542 Air filtersmask
455 Dust and debris4551 Compressed air4552 Vacuums
456 Compliance to government regulations
164 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Incident ResponseWhenever there is a security incident an incident response process needs to be followed Any evidence needs to be handled properly in order to be admissible in a court of law What defines an incident may vary among companies so documentation defining what an incident is and methods used to handle it are important For example in some but not all companies installing unauthorized applications is considered a security incident Here are some other examples of potential security incidents
Unauthorized drives Many companies prohibit the use of external drives (flash drives or external hard drives)Unauthorized access This can apply to data one is not supposed to have permissions to read or change This can also apply to a physical location one is not supposed to be able to accessAttacks Malware which can come from a disgruntled current or former employee or from an outside sourceOnline activities Websites chats and social media can all be denied access or be against company policy This could even include personal emailIllegal picturesvideo Content which can be deemed illegal or if not illegal offensive This is often known as content not suitable for work (NSFW)
If there is a potential security incident a process called the first response process needs to be followed In this process a first responder usually someone from IT is notified The first responder needs to initiate the following three-step process
Identify The first responder should know enough about the company security policies to determine whether this is indeed a security incident If it is the next step should be followedReport through proper channels Once it has been determined that an incident has taken place it needs to be reported to the proper authorities as outlined in the security policy In some cases this can include law enforcement Not reporting an incident can make one an accessory to the incidentDataDevice preservation Anything seen or touched needs to be preserved as evidence This includes physical documents images on computer screens pictures and video
While the first responder needs to document evidence at an incident scene evidence should not be touched until the proper authorities have arrived at the scene For example a computer with an illegal image on the screen should not be shut down because that and any other data in RAM will be lost Files should not be saved because doing so would change the modification dateThis evidence documentation process is known as the chain of custody The chain of custody logs the who and when of seeing and touching evidence The chain of custody must be kept in order for evidence to be admissible in a court of law
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Licensing Privacy Prohibited ContentSubtopics Incident Response Documents Chain of Custody Tracking
Objectives Covered4 Operational Procedures
46 Explain the processes for addressing prohibited contentactivity and privacy licensing and policy concepts
461 Incident response4611 First response
46111 Identify46112 Report through proper channels46113 Datadevice preservation
4612 Use of documentationdocumentation changes4613 Chain of custody
46131 Tracking of evidencedocumenting process
PurposeAfter completing this project which involves tracing a path through a potential security incident you will know the proper methods for handling a security incident and the evidence contained within a security incident
Steps for Completion1 A user mistakenly opens a folder containing sensitive financial records What should the user do
2 A member of IT arrives at the computer and realizes that indeed the user saw these records What should the IT member do
3 The IT member has determined that this indeed is a security incident What should the IT member do next
4 What should be used to determine the exact steps to follow for each type of security incident
165 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Licensing Privacy Prohibited ContentSubtopic LicensingDRMEULA Open Source vs Commercial Licensing Personal vs Enterprise Licenses
Objectives Covered4 Operational Procedures
46 Explain the processes for addressing prohibited contentactivity and privacy licensing and policy concepts
462 LicensingDRMEULA4621 Open-source vs commercial license4622 Personal license vs enterprise licenses
Software LicensingOne of the many responsibilities of a technician is to make sure all software installations are properly licensed Licenses have one of two types and cater to either a single user or to multiple users at once The two types of licenses are
Open source An open source license may have a few restrictions but is freely available to use The source code for these apps is usually made freely available to modify and distributeCommercial license A license with strict rules as to what can and cannot be done with the license In many cases the user must agree not to sell the license or use the app for financial gain
Having either an open or commercial license is one software licensing characteristic The other characteristic is a volume-based characteristic Licenses have two types of volumes
Personal A single-user license Sometimes the terms of the license dictate the software can only be installed on one machine Sometimes multiple machines are allowed but the license often is tied to a single user accountEnterprise A site-wide license subject to restrictions The license limitations usually dictate what users can do with the software
Whenever software is installed one of two types of licensing agreements may appear These agreements will dictate the number of machines the software can be installed on and any other license restrictions The agreement usually has one of these two names
DRM Digital Rights ManagementEULA End-User License Agreement
PurposeAt the end of this project you will know what type of software license and the volume of the software license given a situation in which a user needs software
Steps for Completion1 For each software situation identify the type of license (open or commercial) and
the volume restrictions (personal or enterprise)
License Type VolumeA user installs Linux and the EULA states it is a single-user license but the source code is on the distributorrsquos website
a b
A user installs Office but cannot resell the license However the user can install Office on as many devices as needed
c d
A company purchases a single copy of a custom accounting app and can install it on as many machines as needed
e f
166 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Regulated Data and Best PracticesTechnicians should always be aware of personal identifiable information (PII) and do everything they can to protect PII also known as sensitive personal information (SPI) Here are some examples of PII according to the National Institute of Standards and Technology
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Licensing Privacy Prohibited ContentSubtopics Personal Identifiable Information PCI GDPR PHI Corporate Policies and Best Practices
Objectives Covered4 Operational Procedures
46 Explain the processes for addressing prohibited contentactivity and privacy licensing and policy concepts
463 Regulated data4631 PII4632 PCI4633 GDPR4634 PHI
464 Follow all policies and security best practices
bull Full name (if not common)bull Home addressbull Email address (if private from an
associationclub membership etc)bull National identification numberbull Passport numberbull IP address (in some cases)bull Vehicle registration plate numberbull Driver license number
bull Face fingerprints or handwritingbull Credit card numbersbull Digital identitybull Date of birthbull Birthplacebull Genetic informationbull Telephone numberbull Logon name screen name nickname
or handle
Seeing someonersquos PII without proper authorization could construe a security incident in which case a first responder needs to be dispatched to the location of the potential incident in order to follow proper incident handling procedures
It is up to a technician to know these policies prior to beginning work in any corporate environment Technicians and users alike should know the acceptable use policy (AUP) of a company and use it to determine information users should have access to and the licensing for the software they should have on their computers Best practices should also be followed for PII and for all forms of data Users should take every step necessary to make sure PII is not left out where it can easily be seen
In addition to PII there are three other forms of regulated data to know about for the exam
PCI The Payment Card Industry (PCI) through the Payment Card Industry Data Security Standards (PCI-DSS) regulates standards for businesses that accept credit cards debit cards and ATM cards and the use of point-of-sale (POS) machinesGDPR General Data Protection Regulation (GDPR) is a regulation that applies to companies doing business in the European Union (EU) Items of focus with this regulation include data auditing secure management risk assessment of stored data having a Data Protection Officer for companies with at least 250 employees and having an incident response team that can also respond properly to data breachesPHI Protected Health Information (PHI) is the information protected under the Health Information Portability and Accountability Act (HIPAA) This includes the protection of patient data and anything storing patient data
PurposeAfter completing this project you will have a clear understanding as to what constitutes PII and be able to discern among forms of regulated data
Steps for Completion1 For each item indicate whether or not the item represents PII
a A userrsquos signature on an AUP
b A userrsquos date of obtaining a certification
c A userrsquos date of birth 2 Which data regulation deals with companies doing business in the EU
167 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Using Proper Communication TechniquesWhen communicating with customers technicians need to ensure customers understand what is being done work-wise and how that work will affect the customer There are four basic principles a technician needs to follow for communication techniques for when technicians interact with customers
Use proper language Avoid jargon acronyms and slang whenever possible Use the proper terms and definitions for hardware and softwareMaintain a positive and confident attitude A technician should always project confidence with a customer no matter what the situation Even if you cannot solve the problem yourself project confidence that the problem will be solvedUse active listening Let a customer finish a thought no matter how long it takes Take notes if necessary while a customer is explaining a situation Restate the issue to make sure the customer knows you understand the issueBe culturally sensitive Use appropriate professional titles (like Dr) when dealing with customers Also be aware that certain hand gestures may be innocent in your culture but could be vulgar in other cultures
One key component of communication is to ask a customer open-ended questions without accusing the customer of wrong-doing For example asking a customer ldquoWhat happened since the computer last workedrdquo is far more effective than asking a customer ldquoWhat did you change on the computer since it last workedrdquo
PurposeAfter completing this project you will be well-equipped to handle communication situations with customers
Steps for Completion1 For each situation identify how you would best interact with a customer
a Explain the concept of a solid-state drive vs a magnetic hard disk drive
b Explain to a customer how you will solve an error message you have not seen before
c A customer brings in a computer and explains that it started to shut down and restart spontaneously What would be a good open-ended question to ask the customer
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Communication and ProfessionalismSubtopics Proper Language Positive Attitude Active Listening Cultural Sensitivity
Objectives Covered4 Operational Procedures
47 Given a scenario use proper communication techniques and professionalism
471 Use proper language and avoid jargon acronyms and slang when applicable472 Maintain a positive attitudeproject confidence473 Actively listen (taking notes) and avoid interrupting the customer474 Be culturally sensitive
4741 Use appropriate professional titles when applicable
168 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Showing ProfessionalismIn addition to possessing good communication skills a technician needs to have a strong sense of professionalism when dealing with internal users andor external customers There are five categories of professionalism to follow as a technician
Be on time It is very important to be on time for all appointments Contact the customer right away if it looks like you will not arrive to the appointment on timeAvoid distractions When dealing with a customer avoid all personal interruptions This includes personal calls texting and visiting social media sites When talking to a customer and the smartphone rings ignore it even if it is a call from a coworkerDealing with difficult customers or situations In these situations avoid becoming argumentative or defensive dismissing the customerrsquos problem or becoming judgmental Instead of arguing with a customer clarify the customerrsquos situation through asking open-ended questions Never disclose any bad customer experience on social media If the customer gets angry lower your voice instead of raising itCustomer expectations and status Sometimes customers expect too much For example they may want Windows 10 to run on a computer that is 10-15 years old and has 512 MB of RAM on it Make sure customer expectations are realistic and offer different options if needed Provide documentation on the services provided A good idea after any work done is to call the customer a few days later to make sure the repair or replacement is workingCustomers and confidential or private materials Avoid eye contact whenever possible with confidential customer information such as PII or financial information If a customer has this information in plain view near a computer or printer notify the customer
PurposeUpon completing this project you will have increased your skills for dealing with customers in a professional matter
Steps for Completion1 For each situation describe what you would do as a technician in response to the situation
a You are scheduled to arrive at a customerrsquos business at 300 pm but due to another call taking longer you wonrsquot arrive until 400 pm
b A customer starts blaming you for a game running slowly
c A customer wants to be able to run Photoshop on a computer with a single dual-core processor 2 GB of RAM and an integrated 512 MB video card
d You see a customerrsquos debit card lying around on a desk
e There is some exciting news at work and your phone keeps buzzing with the news
169 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Project Details
Project Files NA
Estimated Completion Time 5 minutes
Video Reference Domain 4Topic Communication and ProfessionalismSubtopics Be on Time Avoid Distractions Personal and Coworker Interruptions Difficult Customers and Situations Customer Statements and Disclosures Offer Different Options Service Documentation and Follow-Up Confidential Customer Material
Objectives Covered4 Operational Procedures
47 Given a scenario use proper communication techniques and professionalism475 Be on time (if late contact the customer)476 Avoid distractions
4761 Personal calls4762 Textingsocial media sites4763 Talking to coworkers while interacting with customers4764 Personal interruptions
477 Dealing with difficult customers or situations4771 Do not argue with customers andor be defensive4772 Avoid dismissing customer problems4773 Avoid being judgmental4774 Clarify customer statements (ask open-ended questions to narrow the scope of the problem restate the issue or question to verify understanding)4775 Do not disclose experiences via social media outlets
478 Set and meet expectationstimeline and communicate status with the customer4781 Offer different repairreplacement options if applicable4782 Provide proper documentation on the services provided4783 Follow up with customeruser at a later date to verify satisfaction
479 Deal appropriately with customersrsquo confidential and private materials4791 Located on a computer desktop printer etc
170 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Script File TypesFor the exam it is important to know basic script syntax and be able to read script extensions to know which type of script matches each extension Syntax is the rule that directs the computer language implementation Scripts are the lists of commands created using the syntax and are executed by a program that uses that language syntax These scripts are saved to a file and given a specific extension so that users and admins can identify these script file types
PurposeUpon completing this project you will be familiar with script extensions and their native programs
Steps for Completion
1 What is the extension for a batch file
2 What extension is used on a saved PowerShell script 3 Which object-oriented language is used mainly for webpages
4 Which is a multipurpose general object-oriented programming language used for
apps 5 Which type of script file is known for being risky because it can easily propagate
malware 6 What is the extension for a Linux executable shell file that is more powerful than a
batch file 7 On a Windows device open an instance of PowerShell8 Type Get-Acl and press the Enter key to get an access list for your device9 Close the PowerShell instance
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 4Topic Scripting BasicsSubtopics bat Files ps1 vbs sh py and js Files
Objectives Covered4 Operational Procedures
48 Identify the basics of scripting481 Script file types
4811 bat4812 ps14813 vbs4814 sh4815 py4816 js
171 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Environment Variables and Comment SyntaxSome apps and features require changes to the environment path in Windows Most of these changes happen automatically but to make these changes manually go to File Explorer right-click the This PC option and select the Properties option In the Properties panel click the Advanced System Settings option on the left of the screen and click the Environment Variables button The Environment Variables panel contains the path which consists of folders in which apps can be run from anywhere in a command prompt
Comment syntax can also be added to code to explain what is about to happen what needs to happen and to help test code Comments are important to put in code when an explanation is needed to help the user understand or code needs to be ignored
PurposeUpon completing this project you will be familiar with where to change environment variables and how to read comment syntax
Steps for Completion1 What is the environment variable for the Windows directory
2 (True or False) Only system variables can be edited within a path
3 (True or False) Most apps will adjust the path when they are installed
4 Explain the two reasons one would comment code
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Scripting BasicsSubtopics Environment Variables Comment Syntax
Objectives Covered4 Operational Procedures
48 Identify the basics of scripting482 Environment variables483 Comment syntax
172 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Basic Script ConstructsTwo basic script constructs that you will see are basic loops and variables Loops can run either a fixed number of times within code or until a condition is true or false Variables are containers that store data The two most common types of variables are strings which store text and integers which store whole numbers
PurposeUpon completing this project you will know what basic loops while loops and variables do and when these are used in basic script constructs
Steps for Completion1 What type of loop runs a block of code a fixed number of times
2 Which type of loop is a conditional loop 3 For each variable declaration indicate which type of variable is being declared
a x = 5
b x = ldquoHellordquo
c x = ldquo7rdquo
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Scripting BasicsSubtopics Basic Loops Variables Basic Data Types
Objectives Covered4 Operational Procedures
48 Identify the basics of scripting484 Basic script constructs
4841 Basic loops4842 Variables
485 Basic data types4851 Integers4852 Strings
173 | Domain 4 A+ Part 2 (220-1002) Project Workbook
RDP Telnet and SSHRDP Telnet and SSH are remote access technologies RDP stands for Remote Desktop Protocol and is used in many apps Telnet and SSH connect to hardware and servers With RDP Telnet and SSH you connect to and take over a device
PurposeUpon completing this project you will know the port numbers and other characteristics for remote access technologies
Steps for Completion1 For each remote access technology indicate the port number on which the
technology runs
a RDP
b Telnet 2 Download and install PuTTY from puttyorg3 Open PuTTY4 Initiate a server connection using SSH to testrebexnet22 The username is demo
and the password is password5 Close PuTTY
Project Details
Project Files NA
Estimated Completion Time
10 minutes
Video Reference Domain 4Topic Remote Access TechnologiesSubtopics RDP Telnet and SSH
Objectives Covered4 Operational Procedures
49 Given a scenario use remote access technologies
491 RDP492 Telnet493 SSH
174 | Domain 4 A+ Part 2 (220-1002) Project Workbook
Third-Party Tools and Security ConsiderationsThird-party tools allow you to share a screen and files without taking over the device you are connecting with It is important to use third-party tools that are encrypted and secure
PurposeUpon completing this project you will be familiar with what third-party tools will allow you to do when connecting to other devices as well as the security measures to use when using these third-party tools
Steps for Completion1 What are some possible uses for a third-party tool used to share screens
2 What remote access technology should not be used by a third-party tool that you
are going to use to connect to a remote device 3 (True or False) Some third-party tools will allow you to take over the device instead
of just sharing the device so you need to know if someone can take control of your
system 4 Remote connections should have what type of password
Project Details
Project Files NA
Estimated Completion Time
5 minutes
Video Reference Domain 4Topic Remote Access TechnologiesSubtopic Third-Party and Screen Shares Security Considerations
Objectives Covered4 Operational Procedures
49 Given a scenario use remote access technologies
494 Third-party tools4941 Screen share feature4942 File share
495 Security considerations of each access method
175 |Domain 1 A+ Part 2 (220-1002) Project Workbook
176 | Appendix A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1002) Suggested Study PlanEach block of content in this suggested study plan is approximately 30 minutes and includes video training fill-in-the-blanks labs projects tests as well as the course support files to follow along with the instructor There is also a notes section for customizable study plans and extra notes By adhering to the lesson plan it will take approximately 37 class hours to complete the course For workbook projects we recommend doing the fill-in-the-blank sections as you watch the course Note that this time does not count any practice time on hardware which you should do if possible before taking this exam
Domain 1 Operating Systems 41 lessons for approximately 205 hoursDay Tasks What Is Covered Notes1 Pre-Assessment2 Pre-Assessment3 Watch the following
Compare and Contrast Operating Systems
Introduction32-Bit vs 64-BitSoftware CompatibilityMicrosoft WindowsApple Macintosh OSLinuxTabletsEnd-of-Life and Update LimitationsCompatibility Concerns
Windows VersionsWindows 7 FeaturesWindows 8 and 81 FeaturesWindows 10 FeaturesDomain AccessBitLockerMedia Center and BranchCacheEFSDesktop Styles
Workbook projectsFill-in-the-Blanks Domain 1 Items 1-432-Bit vs 64-Bit Operating SystemsDesktop and Mobile Operating Systems
1 Operating Systems11 Compare and contrast common operating system types and their purposes
111 32-bit vs 64-bit1111 RAM limitations1112 Software compatibility
112 Workstation operating systems1121 Microsoft Windows1122 Apple Macintosh OS1123 Linux
113 Cell phonetablet operating systems1131 Microsoft Windows1132 Android1133 iOS1134 Chrome OS
114 Vendor-specific limitations1141 End-of-life1142 Update limitations
115 Compatibility concerns between operating systems
12 Compare and contrast features of Microsoft Windows versions
121 Windows 7122 Windows 8123 Windows 81124 Windows 10125 Corporate vs personal needs
1251 Domain access1252 BitLocker1253 Media center1254 BranchCache1255 EFS
126 Desktop stylesuser interface
177 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes4 Practice lab
EFS
Workbook projectFeatures of Windows Versions
Watch the followingOS Installation and Upgrade Methods
Boot Methods
Workbook projectBoot Methods for Installation
1 Operating Systems12 Compare and contrast features of Microsoft Windows versions
121 Windows 7122 Windows 8123 Windows 81124 Windows 10125 Corporate vs personal needs
1251 Domain access1252 BitLocker1253 Media center1254 BranchCache1255 EFS
126 Desktop stylesuser interface13 Summarize general OS installation considerations and upgrade methods
131 Boot methods1311 Optical disc (CD-ROM DVD Blu-ray)1312 External driveflash drive (USBeSATA)1313 Network boot (PXE)1314 Internal fixed disk (HDDSSD)1315 Internal hard drive (partition)
5 Watch the followingOS Installation and Upgrade Methods
Installation TypesImage Deployment and Recovery PartitionRefreshRestorePartitioningFile System TypesSwap PartitionQuick vs Full Format
Workbook projectsFill-in-the-Blanks Domain 1 Items 5-6Installation TypesPartitioningFile Systems and Formats
1 Operating Systems13 Summarize general OS installation considerations and upgrade methods
132 Type of installations1321 Unattended installation1322 In-place upgrade1323 Clean install1324 Repair installation1325 Multiboot1326 Remote network installation1327 Image deployment1328 Recovery partition1329 Refreshrestore
133 Partitioning1331 Dynamic1332 Basic1333 Primary1334 Extended1335 Logical1336 GPT
134 File system typesformatting1341 ExFAT1342 FAT321343 NTFS1344 CDFS1345 NFS1346 ext3 ext41347 HFS1348 Swap partition1349 Quick format vs full format
178 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes6 Watch the following
OS Installation and Upgrade MethodsDrivers and TimeDateLanguage SettingsWorkgroup vs Domain SetupDrivers and UpdatesFactory Recovery and Proper Boot DriveHardware Prerequisites and CompatibilityApplication CompatibilityOS CompatibilityUpgrade Path
Workbook projectsFill-in-the-Blanks Domain 1 Items 7-8The Final Installation Steps
1 Operating Systems13 Summarize general OS installation considerations and upgrade methods
135 Load alternate third-party drivers when necessary136 Workgroup vs Domain setup137 Timedateregionlanguage settings138 Driver installation software and Windows updates139 Factory recovery partition1310 Properly formatted boot drive with the correct partitionsformat1311 Prerequisiteshardware compatibility1312 Application compatibility1313 OS compatibilityupgrade path
7 Watch the followingWindows Command Line Tools
DirCdIpconfigPingTracertNetstatNslookup Shutdown
Practice labShowing IP Address Information
Workbook projectsFill-in-the-Blanks Domain 1 Item 9File and Folder CommandsUsing Network and Shutdown Commands
1 Operating Systems14 Given a scenario use appropriate Microsoft command line tools
141 Navigation1411 Dir1412 Cd
142 Ipconfig143 Ping144 Tracert145 Netstat146 Nslookup147 Shutdown
8 Watch the followingWindows Command Line Tools
DismDisk Checking CommandsDiskpartTaskkillGpupdate and GpresultFormat
Practice labEnding a Task
Workbook projectsImaging and Disk CommandsTask Policy and Format Commands
1 Operating Systems14 Given a scenario use appropriate Microsoft command line tools
148 Dism149 Sfc1410 Chkdsk1411 Diskpart1412 Taskkill1413 Gpupdate1414 Gpresult1415 Format
9 Watch the followingWindows Command Line Tools
Copy CommandsNet Use Net UserHelp on CommandsStandard vs Administrative Privileges
Workbook projectsFill-in-the-Blanks Domain 1 Items 10-11Copy CommandsNet and Help Commands
1 Operating Systems14 Given a scenario use appropriate Microsoft command line tools
1416 Copy1417 Xcopy1418 Robocopy1419 Net use1420 Net user1421 [command name] 1422 Commands available with standard privileges vs administrative privileges
179 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes10 Watch the following
Operating System Features and ToolsComputer Management and Device ManagerLocal Users and GroupsLocal Security PolicyPerformance Monitor and ServicesSystem ConfigurationTask SchedulerComponent Services and Data SourcesPrint ManagementWindows Memory DiagnosticsWindows Firewall and Advanced SecurityEvent ViewerUser Account Management
Practice labWindows Firewall with Advanced Security
Workbook projectsFill-in-the-Blanks Domain 1 Item 12Introducing Administrative Tools
1 Operating Systems15 Given a scenario use Microsoft operating system features and tools
151 Administrative1511 Computer Management1512 Device Manager1513 Local Users and Groups1514 Local Security Policy1515 Performance Monitor1516 Services1517 System Configuration1518 Task Scheduler1519 Component Services15110 Data Sources15111 Print Management15112 Windows Memory Diagnostics15113 Windows Firewall15114 Advanced Security15115 Event Viewer15116 User Account Management
11 Watch the followingOperating System Features and Tools
MsconfigTask Manager
Workbook projectsFill-in-the-Blanks Domain 1 Item 13Using System ConfigurationUsing Task Manager
1 Operating Systems15 Given a scenario use Microsoft operating system features and tools
152 Msconfig 1521 General1522 Boot1523 Services1524 Startup1525 Tools
153 Task Manager1531 Applications1532 Processes1533 Performance1534 Networking1535 Users
12 Watch the followingOperating System Features and Tools
Drive Status and MountingInitializingExtending PartitionsSplitting Partitions and Drive Letters
Practice labsExtending a PartitionChanging a Drive Letter
Workbook projectsFill-in-the-Blanks Domain 1 Items 14-15Using Disk Management to Add Disks
1 Operating Systems15 Given a scenario use Microsoft operating system features and tools
154 Disk Management1541 Drive status1542 Mounting1543 Initializing1544 Extending partitions1545 Splitting partitions1546 Shrink partitions1547 Assigningchanging drive letters
180 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes13 Workbook project
Working with Disk Partitions
Watch the followingOperating System Features and Tools
Adding DrivesAdding ArraysStorage Spaces
Workbook projectUsing Arrays and Storage Spaces
1 Operating Systems15 Given a scenario use Microsoft operating system features and tools
154 Disk Management1544 Extending partitions1545 Splitting partitions1546 Shrink partitions1547 Assigningchanging drive letters1548 Adding drives1549 Adding arrays15410 Storage spaces
14 Watch the followingOperating System Features and Tools
RegeditCommand ServicesmscMMCMSTSCNotepad and ExplorerMsinfo32 and DxDiagDisk DefragmenterSystem RestoreWindows Update
Practice labCreating a Restore Point
Workbook projectsFill-in-the-Blanks Domain 1 Items 16-17Using Arrays and Storage Spaces
1 Operating Systems15 Given a scenario use Microsoft operating system features and tools
155 System utilities1551 Regedit1552 Command1553 Servicesmsc1554 MMC1555 MSTSC1556 Notepad1557 Explorer1558 Msinfo321559 DxDiag15510 Disk Defragmenter15511 System Restore15512 Windows Update
15 Workbook projectsUsing the Microsoft Management ConsoleUsing DXDIAG
1 Operating Systems15 Given a scenario use Microsoft operating system features and tools
155 System utilities1554 MMC1559 DxDiag
16 Watch the followingControl Panel Utilities
Internet Options
Workbook projectsFill-in-the-Blanks Domain 1 Item 18Internet Options
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
161 Internet Options1611 Connections1612 Security1613 General1614 Privacy1615 Programs1616 Advanced
17 Watch the followingControl Panel Utilities
ResolutionColor DepthRefresh RateUser Accounts
Workbook projectsFill-in-the-Blanks Domain 1 Item 19 Controlling Display SettingsConfiguring User Accounts
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
162 DisplayDisplay Settings1621 Resolution1622 Color depth1623 Refresh rate
163 User Accounts
181 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes18 Watch the following
Control Panel UtilitiesFolder OptionsVirtual MemoryRemote Settings System Protection
Practice labFile Explorer Folder Options
Workbook projectsFolder OptionsUsing the System Applet
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
164 Folder Options1641 View hidden files1642 Hide extensions1643 General options1644 View options
165 System1651 Performance (virtual memory)1652 Remote settings1653 System protection
19 Watch the followingControl Panel Utilities
Windows FirewallPower PlansPower StatesCredential ManagerPrograms and Features
Practice labEnabling Features
Workbook projectsSetting Power OptionsCredential Manager and Programs and Features
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
166 Windows Firewall167 Power Options
1671 Hibernate 1672 Power plans1673 Sleepsuspend1674 Standby
168 Credential Manager169 Programs and features
20 Watch the followingControl Panel Utilities
HomeGroupDevices and PrintersSound
Practice labsDevices and PrintersSound Settings
Workbook projectDevices and Printers
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
1610 HomeGroup1611 Devices and Printers1612 Sound
21 Workbook projectControlling Sound
Watch the followingControl Panel Utilities
TroubleshootingNetwork and Sharing CenterDevice Manager
Workbook projectsTroubleshootingDevice Manager
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
1612 Sound1613 Troubleshooting1614 Network and Sharing Center1615 Device Manager
182 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes22 Watch the following
Control Panel UtilitiesBitLockerSync Center
Application Installation ConceptsSystem and OS RequirementsInstallation MethodsFolderFile AccessSecurity Considerations
Workbook projectsFill-in-the-Blanks Domain 1 Items 20-21 BitLocker and Sync CenterSystem and OS Requirements and Installation MethodsFolderFile AccessSecurity Considerations
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
1616 BitLocker1617 SyncCenter
17 Summarize application installation and configuration concepts
171 System requirements1711 Drive space1712 RAM
172 OS requirements1721 Compatibility
173 Methods of installation and deployment1731 Local (CDUSB)1732 Network-based
174 Local user permissions1741 Folderfile access for installation
175 Security considerations1751 Impact to device1752 Impact to network
23 Watch the followingWindows Networking Configuration
HomeGroup vs WorkgroupDomain Setup
Workbook projectsFill-in-the-Blanks Domain 1 Item 22Peer-to-Peer Networks
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
1610 HomeGroup18 Given a scenario configure Microsoft Windows networking on a clientdesktop
181 HomeGroup vs Workgroup182 Domain setup
24 Workbook projectJoining a Computer to a Domain
Watch the followingWindows Networking Configuration
Shares and Mapping
Practice labsMapping a Network Drive
Workbook projectsSetting Up and Mapping to Shares
1 Operating Systems18 Given a scenario configure Microsoft Windows networking on a clientdesktop
182 Domain setup183 Network sharesadministrative sharesmapping drives
25 Watch the followingWindows Networking Configuration
Printer Sharing and MappingVPN and Dial-UpsWireless and WiredWWAN
Workbook projectsPrinter Sharing and MappingEstablishing Network Connections
1 Operating Systems18 Given a scenario configure Microsoft Windows networking on a clientdesktop
184 Printer sharing vs network printer mapping185 Establish networking connections
1851 VPN1852 Dial-ups1853 Wireless1854 Wired1855 WWAN (Cellular)
26 Watch the followingWindows Networking Configuration
Proxy SettingsRemote Desktop ConnectionRemote Assistance
Workbook projectsControlling Proxy SettingsUsing Remote Desktop Connections
1 Operating Systems18 Given a scenario configure Microsoft Windows networking on a clientdesktop
186 Proxy Settings187 Remote Desktop Connection188 Remote Assistance
183 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes27 Watch the following
Windows Networking ConfigurationNetwork SettingsFirewall ExceptionsFirewall ConfigurationEnabling and Disabling Firewalls Alternative IP AddressingSpeed and DuplexWake on LANPower Management
Workbook projectsFill-in-the-Blanks Domain 1 Item 23 Network and Sharing CenterUsing Windows Firewall
1 Operating Systems16 Given a scenario use Microsoft Windows Control Panel utilities
166 Windows Firewall1614 Network and Sharing Center
18 Given a scenario configure Microsoft Windows networking on a clientdesktop
189 Home vs Work vs Public network settings1810 Firewall settings
18101 Exceptions18102 Configuration18103 Enablingdisabling Windows Firewall
28 Watch the followingWindows Networking Configuration
Alternative IP AddressingSpeed and DuplexWake on LANPower Management
Workbook projectsConfiguring an Alternative IP AddressNetwork Card Properties
1 Operating Systems18 Given a scenario configure Microsoft Windows networking on a clientdesktop
1811 Configuring an alternative IP address in Windows
18111 IP addressing18112 Subnet mask18113 DNS18114 Gateway
1812 Network card properties18121 Half duplexfull duplexauto18122 Speed18123 Wake-on-LAN18124 QoS18125 BIOS (on-board NIC)
29 Watch the followingMac Features
Scheduled BackupsSchedule Disk MaintenanceSystem UpdatesBackupTime MachineRecovery and UtilitiesShellTerminalScreen SharingForce Quit
Workbook projectsMac Best PracticesFill-in-the-Blanks Domain 1 Item 24Mac Tools
1 Operating Systems19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
191 Best practices1911 Scheduled backups1912 Scheduled disk maintenance1913 System updatesApp Store1914 Patch management1915 Driverfirmware updates1916 AntivirusAnti-malware updates
192 Tools1921 BackupTime Machine1922 RestoreSnapshot1923 Image recovery1924 Disk maintenance utilities1925 ShellTerminal1926 Screen sharing1927 Force Quit
184 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes30 Watch the following
Mac FeaturesMultiple DesktopsMission ControlKeychainSpotlightiCloudGesturesFinder and Remote DiskDockBoot Camp
Workbook projectsMac Features
1 Operating Systems19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
193 Features1931 Multiple desktopsMission Control1932 Keychain1933 Spotlight1934 iCloud1935 Gestures1936 Finder1937 Remote Disk1938 Dock1939 Boot Camp
31 Watch the followingBasic Linux Commands
lsgreppwd vs passwdmv cp and rmchmod and chowniwconfigifconfigps and susudoapt-getviddkill
Workbook projectsLinux Commands
1 Operating Systems19 Given a scenario use features and tools of the Mac OS and Linux clientdesktop operating systems
194 Basic Linux commands1941 ls1942 grep1943 cd1944 shutdown1945 pwd vs passwd1946 mv1947 cp1948 rm1949 chmod19410 chown19411 iwconfigifconfig19412 ps19413 susudo19414 apt-get19415 vi19416 dd19417 kill
32 Review Domain 133 Review Domain 134 Post-Assessment35 Post-Assessment36 Post-Assessment37 Post-Assessment38 Post-Assessment39 Post-Assessment40 Post-Assessment41 Post-Assessment
185 | Appendix A+ Part 2 (220-1002) Project Workbook
Domain 2 Security 26 lessons for approximately 13 hours
Day Tasks What Is Covered Notes1 Pre-Assessment2 Watch the following
Physical Security MeasuresPhysical and Document SecurityLocks and TokensCable Locks Server Locks USB LocksPrivacy Screen Key Fobs Rosters
Logical Security ConceptsLogin Scripts and DomainsGroup PolicyOrganizational UnitsHome Folder and Folder Redirection
Practice labCreating Organizational Units
Workbook projectsFill-in-the-Blanks Domain 2 Items 1-3Physical SecurityActive Directory Concepts
2 Security21 Summarize the importance of physical security measures
211 Mantrap212 Badge reader213 Smart card214 Security guard215 Door lock216 Biometric locks217 Hardware tokens218 Cable locks219 Server locks2110 USB locks2111 Privacy screen2112 Key fobs2113 Entry control roster
22 Explain logical security concepts221 Active Directory
2211 Logon script2212 Domain2213 Group Policyupdates2214 Organizational units2215 Home folder2216 Folder redirection
3 Watch the followingLogical Security Concepts
Software Tokens MDM PoliciesPort SecurityMAC Address Filtering CertificatesAntivirusAntimalwareFirewalls
Workbook projectsFill-in-the-Blanks Domain 2 Item 4Software Tokens and MDM PoliciesPort Security MAC Address Filtering and CertificatesAntivirusAntimalware and Firewalls
2 Security22 Explain logical security concepts
222 Software tokens223 MDM policies224 Port security225 MAC address filtering226 Certificates227 AntivirusAntimalware228 Firewalls
4 Watch the followingLogical Security Concepts
Authentication and PasswordsDirectory Permissions
Practice labPermissions on Directories
Workbook projectsPasswords and Multifactor AuthenticationDirectory Permissions
2 Security22 Explain logical security concepts
229 User authenticationstrong passwords2210 Multifactor authentications2211 Directory permissions
186 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes5 Watch the following
Logical Security ConceptsVPN DLPAccess Control Lists Smart CardEmail FilteringTrustedUntrusted Software SourcesPrinciple of Least Privilege
Workbook projectsVPN DLP ACLs and Smart CardsEmail Filtering and Trusted or Untrusted Software SourcesPrinciple of Least Privilege
2 Security22 Explain logical security concepts
2212 VPN2213 DLP2214 Access control lists2215 Smart card2216 Email Filtering2217 Trusteduntrusted software sources2218 Principle of least privilege
6 Watch the followingWireless Security Protocols
WEP WPA WPA2 TKIP and AESAuthentication Factors and Servers
Workbook projectsFill-in-the-Blanks Domain 2 Items 5-6WEP WPA WPA2 TKIP and AESAuthentication Factors and Servers
2 Security23 Compare and contrast wireless security protocols and authentication methods
231 Protocols and encryption2311 WEP2312 WPA2313 WPA22314 TKIP2315 AES
232 Authentication2321 Single-factor2322 Multifactor2323 RADIUS2324 TACACS
7 Watch the followingDetect Remove and Prevent Malware
Malware
Workbook projectsTypes of Malware
2 Security24 Given a scenario detect remove and prevent malware using appropriate tools and methods
241 Malware2411 Ransomware2412 Trojan2413 Keylogger 2414 Rootkit2415 Virus2416 Botnet 2417 Worm2418 Spyware
8 Watch the followingDetect Remove and Prevent Malware
MalwareAntivirusAntimalware SoftwareRecovery ConsoleBackup and RestoreEnd-User EducationSoftware FirewallsDNS Configuration
Workbook projectsFill-in-the-Blanks Domain 2 Items 7-8Types of MalwareMalware Tools and Methods
2 Security24 Given a scenario detect remove and prevent malware using appropriate tools and methods
241 Malware2411 Ransomware2412 Trojan2413 Keylogger 2414 Rootkit2415 Virus2416 Botnet 2417 Worm2418 Spyware
242 Tools and methods2421 Antivirus2422 Antimalware2423 Recovery console2424 Backuprestore2425 End user education2426 Software firewalls2427 DNS configuration
187 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes9 Watch the following
Threats and VulnerabilitiesSocial EngineeringPhishingSpear PhishingImpersonationShoulder SurfingTailgatingDumpster DivingDoS and DDoSZero Day AttackMan-in-the-Middle AttackPassword AttacksRainbow TablesSpoofingNon-Compliant SystemsZombiesBotnet
Workbook projectsFill-in-the-Blanks Domain 2 Item 9Common Security Threats and Vulnerabilities
2 Security25 Compare and contrast social engineering threats and vulnerabilities
251 Social engineering2511 Phishing2512 Spear phishing2513 Impersonation2514 Shoulder surfing2515 Tailgating2516 Dumpster diving
252 DDoS253 DoS254 Zero-day255 Man-in-the-middle256 Brute force257 Dictionary258 Rainbow table259 Spoofing2510 Non-compliant systems2511 Zombie
10 Watch the followingWindows OS Security Settings
User TypesAllow vs DenyMoving vs Copying Folders and Files
Workbook projectsFill-in-the-Blanks Domain 2 Item 10 Windows Users and GroupsNTFS vs Share Permissions
2 Security26 Compare and contrast the differences of basic Microsoft Windows OS security settings
261 User and groups2611 Administrator2612 Power user2613 Guest2614 Standard user
262 NTFS vs share permissions2621 Allow vs deny2622 Moving vs copying folders and files
11 Watch the followingWindows OS Security Settings
File AttributesAdministrative vs Local SharesPermissions System Files and Folders
Practice labDisplaying Shares
Workbook projectsFill-in-the-Blanks Domain 2 Item 11File Attributes
2 Security26 Compare and contrast the differences of basic Microsoft Windows OS security settings
262 NTFS vs share permissions2623 File attributes
263 Shared files and folders2631 Administrative shares vs local shares2632 Permission propagation2633 Inheritance
264 System files and folders
12 Workbook projectShared Files and Folders
Watch the followingWindows OS Security Settings
Single Sign-OnRun As Options
Workbook projectOther Basic Windows OS Security Settings
2 Security26 Compare and contrast the differences of basic Microsoft Windows OS security settings
263 Shared files and folders2631 Administrative shares vs local shares2632 Permission propagation2633 Inheritance
264 System files and folders265 User authentication
2651 Single sign-on266 Run as administrator vs standard user
188 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes13 Watch the following
Windows OS Security SettingsBitLocker and BitLocker To Go
Workbook projectBitLocker and BitLocker To Go
2 Security26 Compare and contrast the differences of basic Microsoft Windows OS security settings
267 BitLocker268 BitLocker To Go
14 Watch the followingWindows OS Security Settings
EFSWorkstation Security Best Practices
Strong Password PolicyScreen Saver PasswordsBIOSUEFI Passwords Requiring Passwords
Practice labSetting Password Policies
Workbook projectsFill-in-the-Blanks Domain 2 Item 12Using Encrypting File System (EFS)
2 Security27 Given a scenario implement security best practices to secure a workstation
271 Password best practices2711 Setting strong passwords2712 Password expiration2713 Screensaver required password2714 BIOSUEFI passwords2715 Requiring passwords
15 Workbook projectPassword Best Practices
Watch the followingWorkstation Security Best Practices
Restricting User PermissionsLogon Time RestrictionsGuest Accounts and Failed AttemptsTimeoutScreen LockChange Default Admin Account
Practice labRestricting User Permissions
2 Security27 Given a scenario implement security best practices to secure a workstation
271 Password best practices2711 Setting strong passwords2712 Password expiration2713 Screensaver required password2714 BIOSUEFI passwords2715 Requiring passwords
272 Account management2721 Restricting user permissions2722 Logon time restrictions2723 Disabling guest account2724 Failed attempts lockout2725 Timeoutscreen lock2726 Change default admin user accountpassword
16 Workbook projectAccount Management
Watch the followingWorkstation Security Best Practices
AD Account Creation AD Account DeletionPassword Resets and Account Activities
Practice labResetting a Password
Workbook projectsFill-in-the-Blanks Domain 2 Item 13Basic Active Directory Functions
2 Security272 Account management
2721 Restricting user permissions2722 Logon time restrictions2723 Disabling guest account2724 Failed attempts lockout2725 Timeoutscreen lock2726 Change default admin user accountpassword2727 Basic Active Directory functions
27271 Account creation27272 Account deletion27273 Password resetunlock account27274 Disable account
189 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes17 Watch the following
Workstation Security Best PracticesDisable AutorunData EncryptionPatchUpdate Management
Securing Mobile DevicesFingerprint Lock Face LockSwipe Lock Passcode LockRemote Wipes and Locator AppsRemote Backup Applications
Workbook projectsFill-in-the-Blanks Domain 2 Items 14-17Other Security Best PracticesSetting Screen Locks on Mobile DevicesRemote Applications on Mobile Devices
2 Security27 Given a scenario implement security best practices to secure a workstation
273 Disable autorun274 Data encryption275 Patchupdate management
28 Given a scenario implement methods for securing mobile devices
281 Screen locks2811 Fingerprint lock2812 Face lock2813 Swipe lock2814 Passcode lock
282 Remote wipes283 Locator applications284 Remote backup applications
18 Watch the followingSecuring Mobile Devices
Failed Login Attempts RestrictionsMobile AntivirusAntimalwarePatchingOS UpdatesBiometric AuthenticationFull Device EncryptionMobile Multifactor AuthenticationAuthenticator ApplicationsTrusted vs Untrusted SourcesMobile FirewallsPolicies and Procedures
Practice labPatching a Mobile Device OS
Workbook projectsFill-in-the-Blanks Domain 2 Item 18 Authentication Types and RestrictionsOther Mobile Device Security Methods
2 Security28 Given a scenario implement methods for securing mobile devices
285 Failed login attempts restrictions286 AntivirusAntimalware287 PatchingOS updates288 Biometric authentication289 Full device encryption2810 Multifactor authentication2811 Authenticator applications2812 Trusted sources vs untrusted sources2813 Firewalls2814 Policies and procedures
28141 BYOD vs corporate-owned28142 Profile security requirements
19 Watch the followingDestruction and Disposal Methods
ShredderDrills and HammersDegaussingIncineration Certificate of DestructionRecycling and Repurposing Best Practices
Workbook projectsFill-in-the-Blanks Domain 2 Items 19-20 Physical DestructionRecycling or Repurposing Best Practices
2 Security29 Given a scenario implement appropriate data destruction and disposal methods
291 Physical destruction2911 Shredder2912 Drillhammer2913 Electromagnetic (Degaussing)2914 Incineration2915 Certificate of destruction
292 Recycling or repurposing best practices2921 Low-level format vs standard format2922 Overwrite2923 Drive wipe
190 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes20 Watch the following
SOHO Network SecurityChanging Default SSID and EncryptionDisabling SSID BroadcastAntenna and Access Point PlacementRadio Power Levels WPSChange Default UsernamePasswordMAC Filtering and Static IP AddressesFirewall SettingsPort ForwardingMapping Disabling PortsContent FilteringUpdate FirmwarePhysical Security
Workbook projectsFill-in-the-Blanks Domain 2 Items 21-22 Wireless Security in SOHO Networks Securing SOHO Networks
2 Security210 Given a scenario configure security on SOHO wireless and wired networks
2101 Wireless-specific21011 Changing default SSID21012 Setting encryption21013 Disabling SSID broadcast21014 Antenna and access point placement21015 Radio power levels21016 WPS
2102 Change default usernames and passwords2103 Enable MAC filtering2104 Assign static IP addresses2105 Firewall settings2106 Port forwardingmapping2107 Disabling ports2108 Content filteringparental controls2109 Update firmware21010 Physical security
21 Review Domain 222 Post-Assessment23 Post-Assessment24 Post-Assessment25 Post-Assessment26 Post-Assessment
191 | Appendix A+ Part 2 (220-1002) Project Workbook
Domain 3 Software Troubleshooting 13 lessons for approximately 65 hours
Day Tasks What Is Covered Notes1 Pre-Assessment2 Watch the following
Windows OS TroubleshootingSlow PerformanceLimited ConnectivityFailure to BootOther Operating System IssuesBlack Screens and Printing IssuesServices Fail to StartSlow BootupSlow Profile Load
Workbook projectsFill-in-the-Blanks Domain 3 Items 1-3Windows OS Problems
3 Software Troubleshooting31 Given a scenario troubleshoot Microsoft Windows OS problems
311 Common symptoms3111 Slow performance3112 Limited connectivity3113 Failure to boot3114 No OS found3115 Application crashes3116 Blue screens3117 Black screens3118 Printing issues3119 Services fail to start31110 Slow boot up31111 Slow profile load
3 Watch the followingWindows OS Troubleshooting
Defragment the Hard DriveReboot and Kill TasksRestart ServicesUpdate Network Settings
Practice labsOptimizing a DriveMoving Networks
Workbook projectsFill-in-the-Blanks Domain 3 Item 4Defragment a Hard DriveReboot Kill Tasks and Restart ServicesUpdate Network Settings
3 Software Troubleshooting31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3121 Defragment the hard drive3122 Reboot3123 Kill tasks3124 Restart services3125 Update network settings
4 Watch the followingWindows OS Troubleshooting
ReimageReload OSRoll Back UpdatesRoll Back Device DriversApply UpdatesRepair ApplicationUpdate Boot Order
Workbook projectsReimageReload OSRoll Back Updates and Device DriversApply Updates Repair Applications and Update Boot Order
3 Software Troubleshooting31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions3126 Reimagereload OS3127 Roll back updates3128 Roll back device drivers3129 Apply updates31210 Repair application31211 Update boot order
192 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes5 Watch the following
Windows OS TroubleshootingDisable ServicesApplicationsStartupSafe BootRebuild Windows Profiles
Practice labsDisabling a Service
Workbook projectsFill-in-the-Blanks Domain 3 Item 5Disable Windows Services Applications and Application StartupSafe Boot and Windows Profiles
3 Software Troubleshooting31 Given a scenario troubleshoot Microsoft Windows OS problems
312 Common solutions31212 Disable Windows servicesapplications31213 Disable application startup31214 Safe boot31215 Rebuild Windows profiles
6 Watch the followingTroubleshoot PC Security Issues
Common Security SymptomsSystem FailuresCommon Security SymptomsSystemApplication Log Errors
Practice labsViewing an Email Source
Workbook projectsFill-in-the-Blanks Domain 3 Items 6-8Common PC Security Issues
3 Software Troubleshooting32 Given a scenario troubleshoot and resolve PC security issues
321 Common symptoms3211 Pop-ups3212 Browser redirection3213 Security alerts3214 Slow performance3215 Internet connectivity issues3216 PCOS lockup3217 Application crash3218 OS updates failures3219 Rogue antivirus32110 Spam32111 Renamed system files32112 Disappearing files32113 File permission changes32114 Hijacked email
321141 Responses from users regarding email321142 Automated replies from unknown sent email
32115 Access denied32116 Invalid certificate (trusted root CA)32117 Systemapplication log errors
7 Watch the followingMalware Removal Best Practices
Identify and Research SymptomsQuarantine and Disable System RestoreUpdate the Antimalware SoftwareScan and Use Removal TechniquesFinal Steps
Workbook projectsFill-in-the-Blanks Domain 3 Items 9-11Best Practices for Malware Removal
3 Software Troubleshooting33 Given a scenario use best practice procedures for malware removal
331 1 Identify and research malware symptoms332 2 Quarantine the infected systems333 3 Disable System Restore (in Windows)334 4 Remediate the infected systems
3341 a Update the anti-malware software3342 b Scan and use removal techniques (safe mode pre-installation environment)
335 5 Schedule scans and run updates336 6 Enable System Restore and create a restore point (in Windows)337 7 Educate the end user
193 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes8 Watch the following
Common Mobile Device SymptomsDim Display and Intermittent WirelessNo Wireless ConnectivityNo Bluetooth ConnectivityCannot Broadcast to External MonitorCommon Mobile Device SymptomsSpeaker Screen and System Issues
Workbook projectsFill-in-the-Blanks Domain 3 Items 12-14Common Mobile Operating System Issues
3 Software Troubleshooting34 Given a scenario troubleshoot mobile OS and application issues
341 Common symptoms3411 Dim display3412 Intermittent wireless3413 No wireless connectivity3414 No Bluetooth connectivity3415 Cannot broadcast to external monitor3416 Touch Screen unresponsive3417 Apps not loading3418 Slow performance3419 Unable to decrypt email34110 Extremely short battery life34111 Overheating34112 Frozen system34113 No sound from speakers34114 Inaccurate touch screen response34115 System lockout34116 App log errors
9 Watch the followingMobile OS and App Security Issues
Signal Power and Data IssuesUnintended Connections and LeaksUnauthorized AccessHigh Resource Utilization
Workbook projectsFill-in-the-Blanks Domain 3 Items 15-17Mobile OS and Application Security Issues
3 Software Troubleshooting35 Given a scenario troubleshoot mobile OS and application security issues
351 Common symptoms3511 Signal dropweak signal3512 Power drain3513 Slow data speeds3514 Unintended WiFi connection3515 Unintended Bluetooth pairing3516 Leaked personal filesdata3517 Data transmission over limit3518 Unauthorized account access3519 Unauthorized location tracking35110 Unauthorized cameramicrophone activation35111 High resource utilization
10 Review Domain 311 Post-Assessment12 Post-Assessment13 Post-Assessment
194 | Appendix A+ Part 2 (220-1002) Project Workbook
Domain 4 Operational Procedures 15 lessons for approximately 75 hours
Day Tasks What Is Covered Notes1 Pre-Assessment2 Watch the following
Documentation Best PracticesInternal DocumentationPassword Policy Inventory Management
Change Management Best PracticesBusiness Processes Purpose and Scope
Workbook projectsFill-in-the-Blanks Domain 4 Items 1-4Documentation Best PracticesDocumented Business Processes
4 Operational Procedures41 Compare and contrast best practices associated with types of documentation
411 Network topology diagrams412 Knowledge basearticles413 Incident documentation414 Regulatory and compliance policy415 Acceptable use policy416 Password policy417 Inventory management
4171 Asset tags4172 Barcodes
42 Given a scenario implement basic change management best practices
421 Documented business processes422 Purpose of the change423 Scope of the change
3 Watch the followingChange Management Best Practices
Business Processes Purpose and ScopeRisk AnalysisPlan Acceptance and ApprovalBackout Plan Document Changes
Disaster Prevention and RecoveryImage Level BackupsFile Backups Critical ApplicationsBackup Testing
Workbook projectsFill-in-the-Blanks Domain 4 Items 5-8Plan for ChangeApprovals and Backout Plans
4 Operational Procedures42 Given a scenario implement basic change management best practices
421 Documented business processes422 Purpose of the change423 Scope of the change424 Risk Analysis425 Plan for Change426 End-User Acceptance427 Change board
4271 Approvals428 Backout plan429 Document changes
43 Given a scenario implement basic disaster prevention and recovery methods
431 Backup and Recovery4311 Image level4312 File level4313 Critical applications
432 Backup testing
4 Practice labFile Level Backups
Workbook projectsBackup and Recovery
Watch the followingDisaster Prevention and Recovery
UPS and Surge Protectors
Workbook projectsUPS and Surge Protectors
4 Operational Procedures43 Given a scenario implement basic disaster prevention and recovery methods
431 Backup and Recovery4311 Image level4312 File level4313 Critical applications
432 Backup testing433 UPS434 Surge protector
195 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes5 Watch the following
Disaster Prevention and RecoveryCloud vs Local Storage BackupsAccount Recovery Options
Common Safety ProceduresExplain Common Safety ProceduresEquipment GroundingProper Component Handling and StorageToxic Waste HandlingCell Phone and Tablet Disposal
Workbook projectsFill-in-the-Blanks Domain 4 Items 9-11Storage Backups and Account Recovery OptionsEquipment GroundingProper Component Handling and Storage
4 Operational Procedures43 Given a scenario implement basic disaster prevention and recovery methods
435 Cloud storage vs local storage backups436 Account recovery options
44 Explain common safety procedures441 Equipment grounding442 Proper component handling and storage
4421 Antistatic bags4422 ESD straps4423 ESD mats4424 Self-grounding
443 Toxic waste handling4431 Batteries4432 Toner4433 CRT4434 Cell phones4435 Tablets
6 Watch the followingPersonal Safety
Disconnect PowerRemove Jewelry and Lift ProperlyWeight LimitationsElectrical Fire Safety Cable ManagementFacial ProtectionRegulation Compliance
Environmental Impacts and ControlsTemperature Humidity and VentilationBattery BackupPower Surges Brownouts Blackouts
Workbook projectsFill-in-the-Blanks Domain 4 Items 12-14Personal SafetyMaterial Safety Data SheetPower Surges Brownouts and Blackouts
4 Operational Procedures44 Explain common safety procedures
444 Personal safety4441 Disconnect power before repairing PC4442 Remove jewelry4443 Lifting techniques4444 Weight limitations4445 Electrical fire safety4446 Cable management4447 Safety goggles4448 Air filter mask
445 Compliance with government regulations45 Explain environmental impacts and appropriate controls
451 MSDS documentation for handling and disposal452 Temperature humidity level awareness and proper ventilation453 Power surges brownouts and blackouts
4531 Battery backup4532 Surge suppressor
196 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes7 Watch the following
Environmental Impacts and ControlsAirborne ProtectionCompressed AirVacuumsLocal Regulation Compliance
Licensing Privacy Prohibited ContentIncident ResponseDocuments Chain of Custody Tracking
Workbook projectsFill-in-the-Blanks Domain 4 Items 15-17Keeping a Solid Work EnvironmentIncident Response
4 Operational Procedures45 Explain environmental impacts and appropriate controls
452 Temperature humidity level awareness and proper ventilation454 Protection from airborne particles
4541 Enclosures4542 Air filtersmask
455 Dust and debris4551 Compressed air4552 Vacuums
456 Compliance to government regulations46 Explain the processes for addressing prohibited contentactivity and privacy licensing and policy concepts
461 Incident response4611 First response
46111 Identify46112 Report through proper channels46113 Datadevice preservation
4612 Use of documentationdocumentation changes4613 Chain of custody
46131 Tracking of evidencedocumenting process
8 Watch the followingLicensing Privacy Prohibited Content
LicensingDRMEULAOpen Source vs Commercial LicensingPersonal vs Enterprise LicensesPersonal Identifiable InformationPCI GDPR PHICorporate Policies and Best Practices
Communication and ProfessionalismProper LanguagePositive AttitudeActive ListeningCultural Sensitivity
Workbook projectsFill-in-the-Blanks Domain 4 Items 18-19Software LicensingRegulated Data and Best PracticesUsing Proper Communication Techniques
4 Operational Procedures46 Explain the processes for addressing prohibited contentactivity and privacy licensing and policy concepts
462 LicensingDRMEULA4621 Open-source vs commercial license4622 Personal license vs enterprise licenses
463 Regulated data4631 PII4632 PCI4633 GDPR4634 PHI
464 Follow all policies and security best practices47 Given a scenario use proper communication techniques and professionalism
471 Use proper language and avoid jargon acronyms and slang when applicable472 Maintain a positive attitudeproject confidence473 Actively listen (taking notes) and avoid interrupting the customer474 Be culturally sensitive
4741 Use appropriate professional titles when applicable
197 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes9 Watch the following
Communication and ProfessionalismBe on TimeAvoid DistractionsPersonal and Coworker InterruptionsDifficult Customers and SituationsCustomer Statements and DisclosuresOffer Different OptionsService Documentation and Follow-UpConfidential Customer Material
Scripting Basicsbat Filesps1 vbs sh py and js Files
Workbook projectsFill-in-the-Blanks Domain 4 Items 20-21Showing ProfessionalismScript File Types
4 Operational Procedures47 Given a scenario use proper communication techniques and professionalism
475 Be on time (if late contact the customer)476 Avoid distractions
4761 Personal calls4762 Textingsocial media sites4763 Talking to coworkers while interacting with customers4764 Personal interruptions
477 Dealing with difficult customers or situations4771 Do not argue with customers andor be defensive4772 Avoid dismissing customer problems4773 Avoid being judgmental4774 Clarify customer statements (ask open-ended questions to narrow the scope of the problem restate the issue or question to verify understanding)4775 Do not disclose experiences via social media outlets
478 Set and meet expectationstimeline and communicate status with the customer
4781 Offer different repairreplacement options if applicable4782 Provide proper documentation on the services provided4783 Follow up with customeruser at a later date to verify satisfaction
479 Deal appropriately with customersrsquo confidential and private materials
4791 Located on a computer desktop printer etc48 Identify the basics of scripting
481 Script file types4811 bat4812 ps14813 vbs4814 sh4815 py4816 js
10 Watch the followingScripting Basics
Environment VariablesComment SyntaxBasic Loops VariablesBasic Data Types
Practice labWindir
Workbook projectsFill-in-the-Blanks Domain 4 Item 22Environment Variables and Comment SyntaxBasic Script Constructs
4 Operational Procedures 48 Identify the basics of scripting
482 Environment variables483 Comment syntax484 Basic script constructs
4841 Basic loops4842 Variables
485 Basic data types4851 Integers4852 Strings
198 | Appendix A+ Part 2 (220-1002) Project Workbook
Day Tasks What Is Covered Notes11 Watch the following
Remote Access TechnologiesRDPTelnet and SSHThird Party and Screen SharesSecurity Considerations
Final ThoughtsStudy TipsConclusion
Practice labWindir
Workbook projectsFill-in-the-Blanks Domain 4 Items 23-25Environment Variables and Comment SyntaxRDP Telnet and SSHThird-Party Tools and Security Considerations
4 Operational Procedures 49 Given a scenario use remote access technologies
491 RDP492 Telnet493 SSH494 Third-party tools
4941 Screen share feature4942 File share
495 Security considerations of each access method
12 Review Domain 413 Post-Assessment14 Post-Assessment15 Post-Assessment
199 | Appendix A+ Part 2 (220-1002) Project Workbook
Compare and Contrast Operating Systems
Introduction32-Bit vs 64-BitSoftware CompatibilityMicrosoft WindowsApple Macintosh OSLinuxTabletsEnd-of-Life and Update LimitationsCompatibility Concerns
Windows VersionsWindows 7 FeaturesWindows 8 and 81 FeaturesWindows 10 FeaturesDomain AccessBitLockerMedia Center and BranchCacheEFSDesktop Styles
OS Installation and Upgrade MethodsBoot MethodsInstallation TypesImage Deployment and Recovery PartitionRefreshRestorePartitioning File System TypesSwap PartitionQuick vs Full FormatDrivers and TimeDateLanguage SettingsWorkgroup vs Domain SetupDrivers and UpdatesFactory Recovery and Proper Boot DriveHardware Prerequisites and CompatibilityApplication CompatibilityOS CompatibilityUpgrade Path
Windows Command Line ToolsDirCdIpconfigPingTracertNetstat
Nslookup ShutdownDismDisk Checking CommandsDiskpartTaskkillGpupdate and GpresultFormatCopy CommandsNet Use Net UserHelp on CommandsStandard vs Administrative Privileges
Operating System Features and ToolsComputer Management and Device ManagerLocal Users and GroupsLocal Security PolicyPerformance Monitor and ServicesSystem ConfigurationTask SchedulerComponent Services and Data SourcesPrint ManagementWindows Memory DiagnosticsWindows Firewall and Advanced SecurityEvent ViewerUser Account ManagementMsconfigTask ManagerDrive Status and MountingInitializingExtending PartitionsSplitting Partitions and Drive LettersAdding DrivesAdding ArraysStorage SpacesRegeditCommand ServicesmscMMCMSTSCNotepad and ExplorerMsinfo32 and DxDiagDisk DefragmenterSystem RestoreWindows Update
A+ Part 2 (220-1002) Domain 1 Outline
200 | Appendix A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1002) Domain 1 Outline - ConrsquotControl Panel Utilities
Internet OptionsResolutionColor DepthRefresh RateUser AccountsFolder OptionsVirtual MemoryRemote Settings System ProtectionWindows FirewallPower PlansPower StatesCredential ManagerPrograms and FeaturesHomeGroupDevices and PrintersSoundTroubleshootingNetwork and Sharing CenterDevice ManagerBitLockerSync Center
Application Installation ConceptsSystem and OS RequirementsInstallation MethodsFolderFile AccessSecurity Considerations
Windows Networking ConfigurationHomeGroup vs WorkgroupDomain SetupShares and MappingPrinter Sharing and MappingVPN and Dial-UpsWireless and WiredWWANProxy SettingsRemote Desktop ConnectionRemote AssistanceNetwork SettingsFirewall ExceptionsFirewall ConfigurationEnabling and Disabling FirewallsAlternative IP AddressingSpeed and DuplexWake on LAN
Power Management
Mac FeaturesScheduled BackupsSchedule Disk MaintenanceSystem UpdatesBackupTime MachineRecovery and UtilitiesShellTerminalScreen SharingForce QuitMultiple DesktopsMission ControlKeychainSpotlightiCloudGesturesFinder and Remote DiskDockBoot Camp
Basic Linux Commandslsgreppwd vs passwdmv cp and rmchmod and chowniwconfigifconfigps and susudoapt-getviddkill
201 | Appendix A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1001) Domain 2 Outline Physical Security Measures
Physical and Document SecurityLocks and TokensCable Locks Server Locks USB LocksPrivacy Screen Key Fobs Rosters
Logical Security ConceptsLogin Scripts and DomainsGroup PolicyOrganizational UnitsHome Folder and Folder RedirectionSoftware Tokens MDM PoliciesPort SecurityMAC Address Filtering CertificatesAntivirusAntimalwareFirewallsAuthentication and PasswordsDirectory PermissionsVPN DLPAccess Control Lists Smart CardEmail FilteringTrustedUntrusted Software SourcesPrinciple of Least Privilege
Wireless and Security ProtocolsWEP WPA WPA2 TKIP and AESAuthentication Factors and Servers
Detect Remove and Prevent MalwareMalwareAntivirusAntimalware SoftwareRecovery ConsoleBackup and RestoreEnd-User EducationSoftware FirewallsDNS Configuration
Threats and VulnerabilitiesSocial EngineeringPhishingSpear PhishingImpersonationShoulder SurfingTailgatingDumpster DivingDoS and DDoSZero Day AttackMan-in-the-Middle AttackPassword AttacksRainbow TablesSpoofingNon-Compliant SystemsZombiesBotnet
Windows OS Security SettingsUser TypesAllow vs DenyMoving vs Copying Folders and FilesFile AttributesAdministrative vs Local SharesPermissions System Files and FoldersSingle Sign-OnRun As OptionsBitLocker and BitLocker To GoEFS
Workstation Security Best PracticesStrong Password PolicyScreen Saver PasswordsBIOSUEFI Passwords Requiring PasswordsRestricting User PermissionsLogon Time RestrictionsGuest Accounts and Failed AttemptsTimeoutScreen LockChange Default Admin AccountAD Account Creation AD Account DeletionPassword Resets and Account ActivitiesDisable AutorunData EncryptionPatchUpdate Management
202 | Appendix A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1001) Domain 2 Outline - ContrsquodSecuring Mobile Devices
Fingerprint Lock Face LockSwipe Lock Passcode LockRemote Wipes and Locator AppsRemote Backup ApplicationsFailed Logon Attempts RestrictionsMobile AntivirusAntimalwarePatchingOS UpdatesBiometric AuthenticationFull Device EncryptionMobile Multifactor AuthenticationAuthenticator ApplicationsTrusted vs Untrusted SourcesMobile FirewallsPolicies and Procedures
Destruction and Disposal MethodsShredderDrills and HammersDegaussingIncineration Certificate of DestructionRecycling and Repurposing Best Practices
SOHO Network SecurityChanging Default SSID and EncryptionDisabling SSID BroadcastAntenna and Access Point PlacementRadio Power Levels WPSChange Default UsernamePasswordMAC Filtering and Static IP AddressesFirewall SettingsPort ForwardingMapping Disabling PortsContent FilteringUpdate FirmwarePhysical Security
203 | Appendix A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1002) Domain 3 Outline Windows OS Troubleshooting
Slow PerformanceLimited ConnectivityFailure to BootOther Operating System IssuesBlack Screens and Printing IssuesServices Fail to StartSlow BootupSlow Profile LoadDefragment the Hard DriveReboot and Kill TasksRestart ServicesUpdate Network SettingsReimageReload OSRoll Back UpdatesRoll Back Device DriversApply UpdatesRepair ApplicationUpdate Boot OrderDisable ServicesApplicationsStartupSafe BootRebuild Windows Profiles
Troubleshoot PC Security IssuesCommon Security SymptomsSystem FailuresCommon Security SymptomsSystemApplication Log Errors
Malware Removal Best PracticesIdentify and Research SymptomsQuarantine and Disable System RestoreUpdate the Antimalware SoftwareScan and Use Removal TechniquesFinal Steps
Common Mobile Device SymptomsDim Display and Intermittent WirelessNo Wireless ConnectivityNo Bluetooth ConnectivityCannot Broadcast to External MonitorCommon Mobile Device SymptomsSpeaker Screen and System Issues
Mobile OS and App Security IssuesSignal Power and Data IssuesUnintended Connections and LeaksUnauthorized AccessHigh Resource Utilization
204 | Appendix A+ Part 2 (220-1002) Project Workbook
A+ Part 2 (220-1002) Domain 4 Outline Documentation Best Practices
Internal DocumentationPassword Policy Inventory Management
Change Management Best PracticesBusiness Processes Purpose and ScopeRisk AnalysisPlan Acceptance and ApprovalBackout Plan Document Changes
Disaster Prevention and RecoveryImage Level BackupsFile Backups Critical ApplicationsBackup TestingUPS and Surge ProtectorsCloud vs Local Storage BackupsAccount Recovery Options
Common Safety ProceduresExplain Common Safety ProceduresEquipment GroundingProper Component Handling and StorageToxic Waste HandlingCell Phone and Tablet Disposal
Personal Safety Disconnect PowerRemove Jewelry and Lift ProperlyWeight LimitationsElectrical Fire Safety Cable ManagementFacial ProtectionRegulation Compliance
Environmental Impacts and Controls Temperature Humidity and VentilationBattery BackupPower Surges Brownouts BlackoutsAirborne ProtectionCompressed AirVacuumsLocal Regulation Compliance
Licensing Privacy Prohibited ContentIncident ResponseDocuments Chain of Custody TrackingLicensingDRMEULAOpen Source vs Commercial LicensingPersonal vs Enterprise LicensesPersonal Identifiable InformationPCI GDPR PHICorporate Policies and Best Practices
Communication and Professionalism Proper LanguagePositive AttitudeActive ListeningCultural SensitivityBe on TimeAvoid DistractionsPersonal and Coworker InterruptionsDifficult Customers and SituationsCustomer Statements and DisclosuresOffer Different OptionsService Documentation and Follow-UpConfidential Customer Material
Scripting Basics bat Filesps1 vbs sh py and js FilesEnvironment VariablesComment SyntaxBasic Loops VariablesBasic Data Types
Remote Access Technologies RDPTelnet and SSHThird Party and Screen SharesSecurity Considerations
Final Thoughts Study TipsConclusion
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk524527647
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk517704916
- _Hlk519264369
- _Hlk14428507
- _GoBack
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk14428507
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk14527503
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk519264369
- _Hlk517704916
- _Hlk518296139
- _GoBack
- _Hlk519264369
- _Hlk517704916
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk18487683
- _Hlk18487727
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk18668499
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _GoBack
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk17997991
- _Hlk518296139
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk18746362
- _GoBack
- _Hlk18746464
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _Hlk517704916
- _Hlk519264369
- _Hlk518296139
- _GoBack
- _Hlk517704916
- _Hlk519264369
- A+ Part 1(220-1002)
- Using This Workbook
-
- Best Practices Using LearnKeyrsquos Online Training
- Skills Assessment
- A+ Part 2 (220-1002) Time Tables
-
- Fill-in-the-Blanks Domain 1
-
- 32-Bit vs 64-Bit Operating Systems
- Desktop and Mobile Operating Systems
-
- Features of Windows Versions
- Boot Methods for Installation
- Installation Types
- Partitioning
- File Systems and Formats
- The Final Installation Steps
-
- File and Folder Commands
- Using Network and Shutdown Commands
- Imaging and Disk Commands
- Task Policy and Format Commands
- Copy Commands
- Net and Help Commands
-
- Introducing Administrative Tools
-
- Using System Configuration
-
- Using Task Manager
- Using Disk Management to Add Disks
- Working with Disk Partitions
- Using Arrays and Storage Spaces
-
- System Utilities
-
- Using the Microsoft Management Console
- Using DXDIAG
- Internet Options
-
- Controlling Display Settings
- Configuring User Accounts
-
- Folder Options
- Using the System Applet
- Setting Power Options
- Credential Manager and Programs and Features
-
- Devices and Printers
-
- Controlling Sound
- Troubleshooting
- Device Manager
- BitLocker and Sync Center
- System and OS Requirements and Installation Methods
- FolderFile Access
- Security Considerations
- Peer-to-Peer Networks
-
- Joining a Computer to a Domain
- Setting Up and Mapping to Shares
- Printer Sharing and Mapping
- Establishing Network Connections
- Controlling Proxy Settings
- Using Remote Desktop Connections
- Network and Sharing Center
- Using Windows Firewall
- Configuring an Alternative IP Address
- Network Card Properties
- Mac Best Practices
- Mac Tools
- Mac Features
- Linux Commands
-
- Fill-in-the-Blanks Domain 2
-
- Physical Security
-
- Active Directory Concepts
- Software Tokens and MDM Policies
- Port Security MAC Address Filtering and Certificates
- AntivirusAntimalware and Firewalls
- Passwords and Multifactor Authentication
-
- Directory Permissions
-
- VPN DLP ACLs and Smart Cards
- Email Filtering and Trusted or Untrusted Software Sources
- Principle of Least Privilege
- WEP WPA WPA2 TKIP and AES
- Authentication Factors and Servers
-
- Types of Malware
- Malware Tools and Methods
- Common Security Threats and Vulnerabilities
- Windows Users and Groups
- NTFS vs Share Permissions
- File Attributes
- Shared Files and Folders
- Other Basic Windows OS Security Settings
- BitLocker and BitLocker To Go
- Using Encrypting File System (EFS)