CompTIA A+ Core 2 (220-1102) (personal)

Personal flash cards based on what I got wrong and need to study more

Windows 11 Minimum Requirements

• 64-bit only

• dual-core 1 GHz processor

• 4 GB of RAM.

Windows Boot Process

• POST (Power-On Self-Test):
  Hardware check performed by BIOS/UEFI.

• Bootloader (Windows Boot Manager – bootmgr):
  Loaded from system partition; selects OS.

• Winload.exe:
  Loads kernel (ntoskrnl.exe), HAL, and essential drivers.

• Kernel Initialization:
  Initializes system processes and services.

• Logon:
  User authentication via winlogon.exe.

Key Boot Files (Windows)

• bootmgr: Boot Manager – launches OS loader.

• BCD (Boot Configuration Data): Boot settings and OS list.

• winload.exe: Loads Windows kernel and drivers.

• ntoskrnl.exe: Windows kernel.

• winlogon.exe: Manages user logon.

Sensitive Information Handling

• PII (Personally Identifiable Information):
  Info that can identify a person, e.g., name, SSN, address, phone, email, DOB.

• PHI (Protected Health Information):
  Medical PII protected under HIPAA (e.g., medical records, lab results, insurance info). Must be securely stored and transmitted.

Fire Extinguisher Classes

• A – Ordinary combustibles (wood, paper, cloth)

• B – Flammable liquids (gasoline, oil)

• C – Electrical fires (computers, wiring)
    → Use CO₂ or dry chemical (non-conductive)

Don’t use water on Class C

GDPR

• EU law protecting personal data & privacy of EU citizens

• Applies to organizations handling EU customer data

HIPAA

• U.S. law protecting health info (PHI)

• Applies to healthcare and IT systems managing patient data

PCI DSS

• Industry standard (not a law) for protecting payment card data

• Used in retail, e-commerce, or anywhere cards are processed

EULA

• End User License Agreement

• Legal contract outlining how software can be used

Licensing

• Defines software usage rights

• Includes personal, enterprise, open source, etc.

DRM

• Digital Rights Management

• Prevents unauthorized use, copying, or distribution of media/software

WPA3

• Replaces WPA2; uses SAE instead of PSK

• Protects against offline dictionary attacks

• Encrypts traffic on open networks (Enhanced Open)

• Stronger encryption than WPA2

Primary Partition

• Main partition on MBR disk

• Stores an OS or data

• Max 4 primary partitions per disk (3 if using extended)

• At least 1 must be marked active to boot an OS.

• Directly accessible by the BIOS during startup.

Extended Partition

• Special container partition on MBR disks

• Holds up to 23 logical partitions

• Only 1 type of this partition allowed per disk.

• Not directly used to store data.

• Used to Overcome 4-partition limit

• Must be used to create logical partitions.

Logical Partition

• Sub-partition inside the extended partition.

• You can create many of these within one extended partition.

• Not bootable directly from BIOS, but OS can load from it.

Used for: Organizing files, applications, or secondary OS installations.

On-Access Scan (Real-Time Scan)

• Scans files as they are opened, saved, or executed.

• Best for continuous, real-time protection.

Scheduled Scans (Daily/Weekly)

• Scans all files on a set schedule.

• Daily: For high-risk environments.

• Weekly: For lower-risk or performance-sensitive systems.

Safe Mode Scan

• Scan performed while booted into Safe Mode.

• Best for removing persistent malware that hides during normal operation.

Best practices to secure forward-facing to the internet servers and services

• Place them in a screened subnet instead of internal trusted portion

• Block unused ports on the switch, router, and firewall

Security Group (OBJ 3.2)

• Collection of user accounts

• Used to assign permissions/rights

• More efficient to assign permissions to group than to each user

• Control access to share drives, mailing lists, and other network resources

Group Policy (OBJ 3.2)

• Enables administrators to centrally manage and configure settings for users and computers

• Uses Active Directory

• Allows for consistent application of settings across multiple machines and users, enhancing security, management, and standardization

7 Steps of Malware Removal (OBJ 3.3)

1. Identify and verify malware symptoms (slow PC, pop-ups)

2. Quarantine the infected system (isolate from network)

3. Disable System Restore (block malware rollback)

4. Remediate the system (update antivirus, safe mode, scan, remove)

5. Schedule scans and run updates (ongoing protection)

6. Enable System Restore and create a restore point (clean backup)

7. Educate the end user (prevent repeat incident)

Windows Update Service (OBJ 3.1)

• Security patches

• Bug fixes

• Driver updates

• New features

Linux Octal Notation (OBJ 2.6)

• R (Read-only) = 4

• W (Write) = 2

• X (Execute) = 1

• 3 groups (Owner | Group | Others) → each gets a digit

• Add values per group

• Combine group digits for full number

• e.g. 7 = rwx, 6 = rw-, 5 = r-x → Result: 765

How to repair boot sector (OBJ 3.1)

use "bootrec /fixboot" command and reboot computer

“bootrec /fixmbr” command (OBJ 3.1)

• Rewrites the Master Boot Record

• Fixes MBR corruption (e.g., from malware or boot errors)

• Does not overwrite existing partition table

• Does not affect partitions or OS files

• Use when:
    • System won’t boot
    • MBR is damaged

"bootrec /rebuildbcd" command (OBJ 3.1)

Adds missing Windows installations to the Boot Configuration Database (BCD)

diskpart command (OBJ 3.1)

• Windows command

• Used to view, create, delete, mark, and modify a computer's disk partitions

What to do when a Windows service fails to start (OBJ 3.1)

• Reboot into Safe Mode

• non-Microsoft services or Drivers can interfere with System Services

APK file

• Android Package Kit

• Used by Android operating system

• Used to distribute and install apps

• Compressed archive

IPA file

• iOS App Store Package

• Used on Apple devices

• Compressed archive

• Used to distribute and install app store apps

Microsoft Workgroup network model

• Peer-to-peer network model

• Computers are connected together for access to shared resources for organizational purposes.

Microsoft Domain Network Model

• Uses a client/server network model

• Groups computers together for security and to centralize administration

• Members have access to a central user account database so that users can log on to any computer within the network

chkdsk command

• Checks file system & metadata for logical/physical errors

• No parameters = status only, no repair

• Use with:
    • /f – fix errors
    • /r – locate bad sectors, recover data (implies /f)

ping command

• Tests IP connectivity by sending ICMP Echo Request messages and measuring round-trip time.

• Confirms if a device is reachable over the network.

• Helps diagnose name resolution issues:

  • If command works by IP but not by hostname → DNS or name resolution problem.

netstat command

• Displays active connections, listening ports, and protocol stats

• Useful for spotting open/suspicious connections

Common switches:

• -a – all connections & ports

• -n – show IPs/ports numerically

• -o – show PID using connection

nslookup command

• Queries DNS servers to find the IP address of a domain name or vice versa.

• Useful for troubleshooting DNS resolution issues.

• Works with both forward (name → IP) and reverse (IP → name) lookups.

tracert command

• Shows the path (hops) packets take to reach a destination.

• Identifies each router along the route and measures latency to each hop.

• Helps troubleshoot network routing and latency issues.

Minimum requirements for Windows 10

32-bit:

• 1 GHz processor

• 1 GB of RAM.

64-bit:

• 1 GHz processor

• 2 GB of RAM.

Cross-Site Scripting (XSS)

• Injects malicious scripts into trusted websites.

• Runs in victim’s browser → steals cookies, sessions, or data.

• Types: Stored, Reflected, DOM.

• Prevent: Input validation, output encoding, CSP (content security policy.

Zero-Day Attack

• Exploits a software vulnerability unknown to the vendor.

• No patch or fix is available yet.

• High risk because it bypasses standard security protections.

SQL Injection

• Attacker inserts malicious type of commands into input fields.

• Can access, modify, or delete database data.

• Common in poorly secured web applications.

• Mitigation: Input validation and parameterized queries.

On-Path Attack (Man-in-the-Middle)

• Attacker secretly intercepts or alters communication between two parties.

• Can capture sensitive information like passwords or financial data.

• Mitigation: Encryption (e.g., HTTPS), VPNs, secure authentication methods.

ARP Poisoning (ARP Spoofing)

• Sends false ARP replies to link attacker’s MAC with a real IP.

• Redirects LAN traffic through attacker (On-Path).

• Can involve IP spoofing.

• Mitigation: Static ARP, VLANs, Dynamic ARP Inspection (DAI).

IP Spoofing

• Forwards packets with a forged source IP address.

• Hides sender identity or impersonates another device.

• Often used in:

  • On-Path attacks

  • DoS/DDoS attacks

Change Management (Change Approval Process)

• Formal process for approving and documenting IT system changes.

• Change Board approves after reviewing:

  • Purpose

  • Scope

  • Affected systems/impact

  • Risk analysis

  • Proposed date/time

• date and time documented after approval