CompTIA A+ Core 2 (220-1102) (personal)

Personal flash cards based on what I got wrong and need to study more

Windows 11 Minimum Requirements

• 64-bit only

• dual-core 1 GHz processor

• 4 GB of RAM.

Full backup

• Copies all selected data

• Longest time to back up
  fastest restore

• archive bit reset.

Incremental Backup

• Copies only data changed since last backup

• fastest backup

• slowest restore

• archive bit reset.

Differential Backup

• Copies data changed since last full backup

• longer backups each day

• faster restore

• archive bit not reset.

Synthetic Full Backup

Creates a new full backup from previous full + incrementals, without re-copying data from source.

Grandfather–Father–Son Backup

• Rotates 3 backup sets

• Daily = son

• Weekly = father

• Monthly = grandfather for long-term data retention.

3-2-1 Backup Rule

• Keep 3 copies of data,

• on 2 media types,

• with 1 copy stored off-site for disaster recovery.

cat command

Displays, combines, or creates text files in Linux/Unix. Can output file contents to screen or another file.

cd . and cd ..

• cd . stays in current directory

• cd .. moves up one directory level

• cd ~ return’s to home directory on Linux

Credential Manager

• Stores and manages saved credentials (usernames, passwords, certificates) for websites, apps, and network resources in Windows.

Partitioning

• Splits a disk into logical sections

• Each partition can have its own file system (NTFS, FAT32, exFAT, etc.)

• Can’t store data until formatted

Formatting

• Prepares a partition for use (data storage) by applying a file system

• Erases existing data during the process

Visual Basic Script (.vbs)

• Windows-only scripting, mainly for admin tasks.

• Syntax: Set var = value (uses Set for objects).

• Can automate via Windows Script Host.

Basic Character Data Types

• Character – 1 letter/number/symbol

• String – Sequence of characters (e.g., "Hello")

• Integer – Whole number (positive/negative)

• Float/Double – Decimal number

• Boolean – True/False

PII

• Data that identifies a person (e.g., name, SSN, address, phone, email, DOB).

• Must be handled securely.

PHI

• Medical PII protected under HIPAA (e.g., records, labs, insurance).

• Must be securely stored and transmitted.

Python (.py)

Used in cross-platform scripting.
Syntax: var = 4, print(var)

Script Types

• Batch (Windows)

• PowerShell (Windows)

• VBS (Windows

• Bash (Linux/macOS)

• JavaScript (Neutral)

• Python (Neutral)

Batch (.bat/.cmd):

• Uses set

• No $ in variables

• Windows-only

PowerShell (.ps1)

• Variables start with $

• Cmdlets use verb-noun format: Get-Process

• Admin tasks on Windows

Bash (.sh)

• Variables: var=4 (no $ when assigning)

• $var used when referencing

• Runs on Linux/macOS

JavaScript

• let, var, or const

• Ends lines with ;

• Used in web dev, not system admin

Hard Reset vs Soft Reset

• Soft reset: Restart OS without cutting power (for unresponsive apps)

• Hard reset: Force power cycle (for frozen/unresponsive system)

ARP Poisoning Mitigation

• Can involve IP spoofing but less common in ARP

• Mitigation: Static ARP, VLANs, DAI (Dynamic ARP Inspection)

Change Documentation (Written Record of Completed or Approved Change)

Contains:

• Description

• Purpose

• Date/time

• Approval

• Affected systems

• Rollback plan

• Who made Change

Change Documentation Does NOT Include

Belong in Change Management Process:

• Risk analysis

• business justification

• planning steps

• Detailed Implementation steps

Physical Network Diagram

• Shows actual hardware (routers, switches, cables, servers) and physical layout.

• Used for installation and troubleshooting.

Logical Network Diagram

• Shows IP addresses, subnets, VLANs, and data flow (not physical layout).

• Used to understand traffic and segmentation.

Disk-to-Disk Backup

Backup to another local/network hard drive.

• Fastest backup & recovery

• Susceptible to same-site disasters

Disk-to-Tape Backup

Backup Method

• Long-term storage, durable, cost-effective

• Slower recovery, sequential access

Disk-to-Cloud Backup

Backup Method

• Offsite, scalable, automated

• Slowest recovery (network-dependent), subscription cost

Tape Backup – Pros & Cons

• Cheap for large data sets

• Good for archiving

• Slow access (must spin/scan tape)

• Physical handling risks

Cloud Backup – Pros & Cons

• Accessible anywhere, disaster-proof

• Easy automation/scheduling

• Bandwidth-dependent

• May cost more over time

Effective Permissions

• Access = MOST RESTRICTIVE between NTFS and Share permissions (when accessing over network)

• NTFS still limits even if share has more permissions

Multiple Group Permissions

• User in multiple groups gets most permissive permission from all group memberships.

/etc/passwd

• Linux file storing user account info (username, UID, home dir, shell)

• Not actual passwords

Token (Authentication)

• Generates temporary code valid for one session or short time

• Used in MFA (e.g., TOTP apps, RSA key fobs).

Certificate (Authentication)

• Digital credential stored on a device; used to verify identity

• Not limited to one session or short time window

Preemptive Multitasking

• OS controls CPU time

• Assigns time slices to tasks

• Can interrupt tasks

• Used in modern OSes

Cooperative Multitasking

Tasks control CPU time; must voluntarily yield control to others. (Less stable)

Windows Boot Process

1. POST

2. Bootloader (boot manager)

3. Winload.exe (OS loader)

4. Kernel Initialization

5. Logon

Bootloader step in Windows boot process

Bootmgr; loads from system partition, selects OS, starts winload.exe (OS Loader).

BCD

Boot Configuration Data; contains boot settings and OS selection list/info.

Winload.exe step in boot process

Loads Windows kernel (ntoskrnl.exe), HAL, and essential drivers.

Kernel initialization step in boot process

Starts ntoskrnl.exe; initializes core services and hardware abstraction layer (HAL).

Logon step in boot process

User authentication via winlogon.exe.

POST Step in Boot Process

Power-On Self-Test

BIOS/UEFI checks CPU, memory, and other hardware before OS boot.

Sensitive Information Handling

• PII (Personally Identifiable Information):
  Info that can identify a person, e.g., name, SSN, address, phone, email, DOB.

• PHI (Protected Health Information):
  Medical PII protected under HIPAA (e.g., medical records, lab results, insurance info). Must be securely stored and transmitted.

Fire Extinguisher Classes

• A – Ordinary combustibles (wood, paper, cloth)

• B – Flammable liquids (gasoline, oil)

• C – Electrical fires (computers, wiring)
    → Use CO₂ or dry chemical (non-conductive)

Don’t use water on Class C

GDPR

• EU law protecting personal data & privacy of EU citizens

• Applies to organizations handling EU customer data

HIPAA

• U.S. law protecting health info (PHI)

• Applies to healthcare and IT systems managing patient data

PCI DSS

• Industry standard (not a law) for protecting payment card data

• Used in retail, e-commerce, or anywhere cards are processed

EULA

• End User License Agreement

• Legal contract outlining how software can be used

Software Licensing

• Defines software usage rights

• Includes personal, enterprise, open source, etc.

DRM

• Digital Rights Management

• Prevents unauthorized use, copying, or distribution of media/software

WPA3

• Replaces WPA2; uses SAE (not PSK)

• Prevents offline dictionary attacks

• Encrypts open Wi-Fi networks (Enhanced Open)

• Stronger encryption than WPA2

Primary Partition

• Main MBR partition for OS or data

• Max 4 per disk (3 if extended used)

• One must be active to boot OS

• BIOS-accessible at startup

Extended Partition

• Special container on MBR disks

• Only stores logical partitions, up to 23

• Only 1 type per disk.

• Used to bypass 4-partition limit

Logical Partition

• Sub-partition inside extended partition

• Not bootable via BIOS, but OS can load from it

Used for: storage or secondary OS

On-Access Scan (Real-Time Scan)

• Scans files as they are opened, saved, or executed.

• Best for continuous, real-time protection.

Scheduled Scans (Daily/Weekly)

• Scans all files on a set schedule.

• Daily: For high-risk environments.

• Weekly: For lower-risk or performance-sensitive systems.

Safe Mode Scan

• Scan performed while booted into Safe Mode.

• Best for removing persistent malware that hides during normal operation.

Best practices to secure forward-facing to the internet servers and services

• Place in screened subnet/DMZ instead of internal trusted portion

• Block unused ports on switch, router, & firewall

Security Group (OBJ 3.2)

• Group of users for assigning permissions

• More efficient than per-user assignment

• Controls access to shares and network resources

Group Policy (OBJ 3.2)

• Centralized management of user/computer settings via Active Directory.

• Enforces consistent config and security across systems.

7 Steps of Malware Removal (OBJ 3.3)

1. Identify/verify

2. Quarantine

3. Disable Restore

4. Remediate

5. Update/Schedule Scan

6. Enable Restore

7. Educate

Windows Update Service (OBJ 3.1)

• Security patches

• Bug fixes

• Driver updates

• New features

Linux Octal Notation (OBJ 2.6)

• R (Read-only) = 4

• W (Write) = 2

• X (Execute) = 1

• 3 groups (Owner | Group | Others) → each gets a digit

• Add values per group

• Combine group digits for full number

• e.g. 7 = rwx, 6 = rw-, 5 = r-x → Result: 765

How to repair boot sector (OBJ 3.1)

use "bootrec /fixboot" command and reboot computer

“bootrec /fixmbr” command (OBJ 3.1)

• Rewrites MBR (not partition table) to fix corruption

• Doesn’t affect partitions or OS

• Use when:
   • System won’t boot
   • MBR is damaged

"bootrec /rebuildbcd" command (OBJ 3.1)

Adds missing Windows installations to the Boot Configuration Database (BCD)

diskpart command (OBJ 3.1)

• Windows command

• Used to view, create, delete, mark, and modify a computer's disk partitions

What to do when a Windows service fails to start (OBJ 3.1)

• Reboot into Safe Mode

• non-Microsoft services or Drivers can interfere with System Services

APK file

• Android Package Kit

• Used by Android operating system

• Used to distribute and install apps

• Compressed archive

IPA file

• iOS App Store Package

• Used on Apple devices

• Compressed archive

• Used to distribute and install app store apps

Microsoft Workgroup network model

• Peer-to-peer network model

• Computers are connected together for access to shared resources for organizational purposes.

Microsoft Domain Network Model

• Uses a client/server network model

• Groups computers together for security and to centralize administration

• Members have access to a central user account database so that users can log on to any computer within the network

chkdsk command

• Checks file system & metadata for logical/physical errors

• No parameters = read-only
    • /f: fix errors
    • /r: find bad sectors, recover data (implies /f)

ping command

• Tests IP connectivity via ICMP Echo Request

  • Measures round-trip time

• If IP works but hostname fails → DNS issue
  

netstat command

• Displays active connections, listening ports, and protocol stats.

• Used to detect open or suspicious network activity.

nslookup command

• Queries DNS servers to find IP-to-name or name-to-IP

• Useful for troubleshooting DNS resolution issues

tracert command

• Shows the path (hops) packets take to reach a destination.

• Identifies each router along the route and measures latency to each hop.

• Helps troubleshoot network routing and latency issues.

Minimum requirements for Windows 10

32-bit:

• 1 GHz processor

• 1 GB of RAM.

64-bit:

• 1 GHz processor

• 2 GB of RAM.

Cross-Site Scripting (XSS) Definition

• Injects malicious scripts into trusted websites.

• Runs in victim’s browser → steals cookies, sessions, or data.

Zero-Day Attack

• Exploits unknown software vulnerability

• No patch available

• High risk—bypasses standard security protections.

SQL Injection

• Attacker inserts malicious type of commands into input fields.

• Can access, modify, or delete database data.

• Common in poorly secured web applications.

• Mitigation: Input validation and parameterized queries.

On-Path Attack (Man-in-the-Middle)

• Attacker secretly intercepts or alters communication between two parties

• Can capture sensitive info (e.g passwords, financial data)

ARP Poisoning (ARP Spoofing)

• Attacker sends fake ARP replies to map their MAC to a real IP

• Redirects LAN traffic thru attacker (On-Path).

IP Spoofing

• Forwards packets with a forged source IP address.

• Hides sender identity or impersonates another device.

• Often used in:

  • On-Path attacks

  • DoS/DDoS attacks

Change Management (Change Approval Process)

• Formal process to approve & document IT changes

• Change Board Reviews:

  • Purpose

  • Scope

  • Affected systems/impact

  • Risk analysis

  • Proposed date/time (documented after approval)