- What is RAM?
- Random Access Memory — fast, volatile system memory that holds running programs and data; cleared when power is lost.
- DDR5 vs DDR4
- DDR5 is the newer RAM generation: higher bandwidth and base speed, lower voltage (1.1V vs 1.2V), and on-module power management. Slots are keyed differently and are not interchangeable.
- ECC RAM
- Error-Correcting Code memory detects and corrects single-bit errors; used in servers/workstations where data integrity is critical. Requires CPU/board support.
- SODIMM
- Small Outline DIMM — the compact RAM form factor used in laptops and small-form-factor PCs.
- What does a CPU socket do?
- It physically and electrically connects the CPU to the motherboard. Intel uses LGA (pins on the socket); AMD AM4 uses PGA (pins on the CPU), while AM5 moved to LGA.
- Difference between SATA and NVMe storage
- SATA SSDs use the AHCI/SATA bus (≈600 MB/s max). NVMe SSDs run over PCIe lanes (M.2 or add-in), giving multi-GB/s speeds and much lower latency.
- M.2 vs mSATA
- Both are small SSD form factors. M.2 supports either SATA or NVMe (PCIe) and uses B/M keying; mSATA is older and SATA-only.
- RAID 0
- Striping across 2+ disks for speed/capacity. No redundancy — one drive failure loses all data.
- RAID 1
- Mirroring — identical copies on two drives. Full redundancy; usable capacity is half the total.
- RAID 5
- Striping with distributed parity across 3+ disks. Survives one drive failure; good balance of speed, capacity, and redundancy.
- RAID 10
- A stripe of mirrors (RAID 1+0). Needs 4+ drives; combines RAID 0 speed with RAID 1 redundancy.
- What is the PSU's job?
- The power supply unit converts AC wall power to the DC voltages (+3.3V, +5V, +12V) the PC components need.
- Common PSU rails
- +3.3V and +5V power logic and older peripherals; +12V powers the CPU, GPU, and drive motors and is the dominant rail in modern systems.
- 80 PLUS rating
- A certification of PSU efficiency (Bronze, Silver, Gold, Platinum, Titanium) — higher tiers waste less power as heat.
- What is BIOS/UEFI?
- Firmware on the motherboard that initializes hardware at power-on (POST) and starts the boot process. UEFI is the modern replacement with GUI, Secure Boot, and >2TB GPT disk support.
- POST
- Power-On Self-Test — the firmware's hardware check at startup. Failures are signaled by beep codes or POST/diagnostic LEDs.
- CMOS battery
- A coin-cell (CR2032) that keeps BIOS/UEFI settings and the real-time clock powered when the PC is off. A dead one resets the clock/settings.
- TPM
- Trusted Platform Module — a chip that stores cryptographic keys; required for BitLocker and Windows 11 (TPM 2.0).
- ATX vs ITX form factors
- ATX is the full-size motherboard standard; microATX and Mini-ITX are progressively smaller with fewer expansion slots for compact builds.
- PCIe
- Peripheral Component Interconnect Express — the high-speed expansion bus for GPUs, NVMe SSDs, and add-in cards. Slots come in x1, x4, x8, x16 lane widths.
- Thermal paste
- A heat-conductive compound applied between the CPU and heatsink to fill microscopic gaps and improve heat transfer.
- Integrated vs dedicated GPU
- Integrated graphics share system RAM and are built into the CPU; a dedicated GPU has its own VRAM and far higher performance.
- Inkjet printer
- Sprays liquid ink droplets onto paper. Maintenance: clean/calibrate heads, replace cartridges, avoid clogs.
- Laser printer imaging process (7 steps)
- Processing, Charging, Exposing, Developing, Transferring, Fusing, Cleaning — the order a laser printer puts toner on the page and prepares for the next.
- Thermal printer
- Uses heat to create images on heat-sensitive paper (receipts) or via a ribbon. Maintenance: replace paper/ribbon and clean the heating element.
- Impact (dot-matrix) printer
- Strikes an inked ribbon against paper through pins — the only common printer for multipart carbon forms.
- Duplexing assembly
- The printer component that automatically prints on both sides of the page.
- What is a NIC?
- Network Interface Card — the adapter (wired or wireless) that connects a device to a network.
- KVM switch
- Keyboard-Video-Mouse switch — lets one set of peripherals control multiple computers.
- USB-C and Thunderbolt
- USB-C is a reversible connector. Thunderbolt 3/4 uses the USB-C connector to add very high bandwidth, PCIe tunneling, and DisplayPort for docks and external GPUs.
- DisplayPort vs HDMI
- Both carry digital video and audio. DisplayPort is common on PCs/monitors (supports daisy-chaining via MST); HDMI is common on TVs and consumer gear.
- SCADA / embedded systems
- Special-purpose computers (industrial control, medical, IoT) with limited resources; often kept off the main network for security.
- Hot-swappable
- Hardware (e.g., RAID drives, USB devices) that can be added or removed while the system is running.
- Display types: IPS vs TN vs OLED
- IPS = best color/viewing angles; TN = fastest response, cheapest, poorer angles; OLED = per-pixel light for true blacks and high contrast.
- What is a hypervisor host's storage controller (HBA)?
- A Host Bus Adapter connects a server to storage (SAS/Fibre Channel) without RAID logic, passing drives to the OS or software RAID.
- Molex vs SATA power connectors
- Molex is the older 4-pin DC connector for legacy drives/fans; SATA power is the flat 15-pin connector for modern drives.
- Multimeter use
- Measures voltage, current, and resistance/continuity — used to test PSU rails, cables, and fuses.
- Redundant power supply
- A second PSU in a server so the system keeps running if one supply fails.
- What does the chipset do?
- Motherboard logic that manages communication between the CPU, memory, expansion buses, and peripherals.
- Single vs dual vs quad channel memory
- Installing matched RAM modules in the correct paired slots enables 2× or 4× memory bandwidth (dual/quad channel) versus single channel.
- eSATA
- External SATA — a port for connecting external drives at internal-SATA speeds.
- What is a riser card?
- An adapter that lets expansion cards mount parallel to the motherboard in low-profile/rackmount cases.
- HDD vs SSD
- An HDD stores data on spinning magnetic platters (cheaper per GB, slower, mechanical). An SSD uses flash memory (faster, silent, more durable, no moving parts).
- RPM in hard drives
- Revolutions per minute of the platters — common are 5,400 (laptops/quiet) and 7,200 (desktops/performance).
- Optical drive types
- CD, DVD, and Blu-ray drives — read/write optical discs; increasingly rare in modern PCs.
- Standoffs
- Spacers that hold the motherboard off the case to prevent short circuits — a missing or extra one can stop a system from posting.
- Front panel connectors
- Tiny header wires (power button, reset, power/HDD LEDs, USB, audio) that connect the case to the motherboard.
- What is a docking station?
- A device that connects a laptop to multiple peripherals (monitors, network, power) through a single connection.
- Webcam / microphone privacy
- Hardware shutters or BIOS toggles can physically disable a built-in camera/mic for privacy.
- Cable category for monitors: VGA
- VGA is an analog video connector (15-pin); being phased out in favor of digital HDMI/DisplayPort.
- NVMe M.2 keying
- M-key slots carry PCIe x4 (NVMe); B-key carries SATA/PCIe x2; B+M cards fit both but at lower speed.
- What is an IP address?
- A logical address that identifies a device on a network. IPv4 uses 32 bits (dotted decimal, e.g., 192.168.1.10); IPv6 uses 128 bits.
- IPv4 vs IPv6
- IPv4 = 32-bit (≈4.3 billion addresses, dotted decimal). IPv6 = 128-bit (hex, colon-separated) for a vastly larger address space and built-in features.
- Private IP ranges (RFC 1918)
- 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 — non-routable on the public internet; used behind NAT.
- APIPA range
- 169.254.0.0/16 — a self-assigned address a host uses when no DHCP server responds (a sign of a DHCP problem).
- What is DHCP?
- Dynamic Host Configuration Protocol — automatically assigns IP address, subnet mask, gateway, and DNS to clients. Uses ports 67/68.
- What is DNS?
- Domain Name System — resolves hostnames (example.com) to IP addresses. Uses port 53.
- DNS record: A vs AAAA
- An A record maps a hostname to an IPv4 address; an AAAA record maps it to an IPv6 address.
- DNS record: MX
- Mail Exchanger record — directs email for a domain to its mail servers.
- DNS record: CNAME
- Canonical Name — an alias pointing one hostname to another hostname.
- DNS record: TXT (SPF/DKIM/DMARC)
- Text records hold verification/email-authentication data; SPF, DKIM, and DMARC use TXT records to fight spoofing.
- What is a subnet mask?
- It separates the network portion of an IP from the host portion, defining which addresses are on the same local network (e.g., 255.255.255.0 = /24).
- Default gateway
- The router IP that a host sends traffic to when the destination is on a different network.
- What is NAT?
- Network Address Translation — lets many private IPs share one public IP, conserving addresses and hiding the internal network.
- Port 80 / 443
- 80 = HTTP (unencrypted web); 443 = HTTPS (TLS-encrypted web).
- Port 22
- SSH — secure remote command-line access and secure file transfer (SFTP/SCP).
- Port 3389
- RDP — Microsoft Remote Desktop Protocol for remote GUI access.
- Port 53
- DNS — name resolution (UDP for queries, TCP for zone transfers/large responses).
- Ports 20/21
- FTP — file transfer (21 control, 20 data); unencrypted.
- Port 23 vs 22
- 23 = Telnet (unencrypted remote console, insecure); 22 = SSH (encrypted) — always prefer SSH.
- Ports 25 / 587 / 465
- SMTP for sending mail: 25 (server-to-server), 587 (submission with STARTTLS), 465 (implicit TLS).
- Ports 110 / 143
- 110 = POP3 (downloads mail), 143 = IMAP (syncs mail across devices).
- Port 445
- SMB — Windows file and printer sharing.
- Port 389 / 636
- LDAP directory services: 389 plaintext, 636 LDAPS (encrypted).
- Ports 161/162
- SNMP — network device monitoring and management.
- TCP vs UDP
- TCP is connection-oriented and reliable (handshake, ordering, retransmission). UDP is connectionless and fast with no guarantees — used for streaming, VoIP, DNS.
- What is a switch?
- A Layer-2 device that forwards frames between devices on the same LAN using MAC addresses; each port is its own collision domain.
- What is a router?
- A Layer-3 device that forwards packets between different networks using IP addresses and routing tables.
- Managed vs unmanaged switch
- Managed switches support VLANs, QoS, and configuration; unmanaged switches just forward traffic with no setup.
- VLAN
- Virtual LAN — logically segments one physical switch into separate broadcast domains for isolation and security.
- What is PoE?
- Power over Ethernet — delivers electrical power and data over one Ethernet cable to devices like APs, cameras, and phones.
- Wi-Fi: 2.4 GHz vs 5 GHz vs 6 GHz
- 2.4 GHz = longer range, more interference, slower. 5 GHz = faster, shorter range. 6 GHz (Wi-Fi 6E) adds more clean spectrum.
- 802.11 standards
- 802.11n (Wi-Fi 4), ac (Wi-Fi 5), ax (Wi-Fi 6/6E), be (Wi-Fi 7) — each newer standard adds speed and efficiency.
- WPA3
- The current Wi-Fi security standard — stronger encryption (SAE) than WPA2; always prefer it over WPA2/WPA/WEP.
- Twisted pair categories
- Cat 5e (1 Gbps), Cat 6 (1–10 Gbps short runs), Cat 6a (10 Gbps to 100m), Cat 7/8 (higher-speed/shielded).
- Straight-through vs crossover cable
- Straight-through connects unlike devices (PC↔switch); crossover connects like devices (switch↔switch) — though Auto-MDIX usually makes it automatic now.
- Fiber: single-mode vs multimode
- Single-mode = small core, laser, very long distance. Multimode = larger core, LED/VCSEL, shorter distance, cheaper.
- Coaxial cable
- RG-6 coax carries cable TV and cable-internet (DOCSIS) signals using F-type connectors.
- Plenum cable
- Fire-rated cabling with low-smoke jacketing required in air-handling spaces (plenums) by fire code.
- RJ45 vs RJ11
- RJ45 = 8-pin Ethernet connector; RJ11 = smaller 6-pin telephone connector.
- What is a firewall?
- A device or software that filters network traffic by rules (ports, IPs, applications) to block unwanted connections.
- DMZ
- A perimeter network segment for public-facing servers, isolated from the internal LAN.
- Port forwarding
- Maps an external port on the router to an internal host/port so outside users can reach an internal service.
- DHCP reservation
- Ties a specific IP to a device's MAC address so it always gets the same address from DHCP.
- What is a WAP?
- Wireless Access Point — bridges wireless clients onto the wired network.
- SSID
- Service Set Identifier — the broadcast name of a Wi-Fi network.
- IoT devices
- Internet of Things — smart thermostats, plugs, cameras, doorbells, and voice assistants; should be segmented from the main network.
- Internet connection types
- DSL (phone line), cable (coax/DOCSIS), fiber (fastest), cellular (4G/5G), and satellite (high latency, remote areas).
- ONT
- Optical Network Terminal — converts the fiber signal to Ethernet at the customer premises.
- mDNS / Bonjour
- Multicast DNS resolves .local names on a LAN without a DNS server — used by AirPrint and casting.
- Cloud model: IaaS
- Infrastructure as a Service — rent raw compute, storage, and networking (e.g., virtual machines); you manage the OS and apps.
- Cloud model: PaaS
- Platform as a Service — a managed environment to build and deploy apps without managing servers or the OS.
- Cloud model: SaaS
- Software as a Service — ready-to-use applications over the internet (e.g., email, Microsoft 365); the provider manages everything.
- Public vs private vs hybrid cloud
- Public = shared provider infrastructure; private = dedicated to one organization; hybrid = a mix; community = shared by related organizations.
- What is cloud elasticity?
- The ability to automatically scale resources up or down with demand (rapid elasticity), often paired with metered, pay-as-you-go billing.
- What is a hypervisor?
- Software that creates and runs virtual machines. Type 1 runs on bare metal (ESXi, Hyper-V); Type 2 runs on a host OS (VirtualBox, VMware Workstation).
- VM resource requirements
- A virtual machine needs adequate host CPU, RAM, storage, and network — and CPU virtualization support (Intel VT-x / AMD-V) enabled in firmware.
- Sandbox
- An isolated environment for safely running or testing untrusted code/apps without affecting the host system.
- VDI
- Virtual Desktop Infrastructure — hosts user desktops as VMs in a data center or cloud, accessed remotely.
- Cloud file synchronization
- Services (OneDrive, iCloud, Google Drive) that keep files mirrored across devices and the cloud automatically.
- What is a laptop's inverter (legacy)?
- On older CCFL laptop screens, the inverter supplied high-voltage AC to the backlight — a common cause of a dim/dark display. LED screens don't use one.
- Digitizer
- The touch-sensing layer over a screen that converts touch/stylus input into coordinates.
- Mobile connection: NFC
- Near Field Communication — very short-range wireless for tap-to-pay and pairing.
- Bluetooth pairing
- Short-range wireless link to peripherals; pair by enabling Bluetooth, making the device discoverable, selecting it, and confirming a code.
- Hotspot / tethering
- Sharing a phone's cellular data with other devices over Wi-Fi (hotspot), USB, or Bluetooth (tethering).
- Airplane mode
- Disables all radios (cellular, Wi-Fi, Bluetooth) at once; Wi-Fi/Bluetooth can be re-enabled individually.
- Mobile email setup: IMAP vs POP3
- IMAP syncs mail and folders across all devices (preferred); POP3 downloads mail to one device.
- Mobile sync methods
- Sync to the cloud, to a desktop (cable/Wi-Fi), or to an automobile (Bluetooth/USB); needs adequate storage and a stable connection.
- MDM
- Mobile Device Management — centrally enforces policies, apps, encryption, and remote wipe on company phones/tablets.
- Cellular standards
- Devices roam between LTE/4G and 5G; PRL/baseband updates keep the radio working with carrier networks.
- eSIM
- An embedded, reprogrammable SIM — switch carriers/plans without a physical SIM card.
- GPS / location services
- GPS uses satellites for outdoor positioning; phones combine it with Wi-Fi and cellular for faster indoor location.
- Laptop expansion: Mini PCIe / M.2
- Internal laptop card slots for Wi-Fi, cellular (WWAN), and NVMe storage.
- Replacing a laptop battery
- Use a manufacturer-approved Li-ion pack; a swelling battery is a safety hazard and must be replaced and recycled, not punctured.
- Touchpad and function keys
- Fn key toggles secondary laptop functions (brightness, volume, external display, wireless, keyboard backlight).
- Dual displays on a laptop
- Extend or mirror to external monitors via HDMI/DisplayPort/USB-C; toggle modes with the display key or Win+P.
- Accelerometer / gyroscope
- Sensors that detect device orientation and motion for auto-rotate and gaming.
- Cloud: metered utilization & shared resources
- Cloud resources are multi-tenant and billed by use (CPU-hours, GB stored, bandwidth) — the consumption model that makes it cost-flexible.
- Resource pooling
- Cloud providers pool compute/storage across many customers, dynamically assigning capacity on demand.
- On-demand self-service
- A core cloud characteristic: users provision resources instantly through a portal/API without human intervention.
- CompTIA troubleshooting step 1
- Identify the problem — gather information, question the user, identify recent changes, and back up data before making changes.
- CompTIA troubleshooting step 2
- Establish a theory of probable cause — question the obvious; consider multiple approaches (top-to-bottom / divide and conquer).
- CompTIA troubleshooting step 3
- Test the theory to determine cause — if confirmed, plan the fix; if not, establish a new theory or escalate.
- CompTIA troubleshooting step 4
- Establish a plan of action to resolve the problem and implement the solution (refer to vendor docs as needed).
- CompTIA troubleshooting step 5
- Verify full system functionality and, if applicable, implement preventive measures.
- CompTIA troubleshooting step 6
- Document findings, actions, and outcomes.
- Order of the 6 troubleshooting steps
- Identify → Theory → Test → Plan & implement → Verify (+ prevent) → Document.
- No power at all — first check
- Verify the wall outlet, PSU power switch, and power cable; confirm the PSU voltage switch and front-panel button wiring.
- POST beep codes / diagnostic LEDs
- Patterns at startup that indicate which component failed (RAM, GPU, CPU) before video is available.
- Continuous reboots / no boot
- Could be overheating, failing PSU, bad RAM, or corrupt OS — test components and check temps and event logs.
- Burning smell or smoke
- Power off immediately and unplug — likely a failing PSU or capacitor; a safety hazard.
- Overheating symptoms
- Thermal shutdowns, throttling, loud fans — clean dust, reseat/replace heatsink, reapply thermal paste, check fan operation.
- Grinding/clicking from a drive
- A failing mechanical HDD — back up immediately; the click of death precedes failure.
- S.M.A.R.T. errors
- Self-Monitoring data warning of impending drive failure — back up and replace the drive.
- RAID not found / array failure
- A drive dropped from the array — replace the failed disk and rebuild; never write to a degraded array carelessly.
- No video output
- Check monitor power/cable/input, reseat the GPU/RAM, try integrated graphics or another cable/monitor.
- Distorted/dim display
- Check resolution/refresh settings and cable; on laptops, a dim screen can be the backlight or inverter (legacy).
- Dead pixels vs stuck pixels
- Dead pixels stay black (defect); stuck pixels show a fixed color and may be recoverable.
- Burn-in / image persistence
- A faint ghost of a static image on OLED/plasma from prolonged display of the same content.
- No network connectivity — first checks
- Verify the cable/link lights, then run ipconfig; a 169.254.x.x address means DHCP failed.
- Intermittent connectivity
- Check for loose cables, interference, failing NIC/cable, duplex mismatch, or an overloaded AP.
- Slow network speeds
- Possible causes: signal interference, channel congestion, bad cable, duplex mismatch, or bandwidth saturation.
- ping
- Tests reachability and latency to a host using ICMP echo requests.
- ipconfig / ifconfig
- Displays/refreshes a host's IP configuration (ipconfig on Windows, ifconfig/ip on Linux).
- tracert / traceroute
- Shows the path (hops) packets take to a destination — helps locate where connectivity breaks.
- nslookup / dig
- Queries DNS to resolve names and diagnose name-resolution problems.
- Printer: faded prints
- Laser: low toner or a failing transfer process; inkjet: low ink or clogged heads — replace/clean as needed.
- Printer: ghosted/repeating images (laser)
- A worn drum or fuser leaving a faint repeating image — replace the affected component.
- Printer: garbled output
- Often the wrong/corrupt print driver — reinstall the correct driver and clear the print queue.
- Paper jams
- Caused by worn rollers, wrong paper, or debris — clear gently in the direction of paper travel and check rollers.
- Windows editions
- Home (consumer), Pro (BitLocker, domain join, Group Policy), Pro for Workstations, and Enterprise (volume-licensed advanced management).
- Why join a domain?
- Active Directory domain join centralizes authentication, Group Policy, and management — a Pro/Enterprise feature, not Home.
- Workgroup vs domain
- Workgroup = decentralized peer-to-peer, each PC manages its own accounts. Domain = centralized accounts/policy via Active Directory.
- BitLocker
- Windows full-disk encryption (Pro+) that uses the TPM to protect data if a device is lost or stolen.
- EFS
- Encrypting File System — Windows file/folder-level encryption (NTFS), separate from full-disk BitLocker.
- NTFS vs FAT32 vs exFAT
- NTFS = Windows default with permissions, encryption, journaling. FAT32 = max 4GB file size, broad compatibility. exFAT = large files for flash/cross-platform.
- File system permissions: NTFS
- Granular per-user/group permissions (Read, Write, Modify, Full Control) that apply locally and over the network.
- Share vs NTFS permissions
- When both apply over the network, the most restrictive of the share and NTFS permission wins.
- ipconfig
- Windows command to view and manage IP configuration (/all, /release, /renew, /flushdns).
- Command: chkdsk
- Checks a disk for file-system errors and bad sectors; /f fixes errors, /r recovers readable data.
- Command: sfc /scannow
- System File Checker scans and repairs corrupted Windows system files.
- Command: DISM
- Deployment Image Servicing and Management — repairs the Windows component store/image (often before sfc).
- Command: gpupdate / gpresult
- gpupdate refreshes Group Policy; gpresult shows the resultant set of policies applied.
- Command: net use
- Maps a network drive to a shared folder from the command line.
- Command: diskpart
- A command-line disk partitioning utility (create/delete/format partitions).
- Task Manager
- Monitors and ends processes, views performance/startup apps, and checks resource usage.
- MSConfig
- System Configuration — manages boot options and services; startup app management moved to Task Manager.
- Event Viewer
- Logs system, security, and application events — the first stop for diagnosing errors and crashes.
- Device Manager
- Manages hardware devices and drivers; a yellow triangle flags a problem device.
- Disk Management
- GUI tool to initialize, partition, format, and resize disks and change drive letters.
- Registry Editor (regedit)
- Edits the Windows Registry — the hierarchical database of OS/app settings. Back up before editing.
- Group Policy Editor (gpedit.msc)
- Configures local computer and user policies (Pro+).
- Performance Monitor / Resource Monitor
- Track detailed real-time and historical performance counters for troubleshooting.
- Control Panel vs Settings
- Both configure Windows; Microsoft is gradually moving options from the classic Control Panel into the Settings app.
- User Account Control (UAC)
- Prompts for consent/elevation before allowing administrative changes — reduces malware impact.
- Standard vs administrator account
- Standard users run with least privilege; admin accounts can change the system. Use standard accounts for daily work.
- Windows in-place upgrade
- Installs a new Windows version while keeping apps, settings, and files.
- Clean install
- Wipes the drive and installs a fresh OS — best for major issues; requires backing up data first.
- MBR vs GPT
- MBR = legacy partitioning, max 2TB and 4 primary partitions. GPT = modern (UEFI), supports >2TB and many partitions.
- Boot methods
- Install/boot from USB, optical, network (PXE), or internal drive; set boot order in UEFI/BIOS.
- Recovery partition / WinRE
- A hidden partition with Windows Recovery Environment for repair, reset, and Startup Repair.
- System Restore
- Rolls Windows system files/settings back to an earlier restore point without affecting personal files.
- Safe Mode
- Boots Windows with minimal drivers/services to troubleshoot driver and startup problems.
- macOS: Time Machine
- Apple's built-in automatic backup to an external/network drive, allowing point-in-time restores.
- macOS: Spotlight
- System-wide search for files, apps, and information.
- macOS: Mission Control & Spaces
- Manage open windows and multiple virtual desktops.
- macOS: Disk Utility
- Repairs disks (First Aid), formats, and manages volumes/images.
- macOS: Gatekeeper / FileVault
- Gatekeeper restricts app sources; FileVault provides full-disk encryption.
- Linux: ls / cd / pwd
- ls lists files, cd changes directory, pwd prints the working directory.
- Linux: chmod / chown
- chmod sets file permissions; chown changes the owner/group.
- Linux: sudo / su
- sudo runs a single command with elevated rights; su switches to another (often root) user.
- Linux: apt / yum / dnf
- Package managers to install and update software (apt on Debian/Ubuntu; yum/dnf on RHEL/Fedora).
- Linux: grep / ps / kill
- grep searches text, ps lists processes, kill terminates a process by PID.
- Linux: cat / nano / vi
- cat displays a file; nano and vi are text editors for config files.
- 32-bit vs 64-bit OS
- 64-bit supports far more RAM (>4GB) and runs 64-bit apps; 32-bit is limited to ~4GB and legacy software.
- System requirements check
- Before install/upgrade, confirm CPU, RAM, storage, and (for Windows 11) TPM 2.0 and Secure Boot.
- CIA triad
- The core security goals: Confidentiality (keep data private), Integrity (keep it accurate/unaltered), and Availability (keep it accessible).
- Authentication vs authorization
- Authentication proves who you are; authorization determines what you're allowed to do.
- Multifactor authentication (MFA)
- Requires two or more factors: something you know (password), have (token/phone), or are (biometric). Strongly resists credential theft.
- Principle of least privilege
- Give users only the minimum access needed to do their job — limits damage from compromise or mistakes.
- Malware: virus
- Malicious code that attaches to a file/program and spreads when that host is run by a user.
- Malware: worm
- Self-replicating malware that spreads across networks on its own, without user action.
- Malware: Trojan
- Malware disguised as legitimate software; it doesn't self-replicate but opens a backdoor or payload when run.
- Malware: ransomware
- Encrypts the victim's files and demands payment for the key; defense is offline backups and user awareness.
- Malware: spyware / keylogger
- Secretly collects user activity/keystrokes and data.
- Malware: rootkit
- Stealthy malware that hides itself and gains privileged (root/kernel) control; very hard to detect/remove.
- Malware: botnet / zombie
- Compromised devices remotely controlled as a group, often for DDoS or spam.
- Cryptominer
- Malware that hijacks a device's CPU/GPU to mine cryptocurrency, slowing the system.
- Phishing
- Fraudulent emails/messages that trick users into revealing credentials or clicking malicious links.
- Spear phishing vs whaling
- Spear phishing targets a specific person/group with tailored bait; whaling targets executives/high-value people.
- Vishing / smishing
- Phishing by voice call (vishing) or SMS text (smishing).
- Social engineering: tailgating
- Following an authorized person through a secure door without badging in.
- Social engineering: shoulder surfing
- Observing someone's screen/keypad to steal credentials or data.
- Social engineering: impersonation / pretexting
- Pretending to be someone (IT, a vendor, an executive) with a fabricated story to gain access or info.
- Dumpster diving
- Searching discarded trash for sensitive documents — countered by shredding.
- Evil twin / rogue AP
- A fake access point mimicking a legitimate Wi-Fi network to capture traffic/credentials.
- On-path (MITM) attack
- An attacker secretly relays/alters traffic between two parties.
- DoS / DDoS
- Flooding a service with traffic to make it unavailable; DDoS uses many distributed sources (a botnet).
- Brute force vs dictionary attack
- Brute force tries every combination; a dictionary attack tries likely passwords from a list.
- Zero-day
- An attack exploiting a vulnerability before a patch exists.
- SQL injection / XSS
- Web attacks that inject malicious database queries (SQLi) or scripts (XSS) via unvalidated input.
- Wireless security: WEP vs WPA2 vs WPA3
- WEP is broken (never use); WPA2 (AES/CCMP) is acceptable; WPA3 is the strongest current standard.
- WPS risk
- Wi-Fi Protected Setup's PIN method is brute-forceable — disable WPS.
- MAC filtering
- Allows/denies devices by hardware address — a weak control (MACs are spoofable), used as a minor layer.
- Firewall (host/network)
- Filters traffic by rules; Windows Defender Firewall is the built-in host firewall.
- Antivirus / anti-malware / EDR
- Software that detects, quarantines, and removes malware; EDR adds behavioral detection and response.
- Hard drive sanitization
- Securely erase data before disposal/reuse: drive wipe (overwrite), secure erase, degaussing, or physical destruction (shred/drill).
- Standard formatting vs secure erase
- A standard format leaves data recoverable; secure erase/overwrite or destruction is required to truly remove sensitive data.
- Physical security controls
- Locks, badge/access cards, mantraps/access control vestibules, bollards, fences, security guards, and cameras.
- Biometrics
- Authentication by physical traits — fingerprint, face, retina/iris, voice.
- Smart card / key fob / hard token
- Physical items used as an authentication factor (something you have).
- Active Directory security groups
- Grant permissions to groups rather than individuals to manage access at scale.
- Password best practices
- Length and complexity, no reuse, MFA, lockout policies, and a password manager — avoid expiration-only policies.
- Screen lock / screensaver lock
- Auto-locks an idle device requiring re-authentication — basic endpoint protection.
- Data at rest vs in transit
- Encrypt stored data (BitLocker/FileVault) and data moving over networks (TLS/HTTPS, VPN).
- VPN
- A Virtual Private Network encrypts traffic over an untrusted network, protecting remote-access communications.
- Digital certificates / PKI
- Certificates bind a public key to an identity (issued by a CA) to enable HTTPS and code signing.
- UAC and least privilege together
- Running as a standard user plus UAC prompts limits what malware can change.
- Trusted vs untrusted software sources
- Install software only from reputable vendors/stores; untrusted sources are a top malware vector.
- DLP
- Data Loss Prevention — tools/policies that detect and block sensitive data from leaving the organization.
- Mobile device security: remote wipe & encryption
- Lost/stolen phones are protected by full-device encryption, screen locks, find-my-device, and remote wipe (often via MDM).
- BSOD / pinwheel troubleshooting
- A Blue Screen (Windows) or spinning pinwheel (macOS) signals a crash — check recent driver/update changes, run diagnostics, review logs, boot to Safe Mode.
- Malware removal: the 7 steps (CompTIA)
- 1) Investigate/verify symptoms, 2) Quarantine, 3) Disable System Restore (Windows), 4) Remediate (update + scan), 5) Schedule scans/updates, 6) Re-enable System Restore & create a restore point, 7) Educate the user.
- Why quarantine before cleaning?
- Isolating the infected system stops malware from spreading to the network/other devices during remediation.
- Why educate the user last?
- User behavior is the most common infection vector — training prevents recurrence after the cleanup.
- App won't open / crashes
- Repair or reinstall the app, update it/the OS, check compatibility, clear cache, and review event logs.
- Slow performance
- Check resource usage (Task Manager), startup apps, malware, disk space, overheating, and pending updates.
- Frequent pop-ups / browser redirects
- Signs of adware/PUPs or a hijacked browser — remove extensions, reset the browser, and run anti-malware.
- Certificate warning in browser
- An invalid/expired/untrusted certificate — verify the site, check the system clock, and don't bypass for sensitive sites.
- Mobile: app crashes / won't update
- Clear app cache/data, update the app and OS, free storage, and reinstall if needed.
- Mobile: rapid battery drain / overheating
- Caused by rogue apps, poor signal, or a failing battery — check battery usage by app, update apps, replace a swollen battery.
- Mobile: limited/no connectivity
- Toggle airplane mode, reset network settings, check APN/Wi-Fi, and confirm signal.
- Mobile malware symptoms
- High data/resource usage, unexpected ads, fake apps, and leaked data — install from official stores only and use mobile anti-malware.
- Electrical safety: ESD
- Electrostatic discharge can destroy components — use an antistatic wrist strap and mat, and handle cards by the edges.
- Self-grounding / equipment grounding
- Touch a grounded metal part before handling components when no strap is available; ensure equipment is properly grounded.
- SDS / MSDS
- Safety Data Sheet — documents safe handling, storage, and disposal of chemicals (toner, batteries, cleaners).
- Battery / toner disposal
- Recycle batteries and toner per local regulations and the SDS — never in regular trash.
- Fire safety: Class C extinguisher
- Use a Class C (electrical) extinguisher on energized electrical fires — never water.
- Equipment handling & lifting
- Lift with the legs, not the back; follow weight limits and use proper carts/placement.
- Surge protector vs UPS
- A surge protector blocks voltage spikes; a UPS adds battery backup for clean shutdown during outages.
- Change management
- A documented process to request, assess, approve, schedule, implement, and review changes — reduces risk and outages.
- Change management components
- Documented business reason, scope, risk analysis, rollback plan, end-user acceptance, change board approval, and a maintenance window.
- Backup types: full / incremental / differential
- Full = everything. Incremental = changes since the last backup (fast backup, slower restore). Differential = changes since the last full (slower backup, faster restore).
- 3-2-1 backup rule
- Keep 3 copies of data, on 2 different media, with 1 copy offsite — protects against most failures.
- Documentation: ticketing & KB
- Track issues with clear, complete tickets; document fixes in a knowledge base for reuse.
- Asset management / network diagrams
- Maintain inventory of hardware/software/licenses and up-to-date topology diagrams for support and compliance.
- AUP
- Acceptable Use Policy — defines how employees may use company systems and data.
- Incident response / chain of custody
- Document and preserve evidence (who handled it, when) so it stays admissible; report incidents through proper channels.
- PII / PHI / PCI handling
- Protect Personally Identifiable Info, health info (HIPAA), and cardholder data (PCI DSS) with encryption and access control; report breaches.
- Scripting: .bat / .ps1 / .sh / .py / .js / .vbs
- Common script types: Windows batch (.bat), PowerShell (.ps1), shell (.sh), Python (.py), JavaScript (.js), VBScript (.vbs).
- Scripting use cases & risks
- Automate installs, backups, restarts, and account changes — but unintended consequences, mistyped variables, and malware in scripts are real risks.
- Professionalism: communication
- Use clear language (avoid jargon), actively listen, set/meet expectations, maintain a positive attitude, and follow up.
- Handling difficult customers & confidentiality
- Stay calm, don't argue or dismiss, don't disclose on social media, and protect customer data and privacy at all times.
- Remote support tools
- RDP, SSH, VNC, MSRA (Quick Assist), and third-party tools provide remote access — secure them and get consent.